Example 31 with Permission
use of org.apache.directory.fortress.core.model.Permission in project directory-fortress-core by apache.
the class ReviewMgrRestImpl method rolePermissions.
/**
* {@inheritDoc}
*/
@Override
public List<Permission> rolePermissions(Role role, boolean noInheritance) throws SecurityException {
VUtil.assertNotNull(role, GlobalErrIds.ROLE_NULL, CLS_NM + ".rolePermissions");
List<Permission> retPerms;
FortRequest request = new FortRequest();
request.setContextId(this.contextId);
request.setEntity(role);
request.setIsFlag(noInheritance);
if (this.adminSess != null) {
request.setSession(adminSess);
}
String szRequest = RestUtils.marshal(request);
String szResponse = RestUtils.getInstance().post(szRequest, HttpIds.ROLE_PERMS);
FortResponse response = RestUtils.unmarshall(szResponse);
if (response.getErrorCode() == 0) {
retPerms = response.getEntities();
} else {
throw new SecurityException(response.getErrorCode(), response.getErrorMessage());
}
return retPerms;
}
Also used :
Permission(org.apache.directory.fortress.core.model.Permission)
FortResponse(org.apache.directory.fortress.core.model.FortResponse)
SecurityException(org.apache.directory.fortress.core.SecurityException)
FortRequest(org.apache.directory.fortress.core.model.FortRequest)
Example 32 with Permission
use of org.apache.directory.fortress.core.model.Permission in project directory-fortress-core by apache.
the class AccelMgrConsole method checkAccess.
/**
*/
void checkAccess() {
// Session session = null;
try {
VUtil.assertNotNull(session, GlobalErrIds.USER_SESS_NULL, "AccelMgrConsole.checkAccess");
ReaderUtil.clearScreen();
Permission perm = new Permission();
System.out.println("Enter object name:");
perm.setObjName(ReaderUtil.readLn());
System.out.println("Enter operation name:");
perm.setOpName(ReaderUtil.readLn());
System.out.println("Enter object id (or NULL to skip):");
String val = ReaderUtil.readLn();
if (val != null && val.length() > 0) {
perm.setObjId(val);
}
boolean result = am.checkAccess(session, perm);
System.out.println("CheckAccess return [" + result + "] for user [" + session.getUserId() + "], objName [" + perm.getObjName() + "], operationName [" + perm.getOpName() + "]" + ", objId [" + perm.getObjId() + "]");
System.out.println("ENTER to continue");
} catch (SecurityException e) {
LOG.error("checkAccess caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
Also used :
Permission(org.apache.directory.fortress.core.model.Permission)
Example 33 with Permission
use of org.apache.directory.fortress.core.model.Permission in project directory-fortress-core by apache.
the class AdminMgrConsole method revokePermission.
void revokePermission(boolean isRole) {
try {
ReaderUtil.clearScreen();
System.out.println("Enter perm object");
String object = ReaderUtil.readLn();
System.out.println("Enter perm operation");
String operation = ReaderUtil.readLn();
Permission pOp = new Permission(object, operation);
String name;
if (isRole) {
System.out.println("Enter role name");
name = ReaderUtil.readLn();
am.revokePermission(pOp, new Role(name));
} else {
System.out.println("Enter userId");
name = ReaderUtil.readLn();
am.revokePermission(pOp, new User(name));
}
System.out.println("perm object [" + object + "] operation [" + operation + "] has been granted to [" + name + "]");
System.out.println("has been revoked.");
System.out.println("ENTER to continue");
} catch (SecurityException e) {
LOG.error("revokePermission caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
Also used :
Role(org.apache.directory.fortress.core.model.Role)
UserRole(org.apache.directory.fortress.core.model.UserRole)
User(org.apache.directory.fortress.core.model.User)
Permission(org.apache.directory.fortress.core.model.Permission)
Example 34 with Permission
use of org.apache.directory.fortress.core.model.Permission in project directory-fortress-core by apache.
the class DelegatedAccessMgrConsole method sessionPermissions.
