}
catch ( Exception e )
{
String msg = "Failed while parsing subtreeSpecification for " + upName;
log.warn( msg );
throw new LdapInvalidAttributeValueException( msg, ResultCodeEnum.INVALIDATTRIBUTESYNTAX );
}
subtrees.put( normName.toString(), ss );
next.add( upName, normName, entry );
/* ----------------------------------------------------------------
* Find the baseDn for the subentry and use that to search the tree
* while testing each entry returned for inclusion within the
* subtree of the subentry's subtreeSpecification. All included
* entries will have their operational attributes merged with the
* operational attributes calculated above.
* ----------------------------------------------------------------
*/
Name baseDn = ( Name ) apName.clone();
baseDn.addAll( ss.getBase() );
ExprNode filter = new PresenceNode( "objectclass" );
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setReturningAttributes( new String[] { "+", "*" } );
NamingEnumeration subentries = nexus.search( baseDn, factoryCfg.getEnvironment(), filter, controls );
while ( subentries.hasMore() )
{
SearchResult result = ( SearchResult ) subentries.next();
Attributes candidate = result.getAttributes();
Name dn = dnParser.parse( result.getName() );
if ( evaluator.evaluate( ss, apName, dn, candidate.get( "objectClass" ) ) )
{
nexus.modify( dn, getOperationalModsForAdd( candidate, operational ) );
}
}
}
else
{
Iterator list = subtrees.keySet().iterator();
while ( list.hasNext() )
{
String subentryDnStr = ( String ) list.next();
Name subentryDn = new LdapName( subentryDnStr );
Name apDn = ( Name ) subentryDn.clone();
apDn.remove( apDn.size() - 1 );
SubtreeSpecification ss = ( SubtreeSpecification ) subtrees.get( subentryDn );
if ( evaluator.evaluate( ss, apDn, normName, objectClasses ) )
{
Attribute administrativeRole = nexus.lookup( apDn ).get( "administrativeRole" );
NamingEnumeration roles = administrativeRole.getAll();
while ( roles.hasMore() )
{
Attribute operational;
String role = ( String ) roles.next();
if ( role.equalsIgnoreCase( AUTONOUMOUS_AREA ) )
{
operational = entry.get( AUTONOUMOUS_AREA_SUBENTRY );
if ( operational == null )
{
operational = new LockableAttributeImpl( AUTONOUMOUS_AREA_SUBENTRY );
entry.put( operational );
}
}
else if ( role.equalsIgnoreCase( AC_AREA ) || role.equalsIgnoreCase( AC_INNERAREA ) )
{
operational = ( Attribute ) entry.get( AC_SUBENTRY );
if ( operational == null )
{
operational = new LockableAttributeImpl( AC_SUBENTRY );
entry.put( operational );
}
}
else if ( role.equalsIgnoreCase( SCHEMA_AREA ) )
{
operational = ( Attribute ) entry.get( SCHEMA_AREA_SUBENTRY );
if ( operational == null )
{
operational = new LockableAttributeImpl( SCHEMA_AREA_SUBENTRY );
entry.put( operational );
}
}
else if ( role.equalsIgnoreCase( COLLECTIVE_AREA ) ||
role.equalsIgnoreCase( COLLECTIVE_INNERAREA ) )
{
operational = ( Attribute ) entry.get( COLLECTIVE_ATTRIBUTE_SUBENTRIES );
if ( operational == null )
{
operational = new LockableAttributeImpl( COLLECTIVE_ATTRIBUTE_SUBENTRIES );
entry.put( operational );
}
}
else
{
throw new LdapInvalidAttributeValueException( "Encountered invalid administrativeRole '"
+ role + "' in administrative point of subentry " + subentryDnStr + ". The values of this attribute"
+ " are constrained to autonomousArea, accessControlSpecificArea, accessControlInnerArea,"
+ " subschemaAdminSpecificArea, collectiveAttributeSpecificArea, and"
+ " collectiveAttributeInnerArea.", ResultCodeEnum.CONSTRAINTVIOLATION );
}