001/* 002 * Copyright 2012-2024 Ping Identity Corporation 003 * All Rights Reserved. 004 */ 005/* 006 * Copyright 2012-2024 Ping Identity Corporation 007 * 008 * Licensed under the Apache License, Version 2.0 (the "License"); 009 * you may not use this file except in compliance with the License. 010 * You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, software 015 * distributed under the License is distributed on an "AS IS" BASIS, 016 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 017 * See the License for the specific language governing permissions and 018 * limitations under the License. 019 */ 020/* 021 * Copyright (C) 2012-2024 Ping Identity Corporation 022 * 023 * This program is free software; you can redistribute it and/or modify 024 * it under the terms of the GNU General Public License (GPLv2 only) 025 * or the terms of the GNU Lesser General Public License (LGPLv2.1 only) 026 * as published by the Free Software Foundation. 027 * 028 * This program is distributed in the hope that it will be useful, 029 * but WITHOUT ANY WARRANTY; without even the implied warranty of 030 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 031 * GNU General Public License for more details. 032 * 033 * You should have received a copy of the GNU General Public License 034 * along with this program; if not, see <http://www.gnu.org/licenses>. 035 */ 036package com.unboundid.ldap.sdk.unboundidds.controls; 037 038 039 040import java.util.ArrayList; 041import java.util.List; 042 043import com.unboundid.asn1.ASN1Boolean; 044import com.unboundid.asn1.ASN1Element; 045import com.unboundid.asn1.ASN1OctetString; 046import com.unboundid.asn1.ASN1Sequence; 047import com.unboundid.ldap.sdk.Control; 048import com.unboundid.ldap.sdk.JSONControlDecodeHelper; 049import com.unboundid.ldap.sdk.LDAPException; 050import com.unboundid.ldap.sdk.ResultCode; 051import com.unboundid.util.Debug; 052import com.unboundid.util.NotMutable; 053import com.unboundid.util.NotNull; 054import com.unboundid.util.Nullable; 055import com.unboundid.util.StaticUtils; 056import com.unboundid.util.ThreadSafety; 057import com.unboundid.util.ThreadSafetyLevel; 058import com.unboundid.util.json.JSONField; 059import com.unboundid.util.json.JSONObject; 060 061import static com.unboundid.ldap.sdk.unboundidds.controls.ControlMessages.*; 062 063 064 065/** 066 * This class provides a request control which may be included in a search 067 * request to indicate that soft-deleted entries may be included in the results, 068 * or it may be included in a compare or modify request to indicate that the 069 * operation should operate against the target entry even if it is a 070 * soft-deleted entry. 071 * <BR> 072 * <BLOCKQUOTE> 073 * <B>NOTE:</B> This class, and other classes within the 074 * {@code com.unboundid.ldap.sdk.unboundidds} package structure, are only 075 * supported for use against Ping Identity, UnboundID, and 076 * Nokia/Alcatel-Lucent 8661 server products. These classes provide support 077 * for proprietary functionality or for external specifications that are not 078 * considered stable or mature enough to be guaranteed to work in an 079 * interoperable way with other types of LDAP servers. 080 * </BLOCKQUOTE> 081 * <BR> 082 * The criticality for this control may be either {@code TRUE} or {@code FALSE}, 083 * but this will only impact how the delete request is to be handled by servers 084 * which do not support this control. A criticality of {@code TRUE} will cause 085 * any server which does not support this control to reject the request, while 086 * a criticality of {@code FALSE} should cause the request to be processed as if 087 * the control had not been included. 088 * <BR><BR> 089 * The control may optionally have a value. If a value is provided, then it 090 * must be the encoded representation of the following ASN.1 element: 091 * <PRE> 092 * SoftDeleteAccessRequestValue ::= SEQUENCE { 093 * includeNonSoftDeletedEntries [0] BOOLEAN DEFAULT TRUE, 094 * returnEntriesInUndeletedForm [1] BOOLEAN DEFAULT FALSE, 095 * ... } 096 * </PRE> 097 * See the documentation for the {@link SoftDeleteRequestControl} class for an 098 * example demonstrating the use of this control. 