Class LdapRbacManager
- java.lang.Object
-
- org.apache.archiva.redback.rbac.AbstractRBACManager
-
- org.apache.archiva.redback.rbac.ldap.LdapRbacManager
-
- All Implemented Interfaces:
RBACManager
,RBACManagerListener
@Service("rbacManager#ldap") public class LdapRbacManager extends AbstractRBACManager implements RBACManager, RBACManagerListener
LdapRbacManager will read datas from ldap for mapping groups to role. Write operations will delegate to cached implementation.- Author:
- Olivier Lamy
-
-
Constructor Summary
Constructors Constructor Description LdapRbacManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addChildRole(Role role, Role childRole)
Adds a child to a role.void
addListener(RBACManagerListener listener)
protected boolean
checkIfLdapRole(String roleName)
protected void
closeContext(DirContext context)
protected void
closeLdapConnection(LdapConnection ldapConnection)
Operation
createOperation(String name)
Permission
createPermission(String name)
Creates an implementation specificPermission
, or return an existingPermission
, depending on the providedname
parameter.Permission
createPermission(String name, String operationName, String resourceIdentifier)
Resource
createResource(String identifier)
Role
createRole(String id, String name)
Creates a new role with the given id and role name.UserAssignment
createUserAssignment(String username)
Creates an implementation specificUserAssignment
, or return an existingUserAssignment
, depending on the providedidentifier
parameter.void
eraseDatabase()
List<Role>
getAllAssignableRoles()
Returns a list of all assignable rolesList<? extends Operation>
getAllOperations()
List<? extends Permission>
getAllPermissions()
List<? extends Resource>
getAllResources()
List<Role>
getAllRoles()
Returns all roles defined in the datastore.List<UserAssignment>
getAllUserAssignments()
Returns all user assignments definedCollection<Role>
getAssignedRoles(String username)
returns the active roles for a given principal NOTE: roles that are returned might have have roles themselves, if you just want all permissions then useAbstractRBACManager.getAssignedPermissions(String principal)
Collection<Role>
getAssignedRoles(UserAssignment userAssignment)
returns only the roles that are assigned, not the roles that might be child roles of the assigned roles.Map<String,? extends Role>
getChildRoleIds(Role role)
Returns all the child roles of a given role as (role id, role) pairs.Map<String,? extends Role>
getChildRoleNames(Role role)
Returns all the child roles of a given role as (name, role) pairs.String
getDescriptionKey()
Set<? extends Role>
getEffectiveRoles(Role role)
Returns all effective roles.Resource
getGlobalResource()
Returns the global resource objectLdapRoleMapper
getLdapRoleMapper()
Operation
getOperation(String operationName)
Map<String,? extends Role>
getParentRoleIds(Role role)
Returns all the parent roles of a given role as map of (id, role) elements.Map<String,? extends Role>
getParentRoleNames(Role role)
Returns all the parent roles of a given role as map of (name, role) elements.Permission
getPermission(String permissionName)
RBACManager
getRbacImpl()
protected List<String>
getRealRoles()
Resource
getResource(String resourceIdentifier)
Role
getRole(String roleName)
Returns the role identified by the given nameRole
getRoleById(String id)
Returns the role identified by the given IDMap<String,? extends Role>
getRoles(Collection<String> roleNames)
Returns the role instances for the given role names.Collection<Role>
getUnassignedRoles(String username)
Get a list of all assignable roles that are currently not assigned to the specific user.UserAssignment
getUserAssignment(String username)
List<? extends UserAssignment>
getUserAssignmentsForRoles(Collection<String> roleIds)
Returns the assignments for the given rolesvoid
initialize()
consumer of user manager can use it to reload various configuration with the configurable implementation is possible to change dynamically the real implementation used.boolean
isFinalImplementation()
boolean
isReadOnly()
Is the RBACManager read only? if so then create and modify actions are to be disabledboolean
isWritableLdap()
boolean
operationExists(String name)
boolean
operationExists(Operation operation)
boolean
permissionExists(String name)
Tests for the existence of a permission.boolean
permissionExists(Permission permission)
void
rbacInit(boolean freshdb)
void
rbacPermissionRemoved(Permission permission)
void
rbacPermissionSaved(Permission permission)
void
rbacRoleRemoved(Role role)
void
rbacRoleSaved(Role role)
void
rbacUserAssignmentRemoved(UserAssignment userAssignment)
void
rbacUserAssignmentSaved(UserAssignment userAssignment)
