Google Git
Sign in
apache / directory-fortress-core / 18b1b16a2d3a9903f05fb0245c8431a9b2f1375a / . / src / main / java / org / apache / directory / fortress / core / rest / AdminMgrRestImpl.java
blob: 2117cf6988522f646c60af4e91ae1e3f7240a26f [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.apache.directory.fortress.core.rest;
import org.apache.directory.fortress.core.AdminMgr;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.impl.Manageable;
import org.apache.directory.fortress.core.model.FortRequest;
import org.apache.directory.fortress.core.model.FortResponse;
import org.apache.directory.fortress.core.model.PermGrant;
import org.apache.directory.fortress.core.model.PermObj;
import org.apache.directory.fortress.core.model.Permission;
import org.apache.directory.fortress.core.model.PermissionAttribute;
import org.apache.directory.fortress.core.model.PermissionAttributeSet;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.model.RoleConstraint;
import org.apache.directory.fortress.core.model.RoleRelationship;
import org.apache.directory.fortress.core.model.SDSet;
import org.apache.directory.fortress.core.model.User;
import org.apache.directory.fortress.core.model.UserRole;
import org.apache.directory.fortress.core.util.VUtil;
/**
* This class performs administrative functions to provision Fortress RBAC entities using HTTP access to Fortress Rest server. These APIs
* map directly to similar named APIs specified by ANSI and NIST RBAC models.
* Many of the java doc function descriptions found below were taken directly from ANSI INCITS 359-2004.
* The RBAC Functional specification describes administrative operations for the creation
* and maintenance of RBAC element sets and relations; administrative review functions for
* performing administrative queries; and system functions for creating and managing
* RBAC attributes on user sessions and making access control decisions.
* <p>
* <hr>
* <h4>RBAC0 - Core</h4>
* Many-to-many relationship between Users, Roles and Permissions. Selective role activation into sessions. API to add, update, delete identity data and perform identity and access control decisions during runtime operations.
* <p>
* <img src="../doc-files/RbacCore.png" alt="">
* <hr>
* <h4>RBAC1 - General Hierarchical Roles</h4>
* Simplifies role engineering tasks using inheritance of one or more parent roles.
* <p>
* <img src="../doc-files/RbacHier.png" alt="">
* <hr>
* <h4>RBAC2 - Static Separation of Duty (SSD) Relations</h4>
* Enforce mutual membership exclusions across role assignments. Facilitate dual control policies by restricting which roles may be assigned to users in combination. SSD provide added granularity for authorization limits which help enterprises meet strict compliance regulations.
* <p>
* <img src="../doc-files/RbacSSD.png" alt="">
* <hr>
* <h4>RBAC3 - Dynamic Separation of Duty (DSD) Relations</h4>
* Control allowed role combinations to be activated within an RBAC session. DSD policies fine tune role policies that facilitate authorization dual control and two man policy restrictions during runtime security checks.
* <p>
* <img src="../doc-files/RbacDSD.png" alt="">
* <hr>
* <p>
* This class is NOT thread safe as it contains instance variables.
