Examples with GranteeBy com.zimbra.soap.admin.type.GranteeSelector.GranteeBy used on opensource projects

Example 1 with GranteeBy

use of com.zimbra.soap.admin.type.GranteeSelector.GranteeBy in project zm-mailbox by Zimbra.

the class ProvUtil method doGetGrants.

private void doGetGrants(String[] args) throws ServiceException, ArgException {
    RightArgs ra = new RightArgs(args);
    boolean granteeIncludeGroupsGranteeBelongs = true;
    while (ra.hasNext()) {
        String arg = ra.getNextArg();
        if ("-t".equals(arg)) {
            getRightArgsTarget(ra);
        } else if ("-g".equals(arg)) {
            getRightArgsGrantee(ra, true, false);
            if (ra.hasNext()) {
                String includeGroups = ra.getNextArg();
                if ("1".equals(includeGroups)) {
                    granteeIncludeGroupsGranteeBelongs = true;
                } else if ("0".equals(includeGroups)) {
                    granteeIncludeGroupsGranteeBelongs = false;
                } else {
                    throw ServiceException.INVALID_REQUEST("invalid value for the include group flag, must be 0 or 1", null);
                }
            }
        }
    }
    TargetBy targetBy = (ra.mTargetIdOrName == null) ? null : guessTargetBy(ra.mTargetIdOrName);
    GranteeBy granteeBy = (ra.mGranteeIdOrName == null) ? null : guessGranteeBy(ra.mGranteeIdOrName);
    RightCommand.Grants grants = prov.getGrants(ra.mTargetType, targetBy, ra.mTargetIdOrName, ra.mGranteeType, granteeBy, ra.mGranteeIdOrName, granteeIncludeGroupsGranteeBelongs);
    String format = "%-12.12s %-36.36s %-30.30s %-12.12s %-36.36s %-30.30s %s\n";
    console.printf(format, "target type", "target id", "target name", "grantee type", "grantee id", "grantee name", "right");
    console.printf(format, "------------", "------------------------------------", "------------------------------", "------------", "------------------------------------", "------------------------------", "--------------------");
    for (RightCommand.ACE ace : grants.getACEs()) {
        // String deny = ace.deny()?"-":"";
        RightModifier rightModifier = ace.rightModifier();
        String rm = (rightModifier == null) ? "" : String.valueOf(rightModifier.getModifier());
        console.printf(format, ace.targetType(), ace.targetId(), ace.targetName(), ace.granteeType(), ace.granteeId(), ace.granteeName(), rm + ace.right());
    }
    console.println();
}

Example 2 with GranteeBy

use of com.zimbra.soap.admin.type.GranteeSelector.GranteeBy in project zm-mailbox by Zimbra.

the class ProvUtil method doCheckRight.

private void doCheckRight(String[] args) throws ServiceException, ArgException {
    RightArgs ra = new RightArgs(args);
    // todo, handle secret
    getRightArgs(ra, false, false);
    Map<String, Object> attrs = getMap(args, ra.mCurPos);
    TargetBy targetBy = (ra.mTargetIdOrName == null) ? null : guessTargetBy(ra.mTargetIdOrName);
    GranteeBy granteeBy = guessGranteeBy(ra.mGranteeIdOrName);
    AccessManager.ViaGrant via = new AccessManager.ViaGrant();
    boolean allow = prov.checkRight(ra.mTargetType, targetBy, ra.mTargetIdOrName, granteeBy, ra.mGranteeIdOrName, ra.mRight, attrs, via);
    console.println(allow ? "ALLOWED" : "DENIED");
    if (via.available()) {
        console.println("Via:");
        console.println("    target type  : " + via.getTargetType());
        console.println("    target       : " + via.getTargetName());
        console.println("    grantee type : " + via.getGranteeType());
        console.println("    grantee      : " + via.getGranteeName());
        console.println("    right        : " + (via.isNegativeGrant() ? "DENY " : "") + via.getRight());
        console.println();
    }
}

Example 3 with GranteeBy

use of com.zimbra.soap.admin.type.GranteeSelector.GranteeBy in project zm-mailbox by Zimbra.

the class ProvUtil method doGetAllEffectiveRights.