099 * 100 * @see SoftDeleteResponseControl 101 */ 102@NotMutable() 103@ThreadSafety(level=ThreadSafetyLevel.COMPLETELY_THREADSAFE) 104public final class SoftDeletedEntryAccessRequestControl 105 extends Control 106{ 107 /** 108 * The OID (1.3.6.1.4.1.30221.2.5.24) for the soft-deleted entry access 109 * request control. 110 */ 111 @NotNull public static final String SOFT_DELETED_ENTRY_ACCESS_REQUEST_OID = 112 "1.3.6.1.4.1.30221.2.5.24"; 113 114 115 116 /** 117 * The BER type for the include non-soft-deleted entries element. 118 */ 119 private static final byte TYPE_INCLUDE_NON_SOFT_DELETED_ENTRIES = (byte) 0x80; 120 121 122 123 /** 124 * The BER type for the return entries in undeleted form element. 125 */ 126 private static final byte TYPE_RETURN_ENTRIES_IN_UNDELETED_FORM = (byte) 0x81; 127 128 129 130 /** 131 * The name of the field used to hold the include-non-soft-deleted-entries 132 * flag in the JSON representation of this control. 133 */ 134 @NotNull private static final String 135 JSON_FIELD_INCLUDE_NON_SOFT_DELETED_ENTRIES = 136 "include-non-soft-deleted-entries"; 137 138 139 140 /** 141 * The name of the field used to hold the return-entries-in-undeleted-form 142 * flag in the JSON representation of this control. 143 */ 144 @NotNull private static final String 145 JSON_FIELD_RETURN_ENTRIES_IN_UNDELETED_FORM = 146 "return-entries-in-undeleted-form"; 147 148 149 150 /** 151 * The serial version UID for this serializable class. 152 */ 153 private static final long serialVersionUID = -3633807543861389512L; 154 155 156 157 // Indicates whether to include non-soft-deleted entries in search results. 158 private final boolean includeNonSoftDeletedEntries; 159 160 // Indicates whether to return soft-deleted entries in the form they appeared 161 // before they were deleted. 162 private final boolean returnEntriesInUndeletedForm; 163 164 165 166 /** 167 * Creates a new soft-deleted entry access request control with the default 168 * settings for all elements. It will not be marked critical. 169 */ 170 public SoftDeletedEntryAccessRequestControl() 171 { 172 this(false, true, false); 173 } 174 175 176 177 /** 178 * Creates a new soft delete request control with the provided information. 179 * 180 * @param isCritical Indicates whether this control should 181 * be marked critical. This will only 182 * have an effect on the way the 183 * associated delete operation is 184 * handled by servers which do NOT 185 * support the soft-deleted entry access 186 * request control. For such servers, a 187 * control that is critical will cause 188 * associated request to be rejected, 189 * while a control that is not critical 190 * will be processed as if the control 191 * was not included in the request. 192 * @param includeNonSoftDeletedEntries Indicates whether search results 193 * should include non-soft-deleted 194 * entries if they match the criteria 195 * for the associated search request. 196 * @param returnEntriesInUndeletedForm Indicates whether soft-deleted 197 * entries returned in search results 198 * should be returned in the form in 199 * which they would appear if they were 200 * undeleted. Note that if soft-deleted 201 * entries should be returned in their 202 * undeleted form, then it may be 203 * possible for multiple entries to be 204 * returned with the same DN (if 205 * multiple soft-deleted entries with 206 * the same original DN match the 207 * criteria, or if at least one 208 * soft-deleted entry and one normal 209 * entry with the same DN both match the 210 * search criteria). 