* <p>
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
*/
public final class AdminMgrRestImpl extends Manageable implements AdminMgr
{
private static final String CLS_NM = AdminMgrRestImpl.class.getName();
/**
* {@inheritDoc}
*/
@Override
public User addUser( User user )
throws SecurityException
{
VUtil.assertNotNull( user, GlobalErrIds.USER_NULL, CLS_NM + ".addUser" );
User retUser;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( user );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.USER_ADD );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retUser = ( User ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retUser;
}
/**
* {@inheritDoc}
*/
@Override
public void disableUser( User user )
throws SecurityException
{
VUtil.assertNotNull( user, GlobalErrIds.USER_NULL, CLS_NM + ".disableUser" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( user );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.USER_DISABLE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void deleteUser( User user )
throws SecurityException
{
VUtil.assertNotNull( user, GlobalErrIds.USER_NULL, CLS_NM + ".deleteUser" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( user );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.USER_DELETE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public User updateUser( User user )
throws SecurityException
{
VUtil.assertNotNull( user, GlobalErrIds.USER_NULL, CLS_NM + ".updateUser" );
User retUser;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( user );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.USER_UPDATE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retUser = ( User ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retUser;
}
/**
* {@inheritDoc}
*/
@Override
public void changePassword( User user, String newPassword )
throws SecurityException
{
VUtil.assertNotNull( user, GlobalErrIds.USER_NULL, CLS_NM + ".changePassword" );
VUtil.assertNotNullOrEmpty( newPassword, GlobalErrIds.USER_PW_NULL, CLS_NM + ".changePassword" );
FortRequest request = RestUtils.getRequest( this.contextId );
user.setNewPassword( newPassword );
request.setEntity( user );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.USER_CHGPW );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void lockUserAccount( User user )
throws SecurityException
{
VUtil.assertNotNull( user, GlobalErrIds.USER_NULL, CLS_NM + ".lockUserAccount" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( user );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.USER_LOCK );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void unlockUserAccount( User user )
throws SecurityException
{
VUtil.assertNotNull( user, GlobalErrIds.USER_NULL, CLS_NM + ".unlockUserAccount" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( user );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.USER_UNLOCK );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void resetPassword( User user, String newPassword )
throws SecurityException
{
VUtil.assertNotNull( user, GlobalErrIds.USER_NULL, CLS_NM + ".resetPassword" );
VUtil.assertNotNullOrEmpty( newPassword, GlobalErrIds.USER_PW_NULL, CLS_NM + ".resetPassword" );
FortRequest request = RestUtils.getRequest( this.contextId );
user.setNewPassword( newPassword );
request.setEntity( user );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.USER_RESET );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void deletePasswordPolicy( User user )
throws SecurityException
{
throw new java.lang.UnsupportedOperationException();
}
/**
* {@inheritDoc}
*/
@Override
public Role addRole( Role role )
throws SecurityException
{
VUtil.assertNotNull( role, GlobalErrIds.ROLE_NULL, CLS_NM + ".addRole" );
Role retRole;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( role );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_ADD );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retRole = ( Role ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retRole;
}
/**
* {@inheritDoc}
*/
@Override
public void deleteRole( Role role )
throws SecurityException
{
VUtil.assertNotNull( role, GlobalErrIds.ROLE_NULL, CLS_NM + ".deleteRole" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( role );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_DELETE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public Role updateRole( Role role )
throws SecurityException
{
VUtil.assertNotNull( role, GlobalErrIds.ROLE_NULL, CLS_NM + ".updateRole" );
Role retRole;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( role );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_UPDATE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retRole = ( Role ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retRole;
}
/**
* {@inheritDoc}
*/
@Override
public void assignUser( UserRole uRole )
throws SecurityException
{
