LdapDelete.java

/*
 * ====================
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 * 
 * Copyright 2008-2009 Sun Microsystems, Inc. All rights reserved.     
 * 
 * The contents of this file are subject to the terms of the Common Development 
 * and Distribution License("CDDL") (the "License").  You may not use this file 
 * except in compliance with the License.
 * 
 * You can obtain a copy of the License at 
 * http://IdentityConnectors.dev.java.net/legal/license.txt
 * See the License for the specific language governing permissions and limitations 
 * under the License. 
 * 
 * When distributing the Covered Code, include this CDDL Header Notice in each file
 * and include the License file at identityconnectors/legal/license.txt.
 * If applicable, add the following below this CDDL Header, with the fields 
 * enclosed by brackets [] replaced by your own identifying information: 
 * "Portions Copyrighted [year] [name of copyright owner]"
 * ====================
 * "Portions Copyrighted 2014 ForgeRock AS"
 */
package org.identityconnectors.ldap.modify;

import static org.identityconnectors.ldap.LdapUtil.escapeDNValueOfJNDIReservedChars;

import java.util.List;
import java.util.Set;

import javax.naming.NamingException;
import javax.naming.ldap.LdapContext;
import org.identityconnectors.common.StringUtil;
import org.identityconnectors.common.logging.Log;

import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.Uid;
import org.identityconnectors.ldap.LdapConnection;
import org.identityconnectors.ldap.LdapModifyOperation;
import org.identityconnectors.ldap.GroupHelper.GroupMembership;
import org.identityconnectors.ldap.LdapAuthenticate;
import org.identityconnectors.ldap.search.LdapSearches;

public class LdapDelete extends LdapModifyOperation {

    private final ObjectClass oclass;
    private final OperationOptions options;
    private final Uid uid;
    
    private static final Log log = Log.getLog(LdapDelete.class);

    public LdapDelete(LdapConnection conn, ObjectClass oclass, Uid uid, OperationOptions options) {
        super(conn);
        this.oclass = oclass;
        this.options = options;
        this.uid = uid;
    }

    public void execute() {
        String entryDN = escapeDNValueOfJNDIReservedChars(LdapSearches.getEntryDN(conn, oclass, uid));
        LdapContext runAsContext = null;
        
        if (StringUtil.isNotBlank(options.getRunAsUser())) {
            String dn = new LdapAuthenticate(conn, oclass, options.getRunAsUser(), options).getDn();
            runAsContext = conn.getRunAsContext(dn, options.getRunWithPassword());
        }
        
        if (conn.getConfiguration().isMaintainLdapGroupMembership()) {
            List<String> ldapGroups = groupHelper.getLdapGroups(entryDN);
            groupHelper.removeLdapGroupMemberships(entryDN, ldapGroups, runAsContext);
        }

        if (conn.getConfiguration().isMaintainPosixGroupMembership()) {
            PosixGroupMember posixMember = new PosixGroupMember(entryDN);
            Set<GroupMembership> memberships = posixMember.getPosixGroupMemberships();
            groupHelper.removePosixGroupMemberships(memberships, runAsContext);
        }
        

        log.ok("Deleting LDAP entry {0}", entryDN);
        try {
            if (runAsContext == null) {
                conn.getInitialContext().destroySubcontext(entryDN);
            }
            else {
                runAsContext.destroySubcontext(entryDN);
            }
        } catch (NamingException e) {
            throw new ConnectorException(e);
        }
        finally {
            if (runAsContext != null) {
                try {
                    runAsContext.close();
                } catch (NamingException ex) {
                }
            }
        }
    }
}