org.apache.directory.api.ldap.model.constants.SchemaConstants Java Examples

/**
 * Checks to see if an attribute is required by as determined from an entry's
 * set of objectClass attribute values.
 *
 * @return true if the objectClass values require the attribute, false otherwise
 * @throws Exception if the attribute is not recognized
 */
private void assertAllAttributesAllowed( Dn dn, Entry entry, Set<String> allowed ) throws LdapException
{
    // Never check the attributes if the extensibleObject objectClass is
    // declared for this entry
    Attribute objectClass = entry.get( OBJECT_CLASS_AT );

    if ( objectClass.contains( SchemaConstants.EXTENSIBLE_OBJECT_OC ) )
    {
        return;
    }

    for ( Attribute attribute : entry )
    {
        String attrOid = attribute.getAttributeType().getOid();

        AttributeType attributeType = attribute.getAttributeType();

        if ( !attributeType.isCollective() && ( attributeType.getUsage() == UsageEnum.USER_APPLICATIONS )
            && !allowed.contains( attrOid ) )
        {
            throw new LdapSchemaViolationException( ResultCodeEnum.OBJECT_CLASS_VIOLATION, I18n.err( I18n.ERR_277,
                attribute.getUpId(), dn.getName() ) );
        }
    }
}
 

/**
 * This method is used to initialize the OBJECT_CLASS_AT attributeType.
 *
 * We want to do it only once, so it's a synchronized method. Note that
 * the alternative would be to call the lookup() every time, but this won't
 * be very efficient, as it will get the AT from a map, which is also
 * synchronized, so here, we have a very minimal cost.
 *
 * We can't do it once as a static part in the body of this class, because
 * the access to the registries is mandatory to get back the AttributeType.
 */
private void initObjectClassAT()
{
    if ( schemaManager == null )
    {
        return;
    }

    try
    {
        synchronized ( MUTEX )
        {
            if ( objectClassAttributeType == null )
            {
                objectClassAttributeType = schemaManager
                    .lookupAttributeTypeRegistry( SchemaConstants.OBJECT_CLASS_AT );
            }
        }
    }
    catch ( LdapException ne )
    {
        // do nothing...
    }
}
 

/**
 * Try to delete an AttributeType not existing in the schemaManager
 */
@Test
public void testDeleteNonExistingAttributeType() throws Exception
{
    SchemaManager schemaManager = loadSchema( "Core" );
    int atrSize = schemaManager.getAttributeTypeRegistry().size();
    int goidSize = schemaManager.getGlobalOidRegistry().size();

    AttributeType attributeType = new AttributeType( "1.1.0" );
    attributeType.setEqualityOid( SchemaConstants.DISTINGUISHED_NAME_MATCH_MR_OID );
    attributeType.setOrderingOid( null );
    attributeType.setSubstringOid( null );

    // It should fail
    assertFalse( schemaManager.delete( attributeType ) );

    List<Throwable> errors = schemaManager.getErrors();
    assertFalse( errors.isEmpty() );

    assertEquals( atrSize, schemaManager.getAttributeTypeRegistry().size() );
    assertEquals( goidSize, schemaManager.getGlobalOidRegistry().size() );
}
 

public void createStructure() throws Exception {
    String rootDN = AWSIAMAuthenticator.getConfig().rootDN;
    Dn dnIAM = service.getDnFactory().create(rootDN);
    if (!utils.exists(dnIAM)) {
        IAM_LOG.info("Creating partition " + rootDN);
        Partition iamPartition = utils.addPartition("iam", rootDN, service.getDnFactory());

