001/* 002 * Copyright 2008-2022 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2008-2022 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2008-2022 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.unboundidds.controls; 037 038 039 040import java.util.ArrayList; 041import java.util.Arrays; 042import java.util.Collection; 043import java.util.Collections; 044import java.util.List; 045import java.util.Iterator; 046 047import com.unboundid.asn1.ASN1Element; 048import com.unboundid.asn1.ASN1OctetString; 049import com.unboundid.asn1.ASN1Sequence; 050import com.unboundid.ldap.sdk.Control; 051import com.unboundid.ldap.sdk.LDAPException; 052import com.unboundid.ldap.sdk.ResultCode; 053import com.unboundid.util.Debug; 054import com.unboundid.util.NotMutable; 055import com.unboundid.util.NotNull; 056import com.unboundid.util.StaticUtils; 057import com.unboundid.util.ThreadSafety; 058import com.unboundid.util.ThreadSafetyLevel; 059import com.unboundid.util.Validator; 060 061import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 062 063 064 065/** 066 * This class provides a request control which may be used to request that 067 * entries below one or more base DNs be excluded from the results returned to 068 * a client while processing a search operation. For example, this may be 069 * useful in cases where you want to perform a search below "dc=example,dc=com", 070 * but want to exclude all entries below "ou=private,dc=example,dc=com". 071 * <BR> 072 * <BLOCKQUOTE> 073 * <B>NOTE:</B> This class, and other classes within the 074 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 075 * supported for use against Ping Identity, UnboundID, and 076 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 077 * for proprietary functionality or for external specifications that are not 078 * considered stable or mature enough to be guaranteed to work in an 079 * interoperable way with other types of LDAP servers. 080 * </BLOCKQUOTE> 081 * <BR> 082 * The criticality for this control may be either {@code true} or {@code false}. 083 * It must have a value with the following encoding: 084 * <PRE> 085 * ExcludeBranchRequest ::= SEQUENCE { 086 * baseDNs [0] SEQUENCE OF LDAPDN, 087 * ... } 088 * </PRE> 089 */ 090@NotMutable() 091@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 092public final class ExcludeBranchRequestControl 093 extends Control 094{ 095 /** 096 * The OID (1.3.6.1.4.1.30221.2.5.17) for the exclude branch request control. 097 */ 098 @NotNull public static final String EXCLUDE_BRANCH_REQUEST_OID = 099 "1.3.6.1.4.1.30221.2.5.17"; 100 101 102 103 /** 104 * The BER type for the base DNs element. 105 */ 106 private static final byte TYPE_BASE_DNS = (byte) 0xA0; 107 108 109 110 /** 111 * The serial version UID for this serializable class. 112 */ 113 private static final long serialVersionUID = -8599554860060612417L; 114 115 116 117 // The list of base DNs to be excluded from the search results. 118 @NotNull private final List<String> baseDNs; 119 120 121 122 /** 123 * Creates a new exclude branch request control with the provided set of base 124 * DNs. It will be marked critical. 125 * 126 * @param baseDNs The base DNs for entries to be excluded from search 127 * results. It must not be {@code null} or empty. 128 */ 129 public ExcludeBranchRequestControl(@NotNull final Collection<String> baseDNs) 130 { 131 this(true, baseDNs); 132 } 133 134 135 136 /** 137 * Creates a new exclude branch request control with the provided set of base 138 * DNs. It will be marked critical. 139 * 140 * @param baseDNs The base DNs for entries to be excluded from search 141 * results. It must not be {@code null} or empty. 142 */ 143 public ExcludeBranchRequestControl(@NotNull final String... baseDNs) 144 { 145 this(true, baseDNs); 146 } 147 148 149 150 /** 151 * Creates a new exclude branch request control with the provided information. 152 * 153 * @param isCritical Indicates whether the control should be marked 154 * critical. 155 * @param baseDNs The base DNs for entries to be excluded from search 156 * results. It must not be {@code null} or empty. 157 */ 158 public ExcludeBranchRequestControl(final boolean isCritical, 159 @NotNull final String... baseDNs) 160 { 161 super(EXCLUDE_BRANCH_REQUEST_OID, isCritical, encodeValue(baseDNs)); 162 163 this.baseDNs = Collections.unmodifiableList(Arrays.asList(baseDNs)); 164 } 165 166 167 168 /** 169 * Creates a new exclude branch request control with the provided information. 170 * 171 * @param isCritical Indicates whether the control should be marked 172 * critical. 173 * @param baseDNs The base DNs for entries to be excluded from search 174 * results. It must not be {@code null} or empty. 