Examples with UserAdminRole org.apache.directory.fortress.core.model.UserAdminRole used on opensource projects

Example 11 with UserAdminRole

use of org.apache.directory.fortress.core.model.UserAdminRole in project directory-fortress-core by apache.

the class DelReviewMgrRestImpl method assignedRoles.

/**
 * {@inheritDoc}
 */
@Override
public List<UserAdminRole> assignedRoles(User user) throws SecurityException {
    VUtil.assertNotNull(user, GlobalErrIds.USER_NULL, CLS_NM + ".assignedRoles");
    List<UserAdminRole> retUserRoles;
    FortRequest request = new FortRequest();
    request.setContextId(this.contextId);
    request.setEntity(user);
    if (this.adminSess != null) {
        request.setSession(adminSess);
    }
    String szRequest = RestUtils.marshal(request);
    String szResponse = RestUtils.getInstance().post(szRequest, HttpIds.ARLE_ASGNED);
    FortResponse response = RestUtils.unmarshall(szResponse);
    if (response.getErrorCode() == 0) {
        retUserRoles = response.getEntities();
    } else {
        throw new SecurityException(response.getErrorCode(), response.getErrorMessage());
    }
    return retUserRoles;
}

Example 12 with UserAdminRole

use of org.apache.directory.fortress.core.model.UserAdminRole in project directory-fortress-core by apache.

the class DelegatedMgrImplTest method canAssignUsers.

/**
 * @param msg
 * @param op
 * @param uraArray
 * @param uaArray
 * @param uArray
 * @param rArray
 */
public static void canAssignUsers(String msg, ASSIGN_OP op, String[][] uraArray, String[][] uaArray, String[][] uArray, String[][] rArray) {
    LogUtil.logIt(msg);
    Role role;
    Map<URA, URA> uraTestResults = URATestData.getURAs(uraArray);
    try {
        DelAccessMgr delAccessMgr = DelAccessMgrFactory.createInstance(TestUtils.getContext());
        AccessMgr accessMgr = (AccessMgr) delAccessMgr;
        int i = 0;
        for (String[] aUsr : uaArray) {
            User aUser = UserTestData.getUser(aUsr);
            Session session = accessMgr.createSession(aUser, false);
            assertNotNull(session);
            for (String[] usr : uArray) {
                User user = UserTestData.getUser(usr);
                i++;
                for (String[] rle : rArray) {
                    role = RoleTestData.getRole(rle);
                    String methodName;
                    boolean result;
                    if (op == ASSIGN_OP.ASSIGN) {
                        result = delAccessMgr.canAssign(session, user, role);
                        methodName = ".canAssignUsers";
                    } else {
                        result = delAccessMgr.canDeassign(session, user, role);
                        methodName = ".canDeassignUsers";
                    }
                    List<UserAdminRole> aRoles = session.getAdminRoles();
                    assertNotNull(aRoles);
                    assertTrue(CLS_NM + methodName + " Admin User invalid number of roles", aRoles.size() == 1);
                    // since this user should only have one admin role, get the first one from list:
                    UserAdminRole aRole = aRoles.get(0);
                    URA sourceUra = new URA(aRole.getName(), user.getOu(), role.getName(), result);
                    URA targetUra = uraTestResults.get(sourceUra);
                    assertTrue(CLS_NM + methodName + " cannot find target URA admin role [" + sourceUra.getArole() + " uou [" + sourceUra.getUou() + "] role [" + sourceUra.getUrole() + "] Result [" + sourceUra.isCanAssign() + "] actual result [" + result + "]", targetUra != null);
                    LOG.debug(methodName + " User [" + user.getUserId() + "] success URA using admin role [" + targetUra.getArole() + " uou [" + targetUra.getUou() + "] role [" + targetUra.getUrole() + "] target result [" + targetUra.isCanAssign() + "] actual result [" + result + "]");
                }
            }
        }
    } catch (SecurityException ex) {
        LOG.error("canAssignUsers op [" + op + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 13 with UserAdminRole

use of org.apache.directory.fortress.core.model.UserAdminRole in project directory-fortress-core by apache.

the class DelegatedMgrImplTest method canGrantPerms.