        // Index some attributes on the apache partition
        utils.addIndex(iamPartition, "objectClass", "ou", "uid", "gidNumber", "uidNumber", "cn");

        if (!utils.exists(dnIAM)) {
            IAM_LOG.info("Creating root node " + rootDN);
            Rdn rdn = dnIAM.getRdn(0);
            Entry entryIAM = new DefaultEntry(service.getSchemaManager(), dnIAM, "objectClass: top", "objectClass: domain",
                    "entryCsn: " + service.getCSN(), SchemaConstants.ENTRY_UUID_AT + ": " + UUID.randomUUID().toString(),
                    rdn.getType() + ": " + rdn.getValue());
            service.getAdminSession().add(entryIAM);
            checkErrors();
        }
    }
    service.sync();
}
 

private Entry getEntry( SyntaxCheckerDescription syntaxCheckerDescription )
{
    Entry entry = new DefaultEntry();

    entry.put( SchemaConstants.OBJECT_CLASS_AT,
        SchemaConstants.TOP_OC,
        MetaSchemaConstants.META_TOP_OC,
        MetaSchemaConstants.META_SYNTAX_CHECKER_OC );

    entry.put( MetaSchemaConstants.M_OID_AT, syntaxCheckerDescription.getOid() );
    entry.put( MetaSchemaConstants.M_FQCN_AT, syntaxCheckerDescription.getFqcn() );

    if ( syntaxCheckerDescription.getBytecode() != null )
    {
        entry.put( MetaSchemaConstants.M_BYTECODE_AT,
            Base64.decode( syntaxCheckerDescription.getBytecode().toCharArray() ) );
    }

    if ( syntaxCheckerDescription.getDescription() != null )
    {
        entry.put( MetaSchemaConstants.M_DESCRIPTION_AT, syntaxCheckerDescription.getDescription() );
    }

    return entry;
}
 

/**
 * The Fortress User entity attributes are stored within standard LDAP object classes along with custom auxiliary
 * object classes.
 *
 * @return String[] containing list of valid object classes.
 */
private String[] getUserObjectClass()
{
    String[] userObjectClass = IS_RFC2307 ? new String[]
        {
            SchemaConstants.TOP_OC,
            Config.getInstance().getProperty( USER_OBJECT_CLASS ),
            USERS_AUX_OBJECT_CLASS_NAME,
            GlobalIds.PROPS_AUX_OBJECT_CLASS_NAME,
            GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME,
            USERS_EXTENSIBLE_OBJECT,
            POSIX_ACCOUNT
        }
        : new String[]
        {
            SchemaConstants.TOP_OC,
            Config.getInstance().getProperty( USER_OBJECT_CLASS ),
            USERS_AUX_OBJECT_CLASS_NAME,
            GlobalIds.PROPS_AUX_OBJECT_CLASS_NAME,
            GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME,
            USERS_EXTENSIBLE_OBJECT
        };
    return userObjectClass;
}
 

/**
 * Given an ldap entry containing organzationalPerson address information, convert to {@link Address}
 *
 * @param entry contains ldap entry to retrieve admin roles from.
 * @return entity of type {@link Address}.
 * @throws LdapInvalidAttributeValueException
 * @throws org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException in the event of ldap
 * client error.
 */
private Address unloadAddress( Entry entry ) throws LdapInvalidAttributeValueException
{
    Address addr = new ObjectFactory().createAddress();
    List<String> pAddrs = getAttributes( entry, SchemaConstants.POSTAL_ADDRESS_AT );

    if ( pAddrs != null )
    {
        for ( String pAddr : pAddrs )
        {
            addr.setAddress( pAddr );
        }
    }

    addr.setCity( getAttribute( entry, SchemaConstants.L_AT ) );
    addr.setState( getAttribute( entry, SchemaConstants.ST_AT ) );
    addr.setPostalCode( getAttribute( entry, SchemaConstants.POSTALCODE_AT ) );
    addr.setPostOfficeBox( getAttribute( entry, SchemaConstants.POSTOFFICEBOX_AT ) );
    addr.setBuilding( getAttribute( entry, SchemaConstants.PHYSICAL_DELIVERY_OFFICE_NAME_AT ) );
    addr.setDepartmentNumber( getAttribute( entry, DEPARTMENT_NUMBER ) );
    addr.setRoomNumber( getAttribute( entry, ROOM_NUMBER ) );
    // todo: add support for country attribute
    //addr.setCountry(getAttribute(le, GlobalIds.COUNTRY));

