src/main/java/org/apache/directory/fortress/core/model/UserRole.java - directory-fortress-core - Git at Google

 /*
  *   Licensed to the Apache Software Foundation (ASF) under one
  *   or more contributor license agreements.  See the NOTICE file
  *   distributed with this work for additional information
  *   regarding copyright ownership.  The ASF licenses this file
  *   to you under the Apache License, Version 2.0 (the
  *   "License"); you may not use this file except in compliance
  *   with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  *   Unless required by applicable law or agreed to in writing,
  *   software distributed under the License is distributed on an
  *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *   KIND, either express or implied.  See the License for the
  *   specific language governing permissions and limitations
  *   under the License.
  *
  */
 package org.apache.directory.fortress.core.model;


 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;

 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlRootElement;
 import javax.xml.bind.annotation.XmlSeeAlso;
 import javax.xml.bind.annotation.XmlType;

 import org.apache.commons.lang.StringUtils;
 import org.apache.directory.fortress.core.util.Config;


 /**
  * The Fortress UserRole entity is used to store an RBAC User to Role assignment along with its temporal constraint
  * values.
  * The contents of the UserRole entity will be stored on the User entity in the 'ftRA' (Role name) and 'ftRC'
  * (Temporal Constraints) attributes on the 'ftUserAttrs' object class.
  * The UserRole entity carries elements of {@link Constraint}.  Any attributes of
  * Constraint not set within this entity
  * will use same attribute from the {@link org.apache.directory.fortress.core.model.Role} entity.  Thus the UserRole can override
  * Constraint attributes from it's corresponding Role if required by caller.
  * <p>
  * <h4>UserRole Schema</h4>
  * ftUserAttrs is used to store RBAC and ARBAC Role role assignments and other security attributes on User entity.
  * <pre>
  * ------------------------------------------
  * Fortress User Attributes Auxiliary Object Class
  * objectclass ( 1.3.6.1.4.1.38088.3.1
  *  NAME 'ftUserAttrs'
  *  DESC 'Fortress User Attribute AUX Object Class'
  *  AUXILIARY
  *  MUST (
  *      ftId
  *  )
  *  MAY (
  *      ftRC $
  *      ftRA $
  *      ftARC $
  *      ftARA $
  *      ftCstr $
  *      ftSystem
  *  )
  * )
  * ------------------------------------------
  * </pre>
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  */
 @XmlRootElement( name = "fortUserRole" )
 @XmlAccessorType( XmlAccessType.FIELD )
 @XmlType(
     name = "userRole",
     propOrder = {
         "name",
         "userId",
         "isGroupRole",
         "parents",
         "beginDate",
         "beginLockDate",
         "beginTime",
         "dayMask",
         "endDate",
         "endLockDate",
         "endTime",
         "timeout",
         "roleConstraints"}
 )
 @XmlSeeAlso( {UserAdminRole.class} )
 public class UserRole extends FortEntity implements Serializable, Constraint
 {
     private static final long serialVersionUID = 1L;

     protected String userId;
     protected String name;
     protected boolean isGroupRole;
     private Integer timeout;
     private String beginTime;
     private String endTime;
     private String beginDate;
     private String endDate;
     private String beginLockDate;
     private String endLockDate;
     private String dayMask;
     private Set<String> parents;
     private List<RoleConstraint> roleConstraints;

     /**
      * Default constructor is used by internal Fortress classes.
      */
     public UserRole()
     {
     }


     /**
      * Construct a UserRole entity given the required attributes 'userId' and 'role' name.
      *
      * @param userId maps to the 'uid' attribute on the 'inetOrgPerson' object class.
      * @param role   maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.
      */
     public UserRole( String userId, String role )
     {
         this.userId = userId;
         name = role;
         isGroupRole = false;
     }

     /**
      * Construct a UserRole entity given the required attributes 'userId' and 'role' name.
      *
      * @param userId maps to the 'uid' attribute on the 'inetOrgPerson' object class.
      * @param name role name, maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.
      * @param isGroupRole defines if value contained in userId is group name rather than user's uid
      */
     public UserRole(String userId, String name, boolean isGroupRole) {
         this.userId = userId;
         this.name = name;
         this.isGroupRole = isGroupRole;
     }

