001/* 002 * Copyright 2008-2020 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2008-2020 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2015-2020 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.unboundidds.controls; 037 038 039 040import java.util.ArrayList; 041import java.util.Arrays; 042import java.util.Collection; 043import java.util.Collections; 044import java.util.List; 045import java.util.Iterator; 046 047import com.unboundid.asn1.ASN1Element; 048import com.unboundid.asn1.ASN1OctetString; 049import com.unboundid.asn1.ASN1Sequence; 050import com.unboundid.ldap.sdk.Control; 051import com.unboundid.ldap.sdk.LDAPException; 052import com.unboundid.ldap.sdk.ResultCode; 053import com.unboundid.util.Debug; 054import com.unboundid.util.NotMutable; 055import com.unboundid.util.StaticUtils; 056import com.unboundid.util.ThreadSafety; 057import com.unboundid.util.ThreadSafetyLevel; 058import com.unboundid.util.Validator; 059 060import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 061 062 063 064/** 065 * This class provides a request control which may be used to request that 066 * entries below one or more base DNs be excluded from the results returned to 067 * a client while processing a search operation. For example, this may be 068 * useful in cases where you want to perform a search below "dc=example,dc=com", 069 * but want to exclude all entries below "ou=private,dc=example,dc=com". 070 * <BR> 071 * <BLOCKQUOTE> 072 * <B>NOTE:</B> This class, and other classes within the 073 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 074 * supported for use against Ping Identity, UnboundID, and 075 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 076 * for proprietary functionality or for external specifications that are not 077 * considered stable or mature enough to be guaranteed to work in an 078 * interoperable way with other types of LDAP servers. 079 * </BLOCKQUOTE> 080 * <BR> 081 * The criticality for this control may be either {@code true} or {@code false}. 082 * It must have a value with the following encoding: 083 * <PRE> 084 * ExcludeBranchRequest ::= SEQUENCE { 085 * baseDNs [0] SEQUENCE OF LDAPDN, 086 * ... } 087 * </PRE> 088 */ 089@NotMutable() 090@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 091public final class ExcludeBranchRequestControl 092 extends Control 093{ 094 /** 095 * The OID (1.3.6.1.4.1.30221.2.5.17) for the exclude branch request control. 096 */ 097 public static final String EXCLUDE_BRANCH_REQUEST_OID = 098 "1.3.6.1.4.1.30221.2.5.17"; 099 100 101 102 /** 103 * The BER type for the base DNs element. 104 */ 105 private static final byte TYPE_BASE_DNS = (byte) 0xA0; 106 107 108 109 /** 110 * The serial version UID for this serializable class. 111 */ 112 private static final long serialVersionUID = -8599554860060612417L; 113 114 115 116 // The list of base DNs to be excluded from the search results. 117 private final List<String> baseDNs; 118 119 120 121 /** 122 * Creates a new exclude branch request control with the provided set of base 123 * DNs. It will be marked critical. 124 * 125 * @param baseDNs The base DNs for entries to be excluded from search 126 * results. It must not be {@code null} or empty. 127 */ 128 public ExcludeBranchRequestControl(final Collection<String> baseDNs) 129 { 130 this(true, baseDNs); 131 } 132 133 134 135 /** 136 * Creates a new exclude branch request control with the provided set of base 137 * DNs. It will be marked critical. 138 * 139 * @param baseDNs The base DNs for entries to be excluded from search 140 * results. It must not be {@code null} or empty. 141 */ 142 public ExcludeBranchRequestControl(final String... baseDNs) 143 { 144 this(true, baseDNs); 145 } 146 147 148 149 /** 150 * Creates a new exclude branch request control with the provided information. 151 * 152 * @param isCritical Indicates whether the control should be marked 153 * critical. 154 * @param baseDNs The base DNs for entries to be excluded from search 155 * results. It must not be {@code null} or empty. 156 */ 157 public ExcludeBranchRequestControl(final boolean isCritical, 158 final String... baseDNs) 159 { 160 super(EXCLUDE_BRANCH_REQUEST_OID, isCritical, encodeValue(baseDNs)); 161 162 this.baseDNs = Collections.unmodifiableList(Arrays.asList(baseDNs)); 163 } 164 165 166 167 /** 168 * Creates a new exclude branch request control with the provided information. 169 * 170 * @param isCritical Indicates whether the control should be marked 171 * critical. 172 * @param baseDNs The base DNs for entries to be excluded from search 173 * results. It must not be {@code null} or empty. 