    return addr;
}
 

/**
 * @param entity
 * @param userDn
 * @return
 * @throws org.apache.directory.fortress.core.UpdateException
 *
 */
Group assign( Group entity, String userDn ) throws FinderException, UpdateException
{
    LdapConnection ld = null;
    String dn = getDn( entity.getName(), entity.getContextId() );
    LOG.debug( "assign group property dn [{}], member dn [{}]", dn, userDn );
    try
    {
        List<Modification> mods = new ArrayList<Modification>();
        mods.add( new DefaultModification(
            ModificationOperation.ADD_ATTRIBUTE, SchemaConstants.MEMBER_AT, userDn ) );
        ld = getAdminConnection();
        modify( ld, dn, mods, entity );
    }
    catch ( LdapException e )
    {
        String error = "assign group name [" + entity.getName() + "] user dn [" + userDn + "] caught " +
            "LDAPException=" + e;
        throw new UpdateException( GlobalErrIds.GROUP_USER_ASSIGN_FAILED, error, e );
    }
    finally
    {
        closeAdminConnection( ld );
    }
    return get( entity );
}
 

private void clearDN(String dnStr) throws LdapException, ParseException, IOException, CursorException {
    Dn dn = directory.getDnFactory().create(dnStr);
    dn.apply(directory.getSchemaManager());
    ExprNode filter = FilterParser.parse(directory.getSchemaManager(), "(ObjectClass=*)");
    NameComponentNormalizer ncn = new ConcreteNameComponentNormalizer( directory.getSchemaManager() );
    FilterNormalizingVisitor visitor = new FilterNormalizingVisitor( ncn, directory.getSchemaManager() );
    filter.accept(visitor);
    SearchOperationContext context = new SearchOperationContext(directory.getAdminSession(),
            dn, SearchScope.SUBTREE, filter, SchemaConstants.ALL_USER_ATTRIBUTES, SchemaConstants.ALL_OPERATIONAL_ATTRIBUTES);
    EntryFilteringCursor cursor = directory.getPartitionNexus().search(context);
    cursor.beforeFirst();
    Collection<Dn> dns = new ArrayList<Dn>();
    while (cursor.next()) {
        Entry ent = cursor.get();
        if (ent.getDn().equals(dn)) continue;
        dns.add(ent.getDn());
    }
    cursor.close();

    LOG.debug("Deleting " + dns.size() + " items from under " + dnStr);
    for (Dn deleteDn: dns) {
        directory.getAdminSession().delete(deleteDn);
    }
}
 

/**
 * @param le
 * @param sequence
 * @return
 * @throws LdapInvalidAttributeValueException 
 * @throws LdapException
 */
private Permission unloadPopLdapEntry( Entry le, long sequence, boolean isAdmin )
    throws LdapInvalidAttributeValueException
{
    Permission entity = new ObjectFactory().createPermission();
    entity.setSequenceId( sequence );
    entity.setAbstractName( getAttribute( le, PERM_NAME ) );
    entity.setObjName( getAttribute( le, GlobalIds.POBJ_NAME ) );
    entity.setObjId( getAttribute( le, GlobalIds.POBJ_ID ) );
    entity.setOpName( getAttribute( le, GlobalIds.POP_NAME ) );
    entity.setInternalId( getAttribute( le, GlobalIds.FT_IID ) );
    entity.setRoles( getAttributeSet( le, ROLES ) );
    entity.setUsers( getAttributeSet( le, USERS ) );
    entity.setType( getAttribute( le, GlobalIds.TYPE ) );
    entity.setDescription( getAttribute( le, SchemaConstants.DESCRIPTION_AT ) );
    entity.addProperties( PropUtil.getProperties( getAttributes( le, GlobalIds.PROPS ) ) );        
    entity.setAdmin( isAdmin );
    entity.setPaSets( getAttributeSet(le, GlobalIds.FT_PERMISSION_ATTRIBUTE_SET ) );

    if ( le != null )
    {
        entity.setDn( le.getDn().getNormName() );
    }
    return entity;
}
 

/**
 * Given a contextId return the LDAP dn that includes the suffix.
 *
 * @param contextId is to determine what sub-tree to use.
 * @return String contains the dn to use for operation.
 */
protected String getRootDn( String contextId )
{
    StringBuilder dn = new StringBuilder();
    if ( StringUtils.isNotEmpty( contextId ) && !contextId.equalsIgnoreCase( GlobalIds.NULL ) && !contextId
        .equals( GlobalIds.HOME ) )
    {
        dn.append( SchemaConstants.OU_AT ).append( "=" ).append( contextId ).append( "," +
            "" ).append( Config.getInstance().getProperty( GlobalIds.SUFFIX ) );
    }
    else
    {
        dn.append( Config.getInstance().getProperty( GlobalIds.SUFFIX ) );
    }
    return dn.toString();
}
 

/**
 * Checks to see if an attribute is required by as determined from an entry's
 * set of objectClass attribute values.
 *
 * @return true if the objectClass values require the attribute, false otherwise
 * @throws Exception if the attribute is not recognized
 */
private void assertAllAttributesAllowed( Dn dn, Entry entry, Set<String> allowed ) throws LdapException
{
    // Never check the attributes if the extensibleObject objectClass is
    // declared for this entry
    Attribute objectClass = entry.get( OBJECT_CLASS_AT );

    if ( objectClass.contains( SchemaConstants.EXTENSIBLE_OBJECT_OC ) )
    {
        return;
    }

    for ( Attribute attribute : entry )
    {
        String attrOid = attribute.getAttributeType().getOid();

        AttributeType attributeType = attribute.getAttributeType();

        if ( !attributeType.isCollective() && ( attributeType.getUsage() == UsageEnum.USER_APPLICATIONS )
            && !allowed.contains( attrOid ) )
        {
            throw new LdapSchemaViolationException( ResultCodeEnum.OBJECT_CLASS_VIOLATION, I18n.err( I18n.ERR_277,
                attribute.getUpId(), dn.getName() ) );
        }
    }
}
 

/**
 * {@inheritDoc}
 */
@Override
public List<Entry> loadAttributeTypes( Schema... schemas ) throws LdapException, IOException
{
    List<Entry> attributeTypeList = new ArrayList<>();

    if ( schemas == null )
    {
        return attributeTypeList;
    }

    for ( Schema schema : schemas )
    {
        // check that the attributeTypes directory exists for the schema
        File attributeTypesDirectory = new File( getSchemaDirectory( schema ), SchemaConstants.ATTRIBUTE_TYPES_PATH );

        if ( !attributeTypesDirectory.exists() )
        {
            return attributeTypeList;
        }

        // get list of attributeType LDIF schema files in attributeTypes
        File[] attributeTypeFiles = attributeTypesDirectory.listFiles( ldifFilter );

        if ( attributeTypeFiles != null )
        {
            for ( File ldifFile : attributeTypeFiles )
            {
                LdifReader reader = new LdifReader( ldifFile );
                LdifEntry entry = reader.next();
                reader.close();

                attributeTypeList.add( entry.getEntry() );
            }
        }
    }

    return attributeTypeList;
}
 

private Entry getExistingUser(User user) throws LdapException {
    LookupOperationContext lookupContext = new LookupOperationContext( directory.getAdminSession(),
            directory.getDnFactory().create(String.format(USER_FMT, user.getUserName())), SchemaConstants.ALL_USER_ATTRIBUTES, SchemaConstants.ALL_OPERATIONAL_ATTRIBUTES);

    try {
        Entry userEntry = directory.getPartitionNexus().lookup( lookupContext );
        if (userEntry != null && userEntry.hasObjectClass("iamaccount")) {
            return userEntry;
        }
    } catch (LdapNoSuchObjectException e) {
        // Fallthrough
    }
    return null;
}
 

/**
 * Creates the root nexus singleton of the entire system.  The root DSE has
 * several attributes that are injected into it besides those that may
 * already exist.  As partitions are added to the system more namingContexts
 * attributes are added to the rootDSE.
 *
 * @see <a href="http://www.faqs.org/rfcs/rfc3045.html">Vendor Information</a>
 * @param rootDse the root entry for the DSA
 * @throws javax.naming.Exception on failure to initialize
 */
public DefaultPartitionNexus( Entry rootDse ) throws Exception
{
    id = ID;
    suffixDn = null;

    // setup that root DSE
    this.rootDse = rootDse;

