public class AdminRole extends Role implements Administrator
AdminRole
, OrgUnit
,
SDSet
etc...) are used to carry data between three Fortress
layers.starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into
(3) DAO layer where persistence with the OpenLDAP server occurs.
DelAdminMgrImpl
, DelAccessMgrImpl
, DelReviewMgrImpl
,...AdminRoleP
, OrgUnitP
,...AdminRoleDAO
, OrgUnitDAO
,...Role.name
set before passing into DelAdminMgrImpl
or DelReviewMgrImpl
APIs.
Create methods usually require more attributes (than Read) due to constraints enforced between entities.
This entity extends the Role
entity and is used to store the ARBAC AdminRole assignments that comprise the many-to-many relationships between Users and Administrative Permissions.
In addition it is used to store the ARBAC OrgUnit.Type.PERM
and OrgUnit.Type.USER
OU information that adheres to the AdminRole entity in the ARBAC02 model.
The unique key to locate AdminRole entity (which is subsequently assigned both to Users and administrative Permissions) is Role.name
.
There is a many-to-many relationship between User's, Administrative Roles and Administrative Permissions.
User
*<->*AdminRole
*<->*Permission
AdminRole myRole = new AdminRole("MyRoleName");
myRole.setDescription("This is a test admin role");
DelAdminMgr delAdminMgr = DelAdminMgrFactory.createInstance();
delAdminMgr.addRole(myRole);
This will create a AdminRole name that can be used as a target for User-AdminRole assignments and AdminRole-AdminPermission grants.
1. organizationalRole Structural Object Class is used to store basic attributes like cn and description.
------------------------------------------ objectclass ( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256: an organizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) ------------------------------------------
2. ftRls Structural objectclass is used to store the AdminRole information like name, and temporal constraints.
------------------------------------------ Fortress Roles Structural Object Class objectclass ( 1.3.6.1.4.1.38088.2.1 NAME 'ftRls' DESC 'Fortress Role Structural Object Class' SUP organizationalrole STRUCTURAL MUST ( ftId $ ftRoleName ) MAY ( description $ ftCstr $ ftParents ) ) ------------------------------------------
3. ftProperties AUXILIARY Object Class is used to store client specific name/value pairs on target entity.
# This aux object class can be used to store custom attributes.
# The properties collections consist of name/value pairs and are not constrainted by Fortress.
------------------------------------------ AC2: Fortress Properties Auxiliary Object Class objectclass ( 1.3.6.1.4.1.38088.3.2 NAME 'ftProperties' DESC 'Fortress Properties AUX Object Class' AUXILIARY MAY ( ftProps ) ) ------------------------------------------
4. ftPools Auxiliary object class store the ARBAC Perm and User OU assignments on AdminRole entity.
------------------------------------------ Fortress Organizational Pools Auxiliary Object Class objectclass ( 1.3.6.1.4.1.38088.3.3 NAME 'ftPools' DESC 'Fortress Pools AUX Object Class' AUXILIARY MAY ( ftOSU $ ftOSP $ ftRange ) ) ------------------------------------------
5. ftMods AUXILIARY Object Class is used to store Fortress audit variables on target entity.
------------------------------------------ Fortress Audit Modification Auxiliary Object Class objectclass ( 1.3.6.1.4.1.38088.3.4 NAME 'ftMods' DESC 'Fortress Modifiers AUX Object Class' AUXILIARY MAY ( ftModifier $ ftModCode $ ftModId ) ) ------------------------------------------
adminSession, contextId, modCode, modId, sequenceId
Constructor and Description |
---|
AdminRole()
Default constructor is used by internal Fortress classes.
|
AdminRole(Constraint con)
Construct an Admin Role with a given temporal constraint.
|
AdminRole(String name)
Construct an AdminRole entity with a given name.
|
Modifier and Type | Method and Description |
---|---|
boolean |
equals(Object thatObj)
Matches the name from two AdminRole entities.
|
String |
getBeginRange()
Return the begin Role range attribute for AdminRole entity which corresponds to lowest descendant.
|
String |
getEndRange()
Return the end Role range attribute for AdminRole entity which corresponds to highest ascendant.
|
Set<String> |
getOsPSet()
Get a collection of optional Perm OU attributes that were stored on the AdminRole entity.
|
Set<String> |
getOsUSet()
Get a collection of optional User OU attributes that were stored on the AdminRole entity.
|
String |
getRoleRangeRaw()
Get the raw format for role range using current AdminRole entity attributes.