     /**
      * Construct an RBAC Role with required attribute 'userId' and optional temporal constraint.
      *
      * @param userId maps to the 'uid' attribute on the 'inetOrgPerson' object class.
      * @param con    maps to 'ftRC' attribute in 'ftUserAttrs' object class.
      */
     public UserRole( String userId, Constraint con )
     {
         this.userId = userId;
         isGroupRole = false;
         ConstraintUtil.copy( con, this );
     }


     /**
      * Construct a UserRole entity given the required attribute role' name.
      *
      * @param role maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.
      */
     public UserRole( String role )
     {
         name = role;
     }

     /**
      * This method loads UserRole entity temporal constraint instance variables with data that was retrieved from the
      * 'ftRC' attribute on the 'ftUserAttrs' object class.  This is the raw format that Fortress uses to condense the
      * temporal data into
      * a compact String for efficient storage and retrieval and is not intended to be called by external programs.
      *
      * @param szRawData contains a raw formatted String that maps to 'ftRC' attribute on 'ftUserAttrs' object class
      * @param contextId contains the tenant id.
      * @param parentUtil provides method to getParents.
      */
     public void load( String szRawData, String contextId, ParentUtil parentUtil )
     {
         if ( ( szRawData != null ) && ( szRawData.length() > 0 ) )
         {
             String[] tokens = StringUtils.splitPreserveAllTokens( szRawData, Config.getInstance().getDelimiter() );

             //newer style constaint type
             if(tokens[1].equals(RoleConstraint.RC_TYPE_NAME)){
                 RoleConstraint rc = new RoleConstraint(tokens[5], tokens[4], RoleConstraint.RCType.valueOf( tokens[2] ),
                     tokens[3]);
                 this.getRoleConstraints().add(rc);
             }
             else{
                 for ( int i = 0; i < tokens.length; i++ )
                 {
                     if ( StringUtils.isNotEmpty( tokens[i] ) )
                     {
                         switch ( i )
                         {
                             case 0:
                                 name = tokens[i];
                                 parents = parentUtil.getParentsCB( name.toUpperCase(), contextId );
                                 break;

                             case 1:
                                 timeout = Integer.parseInt( tokens[i] );
                                 break;

                             case 2:
                                 beginTime = tokens[i];
                                 break;

                             case 3:
                                 endTime = tokens[i];
                                 break;

                             case 4:
                                 beginDate = tokens[i];
                                 break;

                             case 5:
                                 endDate = tokens[i];
                                 break;

                             case 6:
                                 beginLockDate = tokens[i];
                                 break;

                             case 7:
                                 endLockDate = tokens[i];
                                 break;

                             case 8:
                                 dayMask = tokens[i];
                                 break;
                         }
                     }
                 }
             }
         }
     }


     /**
      * Required on DAO classes convert Temporal attributes stored on entity to raw data object format needed for ldap
      * .  For internal use only.
      *
      * @return String that maps to 'ftRA' attribute on the 'ftUserAttrs' object class.
      */
     @Override
     public String getRawData()
     {
         String delimeter = Config.getInstance().getDelimiter();
         StringBuilder sb = new StringBuilder();

         sb.append( name );
         sb.append( delimeter );
         sb.append( timeout );
         sb.append( delimeter );

         if ( beginTime != null )
         {
             sb.append( beginTime );
         }

         sb.append( delimeter );

         if ( endTime != null )
         {
             sb.append( endTime );
         }

         sb.append( delimeter );

         if ( beginDate != null )
         {
             sb.append( beginDate );
         }

         sb.append( delimeter );

         if ( endDate != null )
         {
             sb.append( endDate );
         }

         sb.append( delimeter );

         if ( beginLockDate != null )
         {
             sb.append( beginLockDate );
         }

         sb.append( delimeter );

         if ( endLockDate != null )
         {
             sb.append( endLockDate );
         }

         sb.append( delimeter );

         if ( dayMask != null )
         {
             sb.append( dayMask );
         }

         return sb.toString();
     }


     /**
      * Return the userId that is associated with UserRole.  UserId is required attribute and must be set on all
      * UserRole assignment operations.
      *
      * @return attribute maps to 'uid' in 'inetOrgPerson' object class.
      */
     public String getUserId()
     {
         return userId;
     }


