Examples with SDSet org.apache.directory.fortress.core.model.SDSet used on opensource projects

Search in sources :

Example 1 with SDSet

use of org.apache.directory.fortress.core.model.SDSet in project directory-fortress-core by apache.

the class AdminMgrImpl method deleteDsdRoleMember.

/**
 * {@inheritDoc}
 */
@Override
@AdminPermissionOperation
public SDSet deleteDsdRoleMember(SDSet dsdSet, Role role) throws SecurityException {
    String methodName = "deleteDsdRoleMember";
    assertContext(CLS_NM, methodName, dsdSet, GlobalErrIds.DSD_NULL);
    assertContext(CLS_NM, methodName, role, GlobalErrIds.ROLE_NULL);
    setEntitySession(CLS_NM, methodName, dsdSet);
    SDSet entity = sdP.read(dsdSet);
    entity.setContextId(this.contextId);
    entity.delMember(role.getName());
    // when removing last role member a placeholder must be left in data set:
    if (entity.getMembers().isEmpty()) {
        entity.addMember(GlobalIds.NONE);
    }
    setAdminData(CLS_NM, methodName, entity);
    SDSet dsdOut = sdP.update(entity);
    // remove any references to the old DSD from cache:
    clearDSDCache(dsdSet);
    return dsdOut;
}
Also used : SDSet(org.apache.directory.fortress.core.model.SDSet) AdminPermissionOperation(org.apache.directory.fortress.annotation.AdminPermissionOperation)

Example 2 with SDSet

use of org.apache.directory.fortress.core.model.SDSet in project directory-fortress-core by apache.

the class CommandLineInterpreter method processAdminCommand.