private void doGetAllEffectiveRights(String[] args) throws ServiceException, ArgException {
    RightArgs ra = new RightArgs(args);
    if (prov instanceof LdapProv) {
        // must provide grantee info
        getRightArgsGrantee(ra, true, false);
    } else {
        // has more args, use it for the requested grantee
        if (ra.mCurPos < args.length) {
            getRightArgsGrantee(ra, true, false);
        }
    }
    boolean expandSetAttrs = false;
    boolean expandGetAttrs = false;
    // if there are more args, see if they are expandSetAttrs/expandGetAttrs
    for (int i = ra.mCurPos; i < args.length; i++) {
        if ("expandSetAttrs".equals(args[i])) {
            expandSetAttrs = true;
        } else if ("expandGetAttrs".equals(args[i])) {
            expandGetAttrs = true;
        } else {
            throw new ArgException("unrecognized arg: " + args[i]);
        }
    }
    GranteeBy granteeBy = (ra.mGranteeIdOrName == null) ? null : guessGranteeBy(ra.mGranteeIdOrName);
    RightCommand.AllEffectiveRights allEffRights = prov.getAllEffectiveRights(ra.mGranteeType, granteeBy, ra.mGranteeIdOrName, expandSetAttrs, expandGetAttrs);
    console.println(allEffRights.granteeType() + " " + allEffRights.granteeName() + "(" + allEffRights.granteeId() + ")" + " has the following rights:");
    for (Map.Entry<TargetType, RightCommand.RightsByTargetType> rightsByTargetType : allEffRights.rightsByTargetType().entrySet()) {
        RightCommand.RightsByTargetType rbtt = rightsByTargetType.getValue();
        if (!rbtt.hasNoRight()) {
            dumpRightsByTargetType(rightsByTargetType.getKey(), rbtt, expandSetAttrs, expandGetAttrs);
        }
    }
}

Example 4 with GranteeBy

use of com.zimbra.soap.admin.type.GranteeSelector.GranteeBy in project zm-mailbox by Zimbra.

the class ProvUtil method doGetCreateObjectAttrs.

/**
     * for testing only, not used in production
     */
private void doGetCreateObjectAttrs(String[] args) throws ServiceException {
    String targetType = args[1];
    Key.DomainBy domainBy = null;
    String domain = null;
    if (!args[2].equals("null")) {
        domainBy = guessDomainBy(args[2]);
        domain = args[2];
    }
    Key.CosBy cosBy = null;
    String cos = null;
    if (!args[3].equals("null")) {
        cosBy = guessCosBy(args[3]);
        cos = args[3];
    }
    GranteeBy granteeBy = null;
    String grantee = null;
    // for SoapProvisioning, -a {admin account} -p {password} is required with zmprov
    if (prov instanceof LdapProv) {
        granteeBy = guessGranteeBy(args[4]);
        grantee = args[4];
    }
    console.println("Domain:  " + domain);
    console.println("Cos:     " + cos);
    console.println("Grantee: " + grantee);
    console.println();
    RightCommand.EffectiveRights effRights = prov.getCreateObjectAttrs(targetType, domainBy, domain, cosBy, cos, granteeBy, grantee);
    displayAttrs("set", true, effRights.canSetAllAttrs(), effRights.canSetAttrs());
}

Example 5 with GranteeBy

use of com.zimbra.soap.admin.type.GranteeSelector.GranteeBy in project zm-mailbox by Zimbra.

the class ProvUtil method doRevokeRight.

private void doRevokeRight(String[] args) throws ServiceException, ArgException {
    RightArgs ra = new RightArgs(args);
    getRightArgs(ra, true, false);
    TargetBy targetBy = (ra.mTargetIdOrName == null) ? null : guessTargetBy(ra.mTargetIdOrName);
    GranteeBy granteeBy = (ra.mGranteeIdOrName == null) ? null : guessGranteeBy(ra.mGranteeIdOrName);
    prov.revokeRight(ra.mTargetType, targetBy, ra.mTargetIdOrName, ra.mGranteeType, granteeBy, ra.mGranteeIdOrName, ra.mRight, ra.mRightModifier);
}