     /**
      * Set the userId that is associated with UserRole.  UserId is required attribute and must be set on all UserRole
      * assignment operations.
      *
      * @param userId maps to 'uid' in 'inetOrgPerson' object class.
      */
     public void setUserId( String userId )
     {
         this.userId = userId;
     }


     /**
      * Get the Role name required attribute of the UserRole object
      *
      * @param name maps to 'ftRC' and 'ftRA' attributes on 'ftUserAttrs' object class.
      */
     @Override
     public void setName( String name )
     {
         this.name = name;
     }


     /**
      * Set the Role name required attribute of the UserRole object
      *
      * @return attribute maps to 'ftRC' and 'ftRA' attributes on 'ftUserAttrs' object class.
      */
     @Override
     public String getName()
     {
         return name;
     }


     /**
      * temporal boolean flag is used by internal Fortress components.
      *
      * @return boolean indicating if temporal constraints are placed on UserRole.
      */
     @Override
     public boolean isTemporalSet()
     {
         return ( beginTime != null || endTime != null || beginDate != null || endDate != null || beginLockDate !=
             null || endLockDate != null || dayMask != null );
     }


     /**
      * Set the integer timeout that contains max time ((in minutes)) that entity may remain inactive.
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @param timeout maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public void setTimeout( Integer timeout )
     {
         this.timeout = timeout;
     }


     /**
      * Set the begin time of day entity is allowed to be activated in system.  The format is military time - HHMM,
      * i.e. 0800 (8:00 am) or 1700 (5:00 p.m.).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @param beginTime maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public void setBeginTime( String beginTime )
     {
         this.beginTime = beginTime;
     }


     /**
      * Set the end time of day entity is allowed to be activated in system.  The format is military time - HHMM,
      * i.e. 0000 (12:00 am) or 2359 (11:59 p.m.).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @param endTime maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public void setEndTime( String endTime )
     {
         this.endTime = endTime;
     }


     /**
      * Set the beginDate when entity is allowed to be activated in system.  The format is - YYYYMMDD,
      * i.e. 20100101 (January 1, 2001).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @param beginDate maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public void setBeginDate( String beginDate )
     {
         this.beginDate = beginDate;
     }


     /**
      * Set the end date when entity is not allowed to be activated in system.  The format is - YYYYMMDD,
      * i.e. 20100101 (January 1. 2010).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @param endDate maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public void setEndDate( String endDate )
     {
         this.endDate = endDate;
     }


     /**
      * Set the daymask that specifies what days of week entity is allowed to be activated in system.  The format is
      * 1234567, i.e. 23456 (Monday, Tuesday, Wednesday, Thursday, Friday).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @param dayMask maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public void setDayMask( String dayMask )
     {
         this.dayMask = dayMask;
     }


     /**
      * Set the begin lock date when entity is temporarily not allowed to be activated in system.  The format is -
      * YYYYMMDD, 20100101 (January 1. 2010).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @param beginLockDate maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public void setBeginLockDate( String beginLockDate )
     {
         this.beginLockDate = beginLockDate;
     }


     /**
      * Set the end lock date when entity is allowed to be activated in system once again.  The format is - YYYYMMDD,
      * i.e. 20100101 (January 1. 2010).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @param endLockDate maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public void setEndLockDate( String endLockDate )
     {
         this.endLockDate = endLockDate;
     }


     /**
      * Return the integer timeout that contains total time ((in minutes)) that entity may remain inactive.
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @return int that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public Integer getTimeout()
     {
         return timeout;
     }


     /**
      * Contains the begin time of day entity is allowed to be activated in system.  The format is military time -
      * HHMM, i.e. 0800 (8:00 am) or 1700 (5:00 p.m.).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public String getBeginTime()
     {
         return beginTime;
     }


     /**
      * Contains the end time of day entity is allowed to be activated in system.  The format is military time - HHMM,
      * i.e. 0000 (12:00 am) or 2359 (11:59 p.m.).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public String getEndTime()
     {
         return endTime;
     }


