Examples with UserRole org.apache.directory.fortress.core.model.UserRole used on opensource projects

Search in sources :

Example 6 with UserRole

use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.

the class CommandLineInterpreter method processAdminCommand.

/**
 * @param commands
 * @param options
 */
private void processAdminCommand(Set<String> commands, Options options) {
    String command;
    try {
        if (commands.contains(ADD_USER)) {
            command = ADD_USER;
            LOG.info(command);
            User user = options.getUser();
            adminMgr.addUser(user);
        } else if (commands.contains(UPDATE_USER)) {
            command = UPDATE_USER;
            LOG.info(command);
            User user = options.getUser();
            adminMgr.updateUser(user);
        } else if (commands.contains(DELETE_USER)) {
            command = DELETE_USER;
            LOG.info(command);
            User user = options.getUser();
            adminMgr.deleteUser(user);
        } else if (commands.contains(ADD_ROLE)) {
            command = ADD_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            adminMgr.addRole(role);
        } else if (commands.contains(UPDATE_ROLE)) {
            command = UPDATE_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            adminMgr.updateRole(role);
        } else if (commands.contains(DELETE_ROLE)) {
            command = DELETE_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            adminMgr.deleteRole(role);
        } else if (commands.contains(ASSIGN_ROLE)) {
            command = ASSIGN_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            String userId = options.getUserId();
            adminMgr.assignUser(new UserRole(userId, role));
        } else if (commands.contains(DEASSIGN_ROLE)) {
            command = DEASSIGN_ROLE;
            LOG.info(command);
            Role role = options.getRole();
            String userId = options.getUserId();
            adminMgr.deassignUser(new UserRole(userId, role));
        } else if (commands.contains(ADD_ROLE_INHERITANCE)) {
            command = ADD_ROLE_INHERITANCE;
            LOG.info(command);
            Relationship relationship = options.getRelationship();
            adminMgr.addInheritance(new Role(relationship.getParent()), new Role(relationship.getChild()));
        } else if (commands.contains(DELETE_ROLE_INHERITANCE)) {
            command = DELETE_ROLE_INHERITANCE;
            LOG.info(command);
            Relationship relationship = options.getRelationship();
            adminMgr.deleteInheritance(new Role(relationship.getParent()), new Role(relationship.getChild()));
        } else if (commands.contains(ADD_POBJ)) {
            command = ADD_POBJ;
            LOG.info(command);
            PermObj permObj = options.getPermObj();
            adminMgr.addPermObj(permObj);
        } else if (commands.contains(UPDATE_POBJ)) {
            command = UPDATE_POBJ;
            LOG.info(command);
            PermObj permObj = options.getPermObj();
            adminMgr.updatePermObj(permObj);
        } else if (commands.contains(DELETE_POBJ)) {
            command = DELETE_POBJ;
            LOG.info(command);
            PermObj permObj = options.getPermObj();
            adminMgr.deletePermObj(permObj);
        } else if (commands.contains(ADD_PERM)) {
            command = ADD_PERM;
            LOG.info(command);
            Permission perm = options.getPermission();
            adminMgr.addPermission(perm);
        } else if (commands.contains(UPDATE_PERM)) {
            command = UPDATE_PERM;
            LOG.info(command);
            Permission perm = options.getPermission();
            adminMgr.updatePermission(perm);
        } else if (commands.contains(DELETE_PERM)) {
