use of org.openldap.accelerator.api.dropRole.RbacDropRoleResponse in project directory-fortress-core by apache.
the class AcceleratorDAO method dropActiveRole.
/**
* Deactivate user role from impl session
* This function follows the pattern from: {@link org.apache.directory.fortress.core.AccessMgr#dropActiveRole(org.apache.directory.fortress.core.model.Session, org.apache.directory.fortress.core.model.UserRole)}.
* Success will result in impl session state to be modified inside server-side cache.
* It uses the {@link RbacDropRoleRequest} and {@link RbacDropRoleResponse} accelerator APIs.
*
* @param session contains a valid sessionId captured from accelerator createSession method.
* @param userRole both the {@link org.apache.directory.fortress.core.model.UserRole#userId} and {@link UserRole#name} fields must be set before invoking.
* @throws SecurityException rethrows {@code LdapException} with {@code GlobalErrIds.ACEL_DROP_ROLE_ERR}.
*/
void dropActiveRole(Session session, UserRole userRole) throws SecurityException {
LdapConnection ld = null;
try {
ld = getAdminConnection();
RbacDropRoleRequest dropRoleRequest = new RbacDropRoleRequestImpl();
dropRoleRequest.setSessionId(session.getSessionId());
dropRoleRequest.setRole(userRole.getName());
dropRoleRequest.setUserIdentity(userRole.getUserId());
// Send the request
RbacDropRoleResponse rbacDropRoleResponse = (RbacDropRoleResponse) ld.extended(dropRoleRequest);
LOG.debug("dropActiveRole result: {}", rbacDropRoleResponse.getLdapResult().getResultCode());
if (rbacDropRoleResponse.getLdapResult().getResultCode() != ResultCodeEnum.SUCCESS) {
String info = "dropActiveRole Role [" + userRole.getName() + "] User [" + session.getUserId() + "], not previously activated.";
throw new SecurityException(GlobalErrIds.URLE_NOT_ACTIVE, info);
}
} catch (LdapException e) {
String error = "dropActiveRole role name [" + userRole.getName() + "] caught LDAPException=" + " msg=" + e.getMessage();
throw new SecurityException(GlobalErrIds.ACEL_DROP_ROLE_ERR, error, e);
} finally {
closeAdminConnection(ld);
}
}
Aggregations