Class UserAdminRole
- java.lang.Object
-
- org.apache.directory.fortress.core.model.FortEntity
-
- org.apache.directory.fortress.core.model.UserRole
-
- org.apache.directory.fortress.core.model.UserAdminRole
-
- All Implemented Interfaces:
Serializable
,Administrator
,Constraint
public class UserAdminRole extends UserRole implements Administrator
The UserAdminRole entity extends the UserRole and is used to store ARBAC User to AdminRole assignment along with temporal and ARBAC contraint values. The contents of the UserAdminRole entity will be stored on the User entity in the 'ftARA' (AdminRole name) and 'ftARC' (Temporal and ARBAC Constraints) attributes on the 'ftUserAttrs' object class. The UserAdminRole entity carries elements ofConstraint
. Any attributes of Constraint not set within this entity will use same attribute from theAdminRole
entity. Thus the UserAdminRole can override Constraint attributes from it's corresponding AdminRole if required by caller.UserAdminRole Schema
ftUserAttrs is used to store RBAC and ARBAC Role role assignments and other security attributes on User entity.------------------------------------------ Fortress User Attributes Auxiliary Object Class objectclass ( 1.3.6.1.4.1.38088.3.1 NAME 'ftUserAttrs' DESC 'Fortress User Attribute AUX Object Class' AUXILIARY MUST ( ftId ) MAY ( ftRC $ ftRA $ ftARC $ ftARA $ ftCstr $ ftSystem ) ) ------------------------------------------
- Author:
- Apache Directory Project
- See Also:
- Serialized Form
-
-
Field Summary
-
Fields inherited from class org.apache.directory.fortress.core.model.UserRole
isGroupRole, name, userId
-
Fields inherited from class org.apache.directory.fortress.core.model.FortEntity
adminSession, contextId, modCode, modId, sequenceId
-
-
Constructor Summary
Constructors Constructor Description UserAdminRole()
Default constructor is used by internal Fortress classes.UserAdminRole(String userId, String name)
Construct a UserRole entity given the required attributes 'userId' and 'role' name.UserAdminRole(String userId, Constraint con)
Construct an ARBAC Role with required attribute 'userId' and optional temporal constraint.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
equals(Object thatObj)
Matches the userId and admin role name from two UserAdminRole entities.String
getBeginRange()
Return the begin Role range attribute for AdminRole entity.String
getEndRange()
Return the end Role range attribute for AdminRole entity.Set<String>
getOsPSet()
Get a collection of optional Perm OU attributes that were stored on the AdminRole entity.Set<String>
getOsUSet()
Get a collection of optional User OU attributes that were stored on the AdminRole entity.Set<String>
getParents()
Get the names of admin roles that are parents (direct ascendants) of this admin role.String
getRawData()
This method creates raw data format that represents UserAdminRole temporal and ARBAC constraints using instance variables inside entity.String
getRoleRangeRaw()
This method retrieves UserAdminRole instance variables and formats into raw data for ARBAC constraint storage for the 'ftARC' attribute on the 'ftUserAttrs' object class.int
hashCode()
boolean
isBeginInclusive()
Set the begin inclusive which specifies if role range includes or excludes the 'beginRange' attribute.boolean
isEndInclusive()
Set the end inclusive which specifies if role range includes or excludes the 'endRange' attribute.void
load(String szRawData, String contextId, ParentUtil parentUtil)
This method loads UserAdminRole entity temporal and ARBAC constraint instance variables with data that was retrieved from the 'ftARC' attribute on the 'ftUserAttrs' object class.void
setBeginInclusive(boolean beginInclusive)
Get the begin inclusive which specifies if role range includes or excludes the 'beginRange' attribute.void
setBeginRange(String beginRange)
Set the begin Role range attribute for AdminRole entity.void
setEndInclusive(boolean endInclusive)
Get the end inclusive which specifies if role range includes or excludes the 'endRange' attribute.void
setEndRange(String endRange)
Set the end Role range attribute for AdminRole entity.void
setOsP(String osP)
Set a Perm OU attribute to be stored on the AdminRole entity.void
setOsPSet(Set<String> osPs)
Set a collection of optional Perm OU attributes to be stored on the AdminRole entity.void