            command = DELETE_PERM;
            LOG.info(command);
            Permission permObj = options.getPermission();
            adminMgr.deletePermission(permObj);
        } else if (commands.contains(GRANT)) {
            command = GRANT;
            LOG.info(command);
            Permission perm = options.getPermission();
            Role role = options.getRole();
            role.setName(options.getRoleNm());
            adminMgr.grantPermission(perm, role);
        } else if (commands.contains(REVOKE)) {
            command = REVOKE;
            LOG.info(command);
            Permission perm = options.getPermission();
            Role role = options.getRole();
            role.setName(options.getRoleNm());
            adminMgr.revokePermission(perm, role);
        } else if (commands.contains(CREATE_SSD_SET)) {
            command = CREATE_SSD_SET;
            LOG.info(command);
            SDSet ssd = options.getSdSet();
            ssd.setType(SDSet.SDType.STATIC);
            adminMgr.createSsdSet(ssd);
        } else if (commands.contains(DELETE_SSD_SET)) {
            command = DELETE_SSD_SET;
            LOG.info(command);
            SDSet ssd = options.getSdSet();
            ssd.setType(SDSet.SDType.STATIC);
            adminMgr.deleteSsdSet(ssd);
        } else if (commands.contains(CREATE_DSD_SET)) {
            command = CREATE_DSD_SET;
            LOG.info(command);
            SDSet ssd = options.getSdSet();
            ssd.setType(SDSet.SDType.DYNAMIC);
            adminMgr.createDsdSet(ssd);
        } else if (commands.contains(DELETE_DSD_SET)) {
            command = DELETE_DSD_SET;
            LOG.info(command);
            SDSet ssd = options.getSdSet();
            ssd.setType(SDSet.SDType.DYNAMIC);
            adminMgr.deleteDsdSet(ssd);
        } else if (commands.contains(CHANGE_PASSWORD)) {
            command = CHANGE_PASSWORD;
            LOG.info(command);
            User user = options.getUser();
            String newPassword = options.getNewPassword();
            adminMgr.changePassword(user, newPassword);
        } else if (commands.contains(RESET_PASSWORD)) {
            command = RESET_PASSWORD;
            LOG.info(command);
            User user = options.getUser();
            String newPassword = options.getNewPassword();
            adminMgr.resetPassword(user, newPassword);
        } else if (commands.contains(LOCK_USER_ACCOUNT)) {
            command = LOCK_USER_ACCOUNT;
            LOG.info(command);
            User user = options.getUser();
            adminMgr.lockUserAccount(user);
        } else if (commands.contains(UNLOCK_USER_ACCOUNT)) {
            command = UNLOCK_USER_ACCOUNT;
            LOG.info(command);
            User user = options.getUser();
            adminMgr.unlockUserAccount(user);
        } else {
            LOG.warn("unknown admin operation detected");
            return;
        }
        LOG.info("command:{} was successful", command);
    } catch (SecurityException se) {
        String error = "processAdminCommand caught SecurityException=" + se + ", return code=" + se.getErrorId();
        LOG.error(error);
    }
}
Also used : AdminRole(org.apache.directory.fortress.core.model.AdminRole) Role(org.apache.directory.fortress.core.model.Role) UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole) UserRole(org.apache.directory.fortress.core.model.UserRole) SDSet(org.apache.directory.fortress.core.model.SDSet) PermObj(org.apache.directory.fortress.core.model.PermObj) User(org.apache.directory.fortress.core.model.User) UserRole(org.apache.directory.fortress.core.model.UserRole) Relationship(org.apache.directory.fortress.core.model.Relationship) Permission(org.apache.directory.fortress.core.model.Permission) SecurityException(org.apache.directory.fortress.core.SecurityException)