211 */ 212 public SoftDeletedEntryAccessRequestControl(final boolean isCritical, 213 final boolean includeNonSoftDeletedEntries, 214 final boolean returnEntriesInUndeletedForm) 215 { 216 super(SOFT_DELETED_ENTRY_ACCESS_REQUEST_OID, isCritical, 217 encodeValue(includeNonSoftDeletedEntries, 218 returnEntriesInUndeletedForm)); 219 220 this.includeNonSoftDeletedEntries = includeNonSoftDeletedEntries; 221 this.returnEntriesInUndeletedForm = returnEntriesInUndeletedForm; 222 } 223 224 225 226 /** 227 * Creates a new soft-deleted entry access request control which is decoded 228 * from the provided generic control. 229 * 230 * @param control The generic control to be decoded as a soft-deleted entry 231 * access request control. 232 * 233 * @throws LDAPException If the provided control cannot be decoded as a 234 * soft-deleted entry access request control. 235 */ 236 public SoftDeletedEntryAccessRequestControl(@NotNull final Control control) 237 throws LDAPException 238 { 239 super(control); 240 241 boolean includeNonSoftDeleted = true; 242 boolean returnAsUndeleted = false; 243 244 if (control.hasValue()) 245 { 246 try 247 { 248 final ASN1Sequence valueSequence = 249 ASN1Sequence.decodeAsSequence(control.getValue().getValue()); 250 for (final ASN1Element e : valueSequence.elements()) 251 { 252 switch (e.getType()) 253 { 254 case TYPE_INCLUDE_NON_SOFT_DELETED_ENTRIES: 255 includeNonSoftDeleted = 256 ASN1Boolean.decodeAsBoolean(e).booleanValue(); 257 break; 258 case TYPE_RETURN_ENTRIES_IN_UNDELETED_FORM: 259 returnAsUndeleted = ASN1Boolean.decodeAsBoolean(e).booleanValue(); 260 break; 261 default: 262 throw new LDAPException(ResultCode.DECODING_ERROR, 263 ERR_SOFT_DELETED_ACCESS_REQUEST_UNSUPPORTED_ELEMENT_TYPE.get( 264 StaticUtils.toHex(e.getType()))); 265 } 266 } 267 } 268 catch (final LDAPException le) 269 { 270 Debug.debugException(le); 271 throw le; 272 } 273 catch (final Exception e) 274 { 275 Debug.debugException(e); 276 throw new LDAPException(ResultCode.DECODING_ERROR, 277 ERR_SOFT_DELETED_ACCESS_REQUEST_CANNOT_DECODE_VALUE.get( 278 StaticUtils.getExceptionMessage(e)), 279 e); 280 } 281 } 282 283 includeNonSoftDeletedEntries = includeNonSoftDeleted; 284 returnEntriesInUndeletedForm = returnAsUndeleted; 285 } 286 287 288 289 /** 290 * Encodes the provided information into an ASN.1 octet string suitable for 291 * use as the value of a soft-deleted entry access request control. 292 * 293 * @param includeNonSoftDeletedEntries Indicates whether search results 294 * should include non-soft-deleted 295 * entries if they match the criteria 296 * for the associated search request. 297 * @param returnEntriesInUndeletedForm Indicates whether soft-deleted 298 * entries returned in search results 299 * should be returned in the form in 300 * which they would appear if they were 301 * undeleted. Note that if soft-deleted 302 * entries should be returned in their 303 * undeleted form, then it may be 304 * possible for multiple entries to be 305 * returned with the same DN (if 306 * multiple soft-deleted entries with 307 * the same original DN match the 308 * criteria, or if at least one 309 * soft-deleted entry and one normal 310 * entry with the same DN both match the 311 * search criteria). 312 * 313 * @return An ASN.1 octet string with an encoding suitable for use as the 314 * value of a soft-deleted entry access request control, or 315 * {@code null} if no value is needed for the control. 316 */ 317 @Nullable() 318 private static ASN1OctetString encodeValue( 319 final boolean includeNonSoftDeletedEntries, 320 final boolean returnEntriesInUndeletedForm) 321 { 322 if (includeNonSoftDeletedEntries && (! returnEntriesInUndeletedForm)) 323 { 324 return null; 325 } 326 327 final ArrayList<ASN1Element> elements = new ArrayList<>(2); 328 if (! includeNonSoftDeletedEntries) 329 { 330 elements.add(new ASN1Boolean(TYPE_INCLUDE_NON_SOFT_DELETED_ENTRIES, 331 false)); 332 } 333 334 if (returnEntriesInUndeletedForm) 335 { 336 elements.add(new ASN1Boolean(TYPE_RETURN_ENTRIES_IN_UNDELETED_FORM, 337 true)); 338 } 339 340 return new ASN1OctetString(new ASN1Sequence(elements).encode()); 341 } 342 343 344 345 /** 346 * Indicates whether search results should include non-soft-deleted entries 347 * if they match the criteria for the associated search request. 