Search in sources :

Example 6 with AdminMgr

use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.

the class AdminMgrImplTest method addPASetToPermission.

public static void addPASetToPermission(String msg, String paSetName, String obj, String[] op) throws SecurityException {
    LogUtil.logIt(msg);
    AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
    Permission pop = PermTestData.getOp(obj, op);
    pop.setPaSetName(paSetName);
    adminMgr.updatePermission(pop);
    LOG.debug("addPASetToPermission name [" + paSetName + "] successful");
}
Also used : Permission(org.apache.directory.fortress.core.model.Permission) AdminMgr(org.apache.directory.fortress.core.AdminMgr)

Example 7 with AdminMgr

use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.

the class AdminMgrImplTest method addRoleGrants.

/**
 * @param rArray
 * @param objArray
 * @param opArray
 */
public static void addRoleGrants(String msg, String[][] rArray, String[][] objArray, String[][] opArray, boolean isAdmin, boolean canFail) {
    LogUtil.logIt(msg);
    Permission pOp = new Permission();
    Role role = new Role();
    try {
        AdminMgr adminMgr;
        if (isAdmin) {
            adminMgr = getManagedAdminMgr();
        } else {
            adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
        }
        for (String[] rle : rArray) {
            for (String[] obj : objArray) {
                for (String[] op : opArray) {
                    role = new Role(RoleTestData.getName(rle));
                    pOp = PermTestData.getOp(PermTestData.getName(obj), op);
                    adminMgr.grantPermission(pOp, role);
                    LOG.debug("addRoleGrants role name [" + role.getName() + "] objName [" + pOp.getObjName() + "] objectId [" + pOp.getObjId() + "] operation name [" + pOp.getOpName() + "] successful");
                }
            }
        }
    } catch (SecurityException ex) {
        if (!canFail) {
            LOG.error("addRoleGrants role name [" + role.getName() + "] objName [" + pOp.getObjName() + "] objectId [" + pOp.getObjId() + "] operation name [" + pOp.getOpName() + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
            fail(ex.getMessage());
        }
    }
}
Also used : Role(org.apache.directory.fortress.core.model.Role) UserRole(org.apache.directory.fortress.core.model.UserRole) Permission(org.apache.directory.fortress.core.model.Permission) SecurityException(org.apache.directory.fortress.core.SecurityException) AdminMgr(org.apache.directory.fortress.core.AdminMgr)

Example 8 with AdminMgr

use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.

the class AdminMgrImplTest method delRoleAscendant.

/**
 * @param msg
 * @param rArray
 */
private void delRoleAscendant(String msg, String[][] rArray) {
    LogUtil.logIt(msg);
    try {
        AdminMgr adminMgr = getManagedAdminMgr();
        for (String[] rle : rArray) {
            Role role = RoleTestData.getRole(rle);
            Set<String> ascs = RoleTestData.getRelationships(rle);
            if (ascs != null) {
                for (String asc : ascs) {
                    adminMgr.deleteInheritance(new Role(asc), role);
                    LOG.debug("delRoleAscendant desc role [" + role.getName() + "] asc role [" + asc + "] successful");
                }
            }
            Set<String> inheritances = RoleTestData.getInheritances(rle);
            if (inheritances != null) {
                for (String asc : inheritances) {
                    adminMgr.deleteInheritance(new Role(asc), role);
                    LOG.debug("delRoleAscendant desc role [" + role.getName() + "] asc role [" + asc + "] successful");
                }
            }
            adminMgr.deleteRole(role);
            LOG.debug("delRoleAscendant remove desc role [" + role.getName() + "] successful");
        }
        // cleanup the top ascendant from roles data set.
        ReviewMgr reviewMgr = ReviewMgrImplTest.getManagedReviewMgr();
        String roleSrchVal = RoleTestData.getName(rArray[0]);
        roleSrchVal = roleSrchVal.substring(0, roleSrchVal.length() - 8);
        List<Role> cleanup = reviewMgr.findRoles(roleSrchVal);
        for (Role re : cleanup) {
            adminMgr.deleteRole(re);
            LOG.debug("delRoleAscendant cleanup role [" + re.getName() + "] successful");
        }
    } catch (SecurityException ex) {
        LOG.error("delRoleAscendant caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : Role(org.apache.directory.fortress.core.model.Role) UserRole(org.apache.directory.fortress.core.model.UserRole) ReviewMgr(org.apache.directory.fortress.core.ReviewMgr) SecurityException(org.apache.directory.fortress.core.SecurityException) AdminMgr(org.apache.directory.fortress.core.AdminMgr)

Example 9 with AdminMgr

use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.

the class AdminMgrImplTest method deassignUsersH.