    // Add the basic informations
    rootDse.put( SchemaConstants.SUBSCHEMA_SUBENTRY_AT, ServerDNConstants.CN_SCHEMA_DN );
    rootDse.put( SchemaConstants.SUPPORTED_LDAP_VERSION_AT, "3" );
    rootDse.put( SchemaConstants.SUPPORTED_FEATURES_AT, SchemaConstants.FEATURE_ALL_OPERATIONAL_ATTRIBUTES );
    rootDse.put( SchemaConstants.SUPPORTED_EXTENSION_AT, NoticeOfDisconnect.EXTENSION_OID );

    // Add the objectClasses
    rootDse.put( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, SchemaConstants.EXTENSIBLE_OBJECT_OC );

    // Add the 'vendor' name and version infos
    rootDse.put( SchemaConstants.VENDOR_NAME_AT, ASF );

    Properties props = new Properties();

    try
    {
        props.load( getClass().getResourceAsStream( "version.properties" ) );
    }
    catch ( IOException e )
    {
        LOG.error( I18n.err( I18n.ERR_33 ) );
    }

    rootDse.put( SchemaConstants.VENDOR_VERSION_AT, props.getProperty( "apacheds.version", "UNKNOWN" ) );

    // The rootDSE uuid has been randomly created
    rootDse.put( SchemaConstants.ENTRY_UUID_AT, "f290425c-8272-4e62-8a67-92b06f38dbf5" );
}
 

/**
 * {@inheritDoc}
 */
@Override
public Normalizer getNormalizer( SchemaManager schemaManager, NormalizerDescription normalizerDescription,
    Registries targetRegistries, String schemaName ) throws LdapException
{
    checkDescription( normalizerDescription, SchemaConstants.NORMALIZER );

    // The Comparator OID
    String oid = getOid( normalizerDescription, SchemaConstants.NORMALIZER );

    // Get the schema
    Schema schema = getSchema( schemaName, targetRegistries );

    if ( schema == null )
    {
        // The schema is not loaded. We can't create the requested Normalizer
        String msg = I18n.err( I18n.ERR_16024_CANNOT_ADD_NORMALIZER, normalizerDescription.getName(), schemaName );
        
        if ( LOG.isWarnEnabled() )
        {
            LOG.warn( msg );
        }
        
        throw new LdapUnwillingToPerformException( ResultCodeEnum.UNWILLING_TO_PERFORM, msg );
    }

    // The FQCN
    String fqcn = getFqcn( normalizerDescription, SchemaConstants.NORMALIZER );

    // get the byteCode
    Attribute byteCode = getByteCode( normalizerDescription, SchemaConstants.NORMALIZER );

    // Class load the normalizer
    Normalizer normalizer = classLoadNormalizer( schemaManager, oid, fqcn, byteCode );

    // Update the common fields
    setSchemaObjectProperties( normalizer, normalizerDescription, schema );

    return normalizer;
}
 

/**
 * {@inheritDoc}
 */
@Override
public List<Entry> loadObjectClasses( Schema... schemas ) throws LdapException, IOException
{
    List<Entry> objectClassList = new ArrayList<>();

    if ( schemas == null )
    {
        return objectClassList;
    }

    for ( Schema schema : schemas )
    {
        // get objectClasses directory, check if exists, return if not
        File objectClassesDirectory = new File( getSchemaDirectory( schema ), SchemaConstants.OBJECT_CLASSES_PATH );

        if ( !objectClassesDirectory.exists() )
        {
            return objectClassList;
        }

        // get list of objectClass LDIF files from directory and load
        File[] objectClassFiles = objectClassesDirectory.listFiles( ldifFilter );

        if ( objectClassFiles != null )
        {
            for ( File ldifFile : objectClassFiles )
            {
                LdifReader reader = new LdifReader( ldifFile );
                LdifEntry entry = reader.next();
                reader.close();

