001/*
002 * Copyright 2008-2022 Ping Identity Corporation
003 * All Rights Reserved.
004 */
005/*
006 * Copyright 2008-2022 Ping Identity Corporation
007 *
008 * Licensed under the Apache License, Version 2.0 (the "License");
009 * you may not use this file except in compliance with the License.
010 * You may obtain a copy of the License at
011 *
012 *    http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing, software
015 * distributed under the License is distributed on an "AS IS" BASIS,
016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017 * See the License for the specific language governing permissions and
018 * limitations under the License.
019 */
020/*
021 * Copyright (C) 2008-2022 Ping Identity Corporation
022 *
023 * This program is free software; you can redistribute it and/or modify
024 * it under the terms of the GNU General Public License (GPLv2 only)
025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
026 * as published by the Free Software Foundation.
027 *
028 * This program is distributed in the hope that it will be useful,
029 * but WITHOUT ANY WARRANTY; without even the implied warranty of
030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
031 * GNU General Public License for more details.
032 *
033 * You should have received a copy of the GNU General Public License
034 * along with this program; if not, see <http://www.gnu.org/licenses>.
035 */
036package com.unboundid.ldap.sdk.unboundidds.controls;
037
038
039
040import java.util.ArrayList;
041import java.util.Arrays;
042import java.util.Collection;
043import java.util.Collections;
044import java.util.List;
045import java.util.Iterator;
046
047import com.unboundid.asn1.ASN1Element;
048import com.unboundid.asn1.ASN1OctetString;
049import com.unboundid.asn1.ASN1Sequence;
050import com.unboundid.ldap.sdk.Control;
051import com.unboundid.ldap.sdk.LDAPException;
052import com.unboundid.ldap.sdk.ResultCode;
053import com.unboundid.util.Debug;
054import com.unboundid.util.NotMutable;
055import com.unboundid.util.NotNull;
056import com.unboundid.util.StaticUtils;
057import com.unboundid.util.ThreadSafety;
058import com.unboundid.util.ThreadSafetyLevel;
059import com.unboundid.util.Validator;
060
061import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*;
062
063
064
065/**
066 * This class provides a request control which may be used to request that
067 * entries below one or more base DNs be excluded from the results returned to
068 * a client while processing a search operation.  For example, this may be
069 * useful in cases where you want to perform a search below "dc=example,dc=com",
070 * but want to exclude all entries below "ou=private,dc=example,dc=com".
071 * <BR>
072 * <BLOCKQUOTE>
073 *   <B>NOTE:</B>  This class, and other classes within the
074 *   {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only
075 *   supported for use against Ping Identity, UnboundID, and
076 *   Nokia/Alcatel-Lucent 8661 server products.  These classes provide support
077 *   for proprietary functionality or for external specifications that are not
078 *   considered stable or mature enough to be guaranteed to work in an
079 *   interoperable way with other types of LDAP servers.
080 * </BLOCKQUOTE>
081 * <BR>
082 * The criticality for this control may be either {@code true} or {@code false}.
083 * It must have a value with the following encoding:
084 * <PRE>
085 *   ExcludeBranchRequest ::= SEQUENCE {
086 *        baseDNs     [0] SEQUENCE OF LDAPDN,
087 *        ... }
088 * </PRE>
089 */
090@NotMutable()
091@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE)
092public final class ExcludeBranchRequestControl
093       extends Control
094{
095  /**
096   * The OID (1.3.6.1.4.1.30221.2.5.17) for the exclude branch request control.
097   */
098  @NotNull public static final String EXCLUDE_BRANCH_REQUEST_OID =
099       "1.3.6.1.4.1.30221.2.5.17";
100
101
102
103  /**
104   * The BER type for the base DNs element.
105   */
106  private static final byte TYPE_BASE_DNS = (byte) 0xA0;
107
108
109
110  /**
111   * The serial version UID for this serializable class.
112   */
113  private static final long serialVersionUID = -8599554860060612417L;
114
115
116
117  // The list of base DNs to be excluded from the search results.
118  @NotNull private final List<String> baseDNs;
119
120
121
122  /**
123   * Creates a new exclude branch request control with the provided set of base
124   * DNs.  It will be marked critical.
125   *
126   * @param  baseDNs  The base DNs for entries to be excluded from search
127   *                  results.  It must not be {@code null} or empty.
128   */
129  public ExcludeBranchRequestControl(@NotNull final Collection<String> baseDNs)
130  {
131    this(true, baseDNs);
132  }
133
134
135
136  /**
137   * Creates a new exclude branch request control with the provided set of base
138   * DNs.  It will be marked critical.
139   *
140   * @param  baseDNs  The base DNs for entries to be excluded from search
141   *                  results.  It must not be {@code null} or empty.
142   */
143  public ExcludeBranchRequestControl(@NotNull final String... baseDNs)
144  {
145    this(true, baseDNs);
146  }
147
148
149
150  /**
151   * Creates a new exclude branch request control with the provided information.
152   *
153   * @param  isCritical  Indicates whether the control should be marked
154   *                     critical.
155   * @param  baseDNs     The base DNs for entries to be excluded from search
156   *                     results.  It must not be {@code null} or empty.
157   */
158  public ExcludeBranchRequestControl(final boolean isCritical,
159                                     @NotNull final String... baseDNs)
160  {
161    super(EXCLUDE_BRANCH_REQUEST_OID, isCritical, encodeValue(baseDNs));
162
163    this.baseDNs = Collections.unmodifiableList(Arrays.asList(baseDNs));
164  }
165
166
167
168  /**
169   * Creates a new exclude branch request control with the provided information.
170   *
171   * @param  isCritical  Indicates whether the control should be marked
172   *                     critical.
173   * @param  baseDNs     The base DNs for entries to be excluded from search
174   *                     results.  It must not be {@code null} or empty.
175   */
176  public ExcludeBranchRequestControl(final boolean isCritical,
177                                     @NotNull final Collection<String> baseDNs)
178  {
179    super(EXCLUDE_BRANCH_REQUEST_OID, isCritical, encodeValue(baseDNs));
180
181    this.baseDNs = Collections.unmodifiableList(new ArrayList<>(baseDNs));
182  }
183
184
185
186  /**
187   * Creates a new exclude branch request control which is decoded from the
188   * provided generic control.
189   *
190   * @param  control  The generic control to be decoded as an exclude branch
191   *                  request control.
192   *
193   * @throws  LDAPException  If the provided control cannot be decoded as an
194   *                         exclude branch request control.
195   */
196  public ExcludeBranchRequestControl(@NotNull final Control control)
197         throws LDAPException
198  {
199    super(control);
200
201    final ASN1OctetString value = control.getValue();
202    if (value == null)
203    {
204      throw new LDAPException(ResultCode.DECODING_ERROR,
205           ERR_EXCLUDE_BRANCH_MISSING_VALUE.get());
206    }
207
208    final ASN1Sequence valueSequence;
209    try
210    {
211      valueSequence = ASN1Sequence.decodeAsSequence(value.getValue());
212    }
213    catch (final Exception e)
214    {
215      Debug.debugException(e);
216      throw new LDAPException(ResultCode.DECODING_ERROR,
217           ERR_EXCLUDE_BRANCH_VALUE_NOT_SEQUENCE.get(
218                StaticUtils.getExceptionMessage(e)), e);
219    }
220
221    try
222    {
223      final ASN1Element[] elements = valueSequence.elements();
224
225      final ASN1Element[] dnElements =
226           ASN1Sequence.decodeAsSequence(elements[0]).elements();
227      final ArrayList<String> dnList = new ArrayList<>(dnElements.length);
228      for (final ASN1Element e : dnElements)
229      {
230        dnList.add(ASN1OctetString.decodeAsOctetString(e).stringValue());
231      }
232      baseDNs = Collections.unmodifiableList(dnList);
233
234      if (baseDNs.isEmpty())
235      {
236        throw new LDAPException(ResultCode.DECODING_ERROR,
237             ERR_EXCLUDE_BRANCH_NO_BASE_DNS.get());
238      }
239    }
240    catch (final LDAPException le)
241    {
242      Debug.debugException(le);
243      throw le;
244    }
245    catch (final Exception e)
246    {
247      Debug.debugException(e);
248      throw new LDAPException(ResultCode.DECODING_ERROR,
249           ERR_EXCLUDE_BRANCH_ERROR_PARSING_VALUE.get(
250                StaticUtils.getExceptionMessage(e)), e);
251    }
252  }
253
254
255
256  /**
257   * Encodes the provided information into a form suitable for use as the value
258   * of this control.
259   *
260   * @param  baseDNs  The base DNs for entries to be excluded from search
261   *                  results.  It must not be {@code null} or empty.
262   *
263   * @return  The encoded value for this control.
264   */
265  @NotNull()
266  private static ASN1OctetString encodeValue(@NotNull final String... baseDNs)
267  {
268    Validator.ensureNotNull(baseDNs);
269    return encodeValue(Arrays.asList(baseDNs));
270  }
271
272
273
274  /**
275   * Encodes the provided information into a form suitable for use as the value
276   * of this control.
277   *
278   * @param  baseDNs  The base DNs for entries to be excluded from search
279   *                  results.  It must not be {@code null} or empty.
280   *
281   * @return  The encoded value for this control.
282   */
283  @NotNull()
284  private static ASN1OctetString encodeValue(
285                      @NotNull final Collection<String> baseDNs)
286  {
287    Validator.ensureNotNull(baseDNs);
288    Validator.ensureFalse(baseDNs.isEmpty());
289
290    final ArrayList<ASN1Element> dnElements = new ArrayList<>(baseDNs.size());
291    for (final String s : baseDNs)
292    {
293      dnElements.add(new ASN1OctetString(s));
294    }
295
296    final ASN1Sequence baseDNSequence =
297         new ASN1Sequence(TYPE_BASE_DNS, dnElements);
298    final ASN1Sequence valueSequence = new ASN1Sequence(baseDNSequence);
299    return new ASN1OctetString(valueSequence.encode());
300  }
301
302
303
304  /**
305   * Retrieves a list of the base DNs for entries to exclude from the search
306   * results.
307   *
308   * @return  A list of the base DNs for entries to exclude from the search
309   *          results.
310   */
311  @NotNull()
312  public List<String> getBaseDNs()
313  {
314    return baseDNs;
315  }
316
317
318
319  /**
320   * {@inheritDoc}
321   */
322  @Override()
323  @NotNull()
324  public String getControlName()
325  {
326    return INFO_CONTROL_NAME_EXCLUDE_BRANCH.get();
327  }
328
329
330
331  /**
332   * {@inheritDoc}
333   */
334  @Override()
335  public void toString(@NotNull final StringBuilder buffer)
336  {
337    buffer.append("ExcludeBranchRequestControl(isCritical=");
338    buffer.append(isCritical());
339    buffer.append(", baseDNs={");
340
341    final Iterator<String> iterator = baseDNs.iterator();
342    while (iterator.hasNext())
343    {
344      buffer.append('\'');
345      buffer.append(iterator.next());
346      buffer.append('\'');
347
348      if (iterator.hasNext())
349      {
350        buffer.append(", ");
351      }
352    }
353
354    buffer.append("})");
355  }
356}