void
removeListener(RBACManagerListener listener)
void
removeOperation(String operationName)
void
removeOperation(Operation operation)
void
removePermission(String permissionName)
void
removePermission(Permission permission)
void
removeResource(String resourceIdentifier)
void
removeResource(Resource resource)
void
removeRole(String roleName)
Removes the role with the given name from the datastore.void
removeRole(Role role)
Removes the given role from the datastore.void
removeUserAssignment(String username)
Method removeAssignmentvoid
removeUserAssignment(UserAssignment userAssignment)
Method removeAssignmentboolean
resourceExists(String identifier)
boolean
resourceExists(Resource resource)
boolean
roleExists(String name)
Tests for the existence of a Role.boolean
roleExists(Role role)
Returns true, if the given role exists.boolean
roleExistsById(String id)
Returnstrue
, if a role with the given id exists.Operation
saveOperation(Operation operation)
Save the new or existing operation to the store.Permission
savePermission(Permission permission)
Resource
saveResource(Resource resource)
Role
saveRole(Role role)
Persists the given role to the backend datastore.void
saveRoles(Collection<Role> roles)
Persists all of the given roles to the backend datastore.UserAssignment
saveUserAssignment(UserAssignment userAssignment)
Method saveUserAssignmentvoid
setLdapRoleMapper(LdapRoleMapper ldapRoleMapper)
void
setRbacImpl(RBACManager rbacImpl)
void
setWritableLdap(boolean writableLdap)
boolean
userAssignmentExists(String principal)
boolean
userAssignmentExists(UserAssignment assignment)
-
Methods inherited from class org.apache.archiva.redback.rbac.AbstractRBACManager
createRole, fireRbacInit, fireRbacPermissionRemoved, fireRbacPermissionSaved, fireRbacRoleRemoved, fireRbacRoleSaved, fireRbacUserAssignmentRemoved, fireRbacUserAssignmentSaved, getAssignedPermissionMap, getAssignedPermissions, getEffectivelyAssignedRoles, getEffectivelyAssignedRoles, getEffectivelyUnassignedRoles, removeRoleById
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.archiva.redback.rbac.RBACManager
createRole, getAssignedPermissionMap, getAssignedPermissions, getEffectivelyAssignedRoles, getEffectivelyUnassignedRoles, removeRoleById
-
-
-
-
Constructor Detail
-
LdapRbacManager
public LdapRbacManager()
-
-
Method Detail
-
initialize
@PostConstruct public void initialize()
Description copied from interface:RBACManager
consumer of user manager can use it to reload various configuration with the configurable implementation is possible to change dynamically the real implementation used.- Specified by:
initialize
in interfaceRBACManager
- Overrides:
initialize
in classAbstractRBACManager
-
addChildRole
public void addChildRole(Role role, Role childRole) throws RbacObjectInvalidException, RbacManagerException
Description copied from interface:RBACManager
Adds a child to a role.- Specified by:
addChildRole
in interfaceRBACManager
- Overrides:
addChildRole
in classAbstractRBACManager
- Parameters:
role
- the parent rolechildRole
- the child role, that is added to the parent role- Throws:
RbacObjectInvalidException
- if one of the role objects was not validRbacManagerException
- if the access to the backend datastore failed
-
addListener
public void addListener(RBACManagerListener listener)
- Specified by:
addListener
in interfaceRBACManager
- Overrides:
addListener
in classAbstractRBACManager
-
createOperation
public Operation createOperation(String name) throws RbacManagerException
Description copied from interface:RBACManager
Creates an implementation specificOperation
, or return an existingOperation
, depending on the providedname
parameter. Note: Be sure to useRBACManager.saveOperation(Operation)
in order to persist any changes to the Role.- Specified by:
createOperation
in interfaceRBACManager
- Parameters:
name
- the name.- Returns:
- the new Operation.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
createPermission
public Permission createPermission(String name) throws RbacManagerException
Description copied from interface:RBACManager
Creates an implementation specificPermission
, or return an existingPermission
, depending on the providedname
parameter. Note: Be sure to useRBACManager.savePermission(Permission)
in order to persist any changes to the Role.- Specified by:
createPermission
in interfaceRBACManager
- Parameters:
name
- the name.- Returns:
- the new Permission.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
createPermission
public Permission createPermission(String name, String operationName, String resourceIdentifier) throws RbacManagerException
Description copied from interface:RBACManager