                objectClassList.add( entry.getEntry() );
            }
        }
    }

    return objectClassList;
}
 

/**
 * @param se
 * @throws org.apache.directory.fortress.core.CreateException
 */
void create( Suffix se )
    throws CreateException
{
    LdapConnection ld = null;
    String nodeDn = getDn( se );
    try
    {
        LOG.info( "create suffix dn [{}]", nodeDn );
        Entry myEntry = new DefaultEntry( nodeDn );
        myEntry.add( SchemaConstants.OBJECT_CLASS_AT, SUFFIX_OBJ_CLASS );
        myEntry.add( SchemaConstants.DC_AT, se.getName() );
        myEntry.add( SchemaConstants.O_AT, se.getDescription() );

        ld = getAdminConnection();
        add( ld, myEntry );
    }
    catch ( LdapException e )
    {
        String error = "create container node dn [" + nodeDn + "] caught LDAPException="
            + e;
        throw new CreateException( GlobalErrIds.SUFX_CREATE_FAILED, error, e );
    }
    finally
    {
        closeAdminConnection( ld );
    }
}
 

/**
 * Recursively compute all the superiors of an object class. For instance, considering
 * 'inetOrgPerson', it's direct superior is 'organizationalPerson', which direct superior
 * is 'Person', which direct superior is 'top'.
 *
 * As a result, we will gather all of these three ObjectClasses in 'inetOrgPerson' ObjectClasse
 * superiors.
 */
private void computeOCSuperiors( ObjectClass objectClass, List<ObjectClass> superiors, Set<String> ocSeen )
    throws LdapException
{
    List<ObjectClass> parents = objectClass.getSuperiors();

    // Loop on all the objectClass superiors
    if ( ( parents != null ) && ( parents.size() != 0 ) )
    {
        for ( ObjectClass parent : parents )
        {
            // Top is not added
            if ( SchemaConstants.TOP_OC.equals( parent.getName() ) )
            {
                continue;
            }

            // For each one, recurse
            computeOCSuperiors( parent, superiors, ocSeen );

            String oid = parent.getOid();

            if ( !ocSeen.contains( oid ) )
            {
                superiors.add( parent );
                ocSeen.add( oid );
            }
        }
    }
}
 

/**
 * Returns true if <code>connection</code> is connected, authenticated, and
 * a lookup on the rootDSE returns a non-null response.
 * 
 * @param connection The connection to validate
 * @return True, if the connection is still valid
 */
@Override
public boolean validate( LdapConnection connection )
{
    try
    {
        return connection.isConnected()
            && connection.isAuthenticated()
            && ( connection.lookup( Dn.ROOT_DSE, SchemaConstants.NO_ATTRIBUTE ) != null );
    }
    catch ( LdapException e )
    {
        return false;
    }
}
 

/**
 * @param le
 * @return
 * @throws LdapInvalidAttributeValueException 
 * @throws LdapException
 */
private SDSet unloadLdapEntry( Entry le, long sequence ) throws LdapInvalidAttributeValueException
{
    SDSet entity = new ObjectFactory().createSDset();
    entity.setSequenceId( sequence );
    entity.setId( getAttribute( le, GlobalIds.FT_IID ) );
    entity.setName( getAttribute( le, SD_SET_NM ) );
    entity.setDescription( getAttribute( le, SchemaConstants.DESCRIPTION_AT ) );
    entity.setMembers( getAttributeSet( le, ROLES ) );
    String szCard = getAttribute( le, SD_SET_CARDINALITY );
    entity.setCardinality( Integer.valueOf( szCard ) );

    return entity;
}
 

/**
 * {@inheritDoc}
 */
@Override
public List<Entry> loadSyntaxCheckers( Schema... schemas ) throws LdapException, IOException
{
    List<Entry> syntaxCheckerList = new ArrayList<>();

    if ( schemas == null )
    {
        return syntaxCheckerList;
    }

    for ( Schema schema : schemas )
    {
        String start = getSchemaDirectoryString( schema )
            + SchemaConstants.SYNTAX_CHECKERS_PATH + "/" + "m-oid=";
        String end = "." + LDIF_EXT;

        for ( String resourcePath : RESOURCE_MAP.keySet() )
        {
            if ( resourcePath.startsWith( start ) && resourcePath.endsWith( end ) )
            {
                URL resource = getResource( resourcePath, "syntaxChecker LDIF file" );
                LdifReader reader = new LdifReader( resource.openStream() );
                LdifEntry entry = reader.next();
                reader.close();