Example 7 with UserRole

use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.

the class CommandLineInterpreter method processReviewCommand.

/**
 * @param commands
 * @param options
 */
private void processReviewCommand(Set<String> commands, Options options) {
    String command;
    try {
        if (commands.contains(READ_USER)) {
            command = READ_USER;
            LOG.info(READ_USER);
            User inUser = options.getUser();
            User outUser = reviewMgr.readUser(inUser);
            printUser(outUser);
        } else if (commands.contains(FIND_USERS)) {
            command = FIND_USERS;
            LOG.info(command);
            User user = options.getUser();
            List<User> outUsers = reviewMgr.findUsers(user);
            if (CollectionUtils.isNotEmpty(outUsers)) {
                int ctr = 0;
                for (User outUser : outUsers) {
                    printRow("U", "CTR ", "" + ctr++);
                    printUser(outUser);
                }
            }
        } else if (commands.contains(ASSIGNED_USERS)) {
            command = ASSIGNED_USERS;
            LOG.info(command);
            Role inRole = options.getRole();
            List<User> outUsers = reviewMgr.assignedUsers(inRole);
            if (CollectionUtils.isNotEmpty(outUsers)) {
                for (User outUser : outUsers) {
                    printUser(outUser);
                }
            }
        } else if (commands.contains(READ_ROLE)) {
            command = READ_ROLE;
            LOG.info(command);
            Role inRole = options.getRole();
            Role outRole = reviewMgr.readRole(inRole);
            printRole(outRole);
        } else if (commands.contains(FIND_ROLES)) {
            command = FIND_ROLES;
            LOG.info(command);
            String inRoleNm = options.getName();
            List<Role> outRoles = reviewMgr.findRoles(inRoleNm);
            if (CollectionUtils.isNotEmpty(outRoles)) {
                int ctr = 0;
                for (Role outRole : outRoles) {
                    printSeparator();
                    printRow("R", "ROLE[" + ++ctr + "]", outRole.getName());
                    printRole(outRole);
                }
            }
        } else if (commands.contains(ASSIGNED_ROLES)) {
            command = ASSIGNED_ROLES;
            LOG.info(command);
            String userId = options.getUserId();
            List<UserRole> uRoles = reviewMgr.assignedRoles(new User(userId));
            if (uRoles != null) {
                for (UserRole ur : uRoles) {
                    printTemporal("R", ur, "RBACROLE");
                    printSeparator();
                }
            }
        } else if (commands.contains(READ_POBJ)) {
            command = READ_POBJ;
            LOG.info(command);
            PermObj inPermObj = options.getPermObj();
            PermObj outPermObj = reviewMgr.readPermObj(inPermObj);
            printPermObj(outPermObj);
        } else if (commands.contains(FIND_POBJS)) {
            command = FIND_POBJS;
            LOG.info(command);
            PermObj inPermObj = options.getPermObj();
            List<PermObj> outPermObjs = reviewMgr.findPermObjs(inPermObj);
            if (CollectionUtils.isNotEmpty(outPermObjs)) {
                int ctr = 0;
                for (PermObj outPermObj : outPermObjs) {
                    printSeparator();
                    printRow("PO", "POBJ[" + ++ctr + "]", outPermObj.getObjName());
                    printPermObj(outPermObj);
                }
            }
        } else if (commands.contains(READ_PERM)) {
            command = READ_PERM;
            LOG.info(command);
            Permission inPerm = options.getPermission();
            Permission outPerm = reviewMgr.readPermission(inPerm);
            printPermission(outPerm);
        } else if (commands.contains(FIND_PERMS)) {
            command = FIND_PERMS;
            LOG.info(command);
            Permission inPerm = options.getPermission();
            List<Permission> outPerms = reviewMgr.findPermissions(inPerm);
            if (CollectionUtils.isNotEmpty(outPerms)) {
                int ctr = 0;
                for (Permission outPerm : outPerms) {
                    printSeparator();
                    printRow("P", "PERM[" + ++ctr + "]", outPerm.getAbstractName());
                    printPermission(outPerm);
                }
            }
        } else {
            LOG.warn("unknown review operation detected");
            return;
        }
        LOG.info("command:{} was successful", command);
    } catch (SecurityException se) {
        String error = "processReviewCommand caught SecurityException=" + se + ", return code=" + se.getErrorId();
        LOG.error(error);
    }
}
Also used : AdminRole(org.apache.directory.fortress.core.model.AdminRole) Role(org.apache.directory.fortress.core.model.Role) UserAdminRole(org.apache.directory.fortress.core.model.UserAdminRole) UserRole(org.apache.directory.fortress.core.model.UserRole) PermObj(org.apache.directory.fortress.core.model.PermObj) User(org.apache.directory.fortress.core.model.User) UserRole(org.apache.directory.fortress.core.model.UserRole) Permission(org.apache.directory.fortress.core.model.Permission) ArrayList(java.util.ArrayList) List(java.util.List) SecurityException(org.apache.directory.fortress.core.SecurityException) Constraint(org.apache.directory.fortress.core.model.Constraint)

Example 8 with UserRole

use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.

the class UserDAO method loadUserRoles.

/**
 * Given a collection of RBAC roles, {@link UserRole}, convert to raw data format and load into ldap modification
 * set in preparation for ldap modify.
 *
 * @param list contains List of type {@link UserRole} targeted for updating into ldap.
 * @param mods contains ldap modification set containing RBAC role assignments in raw ldap format to be updated.
 * @throws LdapInvalidAttributeValueException
 */
private void loadUserRoles(List<UserRole> list, List<Modification> mods) throws LdapInvalidAttributeValueException {
    Attribute userRoleData = new DefaultAttribute(GlobalIds.USER_ROLE_DATA);
    Attribute userRoleAssign = new DefaultAttribute(GlobalIds.USER_ROLE_ASSIGN);
    if (list != null) {
        for (UserRole userRole : list) {
            userRoleData.add(userRole.getRawData());
            userRoleAssign.add(userRole.getName());
        }
        if (userRoleData.size() != 0) {
            mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, userRoleData));
            mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, userRoleAssign));
        }
    }
}
Also used : DefaultAttribute(org.apache.directory.api.ldap.model.entry.DefaultAttribute) Attribute(org.apache.directory.api.ldap.model.entry.Attribute) DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification) UserRole(org.apache.directory.fortress.core.model.UserRole) DefaultAttribute(org.apache.directory.api.ldap.model.entry.DefaultAttribute)

Example 9 with UserRole

use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.

the class UserDAO method getUserRoles.

/**
 * @param userId
 * @return
 * @throws FinderException
 */
private List<UserRole> getUserRoles(String userId, String contextId) throws FinderException {
    List<UserRole> roles = null;
    LdapConnection ld = null;
    String userDn = getDn(userId, contextId);
    try {
        ld = getAdminConnection();
        Entry findEntry = read(ld, userDn, ROLE_ATR);
        roles = unloadUserRoles(findEntry, userId, contextId, null);
    } catch (LdapNoSuchObjectException e) {
        String warning = "getUserRoles COULD NOT FIND ENTRY for user [" + userId + "]";
        throw new FinderException(GlobalErrIds.USER_NOT_FOUND, warning);
    } catch (LdapException e) {
        String error = "getUserRoles [" + userDn + "]= caught LDAPException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.USER_READ_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return roles;
}
Also used : LdapNoSuchObjectException(org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException) FinderException(org.apache.directory.fortress.core.FinderException) DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry) Entry(org.apache.directory.api.ldap.model.entry.Entry) UserRole(org.apache.directory.fortress.core.model.UserRole) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Example 10 with UserRole

use of org.apache.directory.fortress.core.model.UserRole in project directory-fortress-core by apache.

the class UserDAO method getAssignedUsers.

/**
 * @param role
 * @param roleConstraint
 * @return
 * @throws FinderException
 */
List<User> getAssignedUsers(Role role, RoleConstraint roleConstraint) throws FinderException {
    List<User> userList = new ArrayList<>();
    LdapConnection ld = null;
    String userRoot = getRootDn(role.getContextId(), GlobalIds.USER_ROOT);
    try {
        String roleVal = encodeSafeText(role.getName(), GlobalIds.USERID_LEN);
        StringBuilder filterbuf = new StringBuilder();
        filterbuf.append(GlobalIds.FILTER_PREFIX);
        filterbuf.append(USERS_AUX_OBJECT_CLASS_NAME);
        filterbuf.append(")(");
        filterbuf.append(GlobalIds.USER_ROLE_ASSIGN);
        filterbuf.append("=");
        filterbuf.append(roleVal);
        filterbuf.append(")");
        if (roleConstraint != null) {
            filterbuf.append("(");
            filterbuf.append(GlobalIds.USER_ROLE_DATA);
            filterbuf.append("=");
            filterbuf.append(roleConstraint.getRawData(new UserRole(role.getName())));
            filterbuf.append(")");
        }
        filterbuf.append(")");
        ld = getAdminConnection();
        SearchCursor searchResults = search(ld, userRoot, SearchScope.ONELEVEL, filterbuf.toString(), defaultAtrs, false, GlobalIds.BATCH_SIZE);
        long sequence = 0;
        while (searchResults.next()) {
            userList.add(unloadLdapEntry(searchResults.getEntry(), sequence++, role.getContextId()));
        }
    } catch (LdapException e) {
        String warning = "getAssignedUsers role name [" + role.getName() + "] caught LDAPException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, warning, e);
    } catch (CursorException e) {
        String warning = "getAssignedUsers role name [" + role.getName() + "] caught LDAPException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, warning, e);
    } finally {
        closeAdminConnection(ld);
    }
    return userList;
}
Also used : FinderException(org.apache.directory.fortress.core.FinderException) User(org.apache.directory.fortress.core.model.User) UserRole(org.apache.directory.fortress.core.model.UserRole) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) ArrayList(java.util.ArrayList) SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)

Aggregations

UserRole (org.apache.directory.fortress.core.model.UserRole)89 User (org.apache.directory.fortress.core.model.User)55 SecurityException (org.apache.directory.fortress.core.SecurityException)48 Session (org.apache.directory.fortress.core.model.Session)28 AccessMgr (org.apache.directory.fortress.core.AccessMgr)17 ArrayList (java.util.ArrayList)16 Role (org.apache.directory.fortress.core.model.Role)16 RoleConstraint (org.apache.directory.fortress.core.model.RoleConstraint)16 AdminMgr (org.apache.directory.fortress.core.AdminMgr)14 ReviewMgr (org.apache.directory.fortress.core.ReviewMgr)12 UserAdminRole (org.apache.directory.fortress.core.model.UserAdminRole)11 Constraint (org.apache.directory.fortress.core.model.Constraint)10 AdminRole (org.apache.directory.fortress.core.model.AdminRole)9 LdapException (org.apache.directory.api.ldap.model.exception.LdapException)7 AdminPermissionOperation (org.apache.directory.fortress.annotation.AdminPermissionOperation)7 AccelMgr (org.apache.directory.fortress.core.AccelMgr)6 FinderException (org.apache.directory.fortress.core.FinderException)6 SDSet (org.apache.directory.fortress.core.model.SDSet)6 LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)6 Enumeration (java.util.Enumeration)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial