Example 16 with Relationship
use of org.apache.directory.fortress.core.model.Relationship in project directory-fortress-core by apache.
the class AdminMgrConsole method toGraphNotUsed.
/**
* @param hier
* @return
* @throws org.apache.directory.fortress.core.SecurityException
*/
public static SimpleDirectedGraph<String, Relationship> toGraphNotUsed(Hier hier) {
LOG.info("toGraphX");
SimpleDirectedGraph<String, Relationship> graph = new SimpleDirectedGraph<>(Relationship.class);
// List<String> roles = hier.getRoles();
// if (roles != null)
// {
// for (String role : roles)
// {
// graph.addVertex(role);
// }
// }
List<Relationship> edges = hier.getRelationships();
if (edges != null && edges.size() > 0) {
for (Relationship edge : edges) {
String child = edge.getChild();
String parent = edge.getParent();
graph.addVertex(child);
graph.addVertex(parent);
graph.addEdge(child, parent, edge);
if (LOG.isDebugEnabled())
LOG.debug("toGraphX child=" + child + " parent=" + parent);
}
}
return graph;
}
Also used :
Relationship(org.apache.directory.fortress.core.model.Relationship)
SimpleDirectedGraph(org.jgrapht.graph.SimpleDirectedGraph)
Example 17 with Relationship
use of org.apache.directory.fortress.core.model.Relationship in project directory-fortress-core by apache.
the class AdminMgrConsole method toHierTest.
/**
* @param graph
* @return
* @throws org.apache.directory.fortress.core.SecurityException
*/
public static Hier toHierTest(UndirectedGraph<String, Relationship> graph) {
Hier he = new Hier();
Set<Relationship> eSet = graph.edgeSet();
for (Relationship edge : eSet) {
// Edge:(User : Root)
he.setRelationship(edge);
}
Set<String> vSet = graph.vertexSet();
for (String vertice : vSet) {
// he.addRole(vertice);
}
return he;
}
Also used :
Relationship(org.apache.directory.fortress.core.model.Relationship)
Hier(org.apache.directory.fortress.core.model.Hier)
Example 18 with Relationship
use of org.apache.directory.fortress.core.model.Relationship in project directory-fortress-core by apache.
the class UsoUtil method loadGraph.
/**
* Read this ldap record,{@code cn=Hierarchies, ou=OS-P} into this entity, {@link Hier}, before loading into this collection class,{@code org.jgrapht.graph.SimpleDirectedGraph}
* using 3rd party lib, <a href="http://www.jgrapht.org/">JGraphT</a>.
*
* @param contextId maps to sub-tree in DIT, e.g. ou=contextId, dc=example, dc=com.
* @return handle to simple digraph containing user ou hierarchies.
*/
private synchronized SimpleDirectedGraph<String, Relationship> loadGraph(String contextId) {
Hier inHier = new Hier(Hier.Type.ROLE);
inHier.setContextId(contextId);
LOG.info("loadGraph initializing USO context [{}]", inHier.getContextId());
List<Graphable> descendants = null;
try {
OrgUnit orgUnit = new OrgUnit();
orgUnit.setType(OrgUnit.Type.USER);
orgUnit.setContextId(contextId);
descendants = orgUnitP.getAllDescendants(orgUnit);
} catch (SecurityException se) {
LOG.info("loadGraph caught SecurityException={}", se);
}
Hier hier = HierUtil.loadHier(contextId, descendants);
SimpleDirectedGraph<String, Relationship> graph;
graph = HierUtil.buildGraph(hier);
usoCache.put(getKey(contextId), graph);
return graph;
}
Also used :
OrgUnit(org.apache.directory.fortress.core.model.OrgUnit)
Relationship(org.apache.directory.fortress.core.model.Relationship)
SecurityException(org.apache.directory.fortress.core.SecurityException)
Graphable(org.apache.directory.fortress.core.model.Graphable)
Hier(org.apache.directory.fortress.core.model.Hier)
Example 19 with Relationship
use of org.apache.directory.fortress.core.model.Relationship in project directory-fortress-core by apache.
the class AdminMgrImpl method addDescendant.
/**
* {@inheritDoc}
*/
@Override
@AdminPermissionOperation
public void addDescendant(Role parentRole, Role childRole) throws SecurityException {
String methodName = "addDescendant";
assertContext(CLS_NM, methodName, parentRole, GlobalErrIds.PARENT_ROLE_NULL);
assertContext(CLS_NM, methodName, childRole, GlobalErrIds.CHILD_ROLE_NULL);
setEntitySession(CLS_NM, methodName, childRole);
// make sure the parent role is already there:
Role role = new Role(parentRole.getName());
role.setContextId(this.contextId);
roleP.read(role);
RoleUtil.getInstance().validateRelationship(childRole, parentRole, false);
childRole.setParent(parentRole.getName());
roleP.add(childRole);
RoleUtil.getInstance().updateHier(this.contextId, new Relationship(childRole.getName().toUpperCase(), parentRole.getName().toUpperCase()), Hier.Op.ADD);
}
Also used :
AdminRole(org.apache.directory.fortress.core.model.AdminRole)
Role(org.apache.directory.fortress.core.model.Role)
UserRole(org.apache.directory.fortress.core.model.UserRole)
Relationship(org.apache.directory.fortress.core.model.Relationship)
AdminPermissionOperation(org.apache.directory.fortress.annotation.AdminPermissionOperation)
Example 20 with Relationship
use of org.apache.directory.fortress.core.model.Relationship in project directory-fortress-core by apache.
the class AdminMgrImpl method deleteRole.
/**
* {@inheritDoc}
*/
@Override
@AdminPermissionOperation
public void deleteRole(Role role) throws SecurityException {
String methodName = "deleteRole";
assertContext(CLS_NM, methodName, role, GlobalErrIds.ROLE_NULL);
setEntitySession(CLS_NM, methodName, role);
int numChildren = RoleUtil.getInstance().numChildren(role.getName(), role.getContextId());
if (numChildren > 0) {
String error = methodName + " role [" + role.getName() + "] must remove [" + numChildren + "] descendants before deletion";
LOG.error(error);
throw new SecurityException(GlobalErrIds.HIER_DEL_FAILED_HAS_CHILD, error, null);
}
// Read the Role from LDAP:
Role outRole = roleP.read(role);
outRole.setContextId(role.getContextId());
// deassign all groups assigned to this role first (because of schema's configGroup class constraints)
List<Group> groups = groupP.roleGroups(outRole);
for (Group group : groups) {
group.setContextId(this.contextId);
groupP.deassign(group, outRole.getDn());
}
// If user membership associated with role, remove the role object:
if (Config.getInstance().isRoleOccupant()) {
// this reads the role object itself:
List<User> users = userP.getAssignedUsers(role);
if (users != null) {
for (User ue : users) {
UserRole uRole = new UserRole(ue.getUserId(), role.getName());
setAdminData(CLS_NM, methodName, uRole);
deassignUser(uRole);
}
}
} else {
// search for all users assigned this role and deassign:
List<String> userIds = userP.getAssignedUserIds(role);
for (String userId : userIds) {
UserRole uRole = new UserRole(userId, role.getName());
setAdminData(CLS_NM, methodName, uRole);
deassignUser(uRole);
}
}
// Now remove the role association from all permissions:
permP.remove(role);
// remove all parent relationships from the role graph:
Set<String> parents = RoleUtil.getInstance().getParents(role.getName(), this.contextId);
if (parents != null) {
for (String parent : parents) {
RoleUtil.getInstance().updateHier(this.contextId, new Relationship(role.getName().toUpperCase(), parent.toUpperCase()), Hier.Op.REM);
}
}
// Finally, delete the role object:
roleP.delete(role);
}
Also used :
AdminRole(org.apache.directory.fortress.core.model.AdminRole)
Role(org.apache.directory.fortress.core.model.Role)
UserRole(org.apache.directory.fortress.core.model.UserRole)
Group(org.apache.directory.fortress.core.model.Group)
User(org.apache.directory.fortress.core.model.User)
UserRole(org.apache.directory.fortress.core.model.UserRole)
Relationship(org.apache.directory.fortress.core.model.Relationship)
SecurityException(org.apache.directory.fortress.core.SecurityException)
RoleConstraint(org.apache.directory.fortress.core.model.RoleConstraint)
AdminPermissionOperation(org.apache.directory.fortress.annotation.AdminPermissionOperation)
Aggregations
Relationship (org.apache.directory.fortress.core.model.Relationship)32
AdminPermissionOperation (org.apache.directory.fortress.annotation.AdminPermissionOperation)15
AdminRole (org.apache.directory.fortress.core.model.AdminRole)10
SecurityException (org.apache.directory.fortress.core.SecurityException)9
Role (org.apache.directory.fortress.core.model.Role)7
UserRole (org.apache.directory.fortress.core.model.UserRole)7
Hier (org.apache.directory.fortress.core.model.Hier)6
OrgUnit (org.apache.directory.fortress.core.model.OrgUnit)6
UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)6
Graphable (org.apache.directory.fortress.core.model.Graphable)5
User (org.apache.directory.fortress.core.model.User)4
PermObj (org.apache.directory.fortress.core.model.PermObj)3
HashSet (java.util.HashSet)2
Permission (org.apache.directory.fortress.core.model.Permission)2
SimpleDirectedGraph (org.jgrapht.graph.SimpleDirectedGraph)2
org.apache.directory.fortress.core (org.apache.directory.fortress.core)1
Constraint (org.apache.directory.fortress.core.model.Constraint)1
Group (org.apache.directory.fortress.core.model.Group)1
RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)1
SDSet (org.apache.directory.fortress.core.model.SDSet)1