VUtil.assertNotNull( uRole, GlobalErrIds.URLE_NULL, CLS_NM + ".assignUser" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( uRole );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_ASGN );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void deassignUser( UserRole uRole )
throws SecurityException
{
VUtil.assertNotNull( uRole, GlobalErrIds.URLE_NULL, CLS_NM + ".deassignUser" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( uRole );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_DEASGN );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public Permission addPermission( Permission perm )
throws SecurityException
{
VUtil.assertNotNull( perm, GlobalErrIds.PERM_OPERATION_NULL, CLS_NM + ".addPermission" );
Permission retPerm;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( perm );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.PERM_ADD );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retPerm = ( Permission ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retPerm;
}
/**
* {@inheritDoc}
*/
@Override
public Permission updatePermission( Permission perm )
throws SecurityException
{
VUtil.assertNotNull( perm, GlobalErrIds.PERM_OPERATION_NULL, CLS_NM + ".updatePermission" );
Permission retPerm;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( perm );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.PERM_UPDATE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retPerm = ( Permission ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retPerm;
}
/**
* {@inheritDoc}
*/
@Override
public void deletePermission( Permission perm )
throws SecurityException
{
VUtil.assertNotNull( perm, GlobalErrIds.PERM_OPERATION_NULL, CLS_NM + ".deletePermission" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( perm );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.PERM_DELETE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public PermObj addPermObj( PermObj pObj )
throws SecurityException
{
VUtil.assertNotNull( pObj, GlobalErrIds.PERM_OBJECT_NULL, CLS_NM + ".addPermObj" );
PermObj retObj;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( pObj );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.OBJ_ADD );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retObj = ( PermObj ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retObj;
}
/**
* {@inheritDoc}
*/
@Override
public PermObj updatePermObj( PermObj pObj )
throws SecurityException
{
VUtil.assertNotNull( pObj, GlobalErrIds.PERM_OBJECT_NULL, CLS_NM + ".updatePermObj" );
PermObj retObj;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( pObj );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.OBJ_UPDATE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retObj = ( PermObj ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retObj;
}
/**
* {@inheritDoc}
*/
@Override
public void deletePermObj( PermObj pObj )
throws SecurityException
{
VUtil.assertNotNull( pObj, GlobalErrIds.PERM_OBJECT_NULL, CLS_NM + ".deletePermObj" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( pObj );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.OBJ_DELETE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void grantPermission( Permission perm, Role role )
throws SecurityException
{
VUtil.assertNotNull( perm, GlobalErrIds.PERM_OPERATION_NULL, CLS_NM + ".grantPermission" );
VUtil.assertNotNull( role, GlobalErrIds.ROLE_NULL, CLS_NM + ".grantPermission" );
FortRequest request = RestUtils.getRequest( this.contextId );
PermGrant permGrant = new PermGrant();
permGrant.setAdmin( perm.isAdmin() );
permGrant.setObjName( perm.getObjName() );
permGrant.setObjId( perm.getObjId() );
permGrant.setOpName( perm.getOpName() );
permGrant.setRoleNm( role.getName() );
request.setEntity( permGrant );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_GRANT );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void revokePermission( Permission perm, Role role )
throws SecurityException
{
VUtil.assertNotNull( perm, GlobalErrIds.PERM_OPERATION_NULL, CLS_NM + ".revokePermission" );
VUtil.assertNotNull( role, GlobalErrIds.ROLE_NULL, CLS_NM + ".revokePermission" );
FortRequest request = RestUtils.getRequest( this.contextId );
PermGrant permGrant = new PermGrant();
permGrant.setAdmin( perm.isAdmin() );
permGrant.setObjName( perm.getObjName() );
permGrant.setObjId( perm.getObjId() );
permGrant.setOpName( perm.getOpName() );
permGrant.setRoleNm( role.getName() );
request.setEntity( permGrant );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_REVOKE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void grantPermission( Permission perm, User user )
throws SecurityException
{
VUtil.assertNotNull( perm, GlobalErrIds.PERM_OPERATION_NULL, CLS_NM + ".grantPermissionUser" );
VUtil.assertNotNull( user, GlobalErrIds.USER_NULL, CLS_NM + ".grantPermissionUser" );
FortRequest request = RestUtils.getRequest( this.contextId );
PermGrant permGrant = new PermGrant();
permGrant.setAdmin( perm.isAdmin() );
permGrant.setObjName( perm.getObjName() );
permGrant.setObjId( perm.getObjId() );