/**
 * @param commands
 * @param options
 */
private void processAdminCommand(Set<String> commands, Options options) {
    String command;
    try {
        if (commands.contains(ADD_USER)) {
            command = ADD_USER;
            LOG.info(command);
            User user = options.getUser();
            adminMgr.addUser(user);
        } else if (commands.contains(UPDATE_USER)) {
            command = UPDATE_USER;
            LOG.info(command);
            User user = options.getUser();
            adminMgr.updateUser(user);
        } else if (commands.contains(DELETE_USER)) {
            command = DELETE_USER;
            LOG.info(command);
            User user = options.getUser();
            adminMgr.deleteUser(user);
        } else if (commands.contains(ADD_ROLE)) {
            command = ADD_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            adminMgr.addRole(role);
        } else if (commands.contains(UPDATE_ROLE)) {
            command = UPDATE_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            adminMgr.updateRole(role);
        } else if (commands.contains(DELETE_ROLE)) {
            command = DELETE_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            adminMgr.deleteRole(role);
        } else if (commands.contains(ASSIGN_ROLE)) {
            command = ASSIGN_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            String userId = options.getUserId();
            adminMgr.assignUser(new UserRole(userId, role));
        } else if (commands.contains(DEASSIGN_ROLE)) {
            command = DEASSIGN_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            String userId = options.getUserId();
            adminMgr.deassignUser(new UserRole(userId, role));
        } else if (commands.contains(ADD_ROLE_INHERITANCE)) {
            command = ADD_ROLE_INHERITANCE;
            LOG.info(command);
            Relationship relationship = options.getRelationship();
            adminMgr.addInheritance(new Role(relationship.getParent()), new Role(relationship.getChild()));
        } else if (commands.contains(DELETE_ROLE_INHERITANCE)) {
            command = DELETE_ROLE_INHERITANCE;
            LOG.info(command);
            Relationship relationship = options.getRelationship();
            adminMgr.deleteInheritance(new Role(relationship.getParent()), new Role(relationship.getChild()));
        } else if (commands.contains(ADD_POBJ)) {
            command = ADD_POBJ;
            LOG.info(command);
            PermObj permObj = options.getPermObj();
            adminMgr.addPermObj(permObj);
        } else if (commands.contains(UPDATE_POBJ)) {
            command = UPDATE_POBJ;
            LOG.info(command);
            PermObj permObj = options.getPermObj();
            adminMgr.updatePermObj(permObj);
        } else if (commands.contains(DELETE_POBJ)) {
            command = DELETE_POBJ;
            LOG.info(command);
            PermObj permObj = options.getPermObj();
            adminMgr.deletePermObj(permObj);
        } else if (commands.contains(ADD_PERM)) {
            command = ADD_PERM;
            LOG.info(command);
            Permission perm = options.getPermission();
            adminMgr.addPermission(perm);
        } else if (commands.contains(UPDATE_PERM)) {
            command = UPDATE_PERM;
            LOG.info(command);
            Permission perm = options.getPermission();
            adminMgr.updatePermission(perm);
        } else if (commands.contains(DELETE_PERM)) {
            command = DELETE_PERM;
            LOG.info(command);
            Permission permObj = options.getPermission();
            adminMgr.deletePermission(permObj);
        } else if (commands.contains(GRANT)) {
            command = GRANT;
            LOG.info(command);
            Permission perm = options.getPermission();
            Role role = options.getRole();
            role.setName(options.getRoleNm());
            adminMgr.grantPermission(perm, role);
        } else if (commands.contains(REVOKE)) {
            command = REVOKE;
            LOG.info(command);
            Permission perm = options.getPermission();
            Role role = options.getRole();
            role.setName(options.getRoleNm());
            adminMgr.revokePermission(perm, role);
        } else if (commands.contains(CREATE_SSD_SET)) {
            command = CREATE_SSD_SET;
            LOG.info(command);
            SDSet ssd = options.getSdSet();
            ssd.setType(SDSet.SDType.STATIC);
            adminMgr.createSsdSet(ssd);
        } else if (commands.contains(DELETE_SSD_SET)) {
            command = DELETE_SSD_SET;
            LOG.info(command);
            SDSet ssd = options.getSdSet();
            ssd.setType(SDSet.SDType.STATIC);
            adminMgr.deleteSsdSet(ssd);
        } else if (commands.contains(CREATE_DSD_SET)) {
            command = CREATE_DSD_SET;
            LOG.info(command);
            SDSet ssd = options.getSdSet();
            ssd.setType(SDSet.SDType.DYNAMIC);
            adminMgr.createDsdSet(ssd);
        } else if (commands.contains(DELETE_DSD_SET)) {
            command = DELETE_DSD_SET;
            LOG.info(command);
            SDSet ssd = options.getSdSet();
            ssd.setType(SDSet.SDType.DYNAMIC);
            adminMgr.deleteDsdSet(ssd);
        } else if (commands.contains(CHANGE_PASSWORD)) {
            command = CHANGE_PASSWORD;
            LOG.info(command);
            User user = options.getUser();
            String newPassword = options.getNewPassword();
            adminMgr.changePassword(user, newPassword);
        } else if (commands.contains(RESET_PASSWORD)) {
            command = RESET_PASSWORD;
            LOG.info(command);
            User user = options.getUser();
            String newPassword = options.getNewPassword();
            adminMgr.resetPassword(user, newPassword);
        } else if (commands.contains(LOCK_USER_ACCOUNT)) {
            command = LOCK_USER_ACCOUNT;
            LOG.info(command);
            User user = options.getUser();
            adminMgr.lockUserAccount(user);
        } else if (commands.contains(UNLOCK_USER_ACCOUNT)) {
            command = UNLOCK_USER_ACCOUNT;
            LOG.info(command);
            User user = options.getUser();
            adminMgr.unlockUserAccount(user);
        } else {
            LOG.warn("unknown admin operation detected");
            return;
        }
        LOG.info("command:{} was successful", command);
    } catch (SecurityException se) {
        String error = "processAdminCommand caught SecurityException=" + se + ", return code=" + se.getErrorId();
        LOG.error(error);
    }
}
Also used : AdminRole(org.apache.directory.fortress.core.model.AdminRole) Role(org.apache.directory.fortress.core.model.Role) UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole) UserRole(org.apache.directory.fortress.core.model.UserRole) SDSet(org.apache.directory.fortress.core.model.SDSet) PermObj(org.apache.directory.fortress.core.model.PermObj) User(org.apache.directory.fortress.core.model.User) UserRole(org.apache.directory.fortress.core.model.UserRole) Relationship(org.apache.directory.fortress.core.model.Relationship) Permission(org.apache.directory.fortress.core.model.Permission) SecurityException(org.apache.directory.fortress.core.SecurityException)

Example 3 with SDSet

use of org.apache.directory.fortress.core.model.SDSet in project directory-fortress-core by apache.

the class SdDAO method getSD.