     /**
      * Contains the begin date when entity is allowed to be activated in system.  The format is - YYYYMMDD,
      * i.e. 20100101 (January 1. 2010).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public String getBeginDate()
     {
         return beginDate;
     }


     /**
      * Contains the end date when entity is allowed to be activated in system.  The format is - YYYYMMDD,
      * i.e. 20101231 (December 31, 2011).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public String getEndDate()
     {
         return endDate;
     }


     /**
      * Contains the begin lock date when entity is temporarily not allowed to activated in system.  The format is -
      * YYYYMMDD, i.e. 20100101 (January 1. 2010).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public String getBeginLockDate()
     {
         return beginLockDate;
     }


     /**
      * Contains the end lock date when entity is allowed to be activated in system once again.  The format is -
      * YYYYMMDD, i.e. 20100101 (January 1. 2010).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public String getEndLockDate()
     {
         return endLockDate;
     }


     /**
      * Get the daymask that indicates what days of week entity is allowed to be activated in system.  The format is 1234567, i.e. 23456 (Monday, Tuesday, Wednesday, Thursday, Friday).
      * This attribute is optional but if set will be validated for reasonableness.
      *
      * @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      */
     @Override
     public String getDayMask()
     {
         return dayMask;
     }


     @Override
     public List<RoleConstraint> getConstraints()
     {
         return getRoleConstraints();
     }

     /**
      * Get the names of roles that are parents (direct ascendants) of this role.
      *
      * @return Set of parent role names assigned to this role.
      */
     public Set<String> getParents()
     {
         return parents;
     }


     /**
      * Set the names of roles names that are parents (direct ascendants) of this role.
      *
      * @param parents contains the Set of parent role names assigned to this role.
      */
     public void setParents( Set<String> parents )
     {
         this.parents = parents;
     }

     /**
      * Returns 'true' if value in userId refers to group name
      * @return if userId contains group name
      */
     public boolean isGroupRole() {
         return isGroupRole;
     }

     /**
      * Set to 'true' if userId contains group name
      * @param groupRole specifies if value in userId contains group name
      */
     public void setGroupRole(boolean groupRole) {
         isGroupRole = groupRole;
     }

     /**
      * Matches the userId and role name from two UserRole entities.
      *
      * @param thatObj contains a UserRole entity.
      * @return boolean indicating both objects contain matching userId and Role names.
      */
     public boolean equals( Object thatObj )
     {
         if ( this == thatObj )
         {
             return true;
         }

         if ( name == null )
         {
             return false;
         }

         if ( !( thatObj instanceof UserRole ) )
         {
             return false;
         }

         UserRole thatRole = ( UserRole ) thatObj;

         if ( thatRole.getName() == null )
         {
             return false;
         }

         return ( thatRole.getName().equalsIgnoreCase( name ) );
     }

     @Override
     public int hashCode()
     {
         int result = userId != null ? userId.hashCode() : 0;
         result = 31 * result + ( name != null ? name.hashCode() : 0 );
         result = 31 * result + ( timeout != null ? timeout.hashCode() : 0 );
         result = 31 * result + ( beginTime != null ? beginTime.hashCode() : 0 );
         result = 31 * result + ( endTime != null ? endTime.hashCode() : 0 );
         result = 31 * result + ( beginDate != null ? beginDate.hashCode() : 0 );
         result = 31 * result + ( endDate != null ? endDate.hashCode() : 0 );
         result = 31 * result + ( beginLockDate != null ? beginLockDate.hashCode() : 0 );
         result = 31 * result + ( endLockDate != null ? endLockDate.hashCode() : 0 );
         result = 31 * result + ( dayMask != null ? dayMask.hashCode() : 0 );
         result = 31 * result + ( parents != null ? parents.hashCode() : 0 );
         return result;
     }