permGrant.setOpName( perm.getOpName() );
permGrant.setUserId( user.getUserId() );
request.setEntity( permGrant );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.USER_GRANT );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void revokePermission( Permission perm, User user )
throws SecurityException
{
VUtil.assertNotNull( perm, GlobalErrIds.PERM_OPERATION_NULL, CLS_NM + ".revokePermission" );
VUtil.assertNotNull( user, GlobalErrIds.USER_NULL, CLS_NM + ".revokePermission" );
FortRequest request = RestUtils.getRequest( this.contextId );
PermGrant permGrant = new PermGrant();
permGrant.setAdmin( perm.isAdmin() );
permGrant.setObjName( perm.getObjName() );
permGrant.setObjId( perm.getObjId() );
permGrant.setOpName( perm.getOpName() );
permGrant.setUserId( user.getUserId() );
request.setEntity( permGrant );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.USER_REVOKE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void addDescendant( Role parentRole, Role childRole )
throws SecurityException
{
VUtil.assertNotNull( parentRole, GlobalErrIds.PARENT_ROLE_NULL, CLS_NM + ".addDescendant" );
VUtil.assertNotNull( childRole, GlobalErrIds.CHILD_ROLE_NULL, CLS_NM + ".addDescendant" );
FortRequest request = RestUtils.getRequest( this.contextId );
RoleRelationship relationship = new RoleRelationship();
relationship.setParent( parentRole );
relationship.setChild( childRole );
request.setEntity( relationship );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_DESC );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void addAscendant( Role childRole, Role parentRole )
throws SecurityException
{
VUtil.assertNotNull( parentRole, GlobalErrIds.PARENT_ROLE_NULL, CLS_NM + ".addAscendant" );
VUtil.assertNotNull( childRole, GlobalErrIds.CHILD_ROLE_NULL, CLS_NM + ".addAscendant" );
FortRequest request = RestUtils.getRequest( this.contextId );
RoleRelationship relationship = new RoleRelationship();
relationship.setParent( parentRole );
relationship.setChild( childRole );
request.setEntity( relationship );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_ASC );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void addInheritance( Role parentRole, Role childRole )
throws SecurityException
{
VUtil.assertNotNull( parentRole, GlobalErrIds.PARENT_ROLE_NULL, CLS_NM + ".addInheritance" );
VUtil.assertNotNull( childRole, GlobalErrIds.CHILD_ROLE_NULL, CLS_NM + ".addInheritance" );
FortRequest request = RestUtils.getRequest( this.contextId );
RoleRelationship relationship = new RoleRelationship();
relationship.setParent( parentRole );
relationship.setChild( childRole );
request.setEntity( relationship );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_ADDINHERIT );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void deleteInheritance( Role parentRole, Role childRole )
throws SecurityException
{
VUtil.assertNotNull( parentRole, GlobalErrIds.PARENT_ROLE_NULL, CLS_NM + ".deleteInheritance" );
VUtil.assertNotNull( childRole, GlobalErrIds.CHILD_ROLE_NULL, CLS_NM + ".deleteInheritance" );
FortRequest request = RestUtils.getRequest( this.contextId );
RoleRelationship relationship = new RoleRelationship();
relationship.setParent( parentRole );
relationship.setChild( childRole );
request.setEntity( relationship );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_DELINHERIT );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public SDSet createSsdSet( SDSet ssdSet )
throws SecurityException
{
VUtil.assertNotNull( ssdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".createSsdSet" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( ssdSet );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.SSD_ADD );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
public SDSet updateSsdSet( SDSet ssdSet )
throws SecurityException
{
VUtil.assertNotNull( ssdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".updateSsdSet" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( ssdSet );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.SSD_UPDATE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
@Override
public SDSet addSsdRoleMember( SDSet ssdSet, Role role )
throws SecurityException
{
VUtil.assertNotNull( ssdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".addSsdRoleMember" );
VUtil.assertNotNull( role, GlobalErrIds.ROLE_NULL, CLS_NM + ".addSsdRoleMember" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( ssdSet );
request.setValue( role.getName() );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.SSD_ADD_MEMBER );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
@Override
public SDSet deleteSsdRoleMember( SDSet ssdSet, Role role )
throws SecurityException
{
VUtil.assertNotNull( ssdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".deleteSsdRoleMember" );
VUtil.assertNotNull( role, GlobalErrIds.ROLE_NULL, CLS_NM + ".deleteSsdRoleMember" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( ssdSet );
