public class Role extends FortEntity implements Constraint, Graphable, Serializable
User
, Role
, Permission
,
PwPolicy
SDSet
etc...) are used to carry data between three
Fortress layers.starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into
(3) DAO layer where persistence with the OpenLDAP server occurs.
AdminMgrImpl
,
AccessMgrImpl
,
ReviewMgrImpl
,...
UserP
,
RoleP
, PermP
,...
UserDAO
,
RoleDAO
, PermDAO
,...
setName(java.lang.String)
attribute set before passing into
AdminMgrImpl
APIs. Create methods sometimes require more attributes
(than Read) due to constraints enforced between entities although only setName(java.lang.String)
is required for Role
.
setName(java.lang.String)
attribute must be set before calling
AdminMgrImpl.addRole(Role)
,
AdminMgrImpl.updateRole(Role)
or
AdminMgrImpl.deleteRole(Role)
Constraint
may be set before calling method
AdminMgrImpl.addRole(Role)
.
Constraint
will be returned to caller on methods like
ReviewMgrImpl.readRole(Role)
or
ReviewMgrImpl.findRoles(String)
if persisted to entity prior to call.
This entity is used to store the RBAC Role assignments that comprise the many-to-many relationships between User
s
and Permission
s.
The unique key to locate a Role entity (which is subsequently assigned both to Users and Permissions) is 'Role.name'.
There is a many-to-many relationship between User's, RBAC Roles and Permissions.
User
*<->*Role
*<->*Permission
Example to create new RBAC Role:
try { // Instantiate the AdminMgr first AdminMgr adminMgr = AdminMgrFactory.createInstance(); Role myRole = new Role("MyRoleName"); myRole.setDescription("This is a test role"); adminMgr.addRole(myRole); } catch (SecurityException ex) { // log or throw }The above code will persist to LDAP a Role object that can be used as a target for User-Role assignments and Role-Permission grants.
1. organizationalRole Structural Object Class is used to store basic attributes like cn and description.
------------------------------------------ objectclass ( 2.5.6.8 NAME 'organizationalRole' DESC 'RFC2256: an organizational role' SUP top STRUCTURAL MUST cn MAY ( x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l $ description ) ) ------------------------------------------
2. ftRls Structural objectclass is used to store the Role information like name and temporal constraint attributes.
------------------------------------------ Fortress Roles Structural Object Class objectclass ( 1.3.6.1.4.1.38088.2.1 NAME 'ftRls' DESC 'Fortress Role Structural Object Class' SUP organizationalrole STRUCTURAL MUST ( ftId $ ftRoleName ) MAY ( description $ ftCstr $ ftParents ) ) ------------------------------------------
3. ftProperties AUXILIARY Object Class is used to store client specific name/value pairs on target entity.
# This aux object class can be used to store custom attributes.
# The properties collections consist of name/value pairs and are not constrainted by Fortress.
------------------------------------------ AC2: Fortress Properties Auxiliary Object Class objectclass ( 1.3.6.1.4.1.38088.3.2 NAME 'ftProperties' DESC 'Fortress Properties AUX Object Class' AUXILIARY MAY ( ftProps ) ) ------------------------------------------
4. ftMods AUXILIARY Object Class is used to store Fortress audit variables on target entity.
------------------------------------------ Fortress Audit Modification Auxiliary Object Class objectclass ( 1.3.6.1.4.1.38088.3.4 NAME 'ftMods' DESC 'Fortress Modifiers AUX Object Class' AUXILIARY MAY ( ftModifier $ ftModCode $ ftModId ) ) ------------------------------------------
adminSession, contextId, modCode, modId, sequenceId
Constructor and Description |
---|
Role()
Default constructor is used by internal Fortress classes.
|
Role(Constraint con)
Construct an RBAC Role with a given temporal constraint.
|
Role(String name)
Construct a Role entity with a given name.
|
Modifier and Type | Method and Description |
---|---|
void |
delParent(String parent)
Set the occupant attribute with the contents of the User dn.
|
boolean |
equals(Object thatObj)
Matches the name from two Role entities.
|
String |
getBeginDate()
Contains the begin date when Role is allowed to be activated in session.
|
String |
getBeginLockDate()
Contains the begin lock date when Role is temporarily not allowed to be activated in session.
|
String |
getBeginTime()
Contains the begin time of day Role is allowed to be activated in session.
|
Set<String> |
getChildren()
Return the Set of child role names (direct descendants) of this role.
|
String |
getDayMask()
Get the daymask that indicates what days of week Role is allowed to be activated in session.
|
String |
getDescription()
Returns optional description that is associated with Role.
|
String |
getDn()
Returns distinguished name associated with Role.
|
String |
getEndDate()
Contains the end date when Role is allowed to be activated in session.
|
String |
getEndLockDate()
Contains the end lock date when Role is allowed to be activated in session once again.
|
String |
getEndTime()
Contains the end time of day Role is allowed to be activated in session.
|
String |
getId()
Return the internal id that is associated with Role.
|
String |
getName()
Gets the name required attribute of the Role object
|
List<String> |
getOccupants()
Return list of occupants for a particular Role entity.
|
Set<String> |
getParents()
Get the names of roles that are parents (direct ascendants) of this role.
|
String |
getRawData()
Required on DAO classes convert Temporal attributes stored on entity to raw data object format needed for ldap.
|
Integer |
getTimeout()
Return the integer timeout that contains total time (in seconds) that Role may remain inactive in User's session
before it is deactivated.
|
int |
hashCode() |
boolean |
isTemporalSet()
temporal boolean flag is used by internal Fortress components.