     /**
      * Used to retrieve UserRole Role name attribute.  The Fortress UserRole name maps to 'ftRA' attribute on
      * 'ftUserAttrs' object class.
      */
     @Override
     public String toString()
     {
         return name;
     }


     public List<RoleConstraint> getRoleConstraints()
     {
         if(roleConstraints == null)
         {
             roleConstraints = new ArrayList();
         }
         return roleConstraints;
     }


     public void setRoleConstraints(List<RoleConstraint> roleConstraints) {
         this.roleConstraints = roleConstraints;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*
	*/
	package org.apache.directory.fortress.core.model;


	import java.io.Serializable;
	import java.util.ArrayList;
	import java.util.List;
	import java.util.Set;

	import javax.xml.bind.annotation.XmlAccessType;
	import javax.xml.bind.annotation.XmlAccessorType;
	import javax.xml.bind.annotation.XmlRootElement;
	import javax.xml.bind.annotation.XmlSeeAlso;
	import javax.xml.bind.annotation.XmlType;

	import org.apache.commons.lang.StringUtils;
	import org.apache.directory.fortress.core.util.Config;


	/**
	* The Fortress UserRole entity is used to store an RBAC User to Role assignment along with its temporal constraint
	* values.
	* The contents of the UserRole entity will be stored on the User entity in the 'ftRA' (Role name) and 'ftRC'
	* (Temporal Constraints) attributes on the 'ftUserAttrs' object class.
	* The UserRole entity carries elements of {@link Constraint}. Any attributes of
	* Constraint not set within this entity
	* will use same attribute from the {@link org.apache.directory.fortress.core.model.Role} entity. Thus the UserRole can override
	* Constraint attributes from it's corresponding Role if required by caller.
	* <p>
	* <h4>UserRole Schema</h4>
	* ftUserAttrs is used to store RBAC and ARBAC Role role assignments and other security attributes on User entity.
	* <pre>
	* ------------------------------------------
	* Fortress User Attributes Auxiliary Object Class
	* objectclass ( 1.3.6.1.4.1.38088.3.1
	* NAME 'ftUserAttrs'
	* DESC 'Fortress User Attribute AUX Object Class'
	* AUXILIARY
	* MUST (
	* ftId
	* )
	* MAY (
	* ftRC $
	* ftRA $
	* ftARC $
	* ftARA $
	* ftCstr $
	* ftSystem
	* )
	* )
	* ------------------------------------------
	* </pre>
	*
	* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
	*/
	@XmlRootElement( name = "fortUserRole" )
	@XmlAccessorType( XmlAccessType.FIELD )
	@XmlType(
	name = "userRole",
	propOrder = {
	"name",
	"userId",
	"isGroupRole",
	"parents",
	"beginDate",
	"beginLockDate",
	"beginTime",
	"dayMask",
	"endDate",
	"endLockDate",
	"endTime",
	"timeout",
	"roleConstraints"}
	)
	@XmlSeeAlso( {UserAdminRole.class} )
	public class UserRole extends FortEntity implements Serializable, Constraint
	{
	private static final long serialVersionUID = 1L;

	protected String userId;
	protected String name;
	protected boolean isGroupRole;
	private Integer timeout;
	private String beginTime;
	private String endTime;
	private String beginDate;
	private String endDate;
	private String beginLockDate;
	private String endLockDate;
	private String dayMask;
	private Set<String> parents;
	private List<RoleConstraint> roleConstraints;

	/**
	* Default constructor is used by internal Fortress classes.
	*/
	public UserRole()
	{
	}


	/**
	* Construct a UserRole entity given the required attributes 'userId' and 'role' name.
	*
	* @param userId maps to the 'uid' attribute on the 'inetOrgPerson' object class.
	* @param role maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.
	*/
	public UserRole( String userId, String role )
	{
	this.userId = userId;
	name = role;
	isGroupRole = false;
	}

	/**
	* Construct a UserRole entity given the required attributes 'userId' and 'role' name.
	*
	* @param userId maps to the 'uid' attribute on the 'inetOrgPerson' object class.
	* @param name role name, maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.
	* @param isGroupRole defines if value contained in userId is group name rather than user's uid
	*/
	public UserRole(String userId, String name, boolean isGroupRole) {
	this.userId = userId;
	this.name = name;
	this.isGroupRole = isGroupRole;
	}

