Examples with AdminMgr org.apache.directory.fortress.core.AdminMgr used on opensource projects

Example 36 with AdminMgr

use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.

the class CreateRoleHierarchySample method testDeleteHierRoles.

/**
 * Remove the simple hierarchical Roles from the directory.  Before removal call the API to move the relationship
 * between the parent and child Roles.  Once the relationship is removed the parent Role can be removed.
 * Role removal will trigger automatic deassignment from all Users or revocation of Permission as well.
 * <p>
 * <img src="./doc-files/HierRoleSimple.png" alt="">
 */
public static void testDeleteHierRoles() {
    String szLocation = ".testDeleteHierRoles";
    if (AllSamplesJUnitTest.isFirstRun()) {
        return;
    }
    try {
        // Instantiate the AdminMgr implementation which is used to provision RBAC policies.
        AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
        for (int i = 1; i < TEST_NUMBER; i++) {
            // The key that must be set to locate any Role is simply the name.
            Role parentRole = new Role(TEST_HIER_ROLE_PREFIX + i);
            Role childRole = new Role(TEST_HIER_ROLE_PREFIX + (i + 1));
            adminMgr.deleteInheritance(parentRole, childRole);
            // Remove the Role from directory along with associated assignments:
            adminMgr.deleteRole(parentRole);
            LOG.info(szLocation + " role [" + parentRole.getName() + "] success");
        }
        // Remove the Role from directory along with associated assignments:
        adminMgr.deleteRole(new Role(TEST_HIER_ROLE_PREFIX + TEST_NUMBER));
    } catch (SecurityException ex) {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 37 with AdminMgr

use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.

the class CreateRoleHierarchySample method testDeleteAscendantRoles.

/**
 * This example demonstrates tear down of a child to parent represented as one-to-many.  The parents must all
 * be removed from the child before the child can be removed.
 * Role removal will trigger automatic deassignment from all Users or revocation of Permission as well.
 * <p>
 * <img src="./doc-files/HierRoleAscendants.png" alt="">
 */
public static void testDeleteAscendantRoles() {
    String szLocation = ".testDeleteAscendantRoles";
    if (AllSamplesJUnitTest.isFirstRun()) {
        return;
    }
    try {
        // Instantiate the AdminMgr implementation which is used to provision RBAC policies.
        AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
        // This child has many parents:
        Role childRole = new Role(TEST_HIER_ASC_ROLE_PREFIX + 1);
        for (int i = 2; i < TEST_NUMBER + 1; i++) {
            Role parentRole = new Role(TEST_HIER_ASC_ROLE_PREFIX + i);
            adminMgr.deleteInheritance(parentRole, childRole);
            // Remove the Role from directory along with associated assignments:
            adminMgr.deleteRole(parentRole);
            LOG.info(szLocation + " role [" + childRole.getName() + "] success");
        }
        // Remove the Role from directory along with associated assignments:
        adminMgr.deleteRole(childRole);
    } catch (SecurityException ex) {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 38 with AdminMgr

use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.

the class CreateRoleHierarchySample method testCreateHierRoles.

/**
 * Add a simple Role hierarchy to ldap.  The Roles will named to include a name,'sampleHierRole', appended with the
 * sequence of 1 - 6.  sampleHierRole1 is the root or highest level Role in the structure while sampleHierRole6 is the lowest
 * most child.  Fortress Roles may have multiple parents which is demonstrated in testCreateAscendantRoles sample.
 * <p>
 * <img src="./doc-files/HierRoleSimple.png" alt="">
 */
public static void testCreateHierRoles() {
    String szLocation = ".testCreateHierRoles";
    try {
        // Instantiate the AdminMgr implementation which is used to provision RBAC policies.
        AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
        // Instantiate the Role entity.
        Role baseRole = new Role(TEST_HIER_BASE_ROLE);
        // Add the Role entity to the directory.
        adminMgr.addRole(baseRole);
        // Create roles, sampleHierRole2 - sampleHierRole10
        for (int i = 2; i < TEST_NUMBER + 1; i++) {
            // Instantiate the Role entity.
            Role childRole = new Role(TEST_HIER_ROLE_PREFIX + i);
            // Add the Role entity to the directory.
            adminMgr.addRole(childRole);
            // Now add Role relationship to the directory between parent and child Roles.
            Role parentRole = new Role(TEST_HIER_ROLE_PREFIX + (i - 1));
            adminMgr.addInheritance(parentRole, childRole);
        }
    } catch (SecurityException ex) {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 39 with AdminMgr

use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.

the class CreateRoleSample method testCreateSimpleRole2.

public static void testCreateSimpleRole2() {
    String szLocation = ".testCreateSimpleRole2";
    try {
        // Instantiate the AdminMgr implementation which is used to provision RBAC policies.
        AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
        for (String roleName : TEST_SIMPLE_ROLE2) {
            // At its simplest a Role contains only a name.
            Role inRole = new Role(roleName);
            // Call the API to actually add the Role to ldap.
            adminMgr.addRole(inRole);
            // Instantiate the ReviewMgr implementation which is used to interrogate RBAC policy information.
            ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(TestUtils.getContext());
            // now read the newly created Role entity back:
            Role outRole = reviewMgr.readRole(inRole);
            assertTrue(szLocation + " failed read", inRole.equals(outRole));
            LOG.info(szLocation + " [" + outRole.getName() + "] success");
        }
    } catch (SecurityException ex) {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 40 with AdminMgr

use of org.apache.directory.fortress.core.AdminMgr in project directory-fortress-core by apache.

the class CreateRoleSample method testCreateComplexRole.

/**
 * Demonstrate the creation of Roles that contains temporal constraints.  These constraints are used to control
 * the day, date, and time of Role activation.  They also can enforce mandatory blackout periods for Role activation.
 */
public static void testCreateComplexRole() {
    String szLocation = ".testCreateComplexRole";
    try {
        // Instantiate the AdminMgr implementation which is used to provision RBAC policies.
        AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
        // Create roles, sampleRole2 - sampleRole10
        for (int i = 1; i < 11; i++) {
            // Instantiate the Role entity.
            Role inRole = new Role(TEST_ROLE_PREFIX + i);
            // Set the Role start date to Jan 1, 2011:
            inRole.setBeginDate("20110101");
            // Set the Role end date to never:
            inRole.setEndDate("none");
            // Set the role begin time to 1 am:
            inRole.setBeginTime("0100");
            // Set the role end time to midnight.  This role cannot be activated between hours of midnight and 1 am.
            inRole.setEndTime("0000");
            // set the day mask to Mon, Tue, Wed, Thur, Fri, Sat.  Role can't be activated on Sunday.
            inRole.setDayMask("234567");
            // set the begin lock date to Jan 15, 2011
            inRole.setBeginLockDate("20110115");
            // set the end lock date to Feb 15, 2011 - of course this lockout occurred in the past.
            inRole.setEndLockDate("20110215");
            // Add the Role entity to the directory.
            adminMgr.addRole(inRole);
            // Instantiate the ReviewMgr implementation which is used to interrogate policy information.
            ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(TestUtils.getContext());
            // now read the newly created Role entity back:
            Role outRole = reviewMgr.readRole(inRole);
            assertTrue(szLocation + " failed read", inRole.equals(outRole));
            LOG.info(szLocation + " role [" + outRole.getName() + "] success");
        }
    } catch (SecurityException ex) {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}