                syntaxCheckerList.add( entry.getEntry() );
            }
        }
    }

    return syntaxCheckerList;
}
 

/**
 * {@inheritDoc}
 */
@Override
public List<Entry> loadDitStructureRules( Schema... schemas ) throws LdapException, IOException
{
    List<Entry> ditStructureRuleList = new ArrayList<>();

    if ( schemas == null )
    {
        return ditStructureRuleList;
    }

    for ( Schema schema : schemas )
    {
        String start = getSchemaDirectoryString( schema )
            + SchemaConstants.DIT_STRUCTURE_RULES_PATH + "/" + "m-oid=";
        String end = "." + LDIF_EXT;

        for ( String resourcePath : RESOURCE_MAP.keySet() )
        {
            if ( resourcePath.startsWith( start ) && resourcePath.endsWith( end ) )
            {
                URL resource = getResource( resourcePath, "ditStructureRule LDIF file" );
                LdifReader reader = new LdifReader( resource.openStream() );
                LdifEntry entry = reader.next();
                reader.close();

                ditStructureRuleList.add( entry.getEntry() );
            }
        }
    }

    return ditStructureRuleList;
}
 

/**
 * Try to inject an AttributeType which is Collective, but an operational AT
 */
@Test
public void testAddAttributeTypeNoSupCollectiveOperational() throws Exception
{
    SchemaManager schemaManager = loadSystem();
    int atrSize = schemaManager.getAttributeTypeRegistry().size();
    int goidSize = schemaManager.getGlobalOidRegistry().size();

    AttributeType attributeType = new AttributeType( "1.1.0" );
    attributeType.setEqualityOid( SchemaConstants.DISTINGUISHED_NAME_MATCH_MR_OID );
    attributeType.setOrderingOid( null );
    attributeType.setSubstringOid( null );
    attributeType.setSyntaxOid( "1.3.6.1.4.1.1466.115.121.1.26" );
    attributeType.setUsage( UsageEnum.DIRECTORY_OPERATION );
    attributeType.setCollective( true );

    // It should fail
    assertFalse( schemaManager.add( attributeType ) );

    List<Throwable> errors = schemaManager.getErrors();
    assertEquals( 1, errors.size() );
    Throwable error = errors.get( 0 );

    assertTrue( error instanceof LdapSchemaException );

    assertFalse( isATPresent( schemaManager, "1.1.0" ) );
    assertEquals( atrSize, schemaManager.getAttributeTypeRegistry().size() );
    assertEquals( goidSize, schemaManager.getGlobalOidRegistry().size() );
}
 

/**
 * @param le
 * @return
 */
private Example getEntityFromLdapEntry(Entry le) throws LdapInvalidAttributeValueException
{
    Example entity = new Example();
    entity.setId( getAttribute( le, GlobalIds.FT_IID ) );
    entity.setName(getAttribute(le, EIds.EXAMPLE_NM));
    entity.setDescription(getAttribute(le, SchemaConstants.DESCRIPTION_AT));
    unloadTemporal(le, entity);
    return entity;
}
 

/**
 * {@inheritDoc}
 */
@Override
public List<Entry> loadMatchingRules( Schema... schemas ) throws LdapException, IOException
{
    List<Entry> matchingRuleList = new ArrayList<>();

    if ( schemas == null )
    {
        return matchingRuleList;
    }

    for ( Schema schema : schemas )
    {
        File matchingRulesDirectory = new File( getSchemaDirectory( schema ), SchemaConstants.MATCHING_RULES_PATH );

        if ( !matchingRulesDirectory.exists() )
        {
            return matchingRuleList;
        }