/**
 * @param sdSet
 * @return
 * @throws FinderException
 */
SDSet getSD(SDSet sdSet) throws FinderException {
    SDSet entity = null;
    LdapConnection ld = null;
    String dn = getDn(sdSet.getName(), sdSet.getContextId());
    try {
        ld = getAdminConnection();
        Entry findEntry = read(ld, dn, SD_SET_ATRS);
        if (findEntry == null) {
            String warning = "getSD no entry found dn [" + dn + "]";
            throw new FinderException(GlobalErrIds.SSD_NOT_FOUND, warning);
        }
        entity = unloadLdapEntry(findEntry, 0);
    } catch (LdapNoSuchObjectException e) {
        String warning = "getSD Obj COULD NOT FIND ENTRY for dn [" + dn + "]";
        throw new FinderException(GlobalErrIds.SSD_NOT_FOUND, warning);
    } catch (LdapException e) {
        String error = "getSSD dn [" + dn + "] LEXCD=" + e;
        int errCode;
        if (sdSet.getType() == SDSet.SDType.DYNAMIC) {
            errCode = GlobalErrIds.DSD_READ_FAILED;
        } else {
            errCode = GlobalErrIds.SSD_READ_FAILED;
        }
        throw new FinderException(errCode, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return entity;
}
Also used : SDSet(org.apache.directory.fortress.core.model.SDSet) LdapNoSuchObjectException(org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException) FinderException(org.apache.directory.fortress.core.FinderException) DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry) Entry(org.apache.directory.api.ldap.model.entry.Entry) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Example 4 with SDSet

use of org.apache.directory.fortress.core.model.SDSet in project directory-fortress-core by apache.

the class SdDAO method search.

/**
 * Given an SSD name and type, find matching object in the directory.
 * @param sdset requires name and type.
 * @return List of matching SDSets.
 * @throws org.apache.directory.fortress.core.FinderException
 */
List<SDSet> search(SDSet sdset) throws FinderException {
    List<SDSet> sdList = new ArrayList<>();
    LdapConnection ld = null;
    String ssdRoot = getSdRoot(sdset.getContextId());
    String objectClass = SSD_OBJECT_CLASS_NM;
    if (sdset.getType() == SDSet.SDType.DYNAMIC) {
        objectClass = DSD_OBJECT_CLASS_NM;
    }
    try {
        String searchVal = encodeSafeText(sdset.getName(), GlobalIds.ROLE_LEN);
        String filter = GlobalIds.FILTER_PREFIX + objectClass + ")(" + SD_SET_NM + "=" + searchVal + "*))";
        ld = getAdminConnection();
        SearchCursor searchResults = search(ld, ssdRoot, SearchScope.SUBTREE, filter, SD_SET_ATRS, false, GlobalIds.BATCH_SIZE);
        long sequence = 0;
        while (searchResults.next()) {
            sdList.add(unloadLdapEntry(searchResults.getEntry(), sequence++));
        }
    } catch (LdapException e) {
        String error = "search sdset name [" + sdset.getName() + "] type [" + sdset.getType() + "] caught LdapException=" + e.getMessage();
        int errCode;
        if (sdset.getType() == SDSet.SDType.DYNAMIC) {
            errCode = GlobalErrIds.DSD_SEARCH_FAILED;
        } else {
            errCode = GlobalErrIds.SSD_SEARCH_FAILED;
        }
        throw new FinderException(errCode, error, e);
    } catch (CursorException e) {
        String error = "search sdset name [" + sdset.getName() + "] type [" + sdset.getType() + "] caught CursorException=" + e.getMessage();
        int errCode;
        if (sdset.getType() == SDSet.SDType.DYNAMIC) {
            errCode = GlobalErrIds.DSD_SEARCH_FAILED;
        } else {
            errCode = GlobalErrIds.SSD_SEARCH_FAILED;
        }
        throw new FinderException(errCode, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return sdList;
}
Also used : SDSet(org.apache.directory.fortress.core.model.SDSet) FinderException(org.apache.directory.fortress.core.FinderException) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) ArrayList(java.util.ArrayList) SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Example 5 with SDSet

use of org.apache.directory.fortress.core.model.SDSet in project directory-fortress-core by apache.

the class SdDAO method search.

