@PublicAPI(stability=VOLATILE, mayInstantiate=false, mayExtend=false, mayInvoke=true) public abstract class Operation extends Object implements Runnable, PreParseOperation, PostResponseOperation
org.opends.server.core
package.Modifier and Type | Field and Description |
---|---|
protected static List<Control> |
NO_RESPONSE_CONTROLS
The set of response controls that will always be returned for an abandon operation.
|
protected RequestContext |
requestContext
The request context with which this operation is associated.
|
Modifier | Constructor and Description |
---|---|
protected |
Operation(org.forgerock.services.context.Context context,
List<Control> requestControls)
Creates a new operation with the provided information.
|
Modifier and Type | Method and Description |
---|---|
void |
addAdditionalLogItem(AdditionalLogItem item)
Adds an additional log item to this operation, which should be written to the log but not included in the
response to the client.
|
protected static void |
addPostReadResponse(Operation operation,
LDAPPostReadRequestControl postReadRequest,
Entry entry)
Adds the post-read response control to the response if requested.
|
protected static void |
addPreReadResponse(Operation operation,
LDAPPreReadRequestControl preReadRequest,
Entry entry)
Adds the pre-read response control to the response if requested.
|
void |
addRequestControl(Control control)
Adds the provided control to the set of request controls for this operation.
|
abstract void |
addResponseControl(Control control)
Adds the provided control to the set of controls to include in the response to the client.
|
void |
appendErrorMessage(LocalizableMessage message)
Appends the provided message to the error message buffer.
|
void |
appendMaskedErrorMessage(LocalizableMessage maskedMessage)
Appends the provided message to the real, masked error message buffer.
|
protected void |
checkAttributeConformsToSyntax(Entry entry,
Attribute attribute,
LocalizableMessageDescriptor.Arg4<Object,Object,Object,Object> invalidSyntaxErrorMsg,
LocalizableMessageDescriptor.Arg3<Object,Object,Object> invalidSyntaxNoValueErrorMsg,
LocalizableMessageDescriptor.Arg1<Object> rejectErrorMsg)
Checks whether an attribute's values conform to its syntax.
|
protected static void |
checkIfBackendIsWritable(LocalBackend<?> backend,
Operation op,
Dn entryDN,
LocalizableMessageDescriptor.Arg1<Object> serverMsg,
LocalizableMessageDescriptor.Arg1<Object> backendMsg)
Checks if an update operation can be performed against a backend.
|
void |
checkIfCanceled(boolean signalTooLate)
Kept to maintain compatibility with the
PluginOperation interface. |
protected static LdapException |
createLdapException(Operation operation,
Entry entry,
Dn entryDN,
ResultCode resultCode,
LocalizableMessage message,
ResultCode altResultCode,
LocalizableMessage altMessage)
Returns a new
LdapException built from the provided resultCodes and messages. |
void |
disconnectClient(DisconnectReason disconnectReason,
boolean sendNotification,
LocalizableMessage message)
Terminates the client connection being used to process this operation.
|
boolean |
dontSynchronize()
Indicates whether this operation needs to be synchronized to other copies of the data.
|
boolean |
equals(Object obj) |
protected static void |
evaluateProxyAuthControls(Operation operation)
Evaluate all aci and privilege checks for any proxy auth controls.
|
protected static void |
filterNonDisclosableMatchedDN(Operation operation)
Removes the matchedDN from the supplied operation if ACIs prevent its disclosure.
|
static Dn |
findMatchedDN(Dn entryDN)
Finds the matched DN associated with the provided entry DN.
|
List<AdditionalLogItem> |
getAdditionalLogItems()
Returns an unmodifiable list containing the additional log items for this operation, which should be written to
the log but not included in the response to the client.
|
<T> T |
getAttachment(String name)
Retrieves the attachment with the specified name.
|
Map<String,Object> |
getAttachments()
Retrieves the set of attachments defined for this operation, as a mapping between the attachment name and the
associated object.