Creates an implementation specificPermission
with specifiedOperation
, andResource
identifiers. Note: Be sure to useRBACManager.savePermission(Permission)
in order to persist any changes to the Role.- Specified by:
createPermission
in interfaceRBACManager
- Parameters:
name
- the name.operationName
- theOperation.setName(String)
valueresourceIdentifier
- theResource.setIdentifier(String)
value- Returns:
- the new Permission.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
createResource
public Resource createResource(String identifier) throws RbacManagerException
Description copied from interface:RBACManager
Creates an implementation specificResource
, or return an existingResource
, depending on the providedidentifier
parameter. Note: Be sure to useRBACManager.saveResource(Resource)
in order to persist any changes to the Role.- Specified by:
createResource
in interfaceRBACManager
- Parameters:
identifier
- the identifier.- Returns:
- the new Resource.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
createRole
public Role createRole(String id, String name)
Description copied from interface:RBACManager
Creates a new role with the given id and role name.- Specified by:
createRole
in interfaceRBACManager
- Parameters:
id
- the role identifier, which must be uniquename
- the role name, which must be unique- Returns:
- the new role instance
-
createUserAssignment
public UserAssignment createUserAssignment(String username) throws RbacManagerException
Description copied from interface:RBACManager
Creates an implementation specificUserAssignment
, or return an existingUserAssignment
, depending on the providedidentifier
parameter. Note: Be sure to useRBACManager.saveUserAssignment(UserAssignment)
in order to persist any changes to the Role.- Specified by:
createUserAssignment
in interfaceRBACManager
- Parameters:
username
- the principal reference to the user.- Returns:
- the new UserAssignment object.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
eraseDatabase
public void eraseDatabase()
- Specified by:
eraseDatabase
in interfaceRBACManager
-
getAllAssignableRoles
public List<Role> getAllAssignableRoles() throws RbacManagerException
Description copied from interface:RBACManager
Returns a list of all assignable roles- Specified by:
getAllAssignableRoles
in interfaceRBACManager
- Overrides:
getAllAssignableRoles
in classAbstractRBACManager
- Returns:
- list of assignable roles
- Throws:
RbacManagerException
- if the access to the backend datastore failed- See Also:
RBACManager.getAllAssignableRoles()
-
getAllOperations
public List<? extends Operation> getAllOperations() throws RbacManagerException
- Specified by:
getAllOperations
in interfaceRBACManager
- Throws:
RbacManagerException
-
getAllPermissions
public List<? extends Permission> getAllPermissions() throws RbacManagerException
- Specified by:
getAllPermissions
in interfaceRBACManager
- Throws:
RbacManagerException
-
getAllResources
public List<? extends Resource> getAllResources() throws RbacManagerException
- Specified by:
getAllResources
in interfaceRBACManager
- Throws:
RbacManagerException
-
getAllRoles
public List<Role> getAllRoles() throws RbacManagerException
Description copied from interface:RBACManager
Returns all roles defined in the datastore.- Specified by:
getAllRoles
in interfaceRBACManager
- Returns:
- the list of roles defined in the datastore
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getAllUserAssignments
public List<UserAssignment> getAllUserAssignments() throws RbacManagerException
Description copied from interface:RBACManager
Returns all user assignments defined- Specified by:
getAllUserAssignments
in interfaceRBACManager
- Returns:
- list of assignments
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
closeLdapConnection
protected void closeLdapConnection(LdapConnection ldapConnection)
-
closeContext
protected void closeContext(DirContext context)
-
getRealRoles
protected List<String> getRealRoles() throws RbacManagerException
- Throws:
RbacManagerException
-
getAssignedRoles
public Collection<Role> getAssignedRoles(String username) throws RbacManagerException
Description copied from class:AbstractRBACManager
returns the active roles for a given principal NOTE: roles that are returned might have have roles themselves, if you just want all permissions then useAbstractRBACManager.getAssignedPermissions(String principal)
- Specified by:
getAssignedRoles
in interfaceRBACManager
- Overrides:
getAssignedRoles
in classAbstractRBACManager
- Parameters:
username
- the user principal to search for assignments- Returns:
- Collection of
Role
objects. - Throws:
RbacObjectNotFoundException
