use of org.apache.directory.fortress.core.model.AdminRole in project directory-fortress-core by apache.
the class DelegatedAdminMgrConsole method removeRoleInheritance.
/**
*/
void removeRoleInheritance() {
try {
AdminRole cre = new AdminRole();
AdminRole pre = new AdminRole();
ReaderUtil.clearScreen();
System.out.println("Enter child adminRole name:");
cre.setName(ReaderUtil.readLn());
System.out.println("Enter parent adminRole name:");
pre.setName(ReaderUtil.readLn());
dAmgr.deleteInheritance(pre, cre);
System.out.println("child adminRole [" + cre.getName() + "]");
System.out.println("parent adminRole [" + pre.getName() + "]");
System.out.println("inheritance relationship has been removed");
System.out.println("ENTER to continue");
} catch (SecurityException e) {
LOG.error("removeRoleInheritance caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
use of org.apache.directory.fortress.core.model.AdminRole in project directory-fortress-core by apache.
the class DelegatedReviewMgrConsole method readRole.
/**
*/
void readRole() {
ReaderUtil.clearScreen();
try {
System.out.println("Enter AdminRole name to read:");
AdminRole role = new AdminRole();
role.setName(ReaderUtil.readLn());
AdminRole re = rm.readRole(role);
if (re != null) {
System.out.println("ADMIN ROLE OBJECT:");
System.out.println(" name [" + re.getName() + "]");
System.out.println(" internalId [" + re.getId() + "]");
System.out.println(" description [" + re.getDescription() + "]");
System.out.println(" osU [" + re.getOsUSet() + "]");
System.out.println(" osP [" + re.getOsPSet() + "]");
ReviewMgrConsole.printTemporal(re, "ADMINROLE");
} else {
System.out.println(" name [" + role.getName() + "] was not found");
}
System.out.println("ENTER to continue");
} catch (SecurityException e) {
LOG.error("readRole caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
use of org.apache.directory.fortress.core.model.AdminRole in project directory-fortress-core by apache.
the class PermP method validate.
/**
* Method will perform various validations to ensure the integrity of the Permission Operation entity targeted for insertion
* or updating in directory. Data reasonability checks will be performed on all non-null attributes.
*
* @param pOp Permission Operation entity contains data targeted for insertion or update.
* @param isUpdate if true update operation is being performed which specifies a different set of targeted attributes.
* @throws SecurityException in the event of data validation error or DAO error.
*/
private void validate(Permission pOp, boolean isUpdate) throws SecurityException {
if (!isUpdate) {
// operation
if (pOp.getOpName() != null && pOp.getOpName().length() > 0) {
VUtil.description(pOp.getOpName());
}
}
if (StringUtils.isNotEmpty(pOp.getType())) {
VUtil.description(pOp.getType());
}
if (StringUtils.isNotEmpty(pOp.getDescription())) {
VUtil.description(pOp.getDescription());
}
// Validate Role Grants:
if (CollectionUtils.isNotEmpty(pOp.getRoles())) {
Set<String> roles = pOp.getRoles();
if (pOp.isAdmin()) {
AdminRoleP arp = new AdminRoleP();
for (String roleNm : roles) {
AdminRole adminRole = new AdminRole(roleNm);
adminRole.setContextId(pOp.getContextId());
arp.read(adminRole);
}
} else {
RoleP rp = new RoleP();
for (String roleNm : roles) {
Role role = new Role(roleNm);
role.setContextId(pOp.getContextId());
rp.read(role);
}
}
}
// Validate User Grants:
if (CollectionUtils.isNotEmpty(pOp.getUsers())) {
Set<String> users = pOp.getUsers();
UserP up = new UserP();
for (String userId : users) {
User user = new User(userId);
user.setContextId(pOp.getContextId());
up.read(user, false);
}
}
// Validate Perm Attr Set Name
if (CollectionUtils.isNotEmpty(pOp.getPaSets())) {
for (String paSetName : pOp.getPaSets()) {
validatePaSet(paSetName, pOp.getContextId());
}
}
}
use of org.apache.directory.fortress.core.model.AdminRole in project directory-fortress-core by apache.
the class AdminRoleDAO method findRoles.
/**
* @param adminRole
* @return
* @throws FinderException
*/
List<AdminRole> findRoles(AdminRole adminRole) throws FinderException {
List<AdminRole> roleList = new ArrayList<AdminRole>();
LdapConnection ld = null;
String roleRoot = getRootDn(adminRole.getContextId(), GlobalIds.ADMIN_ROLE_ROOT);
String filter;
try {
String searchVal = encodeSafeText(adminRole.getName(), GlobalIds.ROLE_LEN);
filter = GlobalIds.FILTER_PREFIX + GlobalIds.ROLE_OBJECT_CLASS_NM + ")(" + ROLE_NM + "=" + searchVal + "*))";
ld = getAdminConnection();
SearchCursor searchResults = search(ld, roleRoot, SearchScope.ONELEVEL, filter, ROLE_ATRS, false, GlobalIds.BATCH_SIZE);
long sequence = 0;
while (searchResults.next()) {
roleList.add(unloadLdapEntry(searchResults.getEntry(), sequence++, adminRole.getContextId()));
}
} catch (LdapException e) {
String error = "findRoles name [" + adminRole.getName() + "] caught LdapException=" + e.getMessage();
throw new FinderException(GlobalErrIds.ARLE_SEARCH_FAILED, error, e);
} catch (CursorException e) {
String error = "findRoles name [" + adminRole.getName() + "] caught CursorException=" + e.getMessage();
throw new FinderException(GlobalErrIds.ARLE_SEARCH_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
return roleList;
}
use of org.apache.directory.fortress.core.model.AdminRole in project directory-fortress-core by apache.
the class AdminRoleDAO method unloadLdapEntry.
/**
* @param le
* @return
* @throws LdapInvalidAttributeValueException
* @throws LdapException
*/
private AdminRole unloadLdapEntry(Entry le, long sequence, String contextId) throws LdapInvalidAttributeValueException {
AdminRole entity = new ObjectFactory().createAdminRole();
entity.setSequenceId(sequence);
entity.setId(getAttribute(le, GlobalIds.FT_IID));
entity.setDescription(getAttribute(le, SchemaConstants.DESCRIPTION_AT));
entity.setOccupants(getAttributes(le, ROLE_OCCUPANT));
entity.setOsPSet(getAttributeSet(le, ROLE_OSP));
entity.setOsUSet(getAttributeSet(le, ROLE_OSU));
entity.setName(getAttribute(le, SchemaConstants.CN_AT));
unloadTemporal(le, entity);
entity.setRoleRangeRaw(getAttribute(le, ROLE_RANGE));
entity.setParents(getAttributeSet(le, GlobalIds.PARENT_NODES));
entity.setChildren(AdminRoleUtil.getChildren(entity.getName().toUpperCase(), contextId));
return entity;
}
Aggregations