public abstract class Manageable extends Object implements Manageable
setAdmin(org.apache.directory.fortress.core.model.Session)
method allows A/RBAC sessions to be loaded and
allows authorization
to be performed on behalf of the user who is contained within the Session object itself.
The ARBAC permissions will be checked each time outside client makes calls into Fortress API.
This interface also allows Fortress clients to operate in a multi-tenant fashion using setContextId(String)
.
Implementers of this abstract class will NOT be thread safe because of instance variables that may be set.
Modifier and Type | Field and Description |
---|---|
protected Session |
adminSess |
protected String |
contextId |
Constructor and Description |
---|
Manageable() |
Modifier and Type | Method and Description |
---|---|
protected void |
assertContext(String methodName,
FortEntity entity,
int errorCode)
Method will throw exception if entity reference is null, otherwise will set the contextId of the tenant onto the
supplied entity reference.
|
protected void |
assertContext(String className,
String opName,
FortEntity entity,
int errorCode)
Method will throw exception if entity reference is null, otherwise will set the contextId of the tenant onto the
supplied entity reference.
|
protected void |
checkAccess(String className,
String opName)
Every Fortress Manager API (e.g.
|
protected String |
getFullMethodName(String className,
String opName)
This method is used to generate log statements and returns the concatenation of class name to the operation name.
|
void |
setAdmin(Session session)
Use this method to load an administrative user's ARBAC Session object into Manager object will enable authorization to
be performed on behalf of admin user.
|
protected void |
setAdminData(String className,
String opName,
FortEntity entity)
Method is called by Manager APIs to load contextual information on
FortEntity . |
void |
setContextId(String contextId)
Use this method to set the tenant id onto function call into Fortress which allows segregation of data by customer.
|
protected void |
setEntitySession(String className,
String opName,
FortEntity entity)
Set A/RBAC session on entity and perform authorization on behalf of the caller if the
adminSess is set. |
public final void setAdmin(Session session)
setAdmin
in interface Manageable
session
- contains a valid Fortress A/RBAC Session object.public final void setContextId(String contextId)
setContextId
in interface Manageable
contextId
- maps to sub-tree in DIT, for example ou=contextId, dc=jts, dc = com.protected final void setEntitySession(String className, String opName, FortEntity entity) throws SecurityException
adminSess
is set.className
- contains the class name.opName
- contains operation name.entity
- contains FortEntity
instance.SecurityException
- in the event of data validation or system error.protected final void checkAccess(String className, String opName) throws SecurityException
adminSess
has been set before invocation.className
- contains the class name.opName
- contains operation name.SecurityException
- in the event of data validation or system error.protected final void setAdminData(String className, String opName, FortEntity entity)
FortEntity
.
The information is used to
Session
object into entity. This is used for checking to ensure
administrator has privilege to perform administrative operation.
className
- contains the class name.opName
- contains operation name.entity
- used to pass contextual information through Fortress layers for administrative security checks and
audit.protected final void assertContext(String className, String opName, FortEntity entity, int errorCode) throws ValidationException
className
- contains the class name of caller.opName
- contains operation name of caller.entity
- used here to pass the tenant id into the Fortress DAO layer..errorCode
- contains the error id to use if null.ValidationException
- in the event object is null.protected final void assertContext(String methodName, FortEntity entity, int errorCode) throws ValidationException
methodName
- contains the full method name of caller.entity
- used here to pass the tenant id into the Fortress DAO layer..errorCode
- contains the error id to use if null.ValidationException
- in the event object is null.protected final String getFullMethodName(String className, String opName)
className
- of the calleropName
- of the callerCopyright © 2003-2016, The Apache Software Foundation. All Rights Reserved. Generated 20160718-1621