174 */ 175 public ExcludeBranchRequestControl(final boolean isCritical, 176 final Collection<String> baseDNs) 177 { 178 super(EXCLUDE_BRANCH_REQUEST_OID, isCritical, encodeValue(baseDNs)); 179 180 this.baseDNs = Collections.unmodifiableList(new ArrayList<>(baseDNs)); 181 } 182 183 184 185 /** 186 * Creates a new exclude branch request control which is decoded from the 187 * provided generic control. 188 * 189 * @param control The generic control to be decoded as an exclude branch 190 * request control. 191 * 192 * @throws LDAPException If the provided control cannot be decoded as an 193 * exclude branch request control. 194 */ 195 public ExcludeBranchRequestControl(final Control control) 196 throws LDAPException 197 { 198 super(control); 199 200 final ASN1OctetString value = control.getValue(); 201 if (value == null) 202 { 203 throw new LDAPException(ResultCode.DECODING_ERROR, 204 ERR_EXCLUDE_BRANCH_MISSING_VALUE.get()); 205 } 206 207 final ASN1Sequence valueSequence; 208 try 209 { 210 valueSequence = ASN1Sequence.decodeAsSequence(value.getValue()); 211 } 212 catch (final Exception e) 213 { 214 Debug.debugException(e); 215 throw new LDAPException(ResultCode.DECODING_ERROR, 216 ERR_EXCLUDE_BRANCH_VALUE_NOT_SEQUENCE.get( 217 StaticUtils.getExceptionMessage(e)), e); 218 } 219 220 try 221 { 222 final ASN1Element[] elements = valueSequence.elements(); 223 224 final ASN1Element[] dnElements = 225 ASN1Sequence.decodeAsSequence(elements[0]).elements(); 226 final ArrayList<String> dnList = new ArrayList<>(dnElements.length); 227 for (final ASN1Element e : dnElements) 228 { 229 dnList.add(ASN1OctetString.decodeAsOctetString(e).stringValue()); 230 } 231 baseDNs = Collections.unmodifiableList(dnList); 232 233 if (baseDNs.isEmpty()) 234 { 235 throw new LDAPException(ResultCode.DECODING_ERROR, 236 ERR_EXCLUDE_BRANCH_NO_BASE_DNS.get()); 237 } 238 } 239 catch (final LDAPException le) 240 { 241 Debug.debugException(le); 242 throw le; 243 } 244 catch (final Exception e) 245 { 246 Debug.debugException(e); 247 throw new LDAPException(ResultCode.DECODING_ERROR, 248 ERR_EXCLUDE_BRANCH_ERROR_PARSING_VALUE.get( 249 StaticUtils.getExceptionMessage(e)), e); 250 } 251 } 252 253 254 255 /** 256 * Encodes the provided information into a form suitable for use as the value 257 * of this control. 258 * 259 * @param baseDNs The base DNs for entries to be excluded from search 260 * results. It must not be {@code null} or empty. 261 * 262 * @return The encoded value for this control. 263 */ 264 private static ASN1OctetString encodeValue(final String... baseDNs) 265 { 266 Validator.ensureNotNull(baseDNs); 267 return encodeValue(Arrays.asList(baseDNs)); 268 } 269 270 271 272 /** 273 * Encodes the provided information into a form suitable for use as the value 274 * of this control. 275 * 276 * @param baseDNs The base DNs for entries to be excluded from search 277 * results. It must not be {@code null} or empty. 278 * 279 * @return The encoded value for this control. 280 */ 281 private static ASN1OctetString encodeValue(final Collection<String> baseDNs) 282 { 283 Validator.ensureNotNull(baseDNs); 284 Validator.ensureFalse(baseDNs.isEmpty()); 285 286 final ArrayList<ASN1Element> dnElements = new ArrayList<>(baseDNs.size()); 287 for (final String s : baseDNs) 288 { 289 dnElements.add(new ASN1OctetString(s)); 290 } 291 292 final ASN1Sequence baseDNSequence = 293 new ASN1Sequence(TYPE_BASE_DNS, dnElements); 294 final ASN1Sequence valueSequence = new ASN1Sequence(baseDNSequence); 295 return new ASN1OctetString(valueSequence.encode()); 296 } 297 298 299 300 /** 301 * Retrieves a list of the base DNs for entries to exclude from the search 302 * results. 303 * 304 * @return A list of the base DNs for entries to exclude from the search 305 * results. 306 */ 307 public List<String> getBaseDNs() 308 { 309 return baseDNs; 310 } 311 312 313 314 /** 315 * {@inheritDoc} 316 */ 317 @Override() 318 public String getControlName() 319 { 320 return INFO_CONTROL_NAME_EXCLUDE_BRANCH.get(); 321 } 322 323 324 325 /** 326 * {@inheritDoc} 327 */ 328 @Override() 329 public void toString(final StringBuilder buffer) 330 { 331 buffer.append("ExcludeBranchRequestControl(isCritical="); 332 buffer.append(isCritical()); 333 buffer.append(", baseDNs={"); 334 335 final Iterator<String> iterator = baseDNs.iterator(); 336 while (iterator.hasNext()) 337 { 338 buffer.append('\''); 339 buffer.append(iterator.next()); 340 buffer.append('\''); 341 342 if (iterator.hasNext()) 343 { 344 buffer.append(", "); 345 } 346 } 347 348 buffer.append("})"); 349 } 350}