Example 46 with AdminMgr
use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.
the class LoadTestUserSample method testDeleteUser.
/**
* The deleteUser will completely remove the User data from the LDAP directory. There is also a 'softDelete' that
* can be used to disable the User if hard delete is not the aim.
*/
public static void testDeleteUser() {
String szLocation = ".testDeleteUser";
try {
// Instantiate the AdminMgr implementation which is used to provision RBAC policies.
AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
LOG.info(szLocation + "deleting [" + NUMBER_TEST_USERS + "] users... (every '-' is 1000 users)");
for (int i = 1; i <= NUMBER_TEST_USERS; i++) {
User inUser = new User(TEST_USERID + i);
adminMgr.deleteUser(inUser);
if (i % 1000 == 0) {
System.out.print("-");
}
}
System.out.println("");
LOG.info(szLocation + " users delete success");
} catch (SecurityException ex) {
LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
SecurityException(org.apache.directory.fortress.core.SecurityException)
AdminMgr(org.apache.directory.fortress.core.AdminMgr)
Example 47 with AdminMgr
use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.
the class LoadTestUserSample method testCreateUser.
/**
* Demonstrate how to create a simple user and assign to a single RBAC Role in one API call. The example will
* also read the User back from LDAP after creation but this is not required for real world examples.
*/
public static void testCreateUser() {
String szLocation = ".testCreateUser";
try {
// Instantiate the AdminMgr implementation. All AdminMgr APIs can throw a SecurityException in the event
// of rule violation or system error.
AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
// You do not have to assign a Role to User when calling 'addUser'. Role assignment may be done using the 'assignUser' API.
/**
* Create new User entity:
* {@link org.apache.directory.fortress.core.model.User#userId}="sampleUser1"
* {@link User#password}="password1"
* {@link User#setRole(String)}="sampleRole1"
* {@link User#ou}="sampleUserOU1"
*/
LOG.info(szLocation + "CREATING [" + NUMBER_TEST_USERS + "] users... (every '+' is 1000 users)");
for (int i = 1; i <= NUMBER_TEST_USERS; i++) {
User inUser = new User(TEST_USERID + i, TEST_PASSWORD);
inUser.setOu("DEV0");
try {
// Now call the add API. The API will return User entity with associated LDAP dn if creation was successful.
User outUser = adminMgr.addUser(inUser);
assertNotNull(outUser);
if (i % 1000 == 0) {
System.out.print("+");
}
} catch (SecurityException ex) {
if (ex.getErrorId() == GlobalErrIds.USER_ADD_FAILED_ALREADY_EXISTS) {
// ignore
} else {
LOG.error(szLocation + "testAddUsers caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
if (i % 1000 == 0) {
System.out.print("=");
}
}
}
System.out.println("");
LOG.info(szLocation + " users create success");
} catch (SecurityException ex) {
LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
SecurityException(org.apache.directory.fortress.core.SecurityException)
AdminMgr(org.apache.directory.fortress.core.AdminMgr)
Example 48 with AdminMgr
use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.
the class AdminMgrImplTest method deleteInheritedRoles.
/**
* @param rArray
*/
public static void deleteInheritedRoles(String msg, String[][] rArray) {
LogUtil.logIt(msg);
try {
AdminMgr adminMgr = getManagedAdminMgr();
for (String[] rle : rArray) {
Role role = RoleTestData.getRole(rle);
Set<String> parents = RoleTestData.getRelationships(rle);
if (parents != null) {
for (String pRole : parents) {
adminMgr.deleteInheritance(new Role(pRole), role);
LOG.debug("deleteInheritedRoles child role [" + role.getName() + "] parent role [" + pRole + "] successful");
}
}
}
} catch (SecurityException ex) {
LOG.error("deleteInheritedRoles caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
Role(org.apache.directory.fortress.core.model.Role)
UserRole(org.apache.directory.fortress.core.model.UserRole)
SecurityException(org.apache.directory.fortress.core.SecurityException)
AdminMgr(org.apache.directory.fortress.core.AdminMgr)
Example 49 with AdminMgr
use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.
the class AdminMgrImplTest method delUserGrants.
/**
* @param uArray
* @param objArray
* @param opArray
*/
private void delUserGrants(String msg, String[][] uArray, String[][] objArray, String[][] opArray) {
LogUtil.logIt(msg);
Permission pOp = new Permission();
User user = new User();
try {
AdminMgr adminMgr = getManagedAdminMgr();
for (String[] usr : uArray) {
for (String[] obj : objArray) {
for (String[] op : opArray) {
user = new User(UserTestData.getUserId(usr));
pOp = PermTestData.getOp(PermTestData.getName(obj), op);
adminMgr.revokePermission(pOp, user);
LOG.debug("delUserGrants userId [" + user.getUserId() + "] objName [" + pOp.getObjName() + "] objectId [" + pOp.getObjId() + "] operation name [" + pOp.getOpName() + "] successful");
}
}
}
} catch (SecurityException ex) {
LOG.error("delUserGrants userId [" + user.getUserId() + "] objName [" + pOp.getObjName() + "] objectId [" + pOp.getObjId() + "] operation name [" + pOp.getOpName() + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
Permission(org.apache.directory.fortress.core.model.Permission)
SecurityException(org.apache.directory.fortress.core.SecurityException)
AdminMgr(org.apache.directory.fortress.core.AdminMgr)
Example 50 with AdminMgr
use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.
the class AdminMgrImplTest method unlockUsers.
/**
* @param msg
* @param uArray
*/
void unlockUsers(String msg, String[][] uArray) {
LogUtil.logIt(msg);
try {
AdminMgr adminMgr = getManagedAdminMgr();
for (String[] usr : uArray) {
User user = UserTestData.getUser(usr);
adminMgr.unlockUserAccount(user);
LOG.debug("unlockUsers user [" + user.getUserId() + "] successful");
}
} catch (SecurityException ex) {
LOG.error("unlockUsers: caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
fail(ex.getMessage());
}
}
Also used :
User(org.apache.directory.fortress.core.model.User)
SecurityException(org.apache.directory.fortress.core.SecurityException)
AdminMgr(org.apache.directory.fortress.core.AdminMgr)
Aggregations
AdminMgr (org.apache.directory.fortress.core.AdminMgr)104
SecurityException (org.apache.directory.fortress.core.SecurityException)89
Role (org.apache.directory.fortress.core.model.Role)40
User (org.apache.directory.fortress.core.model.User)39
UserRole (org.apache.directory.fortress.core.model.UserRole)35
ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)27
Permission (org.apache.directory.fortress.core.model.Permission)18
RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)16
SDSet (org.apache.directory.fortress.core.model.SDSet)12
DelAdminMgr (org.apache.directory.fortress.core.DelAdminMgr)11
PwPolicyMgr (org.apache.directory.fortress.core.PwPolicyMgr)7
PermObj (org.apache.directory.fortress.core.model.PermObj)7
AccessMgr (org.apache.directory.fortress.core.AccessMgr)6
PermissionAttributeSet (org.apache.directory.fortress.core.model.PermissionAttributeSet)3
AdminPermissionOperation (org.apache.directory.fortress.annotation.AdminPermissionOperation)1
FinderException (org.apache.directory.fortress.core.FinderException)1
AdminRole (org.apache.directory.fortress.core.model.AdminRole)1
Session (org.apache.directory.fortress.core.model.Session)1
UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)1
