/*
* ====================
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright 2008-2009 Sun Microsystems, Inc. All rights reserved.
*
* The contents of this file are subject to the terms of the Common Development
* and Distribution License("CDDL") (the "License"). You may not use this file
* except in compliance with the License.
*
* You can obtain a copy of the License at
* http://opensource.org/licenses/cddl1.php
* See the License for the specific language governing permissions and limitations
* under the License.
*
* When distributing the Covered Code, include this CDDL Header Notice in each file
* and include the License file at http://opensource.org/licenses/cddl1.php.
* If applicable, add the following below this CDDL Header, with the fields
* enclosed by brackets [] replaced by your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
* ====================
*/
package org.identityconnectors.solaris.operation;
import java.util.List;
import org.identityconnectors.common.Assertions;
import org.identityconnectors.common.CollectionUtil;
import org.identityconnectors.common.StringUtil;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeUtil;
import org.identityconnectors.solaris.SolarisConnection;
import org.identityconnectors.solaris.attr.NativeAttribute;
import org.identityconnectors.solaris.operation.nis.AbstractNISOp;
import org.identityconnectors.solaris.operation.search.SolarisEntry;
public final class CreateNativeGroup {
private CreateNativeGroup() {
}
/**
* Create a native group.
*
* @param group
* The entry that should be created. The new group's name is
* defined by {@link SolarisEntry#getName()}.
* @param conn
* Alive connection.
*/
public static void create(SolarisEntry group, SolarisConnection conn) {
conn.doSudoStart();
try {
impl(group, conn);
} finally {
conn.doSudoReset();
}
}
private static void impl(SolarisEntry group, SolarisConnection conn) {
final String groupName = group.getName();
// group Id is set only if we're not in saveAs mode
String groupId = null;
/*
* FIXME: The connector behaves differently from adapter. Adapter
* behavior: in case 'saveAs' operation is performed, disregard the
* given GroupId, as it belongs to the cloned group. (If used it, we'd
* have a duplicate groupId)
*
* Connector behavior: we're not able to detect 'saveAs' operation yet.
* So we apply ostrich strategy, until the framework is not able to
* provide this information. -- Proposal: introduce a 'saveAs' operation
* option to signal the saveAs operation, so groupId can be ignored
* then.
*
* Occurences (2):
* org.identityconnectors.solaris.operation.nis.CreateNISGroupCommand
* org.identityconnectors.solaris.operation.CreateNativeGroupCommand
*
* ====== Note: the last revision that incorporated saveAs concept was
* before rev. 5479
*/
Attribute groupIdAttr = group.searchForAttribute(NativeAttribute.ID);
if (groupIdAttr != null) {
groupId = AttributeUtil.getStringValue(groupIdAttr);
}
final String setGroupId = (StringUtil.isBlank(groupId)) ? "" : ("-g " + groupId);
final String cmd =
conn.buildCommand(true, "groupadd", setGroupId, String.format("'%s'", groupName));
conn.executeCommand(cmd, CollectionUtil.newSet("ERROR", "Invalid name", // HP
// errors
"not unique", "usage:", "not a valid group name", " exists", // Red
// Hat
// errors
"command not found", "not allowed to execute") // sudo errors
);
Attribute usersAttribute = group.searchForAttribute(NativeAttribute.USERS);
if (usersAttribute != null) {
final List<Object> usersValue = usersAttribute.getValue();
Assertions.nullCheck(usersValue, "users list");
AbstractNISOp.changeGroupMembers(groupName, usersValue, false, conn);
}
}
}