|
Dn |
getAuthorizationDN()
Retrieves the authorization DN for this operation.
|
Entry |
getAuthorizationEntry()
Retrieves the entry for the user that should be considered the authorization identity for this operation.
|
ClientConnection |
getClientConnection()
Retrieves the client connection with which this operation is associated.
|
long |
getConnectionID()
Retrieves the unique identifier that is assigned to the client connection that submitted this operation.
|
org.forgerock.services.context.Context |
getContext()
Returns the context associated to this operation.
|
LocalizableMessageBuilder |
getErrorMessage()
Retrieves the error message for this operation.
|
protected LocalBackend<?> |
getLocalBackend()
Returns the local backend targetted by the provided operation.
|
Dn |
getMatchedDN()
Retrieves the matched DN for this operation.
|
int |
getMessageID()
Retrieves the message ID assigned to this operation.
|
long |
getOperationID()
Retrieves the operation ID for this operation.
|
long |
getProcessingNanoTime()
Retrieves the length of time in nanoseconds that the server spent processing this operation if available.
|
long |
getProcessingStartTime()
Retrieves the time that processing started for this operation.
|
long |
getProcessingStopTime()
Retrieves the time that processing stopped for this operation.
|
long |
getProcessingTime()
Retrieves the length of time in milliseconds that the server spent processing this operation.
|
abstract Dn |
getProxiedAuthorizationDN()
Retrieves the proxied authorization DN for this operation if proxied authorization has been requested.
|
List<String> |
getReferralURLs()
Retrieves the set of referral URLs for this operation.
|
<T extends Control> |
getRequestControl(ControlDecoder<T> d)
Retrieves a control included in the request from the client.
|
List<Control> |
getRequestControls()
Retrieves the set of controls included in the request from the client.
|
ResultCode |
getResultCode()
Retrieves the result code for this operation.
|
int |
hashCode() |
protected void |
invokePostResponseCallbacks()
Invokes the post response callbacks that were registered with this operation.
|
protected boolean |
isHumanReadable(Syntax syntax)
Returns
true if the provided syntax is human readable and does not need BER encoding. |
boolean |
isInnerOperation()
Indicates whether this is an inner operation rather than one that was directly requested by an external client.
|
boolean |
isInternalOperation()
Indicates whether this is an internal operation rather than one that was requested by an external client.
|
protected static boolean |
isProxyAuthzControl(String oid)
Check if an OID is for a proxy authorization control.
|
boolean |
isSynchronizationOperation()
Indicates whether this is a synchronization operation rather than one that was requested by an external client.
|
protected boolean |
mustCheckSchema()
Returns
true if a request must be validated according to the server's schema. |
void |
operationCompleted()
Indicates that processing on this operation has completed successfully and that the client should perform any
associated cleanup work.
|
static boolean |
processOperationResult(Operation op,
PluginResult.OperationResult opResult)
Processes the provided operation result for the provided operation.
|
boolean |
processOperationResult(PluginResult.OperationResult operationResult)
Processes the provided operation result for the current operation.
|
void |
registerPostResponseCallback(Runnable callback)
Registers a callback which should be run once this operation has completed and the response sent back to the
client.
|
protected static void |
removeAllDisallowedControls(Dn targetDN,
Operation operation)
Removes all the disallowed request controls from the provided operation.
|
<T> T |
removeAttachment(String name)
Removes the attachment with the specified name.
|
abstract void |
removeResponseControl(Control control)
Removes the provided control from the set of controls to include in the response to the client.
|
abstract void |
run()
Performs the work of actually processing this operation.
|
<T> T |
setAttachment(String name,
Object value)
Sets the value of the specified attachment.
|
void |
setAttachments(Map<String,Object> attachments)
Set the attachments to the operation.
|
void |
setAuthorizationEntry(Entry authorizationEntry)
Provides the entry for the user that should be considered the authorization identity for this operation.