	/**
	* Construct an RBAC Role with required attribute 'userId' and optional temporal constraint.
	*
	* @param userId maps to the 'uid' attribute on the 'inetOrgPerson' object class.
	* @param con maps to 'ftRC' attribute in 'ftUserAttrs' object class.
	*/
	public UserRole( String userId, Constraint con )
	{
	this.userId = userId;
	isGroupRole = false;
	ConstraintUtil.copy( con, this );
	}


	/**
	* Construct a UserRole entity given the required attribute role' name.
	*
	* @param role maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.
	*/
	public UserRole( String role )
	{
	name = role;
	}

	/**
	* This method loads UserRole entity temporal constraint instance variables with data that was retrieved from the
	* 'ftRC' attribute on the 'ftUserAttrs' object class. This is the raw format that Fortress uses to condense the
	* temporal data into
	* a compact String for efficient storage and retrieval and is not intended to be called by external programs.
	*
	* @param szRawData contains a raw formatted String that maps to 'ftRC' attribute on 'ftUserAttrs' object class
	* @param contextId contains the tenant id.
	* @param parentUtil provides method to getParents.
	*/
	public void load( String szRawData, String contextId, ParentUtil parentUtil )
	{
	if ( ( szRawData != null ) && ( szRawData.length() > 0 ) )
	{
	String[] tokens = StringUtils.splitPreserveAllTokens( szRawData, Config.getInstance().getDelimiter() );

	//newer style constaint type
	if(tokens[1].equals(RoleConstraint.RC_TYPE_NAME)){
	RoleConstraint rc = new RoleConstraint(tokens[5], tokens[4], RoleConstraint.RCType.valueOf( tokens[2] ),
	tokens[3]);
	this.getRoleConstraints().add(rc);
	}
	else{
	for ( int i = 0; i < tokens.length; i++ )
	{
	if ( StringUtils.isNotEmpty( tokens[i] ) )
	{
	switch ( i )
	{
	case 0:
	name = tokens[i];
	parents = parentUtil.getParentsCB( name.toUpperCase(), contextId );
	break;

	case 1:
	timeout = Integer.parseInt( tokens[i] );
	break;

	case 2:
	beginTime = tokens[i];
	break;

	case 3:
	endTime = tokens[i];
	break;

	case 4:
	beginDate = tokens[i];
	break;

	case 5:
	endDate = tokens[i];
	break;

	case 6:
	beginLockDate = tokens[i];
	break;

	case 7:
	endLockDate = tokens[i];
	break;

	case 8:
	dayMask = tokens[i];
	break;
	}
	}
	}
	}
	}
	}


	/**
	* Required on DAO classes convert Temporal attributes stored on entity to raw data object format needed for ldap
	* . For internal use only.
	*
	* @return String that maps to 'ftRA' attribute on the 'ftUserAttrs' object class.
	*/
	@Override
	public String getRawData()
	{
	String delimeter = Config.getInstance().getDelimiter();
	StringBuilder sb = new StringBuilder();

	sb.append( name );
	sb.append( delimeter );
	sb.append( timeout );
	sb.append( delimeter );

	if ( beginTime != null )
	{
	sb.append( beginTime );
	}

	sb.append( delimeter );

	if ( endTime != null )
	{
	sb.append( endTime );
	}

	sb.append( delimeter );

	if ( beginDate != null )
	{
	sb.append( beginDate );
	}

	sb.append( delimeter );

	if ( endDate != null )
	{
	sb.append( endDate );
	}

	sb.append( delimeter );

	if ( beginLockDate != null )
	{
	sb.append( beginLockDate );
	}

	sb.append( delimeter );

	if ( endLockDate != null )
	{
	sb.append( endLockDate );
	}

	sb.append( delimeter );

	if ( dayMask != null )
	{
	sb.append( dayMask );
	}

	return sb.toString();
	}


	/**
	* Return the userId that is associated with UserRole. UserId is required attribute and must be set on all
	* UserRole assignment operations.
	*
	* @return attribute maps to 'uid' in 'inetOrgPerson' object class.
	*/
	public String getUserId()
	{
	return userId;
	}