175 */ 176 public ExcludeBranchRequestControl(final boolean isCritical, 177 @NotNull final Collection<String> baseDNs) 178 { 179 super(EXCLUDE_BRANCH_REQUEST_OID, isCritical, encodeValue(baseDNs)); 180 181 this.baseDNs = Collections.unmodifiableList(new ArrayList<>(baseDNs)); 182 } 183 184 185 186 /** 187 * Creates a new exclude branch request control which is decoded from the 188 * provided generic control. 189 * 190 * @param control The generic control to be decoded as an exclude branch 191 * request control. 192 * 193 * @throws LDAPException If the provided control cannot be decoded as an 194 * exclude branch request control. 195 */ 196 public ExcludeBranchRequestControl(@NotNull final Control control) 197 throws LDAPException 198 { 199 super(control); 200 201 final ASN1OctetString value = control.getValue(); 202 if (value == null) 203 { 204 throw new LDAPException(ResultCode.DECODING_ERROR, 205 ERR_EXCLUDE_BRANCH_MISSING_VALUE.get()); 206 } 207 208 final ASN1Sequence valueSequence; 209 try 210 { 211 valueSequence = ASN1Sequence.decodeAsSequence(value.getValue()); 212 } 213 catch (final Exception e) 214 { 215 Debug.debugException(e); 216 throw new LDAPException(ResultCode.DECODING_ERROR, 217 ERR_EXCLUDE_BRANCH_VALUE_NOT_SEQUENCE.get( 218 StaticUtils.getExceptionMessage(e)), e); 219 } 220 221 try 222 { 223 final ASN1Element[] elements = valueSequence.elements(); 224 225 final ASN1Element[] dnElements = 226 ASN1Sequence.decodeAsSequence(elements[0]).elements(); 227 final ArrayList<String> dnList = new ArrayList<>(dnElements.length); 228 for (final ASN1Element e : dnElements) 229 { 230 dnList.add(ASN1OctetString.decodeAsOctetString(e).stringValue()); 231 } 232 baseDNs = Collections.unmodifiableList(dnList); 233 234 if (baseDNs.isEmpty()) 235 { 236 throw new LDAPException(ResultCode.DECODING_ERROR, 237 ERR_EXCLUDE_BRANCH_NO_BASE_DNS.get()); 238 } 239 } 240 catch (final LDAPException le) 241 { 242 Debug.debugException(le); 243 throw le; 244 } 245 catch (final Exception e) 246 { 247 Debug.debugException(e); 248 throw new LDAPException(ResultCode.DECODING_ERROR, 249 ERR_EXCLUDE_BRANCH_ERROR_PARSING_VALUE.get( 250 StaticUtils.getExceptionMessage(e)), e); 251 } 252 } 253 254 255 256 /** 257 * Encodes the provided information into a form suitable for use as the value 258 * of this control. 259 * 260 * @param baseDNs The base DNs for entries to be excluded from search 261 * results. It must not be {@code null} or empty. 262 * 263 * @return The encoded value for this control. 264 */ 265 @NotNull() 266 private static ASN1OctetString encodeValue(@NotNull final String... baseDNs) 267 { 268 Validator.ensureNotNull(baseDNs); 269 return encodeValue(Arrays.asList(baseDNs)); 270 } 271 272 273 274 /** 275 * Encodes the provided information into a form suitable for use as the value 276 * of this control. 277 * 278 * @param baseDNs The base DNs for entries to be excluded from search 279 * results. It must not be {@code null} or empty. 280 * 281 * @return The encoded value for this control. 282 */ 283 @NotNull() 284 private static ASN1OctetString encodeValue( 285 @NotNull final Collection<String> baseDNs) 286 { 287 Validator.ensureNotNull(baseDNs); 288 Validator.ensureFalse(baseDNs.isEmpty()); 289 290 final ArrayList<ASN1Element> dnElements = new ArrayList<>(baseDNs.size()); 291 for (final String s : baseDNs) 292 { 293 dnElements.add(new ASN1OctetString(s)); 294 } 295 296 final ASN1Sequence baseDNSequence = 297 new ASN1Sequence(TYPE_BASE_DNS, dnElements); 298 final ASN1Sequence valueSequence = new ASN1Sequence(baseDNSequence); 299 return new ASN1OctetString(valueSequence.encode()); 300 } 301 302 303 304 /** 305 * Retrieves a list of the base DNs for entries to exclude from the search 306 * results. 307 * 308 * @return A list of the base DNs for entries to exclude from the search 309 * results. 310 */ 311 @NotNull() 312 public List<String> getBaseDNs() 313 { 314 return baseDNs; 315 } 316 317 318 319 /** 320 * {@inheritDoc} 321 */ 322 @Override() 323 @NotNull() 324 public String getControlName() 325 { 326 return INFO_CONTROL_NAME_EXCLUDE_BRANCH.get(); 327 } 328 329 330 331 /** 332 * {@inheritDoc} 333 */ 334 @Override() 335 public void toString(@NotNull final StringBuilder buffer) 336 { 337 buffer.append("ExcludeBranchRequestControl(isCritical="); 338 buffer.append(isCritical()); 339 buffer.append(", baseDNs={"); 340 341 final Iterator<String> iterator = baseDNs.iterator(); 342 while (iterator.hasNext()) 343 { 344 buffer.append('\''); 345 buffer.append(iterator.next()); 346 buffer.append('\''); 347 348 if (iterator.hasNext()) 349 { 350 buffer.append(", "); 351 } 352 } 353 354 buffer.append("})"); 355 } 356}