|
void |
setDontSynchronize(boolean dontSynchronize)
Specifies whether this operation must be synchronized to other copies of the data.
|
void |
setErrorMessage(LocalizableMessageBuilder errorMessage)
Specifies the error message for this operation.
|
void |
setInnerOperation(boolean isInnerOperation)
Specifies whether this is an inner operation rather than one that was directly requested by an external client.
|
void |
setInternalOperation(boolean isInternalOperation)
Specifies whether this is an internal operation rather than one that was requested by an external client.
|
void |
setMatchedDN(Dn matchedDN)
Specifies the matched DN for this operation.
|
void |
setProcessingStartTime()
Set the time at which the processing started for this operation.
|
void |
setProcessingStopTime()
Set the time at which the processing stopped for this operation.
|
abstract void |
setProxiedAuthorizationDN(Dn proxiedAuthorizationDN)
Set the proxied authorization DN for this operation if proxied authorization has been requested.
|
void |
setReferralURLs(List<String> referralURLs)
Specifies the set of referral URLs for this operation.
|
void |
setResponseData(LdapException e)
Sets the response elements for this operation based on the information contained in the provided
exception object. |
void |
setResult(Result result)
Specifies the result for this operation.
|
void |
setResultCode(ResultCode resultCode)
Specifies the result code for this operation.
|
protected static void |
setResultCodeAndMessageNoInfoDisclosure(Operation operation,
Entry entry,
Dn entryDN,
ResultCode resultCode,
LocalizableMessage message,
ResultCode altResultCode,
LocalizableMessage altMessage)
Sets the provided resultCodes and messages on the provided operation.
|
void |
setSynchronizationOperation(boolean isSynchronizationOperation)
Specifies whether this operation must be synchronized to other copies of the data.
|
String |
toString()
Retrieves a string representation of this operation.
|
abstract void |
toString(StringBuilder buffer)
Appends a string representation of this operation to the provided buffer.
|
void |
updateOperationErrMsgAndResCode()
Updates the error message and the result code of the operation.
|
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
getOperationType, getResponseControls
protected static final List<Control> NO_RESPONSE_CONTROLS
protected final RequestContext requestContext
protected Operation(org.forgerock.services.context.Context context, List<Control> requestControls)
context
- The context with which this operation is associated.requestControls
- The set of controls included in the request.public org.forgerock.services.context.Context getContext()
public void disconnectClient(DisconnectReason disconnectReason, boolean sendNotification, LocalizableMessage message)
PluginOperation
disconnectClient
in interface PluginOperation
disconnectReason
- The disconnect reason that provides the generic cause for the disconnect.sendNotification
- Indicates whether to try to provide notification to the client that the connection will be closed.message
- The message to send to the client. It may be null
if no notification is to be sent.public final ClientConnection getClientConnection()
PluginOperation
getClientConnection
in interface PluginOperation
public final long getConnectionID()
PluginOperation
getConnectionID
in interface PluginOperation
public final long getOperationID()
PluginOperation
getOperationID
in interface PluginOperation
public final int getMessageID()
PluginOperation
getMessageID
in interface PluginOperation
public final List<Control> getRequestControls()
PluginOperation
getRequestControls
in interface PluginOperation
public final <T extends Control> T getRequestControl(ControlDecoder<T> d) throws LdapException
PluginOperation
getRequestControl
in interface PluginOperation
T
- The type of control requested.d
- The requested control's decoder.null
if the
control was not found.LdapException
- if an error occurs while decoding the control.public final void addRequestControl(Control control)
addRequestControl
in interface PreParseOperation
control