request.setValue( role.getName() );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.SSD_DEL_MEMBER );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
@Override
public SDSet deleteSsdSet( SDSet ssdSet )
throws SecurityException
{
VUtil.assertNotNull( ssdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".deleteSsdSet" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( ssdSet );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.SSD_DELETE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
@Override
public SDSet setSsdSetCardinality( SDSet ssdSet, int cardinality )
throws SecurityException
{
VUtil.assertNotNull( ssdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".setSsdSetCardinality" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
ssdSet.setCardinality( cardinality );
request.setEntity( ssdSet );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.SSD_CARD_UPDATE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
@Override
public SDSet createDsdSet( SDSet dsdSet )
throws SecurityException
{
VUtil.assertNotNull( dsdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".createDsdSet" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( dsdSet );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.DSD_ADD );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
public SDSet updateDsdSet( SDSet dsdSet )
throws SecurityException
{
VUtil.assertNotNull( dsdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".updateDsdSet" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( dsdSet );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.DSD_UPDATE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
@Override
public SDSet addDsdRoleMember( SDSet dsdSet, Role role )
throws SecurityException
{
VUtil.assertNotNull( dsdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".addDsdRoleMember" );
VUtil.assertNotNull( role, GlobalErrIds.ROLE_NULL, CLS_NM + ".addDsdRoleMember" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( dsdSet );
request.setValue( role.getName() );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.DSD_ADD_MEMBER );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
@Override
public SDSet deleteDsdRoleMember( SDSet dsdSet, Role role )
throws SecurityException
{
VUtil.assertNotNull( dsdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".deleteDsdRoleMember" );
VUtil.assertNotNull( role, GlobalErrIds.ROLE_NULL, CLS_NM + ".deleteSsdRoleMember" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( dsdSet );
request.setValue( role.getName() );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.DSD_DEL_MEMBER );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
@Override
public SDSet deleteDsdSet( SDSet dsdSet )
throws SecurityException
{
VUtil.assertNotNull( dsdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".deleteDsdSet" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( dsdSet );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.DSD_DELETE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
@Override
public SDSet setDsdSetCardinality( SDSet dsdSet, int cardinality )
throws SecurityException
{
VUtil.assertNotNull( dsdSet, GlobalErrIds.SSD_NULL, CLS_NM + ".setSsdSetCardinality" );
SDSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
dsdSet.setCardinality( cardinality );
request.setEntity( dsdSet );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.DSD_CARD_UPDATE );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( SDSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
@Override
public RoleConstraint addRoleConstraint(UserRole uRole, RoleConstraint roleConstraint)
throws SecurityException
{
VUtil.assertNotNull( uRole, GlobalErrIds.URLE_NULL, CLS_NM + ".addRoleConstraint" );
VUtil.assertNotNull( roleConstraint, GlobalErrIds.RCON_NULL, CLS_NM + ".addRoleConstraint" );
RoleConstraint retCnst;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( uRole );
request.setEntity2( roleConstraint );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_ADD_CONSTRAINT );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retCnst = ( RoleConstraint ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retCnst;
}
/**
* {@inheritDoc}
*/
@Override
public void removeRoleConstraint( UserRole uRole, RoleConstraint roleConstraint ) throws SecurityException
{
VUtil.assertNotNull( uRole, GlobalErrIds.URLE_NULL, CLS_NM + ".removeRoleConstraint" );
VUtil.assertNotNull( roleConstraint, GlobalErrIds.RCON_NULL, CLS_NM + ".removeRoleConstraint" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( uRole );
request.setEntity2( roleConstraint );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_DELETE_CONSTRAINT );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public PermissionAttributeSet addPermissionAttributeSet( PermissionAttributeSet permAttributeSet )
throws SecurityException
{
VUtil.assertNotNull( permAttributeSet, GlobalErrIds.PERM_ATTRIBUTE_SET_NULL, CLS_NM + ".addPermissionAttributeSet" );