/**
 * @param msg
 * @param op
 * @param uraArray
 * @param uaArray
 * @param pArray
 * @param rArray
 */
public static void canGrantPerms(String msg, GRANT_OP op, String[][] uraArray, String[][] uaArray, String[][] pArray, String[][] rArray) {
    LogUtil.logIt(msg);
    Role role;
    Map<PRA, PRA> praTestResults = PRATestData.getPRAs(uraArray);
    try {
        DelAccessMgr delAccessMgr = DelAccessMgrFactory.createInstance(TestUtils.getContext());
        AccessMgr accessMgr = (AccessMgr) delAccessMgr;
        int i = 0;
        for (String[] aUsr : uaArray) {
            User aUser = UserTestData.getUser(aUsr);
            Session session = accessMgr.createSession(aUser, false);
            assertNotNull(session);
            for (String[] prm : pArray) {
                PermObj pObj = PermTestData.getObj(prm);
                i++;
                for (String[] rle : rArray) {
                    role = RoleTestData.getRole(rle);
                    String methodName;
                    boolean result;
                    if (op == GRANT_OP.GRANT) {
                        result = delAccessMgr.canGrant(session, role, new Permission(pObj.getObjName(), ""));
                        methodName = ".canGrantPerms";
                    } else {
                        result = delAccessMgr.canRevoke(session, role, new Permission(pObj.getObjName(), ""));
                        methodName = ".canRevokePerms";
                    }
                    List<UserAdminRole> aRoles = session.getAdminRoles();
                    assertNotNull(aRoles);
                    assertTrue(CLS_NM + methodName + " Admin User invalid number of roles", aRoles.size() == 1);
                    UserAdminRole aRole = aRoles.get(0);
                    PRA sourceUra = new PRA(aRole.getName(), pObj.getOu(), role.getName(), result);
                    PRA targetUra = praTestResults.get(sourceUra);
                    assertTrue(CLS_NM + methodName + " cannot find target PRA admin role [" + sourceUra.getArole() + " pou [" + sourceUra.getPou() + "] role [" + sourceUra.getUrole() + "] Result [" + sourceUra.isCanAssign() + "] actual result [" + result + "]", targetUra != null);
                    LOG.debug(methodName + " failed target PRA admin role [" + targetUra.getArole() + " pou [" + targetUra.getPou() + "] role [" + targetUra.getUrole() + "] target result [" + targetUra.isCanAssign() + "] actual result [" + result + "]");
                }
            }
        }
    } catch (SecurityException ex) {
        LOG.error("canGrantPerms op [" + op + "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 14 with UserAdminRole

use of org.apache.directory.fortress.core.model.UserAdminRole in project directory-fortress-core by apache.

the class DelegatedMgrImplTest method assignAdminUsers.

/**
 * @param msg
 * @param uArray
 * @param rArray
 */
public static void assignAdminUsers(String msg, String[][] uArray, String[][] rArray, boolean isAdmin) {
    LogUtil.logIt(msg);
    try {
        DelAdminMgr dAdminMgr;
        DelReviewMgr dReviewMgr;
        if (isAdmin) {
            dAdminMgr = getManagedDelegatedMgr();
            dReviewMgr = getManagedDelegatedReviewMgr();
        } else {
            dAdminMgr = DelAdminMgrFactory.createInstance(TestUtils.getContext());
            dReviewMgr = DelReviewMgrFactory.createInstance(TestUtils.getContext());
        }
        int i = 0;
        for (String[] usr : uArray) {
            i++;
            for (String[] rle : rArray) {
                UserAdminRole uAdminRole = new UserAdminRole(UserTestData.getUserId(usr), AdminRoleTestData.getRole(rle).getName());
                dAdminMgr.assignUser(uAdminRole);
                LOG.debug("assignAdminUsers user [" + uAdminRole.getUserId() + "] role [" + uAdminRole.getName() + "] successful");
                // Let's double check the number of users not associated with role:
                // This one retrieves the collection of all "roleOccupant" attributes associated with the role node:
                List<User> users = dReviewMgr.assignedUsers(AdminRoleTestData.getRole(rle));
                assertNotNull(users);
                assertTrue(CLS_NM + "assignAdminUsers list size check", i == users.size());
            }
        }
    } catch (SecurityException ex) {
        LOG.error("assignAdminUsers caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}

Example 15 with UserAdminRole

use of org.apache.directory.fortress.core.model.UserAdminRole in project directory-fortress-core by apache.

the class DelegatedAdminMgrConsole method deassignUser.

protected void deassignUser() {
    try {
        ReaderUtil.clearScreen();
        UserAdminRole uAdminRole = new UserAdminRole();
        System.out.println("Enter userId");
        String userId = ReaderUtil.readLn();
        uAdminRole.setUserId(userId);
        System.out.println("Enter role name");
        String roleNm = ReaderUtil.readLn();
        uAdminRole.setName(roleNm);
        dAmgr.deassignUser(uAdminRole);
        System.out.println("userId [" + userId + "] name [" + roleNm + "]");
        System.out.println("has been deassigned");
        System.out.println("ENTER to continue");
    } catch (SecurityException e) {
        LOG.error("deassignUser caught SecurityException rc=" + e.getErrorId() + ", msg=" + e.getMessage(), e);
    }
    ReaderUtil.readChar();
}