	/**
	* Set the userId that is associated with UserRole. UserId is required attribute and must be set on all UserRole
	* assignment operations.
	*
	* @param userId maps to 'uid' in 'inetOrgPerson' object class.
	*/
	public void setUserId( String userId )
	{
	this.userId = userId;
	}


	/**
	* Get the Role name required attribute of the UserRole object
	*
	* @param name maps to 'ftRC' and 'ftRA' attributes on 'ftUserAttrs' object class.
	*/
	@Override
	public void setName( String name )
	{
	this.name = name;
	}


	/**
	* Set the Role name required attribute of the UserRole object
	*
	* @return attribute maps to 'ftRC' and 'ftRA' attributes on 'ftUserAttrs' object class.
	*/
	@Override
	public String getName()
	{
	return name;
	}


	/**
	* temporal boolean flag is used by internal Fortress components.
	*
	* @return boolean indicating if temporal constraints are placed on UserRole.
	*/
	@Override
	public boolean isTemporalSet()
	{
	return ( beginTime != null \|\| endTime != null \|\| beginDate != null \|\| endDate != null \|\| beginLockDate !=
	null \|\| endLockDate != null \|\| dayMask != null );
	}


	/**
	* Set the integer timeout that contains max time ((in minutes)) that entity may remain inactive.
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @param timeout maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public void setTimeout( Integer timeout )
	{
	this.timeout = timeout;
	}


	/**
	* Set the begin time of day entity is allowed to be activated in system. The format is military time - HHMM,
	* i.e. 0800 (8:00 am) or 1700 (5:00 p.m.).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @param beginTime maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public void setBeginTime( String beginTime )
	{
	this.beginTime = beginTime;
	}


	/**
	* Set the end time of day entity is allowed to be activated in system. The format is military time - HHMM,
	* i.e. 0000 (12:00 am) or 2359 (11:59 p.m.).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @param endTime maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public void setEndTime( String endTime )
	{
	this.endTime = endTime;
	}


	/**
	* Set the beginDate when entity is allowed to be activated in system. The format is - YYYYMMDD,
	* i.e. 20100101 (January 1, 2001).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @param beginDate maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public void setBeginDate( String beginDate )
	{
	this.beginDate = beginDate;
	}


	/**
	* Set the end date when entity is not allowed to be activated in system. The format is - YYYYMMDD,
	* i.e. 20100101 (January 1. 2010).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @param endDate maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public void setEndDate( String endDate )
	{
	this.endDate = endDate;
	}


	/**
	* Set the daymask that specifies what days of week entity is allowed to be activated in system. The format is
	* 1234567, i.e. 23456 (Monday, Tuesday, Wednesday, Thursday, Friday).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @param dayMask maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public void setDayMask( String dayMask )
	{
	this.dayMask = dayMask;
	}


	/**
	* Set the begin lock date when entity is temporarily not allowed to be activated in system. The format is -
	* YYYYMMDD, 20100101 (January 1. 2010).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @param beginLockDate maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public void setBeginLockDate( String beginLockDate )
	{
	this.beginLockDate = beginLockDate;
	}


	/**
	* Set the end lock date when entity is allowed to be activated in system once again. The format is - YYYYMMDD,
	* i.e. 20100101 (January 1. 2010).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @param endLockDate maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public void setEndLockDate( String endLockDate )
	{
	this.endLockDate = endLockDate;
	}


	/**
	* Return the integer timeout that contains total time ((in minutes)) that entity may remain inactive.
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @return int that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public Integer getTimeout()
	{
	return timeout;
	}


	/**
	* Contains the begin time of day entity is allowed to be activated in system. The format is military time -
	* HHMM, i.e. 0800 (8:00 am) or 1700 (5:00 p.m.).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public String getBeginTime()
	{
	return beginTime;
	}


	/**
	* Contains the end time of day entity is allowed to be activated in system. The format is military time - HHMM,
	* i.e. 0000 (12:00 am) or 2359 (11:59 p.m.).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public String getEndTime()
	{
	return endTime;
	}


	/**
	* Contains the begin date when entity is allowed to be activated in system. The format is - YYYYMMDD,
	* i.e. 20100101 (January 1. 2010).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public String getBeginDate()
	{
	return beginDate;
	}


	/**
	* Contains the end date when entity is allowed to be activated in system. The format is - YYYYMMDD,
	* i.e. 20101231 (December 31, 2011).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public String getEndDate()
	{
	return endDate;
	}


	/**
	* Contains the begin lock date when entity is temporarily not allowed to activated in system. The format is -
	* YYYYMMDD, i.e. 20100101 (January 1. 2010).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public String getBeginLockDate()
	{
	return beginLockDate;
	}


	/**
	* Contains the end lock date when entity is allowed to be activated in system once again. The format is -
	* YYYYMMDD, i.e. 20100101 (January 1. 2010).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public String getEndLockDate()
	{
	return endLockDate;
	}


	/**
	* Get the daymask that indicates what days of week entity is allowed to be activated in system. The format is 1234567, i.e. 23456 (Monday, Tuesday, Wednesday, Thursday, Friday).
	* This attribute is optional but if set will be validated for reasonableness.
	*
	* @return String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
	*/
	@Override
	public String getDayMask()
	{
	return dayMask;
	}


	@Override
	public List<RoleConstraint> getConstraints()
	{
	return getRoleConstraints();
	}

	/**
	* Get the names of roles that are parents (direct ascendants) of this role.
	*
	* @return Set of parent role names assigned to this role.
	*/
	public Set<String> getParents()
	{
	return parents;
	}


	/**
	* Set the names of roles names that are parents (direct ascendants) of this role.
	*
	* @param parents contains the Set of parent role names assigned to this role.
	*/
	public void setParents( Set<String> parents )
	{
	this.parents = parents;
	}

	/**
	* Returns 'true' if value in userId refers to group name
	* @return if userId contains group name
	*/
	public boolean isGroupRole() {
	return isGroupRole;
	}

	/**
	* Set to 'true' if userId contains group name
	* @param groupRole specifies if value in userId contains group name
	*/
	public void setGroupRole(boolean groupRole) {
	isGroupRole = groupRole;
	}

	/**
	* Matches the userId and role name from two UserRole entities.
	*
	* @param thatObj contains a UserRole entity.
	* @return boolean indicating both objects contain matching userId and Role names.
	*/
	public boolean equals( Object thatObj )
	{
	if ( this == thatObj )
	{
	return true;
	}

	if ( name == null )
	{
	return false;
	}

	if ( !( thatObj instanceof UserRole ) )
	{
	return false;
	}

	UserRole thatRole = ( UserRole ) thatObj;

	if ( thatRole.getName() == null )
	{
	return false;
	}

	return ( thatRole.getName().equalsIgnoreCase( name ) );
	}

	@Override
	public int hashCode()
	{
	int result = userId != null ? userId.hashCode() : 0;
	result = 31 * result + ( name != null ? name.hashCode() : 0 );
	result = 31 * result + ( timeout != null ? timeout.hashCode() : 0 );
	result = 31 * result + ( beginTime != null ? beginTime.hashCode() : 0 );
	result = 31 * result + ( endTime != null ? endTime.hashCode() : 0 );
	result = 31 * result + ( beginDate != null ? beginDate.hashCode() : 0 );
	result = 31 * result + ( endDate != null ? endDate.hashCode() : 0 );
	result = 31 * result + ( beginLockDate != null ? beginLockDate.hashCode() : 0 );
	result = 31 * result + ( endLockDate != null ? endLockDate.hashCode() : 0 );
	result = 31 * result + ( dayMask != null ? dayMask.hashCode() : 0 );
	result = 31 * result + ( parents != null ? parents.hashCode() : 0 );
	return result;
	}

	/**
	* Used to retrieve UserRole Role name attribute. The Fortress UserRole name maps to 'ftRA' attribute on
	* 'ftUserAttrs' object class.
	*/
	@Override
	public String toString()
	{
	return name;
	}


	public List<RoleConstraint> getRoleConstraints()
	{
	if(roleConstraints == null)
	{
	roleConstraints = new ArrayList();
	}
	return roleConstraints;
	}


	public void setRoleConstraints(List<RoleConstraint> roleConstraints) {
	this.roleConstraints = roleConstraints;
	}
	}