- The control to add to the set of request controls for this operation.public abstract void addResponseControl(Control control)
addResponseControl
in interface PreParseOperation
control
- The control to add to the set of controls to include in the response to the client.public abstract void removeResponseControl(Control control)
removeResponseControl
in interface PreParseOperation
control
- The control to remove from the set of controls to include in the response to the client.public final ResultCode getResultCode()
PostResponseOperation
getResultCode
in interface PostResponseOperation
UNDEFINED
if the operation has not yet
completed.public final void setResult(Result result)
result
- The result for this operation.public final void setResultCode(ResultCode resultCode)
resultCode
- The result code for this operation.public final LocalizableMessageBuilder getErrorMessage()
getErrorMessage
in interface PostResponseOperation
getErrorMessage
in interface PreParseOperation
public final void setErrorMessage(LocalizableMessageBuilder errorMessage)
setErrorMessage
in interface PreParseOperation
errorMessage
- The error message for this operation.public final void appendErrorMessage(LocalizableMessage message)
appendErrorMessage
in interface PreParseOperation
message
- The message to append to the error messagepublic final void appendMaskedErrorMessage(LocalizableMessage maskedMessage)
maskedMessage
- The message to append to the real, masked error messagepublic List<AdditionalLogItem> getAdditionalLogItems()
PreParseOperation
getAdditionalLogItems
in interface PostResponseOperation
getAdditionalLogItems
in interface PreParseOperation
public void addAdditionalLogItem(AdditionalLogItem item)
PreParseOperation
addAdditionalLogItem
in interface PreParseOperation
item
- The additional log item for this operation.public final Dn getMatchedDN()
PostResponseOperation
getMatchedDN
in interface PostResponseOperation
null
if the operation has not yet completed or does
not have a matched DN.public final void setMatchedDN(Dn matchedDN)
matchedDN
- The matched DN for this operation.public final List<String> getReferralURLs()
PostResponseOperation
getReferralURLs
in interface PostResponseOperation
null
if the operation is not yet complete or
does not have a set of referral URLs.public final void setReferralURLs(List<String> referralURLs)
referralURLs
- The set of referral URLs for this operation.public final void setResponseData(LdapException e)
exception
object. This method may not be called by post-response plugins.e
- The exception containing the information to use for the response elements.public final boolean isInternalOperation()
PluginOperation
isInternalOperation
in interface PluginOperation
true
if this is an internal operation, or false
if it is not.public final void setInternalOperation(boolean isInternalOperation)
isInternalOperation
- Specifies whether this is an internal operation rather than one that was requested by an external
client.public boolean isInnerOperation()
true
if this is an inner operation, or false
if it is not.public void setInnerOperation(boolean isInnerOperation)
isInnerOperation
- Specifies whether this is an inner operation rather than one that was requested by an external client.public final boolean isSynchronizationOperation()
PluginOperation
isSynchronizationOperation
in interface PluginOperation
true
if this is a data synchronization operation, or false
if it is not.public final void setSynchronizationOperation(boolean isSynchronizationOperation)
isSynchronizationOperation
- Specifies whether this operation must be synchronized to other copies of the data.public boolean dontSynchronize()
true
if this operation should not be synchronized, or false
if it should be synchronized.public final void setDontSynchronize(boolean dontSynchronize)
dontSynchronize
- Specifies whether this operation must be synchronized to other copies of the data.public final Entry getAuthorizationEntry()
null
if no
authentication has been performed on that connection. However, it may be some other value if special processing
has been requested (e.g., the operation included a proxied authorization control). This method should not be
