in src/main/java/org/apache/directory/fortress/core/impl/UserP.java [870:965]
private void validate( User entity, boolean isUpdate )
throws SecurityException
{
if ( !isUpdate )
{
// the UserId attribute is required on User:
VUtil.userId( entity.getUserId() );
// the cn attribute is optional as input. entity will default to userId if cn not set by caller on add:
if ( StringUtils.isNotEmpty( entity.getCn() ) )
{
VUtil.safeText( entity.getCn(), GlobalIds.CN_LEN );
}
// the sn attribute is optional as input. entity will default to userId if sn not set by caller on add:
if ( StringUtils.isNotEmpty( entity.getSn() ) )
{
VUtil.safeText( entity.getSn(), GlobalIds.SN_LEN );
}
// password is not required on user object but user cannot execute AccessMgr or DelAccessMgr methods w/out pw.
if ( StringUtils.isNotEmpty( entity.getPassword() ) )
{
VUtil.safeText( entity.getPassword(), GlobalIds.PASSWORD_LEN );
}
// the OU attribute is required:
if ( StringUtils.isEmpty( entity.getOu() ) )
{
String error = "OU validation failed, null or empty value";
throw new ValidationException( GlobalErrIds.ORG_NULL_USER, error );
}
VUtil.orgUnit( entity.getOu() );
// ensure ou exists in the OS-U pool:
OrgUnit ou = new OrgUnit( entity.getOu(), OrgUnit.Type.USER );
ou.setContextId( entity.getContextId() );
if ( !orgUnitP.isValid( ou ) )
{
String error = "validate detected invalid orgUnit name [" + entity.getOu()
+ "] adding user with userId [" + entity.getUserId() + "]";
throw new ValidationException( GlobalErrIds.USER_OU_INVALID, error );
}
// description attribute is optional:
if ( StringUtils.isNotEmpty( entity.getDescription() ) )
{
VUtil.description( entity.getDescription() );
}
}
else
{
// on User update, all attributes are optional:
if ( StringUtils.isNotEmpty( entity.getCn() ) )
{
VUtil.safeText( entity.getCn(), GlobalIds.CN_LEN );
}
if ( StringUtils.isNotEmpty( entity.getSn() ) )
{
VUtil.safeText( entity.getSn(), GlobalIds.SN_LEN );
}
if ( StringUtils.isNotEmpty( entity.getPassword() ) )
{
VUtil.safeText( entity.getPassword(), GlobalIds.PASSWORD_LEN );
}
if ( StringUtils.isNotEmpty( entity.getOu() ) )
{
VUtil.orgUnit( entity.getOu() );
// ensure ou exists in the OS-U pool:
OrgUnit ou = new OrgUnit( entity.getOu(), OrgUnit.Type.USER );
ou.setContextId( entity.getContextId() );
if ( !orgUnitP.isValid( ou ) )
{
String error = "validate detected invalid orgUnit name [" + entity.getOu()
+ "] updating user wth userId [" + entity.getUserId() + "]";
throw new ValidationException( GlobalErrIds.USER_OU_INVALID, error );
}
}
if ( StringUtils.isNotEmpty( entity.getDescription() ) )
{
VUtil.description( entity.getDescription() );
}
}
// password policy name must be valid if set:
if ( StringUtils.isNotEmpty( entity.getPwPolicy() ) && ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() ) )
{
PwPolicy policy = new PwPolicy( entity.getPwPolicy() );
policy.setContextId( entity.getContextId() );
if ( !policyP.isValid( policy ) )
{
String error = "validate detected invalid OpenLDAP policy name [" + entity.getPwPolicy()
+ "] for userId [" + entity.getUserId()
+ "]. Assignment is optional for User but must be valid if specified.";
throw new ValidationException( GlobalErrIds.USER_PW_PLCY_INVALID, error );
}
}
// 2 Validate constraints on User object:
ConstraintUtil.validate( entity );
}