348 * 349 * @return {@code true} if the server should return any "normal" 350 * non-soft-deleted entries that match the search criteria, or 351 * {@code false} if the server should only return soft-deleted 352 * entries that match the search criteria. 353 */ 354 public boolean includeNonSoftDeletedEntries() 355 { 356 return includeNonSoftDeletedEntries; 357 } 358 359 360 361 /** 362 * Indicates whether soft-deleted entries returned in search results should be 363 * returned in the form in which they would appear if they were undeleted. 364 * Note that if soft-deleted entries should be returned in their undeleted 365 * form, then it may be possible for multiple entries to be returned with the 366 * same DN (if multiple soft-deleted entries with the same original DN match 367 * the criteria, or if at least one soft-deleted entry and one normal entry 368 * with the same DN both match the search criteria). 369 * 370 * @return {@code false} if soft-deleted entries should be returned in their 371 * current form as soft-deleted entries, or {@code true} if they 372 * should be returned in the form in which they would appear if they 373 * were undeleted (e.g., using the original DN for the entry and 374 * without all the additional meta-attributes added during the 375 * soft delete process). 376 */ 377 public boolean returnEntriesInUndeletedForm() 378 { 379 return returnEntriesInUndeletedForm; 380 } 381 382 383 384 /** 385 * {@inheritDoc} 386 */ 387 @Override() 388 @NotNull() 389 public String getControlName() 390 { 391 return INFO_CONTROL_NAME_SOFT_DELETED_ACCESS_REQUEST.get(); 392 } 393 394 395 396 /** 397 * Retrieves a representation of this soft-deleted entry access request 398 * control as a JSON object. The JSON object uses the following fields: 399 * <UL> 400 * <LI> 401 * {@code oid} -- A mandatory string field whose value is the object 402 * identifier for this control. For the soft-deleted entry access request 403 * control, the OID is "1.3.6.1.4.1.30221.2.5.24". 404 * </LI> 405 * <LI> 406 * {@code control-name} -- An optional string field whose value is a 407 * human-readable name for this control. This field is only intended for 408 * descriptive purposes, and when decoding a control, the {@code oid} 409 * field should be used to identify the type of control. 410 * </LI> 411 * <LI> 412 * {@code criticality} -- A mandatory Boolean field used to indicate 413 * whether this control is considered critical. 414 * </LI> 415 * <LI> 416 * {@code value-base64} -- An optional string field whose value is a 417 * base64-encoded representation of the raw value for this soft-deleted 418 * entry access request control. Exactly one of the {@code value-base64} 419 * and {@code value-json} fields must be present. 420 * </LI> 421 * <LI> 422 * {@code value-json} -- An optional JSON object field whose value is a 423 * user-friendly representation of the value for this soft-deleted entry 424 * access request control. Exactly one of the {@code value-base64} and 425 * {@code value-json} fields must be present, and if the 426 * {@code value-json} field is used, then it will use the following 427 * fields: 428 * <UL> 429 * <LI> 430 * {@code include-non-soft-deleted-entries} -- A mandatory Boolean 431 * field that indicates whether the server should also return any 432 * non-soft-deleted entries in the search results. 433 * </LI> 434 * <LI> 435 * {@code return-entries-in-undeleted-form} -- A mandatory Boolean 436 * field that indicates whether soft-deleted entries should be 437 * returned in the form in which they appeared before they were 438 * soft-deleted. 439 * </LI> 440 * </UL> 441 * </LI> 442 * </UL> 443 * 444 * @return A JSON object that contains a representation of this control. 