Package org.apache.directory.fortress.core.model

Class SDSet

  • All Implemented Interfaces:
    Serializable, Comparable<SDSet>
    Direct Known Subclasses:
    SDSetAnt
    public class SDSet
extends FortEntity
implements Serializable, Comparable<SDSet>

    Static Separation of Duties Schema

    The Fortress SDSet entity is a composite of the following other Fortress structural and aux object classes:

    1. organizationalRole Structural Object Class is used to store basic attributes like cn and description. 

     ------------------------------------------
 objectclass ( 2.5.6.8 NAME 'organizationalRole'
  DESC 'RFC2256: an organizational role'
  SUP top STRUCTURAL
  MUST cn
  MAY (
      x121Address $ registeredAddress $ destinationIndicator $
      preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
      telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
      seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
      postOfficeBox $ postalCode $ postalAddress $
      physicalDeliveryOfficeName $ ou $ st $ l $ description
  )
 )
 ------------------------------------------

    2. The RBAC Separation of14:14 Duties includes:

    Static Separation of Duties 

     ------------------------------------------
 Fortress Dynamic Separation of Duties Structural Object Class
  objectclass    ( 1.3.6.1.4.1.38088.2.5
  NAME 'ftDSDSet'
  DESC 'Fortress Role Dynamic Separation of Duty Set Structural Object Class'
  SUP organizationalrole
  STRUCTURAL
  MUST (
      ftId $
      ftSetName $
      ftSetCardinality
  )
  MAY (
      ftRoles $
      description
  )
 )
 ------------------------------------------

    OR

    Dynamic Separation of Duties 

     ------------------------------------------
 Fortress Static Separation of Duties Structural Object Class
  objectclass    ( 1.3.6.1.4.1.38088.2.4
  NAME 'ftSSDSet'
  DESC 'Fortress Role Static Separation of Duty Set Structural Object Class'
  SUP organizationalrole
  STRUCTURAL
  MUST (
      ftId $
      ftSetName $
      ftSetCardinality
  )
  MAY (
      ftRoles $
      description
  )
)
 ------------------------------------------

    3. ftMods AUXILIARY Object Class is used to store Fortress audit variables on target entity. 

     ------------------------------------------
 Fortress Audit Modification Auxiliary Object Class
 objectclass ( 1.3.6.1.4.1.38088.3.4
  NAME 'ftMods'
  DESC 'Fortress Modifiers AUX Object Class'
  AUXILIARY
  MAY (
      ftModifier $
      ftModCode $
      ftModId
  )
 )
 ------------------------------------------
    Author:
    Apache Directory Project
    See Also:
    Serialized Form

    • Constructor Detail

      • SDSet

        public SDSet()

    • Method Detail

      • getType

        public SDSet.SDType getType()
        Get the required type of SD Set - 'STATIC' Or 'DYNAMIC'.
        Returns:
        type that maps to either 'ftSSDSet' or 'ftDSDSet' object class is used.

      • setType

        public void setType​(SDSet.SDType type)
        Set the required type of SD Set - 'STATIC' Or 'DYNAMIC'.
        Parameters:
        type - maps to either 'ftSSDSet' or 'ftDSDSet' object class is used.

      • getName

        public String getName()
        Return the name of SDSet entity. This field is required.
        Returns:
        attribute maps to 'cn' attribute on the 'organizationalRole' object class.

      • setName

        public void setName​(String name)
        Set the name of SDSet entity. This field is required.
        Parameters:
        name - maps to 'cn' attribute on the 'organizationalRole' object class.

      • getDescription

        public String getDescription()
        Returns optional description that is associated with SDSet. This attribute is validated but not constrained by Fortress.
        Returns:
        value that is mapped to 'description' in 'organizationalrole' object class.

      • setDescription

        public void setDescription​(String description)
        Sets the optional description that is associated with SDSet. This attribute is validated but not constrained by Fortress.
        Parameters:
        description - that is mapped to same name in 'organizationalrole' object class.

      • getId

        public String getId()
        Return the internal id that is associated with SDSet. This attribute is generated automatically by Fortress when new SDSet is added to directory and is not known or changeable by external client.
        Returns:
        attribute maps to 'ftId' in either 'ftSSDSet' or 'ftDSDSet' object class.

      • setId

        public void setId()
        Generate an internal Id that is associated with SDSet. This method is used by DAO class and is not available to outside classes. The generated attribute maps to 'ftId' in either 'ftSSDSet' or 'ftDSDSet' object class.

      • setId

        public void setId​(String id)
        Set the internal Id that is associated with Role. This method is used by DAO class and is generated automatically by Fortress. Attribute stored in LDAP cannot be changed by external caller. This method can be used by client for search purposes only.
        Parameters:
        id - maps to 'ftId' in either 'ftSSDSet' or 'ftDSDSet' object class.

      • getCardinality

        public Integer getCardinality()
        Return the numeric value that reflects the membership cardinality for SDSet. A value of '2' indicates the Role membership is mutually exclusive amongst members. A value of '3' indicates no more than two Roles in set can be assigned to a single User (SSD) or activated within a single Session (DSD). A value of '4' indicates no more than three Roles may be used at a time, etc...
        Returns:
        attribute maps to 'ftSetCardinality' attribute in either 'ftSSDSet' or 'ftDSDSet' object class.

      • setCardinality

        public void setCardinality​(Integer cardinality)
        Set the numeric value that reflects the membership cardinality for SDSet. A value of '2' indicates the Role membership is mutually exclusive amongst members. A value of '3' indicates no more than two Roles in set can be assigned to a single User (SSD) or activated within a single Session (DSD). A value of '4' indicates no more than three Roles may be used at a time, etc...
        Parameters:
        cardinality - The membership cardinality for SDSet

      • getMembers

        public Set<String> getMembers()
        Return the alphabetically sorted Set containing Role membership to SDSet.
        Returns:
        attribute maps to 'ftRoles' attribute in either 'ftSSDSet' or 'ftDSDSet' object class.

      • setMembers

        public void setMembers​(Set<String> members)
        Set an alphabetically sorted Set containing Role membership to SDSet.
        Parameters:
        members - attribute maps to 'ftRoles' attribute in either 'ftSSDSet' or 'ftDSDSet' object class.

      • setMember

        public void setMember​(String member)
        Add a member to the set.
        Parameters:
        member - role name.

      • addMember

        public void addMember​(String role)
        Add a member to an alphabetically sorted Set containing Role membership to SDSet.
        Parameters:
        role - attribute maps to 'ftRoles' attribute in either 'ftSSDSet' or 'ftDSDSet' object class.

      • delMember

        public void delMember​(String role)
        Remove a member from the alphabetically sorted Set containing Role membership to SDSet.
        Parameters:
        role - attribute maps to 'ftRoles' attribute in either 'ftSSDSet' or 'ftDSDSet' object class.

      • equals

        public boolean equals​(Object thatObj)
        Matches the name from two SDSet entities.
        Overrides:
        equals in class Object
        Parameters:
        thatObj - contains an SDSet entity.
        Returns:
        boolean indicating both objects contain matching SDSet names.

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object