        File[] matchingRuleFiles = matchingRulesDirectory.listFiles( ldifFilter );

        if ( matchingRuleFiles != null )
        {
            for ( File ldifFile : matchingRuleFiles )
            {
                LdifReader reader = new LdifReader( ldifFile );
                LdifEntry entry = reader.next();
                reader.close();

                matchingRuleList.add( entry.getEntry() );
            }
        }
    }

    return matchingRuleList;
}
 

/**
 * Constructs a new filter EqualityNode asserting that a candidate
 * objectClass is a referral.
 *
 * @param session the {@link LdapSession} to construct the node for
 * @return the {@link org.apache.directory.api.ldap.model.filter.EqualityNode} (objectClass=referral) non-normalized
 * @throws Exception in the highly unlikely event of schema related failures
 */
private EqualityNode<String> newIsReferralEqualityNode( LdapSession session ) throws Exception
{
    if ( OBJECT_CLASS_AT == null )
    {
        OBJECT_CLASS_AT = session.getCoreSession().getDirectoryService().getSchemaManager().getAttributeType(
            SchemaConstants.OBJECT_CLASS_AT );
    }

    EqualityNode<String> ocIsReferral = new EqualityNode<String>( OBJECT_CLASS_AT,
        new org.apache.directory.api.ldap.model.entry.StringValue( OBJECT_CLASS_AT, SchemaConstants.REFERRAL_OC ) );

    return ocIsReferral;
}
 

private Set<String> getAllAllowed( Attribute objectClasses, Set<String> must ) throws LdapException
{
    Set<String> allowed = new HashSet<String>( must );

    // Add the 'ObjectClass' attribute ID
    allowed.add( SchemaConstants.OBJECT_CLASS_AT_OID );

    // Loop on all objectclasses
    for ( Value<?> objectClass : objectClasses )
    {
        String ocName = objectClass.getString();
        ObjectClass oc = schemaManager.lookupObjectClassRegistry( ocName );

        List<AttributeType> types = oc.getMayAttributeTypes();

        // For each objectClass, loop on all MAY attributeTypes, if any
        if ( ( types != null ) && ( types.size() > 0 ) )
        {
            for ( AttributeType type : types )
            {
                String oid = type.getOid();

                allowed.add( oid );
            }
        }
    }

    return allowed;
}
 

/**
 * Try to inject an AttributeType with an ObjectClass name
 */
@Test
public void testAddAttributeTypeNameOfAnObjectClass() throws Exception
{
    SchemaManager schemaManager = loadSystem();
    int atrSize = schemaManager.getAttributeTypeRegistry().size();
    int goidSize = schemaManager.getGlobalOidRegistry().size();

    AttributeType attributeType = new AttributeType( "1.1.1.0" );
    attributeType.setEqualityOid( SchemaConstants.DISTINGUISHED_NAME_MATCH_MR_OID );
    attributeType.setOrderingOid( SchemaConstants.DISTINGUISHED_NAME_MATCH_MR_OID );
    attributeType.setSubstringOid( SchemaConstants.DISTINGUISHED_NAME_MATCH_MR_OID );
    attributeType.setSyntaxOid( "1.3.6.1.4.1.1466.115.121.1.26" );
    attributeType.setNames( "Test", "referral" );

    // It should be ok
    assertTrue( schemaManager.add( attributeType ) );

    List<Throwable> errors = schemaManager.getErrors();
    assertEquals( 0, errors.size() );

    // The AT must be present
    assertTrue( isATPresent( schemaManager, "1.1.1.0" ) );

    assertEquals( atrSize + 1, schemaManager.getAttributeTypeRegistry().size() );
    assertEquals( goidSize + 1, schemaManager.getGlobalOidRegistry().size() );

    AttributeType added = schemaManager.lookupAttributeTypeRegistry( "referral" );
    assertNotNull( added );
    assertEquals( "1.1.1.0", added.getOid() );
    assertTrue( added.getNames().contains( "referral" ) );
}
 

/**
 * Load an prescriptive trigger specification
 * 
 * @param apCtx The administrative point context
 * @param subentryCN The subentry CN
 * @param triggerSpec The trigger specification
 * @throws NamingException If the operation failed
 */
public static void loadPrescriptiveTriggerSpecification(
    LdapContext apCtx,
    String subentryCN,
    String triggerSpec ) throws NamingException
{
    Attributes changes = new BasicAttributes( SchemaConstants.PRESCRIPTIVE_TRIGGER_SPECIFICATION_AT, triggerSpec, true );
    apCtx.modifyAttributes( "cn=" + subentryCN, DirContext.ADD_ATTRIBUTE, changes );
}