445 */ 446 @Override() 447 @NotNull() 448 public JSONObject toJSONControl() 449 { 450 return new JSONObject( 451 new JSONField(JSONControlDecodeHelper.JSON_FIELD_OID, 452 SOFT_DELETED_ENTRY_ACCESS_REQUEST_OID), 453 new JSONField(JSONControlDecodeHelper.JSON_FIELD_CONTROL_NAME, 454 INFO_CONTROL_NAME_SOFT_DELETED_ACCESS_REQUEST.get()), 455 new JSONField(JSONControlDecodeHelper.JSON_FIELD_CRITICALITY, 456 isCritical()), 457 new JSONField(JSONControlDecodeHelper.JSON_FIELD_VALUE_JSON, 458 new JSONObject( 459 new JSONField(JSON_FIELD_INCLUDE_NON_SOFT_DELETED_ENTRIES, 460 includeNonSoftDeletedEntries), 461 new JSONField(JSON_FIELD_RETURN_ENTRIES_IN_UNDELETED_FORM, 462 returnEntriesInUndeletedForm)))); 463 } 464 465 466 467 /** 468 * Attempts to decode the provided object as a JSON representation of a 469 * soft-deleted entry access request control. 470 * 471 * @param controlObject The JSON object to be decoded. It must not be 472 * {@code null}. 473 * @param strict Indicates whether to use strict mode when decoding 474 * the provided JSON object. If this is {@code true}, 475 * then this method will throw an exception if the 476 * provided JSON object contains any unrecognized 477 * fields. If this is {@code false}, then unrecognized 478 * fields will be ignored. 479 * 480 * @return The soft-deleted entry access request that was decoded from 481 * the provided JSON object. 482 * 483 * @throws LDAPException If the provided JSON object cannot be parsed as a 484 * valid soft-deleted entry access request. 485 */ 486 @NotNull() 487 public static SoftDeletedEntryAccessRequestControl decodeJSONControl( 488 @NotNull final JSONObject controlObject, 489 final boolean strict) 490 throws LDAPException 491 { 492 final JSONControlDecodeHelper jsonControl = new JSONControlDecodeHelper( 493 controlObject, strict, true, true); 494 495 final ASN1OctetString rawValue = jsonControl.getRawValue(); 496 if (rawValue != null) 497 { 498 return new SoftDeletedEntryAccessRequestControl(new Control( 499 jsonControl.getOID(), jsonControl.getCriticality(), rawValue)); 500 } 501 502 503 final JSONObject valueObject = jsonControl.getValueObject(); 504 505 final Boolean includeNonSoftDeletedEntries = valueObject.getFieldAsBoolean( 506 JSON_FIELD_INCLUDE_NON_SOFT_DELETED_ENTRIES); 507 if (includeNonSoftDeletedEntries == null) 508 { 509 throw new LDAPException(ResultCode.DECODING_ERROR, 510 ERR_SOFT_DELETED_ACCESS_REQUEST_JSON_MISSING_FIELD.get( 511 controlObject.toSingleLineString(), 512 JSON_FIELD_INCLUDE_NON_SOFT_DELETED_ENTRIES)); 513 } 514 515 final Boolean returnEntriesInUndeletedForm = valueObject.getFieldAsBoolean( 516 JSON_FIELD_RETURN_ENTRIES_IN_UNDELETED_FORM); 517 if (returnEntriesInUndeletedForm == null) 518 { 519 throw new LDAPException(ResultCode.DECODING_ERROR, 520 ERR_SOFT_DELETED_ACCESS_REQUEST_JSON_MISSING_FIELD.get( 521 controlObject.toSingleLineString(), 522 JSON_FIELD_RETURN_ENTRIES_IN_UNDELETED_FORM)); 523 } 524 525 526 if (strict) 527 { 528 final List<String> unrecognizedFields = 529 JSONControlDecodeHelper.getControlObjectUnexpectedFields( 530 valueObject, JSON_FIELD_INCLUDE_NON_SOFT_DELETED_ENTRIES, 531 JSON_FIELD_RETURN_ENTRIES_IN_UNDELETED_FORM); 532 if (! unrecognizedFields.isEmpty()) 533 { 534 throw new LDAPException(ResultCode.DECODING_ERROR, 535 ERR_SOFT_DELETED_ACCESS_REQUEST_JSON_UNRECOGNIZED_FIELD.get( 536 controlObject.toSingleLineString(), 537 unrecognizedFields.get(0))); 538 } 539 } 540 541 542 return new SoftDeletedEntryAccessRequestControl( 543 jsonControl.getCriticality(), includeNonSoftDeletedEntries, 544 returnEntriesInUndeletedForm); 545 } 546 547 548 549 /** 550 * {@inheritDoc} 551 */ 552 @Override() 553 public void toString(@NotNull final StringBuilder buffer) 554 { 555 buffer.append("SoftDeletedEntryAccessRequestControl(isCritical="); 556 buffer.append(isCritical()); 557 buffer.append(", includeNonSoftDeletedEntries="); 558 buffer.append(includeNonSoftDeletedEntries); 559 buffer.append(", returnEntriesInUndeletedForm="); 560 buffer.append(returnEntriesInUndeletedForm); 561 buffer.append(')'); 562 } 563}