|
int |
hashCode() |
boolean |
isBeginInclusive()
Get the begin inclusive which specifies if role range includes or excludes the 'beginRange' attribute.
|
boolean |
isEndInclusive()
Get the end inclusive which specifies if role range includes or excludes the 'endRange' attribute.
|
void |
setBeginInclusive(boolean beginInclusive)
Set the begin inclusive which specifies if role range includes or excludes the 'beginRange' attribute.
|
void |
setBeginRange(String beginRange)
Set the begin Role range attribute for AdminRole entity which corresponds to lowest descendant.
|
void |
setEndInclusive(boolean endInclusive)
Set the end inclusive which specifies if role range includes or excludes the 'endRange' attribute.
|
void |
setEndRange(String endRange)
Set the end Role range attribute for AdminRole entity which corresponds to highest ascendant.
|
void |
setOsP(String osP)
Set a Perm OU attribute to be stored on the AdminRole entity.
|
void |
setOsPSet(Set<String> osPs)
Set a collection of optional Perm OU attributes to be stored on the AdminRole entity.
|
void |
setOsU(String osU)
Set a User OU attribute to be stored on the AdminRole entity.
|
void |
setOsUSet(Set<String> osUs)
Set a collection of optional User OU attributes to be stored on the AdminRole entity.
|
void |
setRoleRangeRaw(String szRaw)
Load the role range attributes given a raw format.
|
String |
toString() |
delParent, getBeginDate, getBeginLockDate, getBeginTime, getChildren, getDayMask, getDescription, getDn, getEndDate, getEndLockDate, getEndTime, getId, getName, getOccupants, getParents, getRawData, getTimeout, isTemporalSet, setBeginDate, setBeginLockDate, setBeginTime, setChildren, setDayMask, setDescription, setDn, setEndDate, setEndLockDate, setEndTime, setId, setId, setName, setOccupant, setOccupants, setParent, setParents, setRawData, setTimeout, toString
getAdminSession, getContextId, getModCode, getModId, getSequenceId, setAdminSession, setContextId, setModCode, setSequenceId
public AdminRole()
public AdminRole(Constraint con)
con
- maps to 'OamRC' attribute for 'ftTemporal' aux object classes.public AdminRole(String name)
public void setRoleRangeRaw(String szRaw)
setRoleRangeRaw
in interface Administrator
szRaw
- maps to 'ftRange' attribute on 'ftPools' aux object class.public String getRoleRangeRaw()
getRoleRangeRaw
in interface Administrator
public Set<String> getOsPSet()
getOsPSet
in interface Administrator
public void setOsPSet(Set<String> osPs)
setOsPSet
in interface Administrator
osPs
- is a List of type String containing Perm OU. This maps to 'ftOSP' attribute on 'ftPools' aux object class.public void setOsP(String osP)
setOsP
in interface Administrator
osP
- is a Perm OU that maps to 'ftOSP' attribute on 'ftPools' aux object class.public Set<String> getOsUSet()
getOsUSet
in interface Administrator
public void setOsUSet(Set<String> osUs)
setOsUSet
in interface Administrator
osUs
- is a List of type String containing User OU. This maps to 'ftOSU' attribute on 'ftPools' aux object class.public void setOsU(String osU)
setOsU
in interface Administrator
osU
- is a User OU that maps to 'ftOSU' attribute on 'ftPools' aux object class.public String getBeginRange()
getBeginRange
in interface Administrator
public void setBeginRange(String beginRange)
setBeginRange
in interface Administrator
beginRange
- maps to 'ftRange' attribute on 'ftPools' aux object class.public String getEndRange()
getEndRange
in interface Administrator
public void setEndRange(String endRange)
setEndRange
in interface Administrator
endRange
- maps to 'ftRange' attribute on 'ftPools' aux object class.public boolean isBeginInclusive()
isBeginInclusive
in interface Administrator
public void setBeginInclusive(boolean beginInclusive)
setBeginInclusive
in interface Administrator
beginInclusive
- maps to 'ftRange' attribute on 'ftPools' aux object class.public boolean isEndInclusive()
isEndInclusive
in interface Administrator
public void setEndInclusive(boolean endInclusive)
setEndInclusive
in interface Administrator
endInclusive
- maps to 'ftRange' attribute on 'ftPools' aux object class.public boolean equals(Object thatObj)
public String toString()
toString
in class Role
Object.toString()
Copyright © 2003-2016, The Apache Software Foundation. All Rights Reserved. Generated 20160718-1621