/**
 * @param msg
 * @param uArray
 * @param rArray
 */
void deassignUsersH(String msg, String[][] uArray, String[][] rArray) {
    LogUtil.logIt(msg);
    User user = null;
    Role role = null;
    try {
        AdminMgr adminMgr = getManagedAdminMgr();
        int i = 0;
        for (String[] usr : uArray) {
            user = UserTestData.getUser(usr);
            role = RoleTestData.getRole(rArray[i++]);
            UserRole uRole = new UserRole(user.getUserId(), role.getName());
            adminMgr.deassignUser(uRole);
        }
    } catch (SecurityException ex) {
        LOG.error("deassignUsersH user [" + (user != null ? user.getUserId() : null) + "] role [" + (role != null ? role.getName() : null) + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : Role(org.apache.directory.fortress.core.model.Role) UserRole(org.apache.directory.fortress.core.model.UserRole) User(org.apache.directory.fortress.core.model.User) UserRole(org.apache.directory.fortress.core.model.UserRole) SecurityException(org.apache.directory.fortress.core.SecurityException) RoleConstraint(org.apache.directory.fortress.core.model.RoleConstraint) AdminMgr(org.apache.directory.fortress.core.AdminMgr)

Example 10 with AdminMgr

use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.

the class AdminMgrImplTest method addRoleDescendant.

/**
 * @param msg
 * @param rArray
 */
public static void addRoleDescendant(String msg, String[][] rArray) {
    LogUtil.logIt(msg);
    try {
        AdminMgr adminMgr = getManagedAdminMgr();
        int ctr = 0;
        for (String[] rle : rArray) {
            Role role = RoleTestData.getRole(rle);
            if (ctr++ == 0 || RoleTestData.isTree(rle)) {
                adminMgr.addRole(role);
                LOG.debug("addDescendant add role [" + role.getName() + "] successful");
            }
            // use list because order is important for test structure:
            List<String> descs = RoleTestData.getRelationshipList(rle);
            if (descs != null) {
                if (RoleTestData.isTree(rle)) {
                    Role parent = role;
                    for (String desc : descs) {
                        Role child = new Role(desc);
                        adminMgr.addDescendant(parent, new Role(desc));
                        LOG.debug("addDescendant asc role [" + role.getName() + "] desc role [" + desc + "] successful");
                        parent = child;
                    }
                } else {
                    for (String desc : descs) {
                        adminMgr.addDescendant(role, new Role(desc));
                        LOG.debug("addDescendant asc role [" + role.getName() + "] desc role [" + desc + "] successful");
                    }
                }
            }
            Set<String> inheritances = RoleTestData.getInheritances(rle);
            if (inheritances != null) {
                for (String desc : inheritances) {
                    adminMgr.addInheritance(role, new Role(desc));
                    LOG.debug("addDescendant asc role [" + role.getName() + "] desc role [" + desc + "] successful");
                }
            }
        }
    } catch (SecurityException ex) {
        LOG.error("addDescendant caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
Also used : Role(org.apache.directory.fortress.core.model.Role) UserRole(org.apache.directory.fortress.core.model.UserRole) SecurityException(org.apache.directory.fortress.core.SecurityException) RoleConstraint(org.apache.directory.fortress.core.model.RoleConstraint) AdminMgr(org.apache.directory.fortress.core.AdminMgr)

Aggregations

AdminMgr (org.apache.directory.fortress.core.AdminMgr)104 SecurityException (org.apache.directory.fortress.core.SecurityException)89 Role (org.apache.directory.fortress.core.model.Role)40 User (org.apache.directory.fortress.core.model.User)39 UserRole (org.apache.directory.fortress.core.model.UserRole)35 ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)27 Permission (org.apache.directory.fortress.core.model.Permission)18 RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)16 SDSet (org.apache.directory.fortress.core.model.SDSet)12 DelAdminMgr (org.apache.directory.fortress.core.DelAdminMgr)11 PwPolicyMgr (org.apache.directory.fortress.core.PwPolicyMgr)7 PermObj (org.apache.directory.fortress.core.model.PermObj)7 AccessMgr (org.apache.directory.fortress.core.AccessMgr)6 PermissionAttributeSet (org.apache.directory.fortress.core.model.PermissionAttributeSet)3 AdminPermissionOperation (org.apache.directory.fortress.annotation.AdminPermissionOperation)1 FinderException (org.apache.directory.fortress.core.FinderException)1 AdminRole (org.apache.directory.fortress.core.model.AdminRole)1 Session (org.apache.directory.fortress.core.model.Session)1 UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)1