setOsU(String osU)
Set a User OU attribute to be stored on the AdminRole entity.void
setOsUSet(Set<String> osUs)
Set a collection of optional User OU attributes to be stored on the AdminRole entity.void
setParents(Set<String> parents)
Set the names of parent admin roles.void
setRoleRangeRaw(String szRaw)
This method loads UserAdminRole entity Role range ARBAC constraint instance variables with data that was retrieved from the 'ftARC' attribute on the 'ftUserAttrs' object class.-
Methods inherited from class org.apache.directory.fortress.core.model.UserRole
getBeginDate, getBeginLockDate, getBeginTime, getConstraints, getDayMask, getEndDate, getEndLockDate, getEndTime, getName, getRoleConstraints, getTimeout, getUserId, isGroupRole, isTemporalSet, setBeginDate, setBeginLockDate, setBeginTime, setDayMask, setEndDate, setEndLockDate, setEndTime, setGroupRole, setName, setRoleConstraints, setTimeout, setUserId, toString
-
Methods inherited from class org.apache.directory.fortress.core.model.FortEntity
getAdminSession, getContextId, getModCode, getModId, getSequenceId, setAdminSession, setContextId, setModCode, setSequenceId
-
-
-
-
Constructor Detail
-
UserAdminRole
public UserAdminRole()
Default constructor is used by internal Fortress classes.
-
UserAdminRole
public UserAdminRole(String userId, String name)
Construct a UserRole entity given the required attributes 'userId' and 'role' name.- Parameters:
userId
- maps to the 'uid' attribute on the 'inetOrgPerson' object class.name
- maps to the 'ftARA' attribute on the 'ftUserAttrs' object class.
-
UserAdminRole
public UserAdminRole(String userId, Constraint con)
Construct an ARBAC Role with required attribute 'userId' and optional temporal constraint.- Parameters:
userId
- maps to the 'uid' attribute on the 'inetOrgPerson' object class.con
- maps to 'ftARC' attribute in 'ftUserAttrs' object class.
-
-
Method Detail
-
load
public void load(String szRawData, String contextId, ParentUtil parentUtil)
This method loads UserAdminRole entity temporal and ARBAC constraint instance variables with data that was retrieved from the 'ftARC' attribute on the 'ftUserAttrs' object class. This is the raw format that Fortress uses to condense the temporal and ARBAC data into a compact String for efficient storage and retrieval and is not intended to be called by external programs.
-
getRawData
public String getRawData()
This method creates raw data format that represents UserAdminRole temporal and ARBAC constraints using instance variables inside entity. The raw data is eventually stored in the 'ftARC' attribute on the 'ftUserAttrs' object class. This is the raw format that Fortress uses to condense the temporal and ARBAC data into a compact String for efficient storage and retrieval and is not intended to be called by external programs.- Specified by:
getRawData
in interfaceConstraint
- Overrides:
getRawData
in classUserRole
- Returns:
- String contains a raw formatted String that maps to 'ftARC' attribute on 'ftUserAttrs' object class
-
setRoleRangeRaw
public void setRoleRangeRaw(String szRaw)
This method loads UserAdminRole entity Role range ARBAC constraint instance variables with data that was retrieved from the 'ftARC' attribute on the 'ftUserAttrs' object class. This is the raw format that Fortress uses to condense the ARBAC data into a compact String for efficient storage and retrieval and is not intended to be called by external programs.- Specified by:
setRoleRangeRaw
in interfaceAdministrator
- Parameters:
szRaw
- contains a raw formatted String that maps to 'ftARC' attribute on 'ftUserAttrs' object class
-
getRoleRangeRaw
public String getRoleRangeRaw()
This method retrieves UserAdminRole instance variables and formats into raw data for ARBAC constraint storage for the 'ftARC' attribute on the 'ftUserAttrs' object class. This is the raw format that Fortress uses to condense the ARBAC data into a compact String for efficient storage and retrieval and is not intended to be called by external programs.- Specified by:
getRoleRangeRaw
in interfaceAdministrator
- Returns:
- String contains a raw formatted String that maps to 'ftARC' attribute on 'ftUserAttrs' object class
-
getOsPSet
public Set<String> getOsPSet()
Get a collection of optional Perm OU attributes that were stored on the AdminRole entity.- Specified by:
getOsPSet
in interfaceAdministrator
- Returns:
- List of type String containing Perm OU. This maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
setOsPSet
public void setOsPSet(Set<String> osPs)
Set a collection of optional Perm OU attributes to be stored on the AdminRole entity.- Specified by:
setOsPSet
in interfaceAdministrator
- Parameters:
osPs
- is a List of type String containing Perm OU. This maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
setOsP
public void setOsP(String osP)
Set a Perm OU attribute to be stored on the AdminRole entity.- Specified by:
setOsP
in interfaceAdministrator
- Parameters:
osP
- is a Perm OU that maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
getOsUSet
public Set<String> getOsUSet()
Get a collection of optional User OU attributes that were stored on the AdminRole entity.- Specified by:
getOsUSet
in interfaceAdministrator
- Returns:
- List of type String containing User OU. This maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
setOsUSet
public void setOsUSet(Set<String> osUs)
Set a collection of optional User OU attributes to be stored on the AdminRole entity.- Specified by:
setOsUSet
in interfaceAdministrator
- Parameters:
osUs
- is a List of type String containing User OU. This maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
setOsU
public void setOsU(String osU)
Set a User OU attribute to be stored on the AdminRole entity.- Specified by:
setOsU
in interfaceAdministrator
- Parameters:
osU
- is a User OU that maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
getBeginRange
public String getBeginRange()
Return the begin Role range attribute for AdminRole entity.- Specified by:
getBeginRange
in interfaceAdministrator
- Returns:
- String that maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
setBeginRange
public void setBeginRange(String beginRange)
Set the begin Role range attribute for AdminRole entity.- Specified by:
setBeginRange
in interfaceAdministrator
- Parameters:
beginRange
- maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
getEndRange
public String getEndRange()
Return the end Role range attribute for AdminRole entity.- Specified by:
getEndRange
in interfaceAdministrator
- Returns:
- String that maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
setEndRange
public void setEndRange(String endRange)
Set the end Role range attribute for AdminRole entity.- Specified by:
setEndRange
in interfaceAdministrator
- Parameters:
endRange
- maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
isBeginInclusive
public boolean isBeginInclusive()
Set the begin inclusive which specifies if role range includes or excludes the 'beginRange' attribute.- Specified by:
isBeginInclusive
in interfaceAdministrator
- Returns:
- String that maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
setBeginInclusive
public void setBeginInclusive(boolean beginInclusive)
Get the begin inclusive which specifies if role range includes or excludes the 'beginRange' attribute.- Specified by:
setBeginInclusive
in interfaceAdministrator
- Parameters:
beginInclusive
- maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
isEndInclusive
public boolean isEndInclusive()
Set the end inclusive which specifies if role range includes or excludes the 'endRange' attribute.- Specified by:
isEndInclusive
in interfaceAdministrator
- Returns:
- String that maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
setEndInclusive
public void setEndInclusive(boolean endInclusive)
Get the end inclusive which specifies if role range includes or excludes the 'endRange' attribute.- Specified by:
setEndInclusive
in interfaceAdministrator
- Parameters:
endInclusive
- maps to 'ftARC' attribute on 'ftUserAttrs' aux object class.
-
getParents
public Set<String> getParents()
Get the names of admin roles that are parents (direct ascendants) of this admin role.- Overrides:
getParents
in classUserRole
- Returns:
- Set of parent admin role names assigned to this admin role.
-
setParents
public void setParents(Set<String> parents)
Set the names of parent admin roles.- Overrides:
setParents
in classUserRole
- Parameters:
parents
- Set of admin role names.
-
equals
public boolean equals(Object thatObj)
Matches the userId and admin role name from two UserAdminRole entities.
-
-