- if the user with the given principal name was not foundRbacManagerException
- if the access to the backend datastore failed
-
getAssignedRoles
public Collection<Role> getAssignedRoles(UserAssignment userAssignment) throws RbacManagerException
Description copied from class:AbstractRBACManager
returns only the roles that are assigned, not the roles that might be child roles of the assigned roles.- Specified by:
getAssignedRoles
in interfaceRBACManager
- Overrides:
getAssignedRoles
in classAbstractRBACManager
- Parameters:
userAssignment
- the user assignment instance- Returns:
- Collection of
Role
objects for the provided UserAssignment. - Throws:
RbacObjectNotFoundException
- if the assignment could not be foundRbacManagerException
- if the access to the backend datastore failed
-
getChildRoleNames
public Map<String,? extends Role> getChildRoleNames(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns all the child roles of a given role as (name, role) pairs.- Specified by:
getChildRoleNames
in interfaceRBACManager
- Overrides:
getChildRoleNames
in classAbstractRBACManager
- Parameters:
role
- the parent role- Returns:
- the list of child roles
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getChildRoleIds
public Map<String,? extends Role> getChildRoleIds(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns all the child roles of a given role as (role id, role) pairs.- Specified by:
getChildRoleIds
in interfaceRBACManager
- Overrides:
getChildRoleIds
in classAbstractRBACManager
- Parameters:
role
- the parent role- Returns:
- the map of child roles as (role id, role) pairs
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getParentRoleNames
public Map<String,? extends Role> getParentRoleNames(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns all the parent roles of a given role as map of (name, role) elements.- Specified by:
getParentRoleNames
in interfaceRBACManager
- Overrides:
getParentRoleNames
in classAbstractRBACManager
- Parameters:
role
- the role to check for parent roles- Returns:
- the list of parent roles that have
role
als child - Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getParentRoleIds
public Map<String,? extends Role> getParentRoleIds(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns all the parent roles of a given role as map of (id, role) elements.- Specified by:
getParentRoleIds
in interfaceRBACManager
- Overrides:
getParentRoleIds
in classAbstractRBACManager
- Parameters:
role
- the role to check for parents roles- Returns:
- a map of (role id, role) pairs that have
role
as child - Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getEffectiveRoles
public Set<? extends Role> getEffectiveRoles(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns all effective roles. Which means a list with the current role and all child roles recursively.- Specified by:
getEffectiveRoles
in interfaceRBACManager
- Overrides:
getEffectiveRoles
in classAbstractRBACManager
- Parameters:
role
- the role to use as starting point- Returns:
- the set of roles that are found as children of the given role
- Throws:
RbacObjectNotFoundException
- if the given role was not foundRbacManagerException
- if the access to the backend datastore failed
-
getGlobalResource
public Resource getGlobalResource() throws RbacManagerException
Description copied from interface:RBACManager
Returns the global resource object- Specified by:
getGlobalResource
in interfaceRBACManager
- Overrides:
getGlobalResource
in classAbstractRBACManager
- Returns:
- the global resource object
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
getOperation
public Operation getOperation(String operationName) throws RbacManagerException
- Specified by:
getOperation
in interfaceRBACManager
- Throws:
RbacManagerException
-
getPermission
public Permission getPermission(String permissionName) throws RbacManagerException
- Specified by:
getPermission
in interfaceRBACManager
- Throws:
RbacManagerException
-
getResource
public Resource getResource(String resourceIdentifier) throws RbacManagerException
- Specified by:
getResource
in interfaceRBACManager
- Throws:
RbacManagerException
-
getRole
public Role getRole(String roleName) throws RbacManagerException
Description copied from interface:RBACManager
Returns the role identified by the given name- Specified by:
getRole
in interfaceRBACManager
- Parameters:
roleName
- the role name- Returns:
- the role instance, if a role by this name was found
- Throws:
RbacObjectNotFoundException
- if not role was found with the given nameRbacManagerException
- if the access to the underlying datastore failed
-
checkIfLdapRole
protected boolean checkIfLdapRole(String roleName) throws RbacManagerException