called by pre-parse plugins because the correct value may not yet have been determined.null
if the authorization identity should be the unauthenticated user.public final void setAuthorizationEntry(Entry authorizationEntry)
authorizationEntry
- The entry for the user that should be considered the authorization identity for this operation, or
null
if it should be the unauthenticated user.public final Dn getAuthorizationDN()
getAuthorizationDN
in interface PostResponseOperation
public final Map<String,Object> getAttachments()
PluginOperation
getAttachments
in interface PluginOperation
public final void setAttachments(Map<String,Object> attachments)
attachments
- Attachments to register within the operationpublic final <T> T getAttachment(String name)
PluginOperation
getAttachment
in interface PluginOperation
T
- the type of the attached objectname
- The name for the attachment to retrieve. It will be treated in a case-sensitive manner.null
if it does not exist.public final <T> T removeAttachment(String name)
PluginOperation
removeAttachment
in interface PluginOperation
T
- the type of the attached objectname
- The name for the attachment to remove. It will be treated in a case-sensitive manner.null
if it does not exist.public final <T> T setAttachment(String name, Object value)
setAttachment
in interface PluginOperation
T
- the type of the attached objectname
- The name to use for the attachment.value
- The value to use for the attachment.null
if there was previously no
such attachment.public final void operationCompleted()
public final void checkIfCanceled(boolean signalTooLate) throws CancelledResultException
PluginOperation
interface.checkIfCanceled
in interface PluginOperation
signalTooLate
- true
to signal that any further cancel requests will be too late after return from this call
or false
otherwise.CancelledResultException
- if this operation should be cancelled.public final String toString()
PluginOperation
toString
in interface PluginOperation
toString
in class Object
public abstract void toString(StringBuilder buffer)
toString
in interface PluginOperation
buffer
- The buffer into which a string representation of this operation should be appended.public final long getProcessingStartTime()
PluginOperation
getProcessingStartTime
in interface PluginOperation
public final void setProcessingStartTime()
public final long getProcessingStopTime()
PostResponseOperation
getProcessingStopTime
in interface PostResponseOperation
public final void setProcessingStopTime()
public final long getProcessingTime()
getProcessingTime
in interface PostResponseOperation
public final long getProcessingNanoTime()
public final void registerPostResponseCallback(Runnable callback)
callback
- The callback to be run once this operation has completed and the response sent back to the client.public abstract Dn getProxiedAuthorizationDN()
null
if proxied authorization has not been requested.public abstract void setProxiedAuthorizationDN(Dn proxiedAuthorizationDN)
proxiedAuthorizationDN
- The proxied authorization DN for this operation if proxied authorization has been requested, or
null
if proxied authorization has not been requested.protected final void invokePostResponseCallbacks()
public void updateOperationErrMsgAndResCode()
public boolean processOperationResult(PluginResult.OperationResult operationResult)
operationResult
- the operation resulttrue
if processing can continue, false
otherwisepublic static boolean processOperationResult(Operation op, PluginResult.OperationResult opResult)
op
- the operationopResult
- the operation resulttrue
if processing can continue, false
otherwiseprotected static boolean isProxyAuthzControl(String oid)
oid
- The OID to checktrue
if the OID is for a proxy auth v1 or v2 control, false
otherwise.protected static void removeAllDisallowedControls(Dn targetDN, Operation operation) throws LdapException
As per RFC 4511 4.1.11, if a disallowed request control is critical, then a LdapException is thrown with unavailableCriticalExtension. Otherwise, if the disallowed request control is non critical, it is removed because we do not want the backend to process it.