void sessionPermissions() {
try {
VUtil.assertNotNull(session, GlobalErrIds.USER_SESS_NULL, "DelegatedAccessMgrConsole.sessionPermissions");
ReaderUtil.clearScreen();
List<Permission> list = dAmgr.sessionPermissions(session);
if (list != null) {
Collections.sort(list, new Comparator<Permission>() {
@Override
public int compare(Permission p1, Permission p2) {
return p1.getAbstractName().compareTo(p2.getAbstractName());
}
});
int i = 0;
for (Permission pe : list) {
// pe = (Permission) list.get(i);
System.out.println("**perm:" + (i++) + "***");
System.out.println("object name [" + pe.getObjName() + "]");
System.out.println("object id [" + pe.getObjId() + "]");
System.out.println("operation name [" + pe.getOpName() + "]");
System.out.println("abstract perm name [" + pe.getAbstractName() + "]");
System.out.println("internalId [" + pe.getInternalId() + "]");
if (pe.getUsers() != null && pe.getUsers().size() > 0) {
int ctr = 0;
for (String user : pe.getUsers()) {
System.out.println("user[" + ctr++ + "]=" + user);
}
}
if (pe.getRoles() != null && pe.getRoles().size() > 0) {
int ctr = 0;
for (String role : pe.getRoles()) {
System.out.println("name[" + ctr++ + "]=" + role);
}
}
if (pe.getProperties() != null && pe.getProperties().size() > 0) {
int ctr = 0;
for (Enumeration e = pe.getProperties().propertyNames(); e.hasMoreElements(); ) {
String key = (String) e.nextElement();
String val = pe.getProperty(key);
System.out.println("prop key[" + ctr + "]=" + key);
System.out.println("prop value[" + ctr++ + "]=" + val);
}
}
System.out.println("**");
}
}
System.out.println("ENTER to continue");
} catch (SecurityException e) {
LOG.error("sessionPermissions caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
Also used :
Enumeration(java.util.Enumeration)
Permission(org.apache.directory.fortress.core.model.Permission)
Example 35 with Permission
use of org.apache.directory.fortress.core.model.Permission in project directory-fortress-core by apache.
the class DelegatedAdminMgrConsole method grantPermission.
protected void grantPermission(boolean isRole) {
try {
ReaderUtil.clearScreen();
System.out.println("Enter perm object");
String object = ReaderUtil.readLn();
System.out.println("Enter perm operation");
String operation = ReaderUtil.readLn();
Permission pOp = new Permission(object, operation);
pOp.setAdmin(true);
String name;
if (isRole) {
System.out.println("Enter role name");
name = ReaderUtil.readLn();
aMgr.grantPermission(pOp, new Role(name));
} else {
System.out.println("Enter userId");
name = ReaderUtil.readLn();
aMgr.grantPermission(pOp, new User(name));
}
System.out.println("perm object [" + object + "] operation [" + operation + "] has been granted to [" + name + "]");
System.out.println("has been granted");
System.out.println("ENTER to continue");
} catch (SecurityException e) {
LOG.error("grantPermission caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
}
ReaderUtil.readChar();
}
Also used :
AdminRole(org.apache.directory.fortress.core.model.AdminRole)
Role(org.apache.directory.fortress.core.model.Role)
UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole)
User(org.apache.directory.fortress.core.model.User)
Permission(org.apache.directory.fortress.core.model.Permission)
Aggregations
Permission (org.apache.directory.fortress.core.model.Permission)99
SecurityException (org.apache.directory.fortress.core.SecurityException)58
Role (org.apache.directory.fortress.core.model.Role)24
User (org.apache.directory.fortress.core.model.User)24
AdminMgr (org.apache.directory.fortress.core.AdminMgr)18
UserRole (org.apache.directory.fortress.core.model.UserRole)17
ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)16
Session (org.apache.directory.fortress.core.model.Session)12
FortRequest (org.apache.directory.fortress.core.model.FortRequest)11
FortResponse (org.apache.directory.fortress.core.model.FortResponse)11
RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)11
ArrayList (java.util.ArrayList)10
FinderException (org.apache.directory.fortress.core.FinderException)10
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)9
AdminRole (org.apache.directory.fortress.core.model.AdminRole)9
UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)9
LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)9
CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)7
SearchCursor (org.apache.directory.api.ldap.model.cursor.SearchCursor)7
AccessMgr (org.apache.directory.fortress.core.AccessMgr)7