PermissionAttributeSet retSet;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( permAttributeSet );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.PERM_ADD_ATTRIBUTE_SET );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retSet = ( PermissionAttributeSet ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retSet;
}
/**
* {@inheritDoc}
*/
@Override
public void deletePermissionAttributeSet(
PermissionAttributeSet permAttributeSet) throws SecurityException
{
VUtil.assertNotNull( permAttributeSet, GlobalErrIds.PERM_ATTRIBUTE_SET_NULL, CLS_NM + ".deletePermissionAttributeSet" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( permAttributeSet );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.PERM_DELETE_ATTRIBUTE_SET );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public PermissionAttribute addPermissionAttributeToSet( PermissionAttribute permAttribute, String attributeSetName )
throws SecurityException
{
VUtil.assertNotNull( permAttribute, GlobalErrIds.PERM_ATTRIBUTE_SET_NULL, CLS_NM + ".addPermissionAttributeToSet" );
VUtil.assertNotNull( attributeSetName, GlobalErrIds.PERM_ATTRIBUTE_SET_NM_NULL, CLS_NM + ".addPermissionAttributeToSet" );
PermissionAttribute retAttr;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( permAttribute );
request.setValue( attributeSetName );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.PERM_ADD_PERM_ATTRIBUTE_TO_SET );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() == 0 )
{
retAttr = ( PermissionAttribute ) response.getEntity();
}
else
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
return retAttr;
}
/**
* {@inheritDoc}
*/
@Override
public void removePermissionAttributeFromSet( PermissionAttribute permAttribute, String attributeSetName )
throws SecurityException
{
VUtil.assertNotNull( permAttribute, GlobalErrIds.PERM_ATTRIBUTE_SET_NULL, CLS_NM + ".removePermissionAttributeFromSet" );
VUtil.assertNotNull( attributeSetName, GlobalErrIds.PERM_ATTRIBUTE_SET_NM_NULL, CLS_NM + ".removePermissionAttributeFromSet" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( permAttribute );
request.setValue( attributeSetName );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.PERM_DELETE_PERM_ATTRIBUTE_TO_SET );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void updatePermissionAttributeInSet(PermissionAttribute permAttribute, String attributeSetName, boolean replaceValidValues)
throws SecurityException
{
VUtil.assertNotNull( permAttribute, GlobalErrIds.PERM_ATTRIBUTE_SET_NULL, CLS_NM + ".updatePermissionAttributeInSet" );
VUtil.assertNotNull( attributeSetName, GlobalErrIds.PERM_ATTRIBUTE_SET_NM_NULL, CLS_NM + ".updatePermissionAttributeInSet" );
PermissionAttribute retAttr;
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( permAttribute );
request.setValue( attributeSetName );
request.setIsFlag( replaceValidValues );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.PERM_UPDATE_PERM_ATTRIBUTE_IN_SET );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void removeRoleConstraint( UserRole uRole, String roleConstraintId ) throws SecurityException
{
//throw new UnsupportedOperationException( "not implemented" );
VUtil.assertNotNull( uRole, GlobalErrIds.URLE_NULL, CLS_NM + ".removeRoleConstraint" );
VUtil.assertNotNull( roleConstraintId, GlobalErrIds.ROLE_CONSTRAINT_VALUE_NULL, CLS_NM + ".removeRoleConstraint" );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( uRole );
request.setValue( roleConstraintId );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_DELETE_CONSTRAINT_ID );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void enableRoleConstraint( Role role, RoleConstraint roleConstraint )
throws SecurityException
{
String methodName = ".enableRoleConstraint";
VUtil.assertNotNull( role, GlobalErrIds.ROLE_NULL, CLS_NM + methodName );
VUtil.assertNotNull( roleConstraint, GlobalErrIds.RCON_NULL, CLS_NM + methodName );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( role );
request.setEntity2( roleConstraint );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_ENABLE_CONSTRAINT );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
/**
* {@inheritDoc}
*/
@Override
public void disableRoleConstraint( Role role, RoleConstraint roleConstraint )
throws SecurityException
{
String methodName = ".disableRoleConstraint";
VUtil.assertNotNull( role, GlobalErrIds.ROLE_NULL, CLS_NM + methodName );
VUtil.assertNotNull( roleConstraint, GlobalErrIds.RCON_NULL, CLS_NM + methodName );
FortRequest request = RestUtils.getRequest( this.contextId );
request.setEntity( role );
request.setEntity2( roleConstraint );
String szRequest = RestUtils.marshal( request );
String szResponse = RestUtils.getInstance().post( szRequest, HttpIds.ROLE_DISABLE_CONSTRAINT );
FortResponse response = RestUtils.unmarshall( szResponse );
if ( response.getErrorCode() != 0 )
{
throw new SecurityException( response.getErrorCode(), response.getErrorMessage() );
}
}
}