|
void |
setBeginDate(String beginDate)
Set the beginDate when Role is allowed to be activated in session.
|
void |
setBeginLockDate(String beginLockDate)
Set the begin lock date when Role is temporarily not allowed to be activated in session.
|
void |
setBeginTime(String beginTime)
Set the begin time of day Role is allowed to be activated in session.
|
void |
setChildren(Set<String> children)
Set the Set of child role names (direct descendants) of this role
|
void |
setDayMask(String dayMask)
Set the daymask that specifies what days of week Role is allowed to be activated in session.
|
void |
setDescription(String description)
Sets the optional description that is associated with Role.
|
void |
setDn(String dn)
Set distinguished name associated with Role.
|
void |
setEndDate(String endDate)
Set the end date when Role is not allowed to be activated in session.
|
void |
setEndLockDate(String endLockDate)
Set the end lock date when Role is allowed to be activated in session once again.
|
void |
setEndTime(String endTime)
Set the end time of day Role is allowed to be activated in session.
|
void |
setId()
Generate an internal Id that is associated with Role.
|
void |
setId(String id)
Set the internal Id that is associated with Role.
|
void |
setName(String name)
Sets the required name attribute on the Role object
|
void |
setOccupant(String occupant)
Set the occupant attribute with the contents of the User dn.
|
void |
setOccupants(List<String> occupants)
Set a list of occupants for a particular Role entity.
|
void |
setParent(String parent)
Set the occupant attribute with the contents of the User dn.
|
void |
setParents(Set<String> parents)
Set the names of roles names that are parents (direct ascendants) of this role.
|
void |
setRawData(String rawData)
Required on DAO classes convert Temporal from raw ldap data to entity attributes.
|
void |
setTimeout(Integer timeout)
Set the integer timeout that contains max time (in seconds) that Role may remain inactive in User's session before it
is deactivated.
|
String |
toString() |
protected String |
toString(String tabs) |
getAdminSession, getContextId, getModCode, getModId, getSequenceId, setAdminSession, setContextId, setModCode, setSequenceId
public Role()
public Role(String name)
name
- maps to 'cn' attribute on 'organizationalrole' object class.public Role(Constraint con)
con
- maps to 'ftCstr' attribute in 'ftRls' object class.public String getRawData()
getRawData
in interface Constraint
public void setRawData(String rawData)
rawData
- maps to 'ftCstr' attribute in 'ftRls' object class.public String getName()
getName
in interface Constraint
getName
in interface Graphable
public void setName(String name)
setName
in interface Constraint
setName
in interface Graphable
name
- contains attribute used internally for constraint checking.public void setOccupant(String occupant)
occupant
- maps to 'roleOccupant' attribute on 'organizationalrole' object class.public List<String> getOccupants()
public void setOccupants(List<String> occupants)
occupants
- contains a List of type String which maps to 'roleOccupant' attribute on 'organizationalrole'
object class.public String getDescription()
public void setDescription(String description)
description
- that is mapped to same name in 'organizationalrole' object class.public String getId()
public void setId()
public void setId(String id)
id
- maps to 'ftId' in 'ftRls' object class.public boolean isTemporalSet()
isTemporalSet
in interface Constraint
public String getBeginTime()
getBeginTime
in interface Constraint
public void setBeginTime(String beginTime)
setBeginTime
in interface Constraint
beginTime
- maps to 'ftCstr' attribute in 'ftRls' object class.public String getEndTime()
getEndTime
in interface Constraint
public void setEndTime(String endTime)
setEndTime
in interface Constraint
endTime
- maps to 'ftCstr' attribute in 'ftRls' object class.public String getBeginDate()
getBeginDate
in interface Constraint
public void setBeginDate(String beginDate)
setBeginDate
in interface Constraint
beginDate
- maps to 'ftCstr' attribute in 'ftRls' object class.public String getEndDate()
getEndDate
in interface Constraint
public void setEndDate(String endDate)
setEndDate
in interface Constraint
endDate
- maps to 'ftCstr' attribute in 'ftRls' object class.public String getBeginLockDate()
getBeginLockDate
in interface Constraint
public void setBeginLockDate(String beginLockDate)
setBeginLockDate
in interface Constraint
beginLockDate
- maps to 'ftCstr' attribute in 'ftRls' object class.public String getEndLockDate()
getEndLockDate
in interface Constraint
public void setEndLockDate(String endLockDate)
setEndLockDate
in interface Constraint
endLockDate
- maps to 'ftCstr' attribute in 'ftRls' object class.public String getDayMask()
getDayMask
in interface Constraint
public void setDayMask(String dayMask)
setDayMask
in interface Constraint
dayMask
- maps to 'ftCstr' attribute in 'ftRls' object class.public Integer getTimeout()
getTimeout
in interface Constraint
public void setTimeout(Integer timeout)
setTimeout
in interface Constraint
timeout
- maps to 'ftCstr' attribute in 'ftRls' object class.public Set<String> getParents()
getParents
in interface Graphable
public void setParents(Set<String> parents)
setParents
in interface Graphable
parents
- contains the Set of parent role names assigned to this role.public void setParent(String parent)
public void delParent(String parent)
public Set<String> getChildren()
public void setChildren(Set<String> children)
children
- contains the Set of child role names assigned to this role.public String getDn()
public void setDn(String dn)
public boolean equals(Object thatObj)
protected String toString(String tabs)
tabs
- the spaces to put at the beginning of each line for a correct indentationObject.toString()
public String toString()
toString
in class Object
Object.toString()
Copyright © 2003-2016, The Apache Software Foundation. All Rights Reserved. Generated 20160718-1621