/**
 * @param role
 * @return
 * @throws org.apache.directory.fortress.core.FinderException
 */
List<SDSet> search(Role role, SDSet.SDType type) throws FinderException {
    List<SDSet> sdList = new ArrayList<>();
    LdapConnection ld = null;
    String ssdRoot = getSdRoot(role.getContextId());
    String objectClass = SSD_OBJECT_CLASS_NM;
    if (type == SDSet.SDType.DYNAMIC) {
        objectClass = DSD_OBJECT_CLASS_NM;
    }
    try {
        String roleVal = encodeSafeText(role.getName(), GlobalIds.ROLE_LEN);
        StringBuilder filterbuf = new StringBuilder();
        filterbuf.append(GlobalIds.FILTER_PREFIX);
        filterbuf.append(objectClass);
        filterbuf.append(")(");
        // Include any parents target role may have:
        Set<String> roles = RoleUtil.getInstance().getAscendants(role.getName(), role.getContextId());
        if (CollectionUtils.isNotEmpty(roles)) {
            filterbuf.append("|(");
            filterbuf.append(ROLES);
            filterbuf.append("=");
            filterbuf.append(roleVal);
            filterbuf.append(")");
            for (String uRole : roles) {
                filterbuf.append("(");
                filterbuf.append(ROLES);
                filterbuf.append("=");
                filterbuf.append(uRole);
                filterbuf.append(")");
            }
            filterbuf.append(")");
        } else {
            filterbuf.append(ROLES);
            filterbuf.append("=");
            filterbuf.append(roleVal);
            filterbuf.append(")");
        }
        filterbuf.append(")");
        ld = getAdminConnection();
        SearchCursor searchResults = search(ld, ssdRoot, SearchScope.SUBTREE, filterbuf.toString(), SD_SET_ATRS, false, GlobalIds.BATCH_SIZE);
        long sequence = 0;
        while (searchResults.next()) {
            sdList.add(unloadLdapEntry(searchResults.getEntry(), sequence++));
        }
    } catch (LdapException e) {
        String error = "search role [" + role.getName() + "] type [" + type + "] caught LdapException=" + e.getMessage();
        int errCode;
        if (type == SDSet.SDType.DYNAMIC) {
            errCode = GlobalErrIds.DSD_SEARCH_FAILED;
        } else {
            errCode = GlobalErrIds.SSD_SEARCH_FAILED;
        }
        throw new FinderException(errCode, error, e);
    } catch (CursorException e) {
        String error = "search role [" + role.getName() + "] type [" + type + "] caught CursorException=" + e.getMessage();
        int errCode;
        if (type == SDSet.SDType.DYNAMIC) {
            errCode = GlobalErrIds.DSD_SEARCH_FAILED;
        } else {
            errCode = GlobalErrIds.SSD_SEARCH_FAILED;
        }
        throw new FinderException(errCode, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return sdList;
}
Also used : SDSet(org.apache.directory.fortress.core.model.SDSet) FinderException(org.apache.directory.fortress.core.FinderException) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) ArrayList(java.util.ArrayList) SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Aggregations

SDSet (org.apache.directory.fortress.core.model.SDSet)58 SecurityException (org.apache.directory.fortress.core.SecurityException)37 FortRequest (org.apache.directory.fortress.core.model.FortRequest)20 FortResponse (org.apache.directory.fortress.core.model.FortResponse)20 AdminMgr (org.apache.directory.fortress.core.AdminMgr)12 UserRole (org.apache.directory.fortress.core.model.UserRole)12 AdminPermissionOperation (org.apache.directory.fortress.annotation.AdminPermissionOperation)8 ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)8 Role (org.apache.directory.fortress.core.model.Role)7 User (org.apache.directory.fortress.core.model.User)5 LdapException (org.apache.directory.api.ldap.model.exception.LdapException)4 FinderException (org.apache.directory.fortress.core.FinderException)4 RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)4 LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)4 CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)3 SearchCursor (org.apache.directory.api.ldap.model.cursor.SearchCursor)3 Constraint (org.apache.directory.fortress.core.model.Constraint)3 ArrayList (java.util.ArrayList)2 HashSet (java.util.HashSet)2 AccessMgr (org.apache.directory.fortress.core.AccessMgr)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial