Examples with Role org.apache.directory.fortress.core.model.Role used on opensource projects

Example 51 with Role

use of org.apache.directory.fortress.core.model.Role in project directory-fortress-core by apache.

the class CreateRoleSample method testCreateComplexRole.

/**
 * Demonstrate the creation of Roles that contains temporal constraints.  These constraints are used to control
 * the day, date, and time of Role activation.  They also can enforce mandatory blackout periods for Role activation.
 */
public static void testCreateComplexRole() {
    String szLocation = ".testCreateComplexRole";
    try {
        // Instantiate the AdminMgr implementation which is used to provision RBAC policies.
        AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
        // Create roles, sampleRole2 - sampleRole10
        for (int i = 1; i < 11; i++) {
            // Instantiate the Role entity.
            Role inRole = new Role(TEST_ROLE_PREFIX + i);
            // Set the Role start date to Jan 1, 2011:
            inRole.setBeginDate("20110101");
            // Set the Role end date to never:
            inRole.setEndDate("none");
            // Set the role begin time to 1 am:
            inRole.setBeginTime("0100");
            // Set the role end time to midnight.  This role cannot be activated between hours of midnight and 1 am.
            inRole.setEndTime("0000");
            // set the day mask to Mon, Tue, Wed, Thur, Fri, Sat.  Role can't be activated on Sunday.
            inRole.setDayMask("234567");
            // set the begin lock date to Jan 15, 2011
            inRole.setBeginLockDate("20110115");
            // set the end lock date to Feb 15, 2011 - of course this lockout occurred in the past.
            inRole.setEndLockDate("20110215");
            // Add the Role entity to the directory.
            adminMgr.addRole(inRole);
            // Instantiate the ReviewMgr implementation which is used to interrogate policy information.
            ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(TestUtils.getContext());
            // now read the newly created Role entity back:
            Role outRole = reviewMgr.readRole(inRole);
            assertTrue(szLocation + " failed read", inRole.equals(outRole));
            LOG.info(szLocation + " role [" + outRole.getName() + "] success");
        }
    } catch (SecurityException ex) {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 52 with Role

use of org.apache.directory.fortress.core.model.Role in project directory-fortress-core by apache.

the class CreateRoleSample method testDeleteSimpleRole2.

/**
 */
public static void testDeleteSimpleRole2() {
    if (AllSamplesJUnitTest.isFirstRun()) {
        return;
    }
    String szLocation = ".testDeleteSimpleRole2";
    try {
        // Instantiate the AdminMgr implementation which is used to provision RBAC policies.
        AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
        for (String roleName : TEST_SIMPLE_ROLE2) {
            // At its simplest a Role contains only a name.
            Role inRole = new Role(roleName);
            // Call the API to remove the Role from ldap.
            adminMgr.deleteRole(inRole);
        }
    } catch (SecurityException ex) {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
    // fail(ex.getMessage());
    }
}

Example 53 with Role

use of org.apache.directory.fortress.core.model.Role in project directory-fortress-core by apache.

the class CreateRoleSample method testCreateSimpleRole.

/**
 * Demonstrate simple Role creation.  Roles may be assigned to Users or may be targets for Permission grants.
 */
public static void testCreateSimpleRole() {
    String szLocation = ".testCreateSimpleRole";
    try {
        // Instantiate the AdminMgr implementation which is used to provision RBAC policies.
        AdminMgr adminMgr = AdminMgrFactory.createInstance(TestUtils.getContext());
        // At its simplest a Role contains only a name.
        Role inRole = new Role(TEST_SIMPLE_ROLE);
        // Call the API to actually add the Role to ldap.
        adminMgr.addRole(inRole);
        // Instantiate the ReviewMgr implementation which is used to interrogate RBAC policy information.
        ReviewMgr reviewMgr = ReviewMgrFactory.createInstance(TestUtils.getContext());
        // now read the newly created Role entity back:
        Role outRole = reviewMgr.readRole(inRole);
        assertTrue(szLocation + " failed read", inRole.equals(outRole));
        LOG.info(szLocation + " [" + outRole.getName() + "] success");
    } catch (SecurityException ex) {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 54 with Role

use of org.apache.directory.fortress.core.model.Role in project directory-fortress-core by apache.

the class ReviewMgrImplTest method findUserRoleWithConstraints.

public static void findUserRoleWithConstraints(String msg, String usr, String role, RoleConstraint.RCType rcType, String paSetName) {
    LogUtil.logIt(msg);
    try {
        ReviewMgr reviewMgr = getManagedReviewMgr();
        List<UserRole> urs = reviewMgr.assignedUsers(new Role(role), rcType, paSetName);
        assertTrue(urs.size() > 0);
        assertTrue(urs.get(0).getRoleConstraints().size() > 0);
        LOG.debug("findUserRoleWithConstraints paSetName [" + paSetName + "] successful");
    } catch (SecurityException ex) {
        LOG.error("findUserRoleWithConstraints paSetName [" + paSetName + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 55 with Role

use of org.apache.directory.fortress.core.model.Role in project directory-fortress-core by apache.

the class ReviewMgrImplTest method readUserRoleConstraint.

public static void readUserRoleConstraint(String msg, String[] usr, String[] rle, RoleConstraint rc) {
    LogUtil.logIt(msg);
    try {
        ReviewMgr reviewMgr = getManagedReviewMgr();
        User user = UserTestData.getUser(usr);
        Role role = RoleTestData.getRole(rle);
        List<UserRole> urs = reviewMgr.assignedRoles(user);
        boolean uraFound = false;
        boolean urcFound = false;
        for (UserRole ur : urs) {
            if (ur.getName().equals(role.getName())) {
                uraFound = true;
                List<RoleConstraint> rcs = ur.getRoleConstraints();
                for (RoleConstraint r : rcs) {
                    if (r.getPaSetName().equals(rc.getPaSetName())) {
                        urcFound = true;
                        assertEquals(rc.getType(), r.getType());
                        assertEquals(rc.getValue(), r.getValue());
                        assertNotNull(r.getId());
                    }
                }
            }
        }
        if (!uraFound) {
            fail("User Role Assignment Not Found");
        }
        if (!urcFound) {
            fail("User Role Constraint Not Found");
        }
        LOG.debug("readUserRoleConstraint value [" + rc.getValue() + "] successful");
    } catch (SecurityException ex) {
        LOG.error("readUserRoleConstraint value [" + rc.getValue() + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}