targetDN
- the target DN of the operationoperation
- the operation currently processedLdapException
- If a disallowed request control is critical, thrown with unavailableCriticalExtension. If an error
occurred while performing the access control check. For example, if an attribute could not be
decoded. Care must be taken not to expose any potentially sensitive information in the exception.protected static void evaluateProxyAuthControls(Operation operation) throws LdapException
operation
- The operation containing the controlsLdapException
- if a proxy auth control is found but cannot be used.protected static LdapException createLdapException(Operation operation, Entry entry, Dn entryDN, ResultCode resultCode, LocalizableMessage message, ResultCode altResultCode, LocalizableMessage altMessage) throws LdapException
LdapException
built from the provided resultCodes and messages. Depending on whether
ACIs prevent information disclosure, the provided resultCode and message will be masked and altResultCode and
altMessage will be used instead.operation
- the operation for which to check if ACIs prevent information disclosureentry
- the entry for which to check if ACIs prevent information disclosure, if null, then a fake entry will
be created from the entryDN parameterentryDN
- the entry dn for which to check if ACIs prevent information disclosure. Only used if entry is null.resultCode
- the result code to put on the LdapException if ACIs allow disclosure. Otherwise it will be put on
the LdapException as a masked result code.message
- the message to put on the LdapException if ACIs allow disclosure. Otherwise it will be put on the
LdapException as a masked message.altResultCode
- the result code to put on the LdapException if ACIs do not allow disclosing the resultCode.altMessage
- the result code to put on the LdapException if ACIs do not allow disclosing the message.LdapException
- If an error occurred while performing the access control check.protected static void setResultCodeAndMessageNoInfoDisclosure(Operation operation, Entry entry, Dn entryDN, ResultCode resultCode, LocalizableMessage message, ResultCode altResultCode, LocalizableMessage altMessage) throws LdapException
operation
- the operation for which to check if ACIs prevent information disclosureentry
- the entry for which to check if ACIs prevent information disclosure, if null, then a fake entry will
be created from the entryDN parameterentryDN
- the entry dn for which to check if ACIs prevent information disclosure. Only used if entry is null.resultCode
- the result code to put on the LdapException if ACIs allow disclosure. Otherwise it will be put on
the LdapException as a masked result code.message
- the message to put on the LdapException if ACIs allow disclosure. Otherwise it will be put on the
LdapException as a masked message.altResultCode
- the result code to put on the LdapException if ACIs do not allow disclosing the resultCode.altMessage
- the result code to put on the LdapException if ACIs do not allow disclosing the message.LdapException
- If an error occurred while performing the access control check.protected static void filterNonDisclosableMatchedDN(Operation operation)
operation
- where to filter the matchedDN fromprotected static void addPostReadResponse(Operation operation, LDAPPostReadRequestControl postReadRequest, Entry entry)
operation
- The update operation.postReadRequest
- The request control, if present.entry
- The post-update entry.protected static void addPreReadResponse(Operation operation, LDAPPreReadRequestControl preReadRequest, Entry entry)
operation
- The update operation.preReadRequest
- The request control, if present.entry
- The pre-update entry.protected static void checkIfBackendIsWritable(LocalBackend<?> backend, Operation op, Dn entryDN, LocalizableMessageDescriptor.Arg1<Object> serverMsg, LocalizableMessageDescriptor.Arg1<Object> backendMsg) throws LdapException
backend
- The backend handling the update.op
- The update operation.entryDN
- The name of the entry being updated.serverMsg
- The message to log if the update was rejected because the server is read-only.backendMsg
- The message to log if the update was rejected because the backend is read-only.LdapException
- If the update operation has been rejected.protected final LocalBackend<?> getLocalBackend()
public static Dn findMatchedDN(Dn entryDN)
null
if none can
be found.entryDN
- the entry DN for which to find the closest matched DNnull
if none can be found.protected void checkAttributeConformsToSyntax(Entry entry, Attribute attribute, LocalizableMessageDescriptor.Arg4<Object,Object,Object,Object> invalidSyntaxErrorMsg, LocalizableMessageDescriptor.Arg3<Object,Object,Object> invalidSyntaxNoValueErrorMsg, LocalizableMessageDescriptor.Arg1<Object> rejectErrorMsg) throws LdapException
entry
- The entry being modified or renamed.attribute
- The attribute whose values are to be checked.invalidSyntaxErrorMsg
- The error message which should be used for human readable syntaxes.invalidSyntaxNoValueErrorMsg
- The error message which should be used for binary syntaxes.rejectErrorMsg
- The error message which should be used when the request is to be rejected.LdapException
- If an invalid value is encountered and strict enforcement is enabled.protected boolean mustCheckSchema()
true
if a request must be validated according to the server's schema.true
if a request must be validated according to the server's schema.protected boolean isHumanReadable(Syntax syntax)
true
if the provided syntax is human readable and does not need BER encoding.syntax
- The syntax.true
if the provided syntax is human readable and does not need BER encoding.public abstract void run()
Copyright 2010-2018 ForgeRock AS.