- Throws:
RbacManagerException
-
getRoleById
public Role getRoleById(String id) throws RbacObjectNotFoundException, RbacManagerException
Description copied from interface:RBACManager
Returns the role identified by the given ID- Specified by:
getRoleById
in interfaceRBACManager
- Parameters:
id
- the role id- Returns:
- the role object, if the role with the given id exists
- Throws:
RbacObjectNotFoundException
- if no role was found with the given idRbacManagerException
- if the access to the underlying datastore failed
-
getRoles
public Map<String,? extends Role> getRoles(Collection<String> roleNames) throws RbacManagerException
Description copied from interface:RBACManager
Returns the role instances for the given role names.- Specified by:
getRoles
in interfaceRBACManager
- Overrides:
getRoles
in classAbstractRBACManager
- Parameters:
roleNames
- the list of role names.- Returns:
- a map of (name,role) pairs
- Throws:
RbacObjectNotFoundException
- if one of the given roles was not foundRbacManagerException
- if the access to the backend datastore failed
-
getUnassignedRoles
public Collection<Role> getUnassignedRoles(String username) throws RbacManagerException
Description copied from interface:RBACManager
Get a list of all assignable roles that are currently not assigned to the specific user.- Specified by:
getUnassignedRoles
in interfaceRBACManager
- Overrides:
getUnassignedRoles
in classAbstractRBACManager
- Parameters:
username
- the user principal name- Returns:
- the list of roles not assigned to the given user
- Throws:
RbacManagerException
- if the access to the backend datastore failedRbacObjectNotFoundException
- if the user with the given principal was not found
-
getUserAssignment
public UserAssignment getUserAssignment(String username) throws RbacManagerException
- Specified by:
getUserAssignment
in interfaceRBACManager
- Throws:
RbacManagerException
-
getUserAssignmentsForRoles
public List<? extends UserAssignment> getUserAssignmentsForRoles(Collection<String> roleIds) throws RbacManagerException
Description copied from interface:RBACManager
Returns the assignments for the given roles- Specified by:
getUserAssignmentsForRoles
in interfaceRBACManager
- Parameters:
roleIds
- collection of role names- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
operationExists
public boolean operationExists(Operation operation)
- Specified by:
operationExists
in interfaceRBACManager
- Overrides:
operationExists
in classAbstractRBACManager
-
operationExists
public boolean operationExists(String name)
- Specified by:
operationExists
in interfaceRBACManager
- Overrides:
operationExists
in classAbstractRBACManager
-
permissionExists
public boolean permissionExists(Permission permission)
- Specified by:
permissionExists
in interfaceRBACManager
- Overrides:
permissionExists
in classAbstractRBACManager
-
permissionExists
public boolean permissionExists(String name)
Description copied from interface:RBACManager
Tests for the existence of a permission.- Specified by:
permissionExists
in interfaceRBACManager
- Overrides:
permissionExists
in classAbstractRBACManager
- Parameters:
name
- the name to test for.- Returns:
- true if permission exists.
-
rbacInit
public void rbacInit(boolean freshdb)
- Specified by:
rbacInit
in interfaceRBACManagerListener
-
rbacPermissionRemoved
public void rbacPermissionRemoved(Permission permission)
- Specified by:
rbacPermissionRemoved
in interfaceRBACManagerListener
-
rbacPermissionSaved
public void rbacPermissionSaved(Permission permission)
- Specified by:
rbacPermissionSaved
in interfaceRBACManagerListener
-
rbacRoleRemoved
public void rbacRoleRemoved(Role role)
- Specified by:
rbacRoleRemoved
in interfaceRBACManagerListener
-
rbacRoleSaved
public void rbacRoleSaved(Role role)
- Specified by:
rbacRoleSaved
in interfaceRBACManagerListener
-
rbacUserAssignmentRemoved
public void rbacUserAssignmentRemoved(UserAssignment userAssignment)
- Specified by:
rbacUserAssignmentRemoved
in interfaceRBACManagerListener
-
rbacUserAssignmentSaved
public void rbacUserAssignmentSaved(UserAssignment userAssignment)
- Specified by:
rbacUserAssignmentSaved
in interfaceRBACManagerListener
-
removeListener
public void removeListener(RBACManagerListener listener)
- Specified by:
removeListener
in interfaceRBACManager
- Overrides:
removeListener
in classAbstractRBACManager
-
removeOperation
public void removeOperation(Operation operation) throws RbacManagerException
- Specified by:
removeOperation
in interfaceRBACManager
- Throws:
RbacManagerException
-
removeOperation
public void removeOperation(String operationName) throws RbacManagerException
- Specified by:
removeOperation
in interfaceRBACManager
- Overrides:
removeOperation
in classAbstractRBACManager
- Throws:
RbacManagerException
-
removePermission
public void removePermission(Permission permission) throws RbacManagerException
- Specified by:
removePermission
in interfaceRBACManager
- Throws:
RbacManagerException
-
removePermission
public void removePermission(String permissionName) throws RbacManagerException
- Specified by:
removePermission
in interfaceRBACManager
- Overrides:
removePermission
in classAbstractRBACManager
- Throws:
RbacManagerException
-
removeResource
public void removeResource(Resource resource) throws RbacManagerException
- Specified by:
removeResource
in interfaceRBACManager
- Throws:
RbacManagerException
-
removeResource
public void removeResource(String resourceIdentifier) throws RbacManagerException
- Specified by:
removeResource
in interfaceRBACManager
- Overrides:
removeResource
in classAbstractRBACManager
- Throws:
RbacManagerException
-
removeRole
public void removeRole(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Removes the given role from the datastore.- Specified by:
removeRole
in interfaceRBACManager
- Parameters:
role
- the role to remove- Throws:
RbacManagerException
- if the access to the backend datastore failedRbacObjectNotFoundException
- if the given role was not foundRbacObjectInvalidException
- if the given role has invalid data
-
removeRole
public void removeRole(String roleName) throws RbacManagerException
Description copied from interface:RBACManager
Removes the role with the given name from the datastore.- Specified by:
removeRole
in interfaceRBACManager
- Overrides:
removeRole
in classAbstractRBACManager
- Parameters:
roleName
- the role name- Throws:
RbacObjectNotFoundException
- if the role with the given name was not foundRbacManagerException
- if the access to the backend datastore failed
-
removeUserAssignment
public void removeUserAssignment(String username) throws RbacManagerException
Description copied from interface:RBACManager
Method removeAssignment- Specified by:
removeUserAssignment
in interfaceRBACManager
- Overrides:
removeUserAssignment
in classAbstractRBACManager
- Parameters:
username
- the principal for which the assignment should be removed- Throws:
RbacObjectNotFoundException
- if the user with the given principal name was not foundRbacObjectInvalidException
- if the principal string was invalidRbacManagerException
- if the access to the backend datastore failed
-
removeUserAssignment
public void removeUserAssignment(UserAssignment userAssignment) throws RbacManagerException
Description copied from interface:RBACManager
Method removeAssignment- Specified by:
removeUserAssignment
in interfaceRBACManager
- Parameters:
userAssignment
- the assignment to remove- Throws:
RbacObjectNotFoundException
- if the assignment was not foundRbacObjectInvalidException
- if the provided assignment instance has invalid dataRbacManagerException
- if the access to the backend datastore failed
-
resourceExists
public boolean resourceExists(Resource resource)
- Specified by:
resourceExists
in interfaceRBACManager
- Overrides:
resourceExists
in classAbstractRBACManager
-
resourceExists
public boolean resourceExists(String identifier)
- Specified by:
resourceExists
in interfaceRBACManager
- Overrides:
resourceExists
in classAbstractRBACManager
-
roleExists
public boolean roleExists(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Returns true, if the given role exists.- Specified by:
roleExists
in interfaceRBACManager
- Overrides:
roleExists
in classAbstractRBACManager
- Parameters:
role
- the role to check- Returns:
true
, if the role exists, otherwisefalse
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
roleExists
public boolean roleExists(String name) throws RbacManagerException
Description copied from interface:RBACManager
Tests for the existence of a Role.- Specified by:
roleExists
in interfaceRBACManager
- Overrides:
roleExists
in classAbstractRBACManager
- Returns:
- true if role exists in store.
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
roleExistsById
public boolean roleExistsById(String id) throws RbacManagerException
Description copied from interface:RBACManager
Returnstrue
, if a role with the given id exists.- Specified by:
roleExistsById
in interfaceRBACManager
- Overrides:
roleExistsById
in classAbstractRBACManager
- Parameters:
id
- the role id- Returns:
true
, if the role with the given id exists, otherwisefalse
- Throws:
RbacManagerException
- if the access to the backend datastore failed
-
saveOperation
public Operation saveOperation(Operation operation) throws RbacManagerException
Description copied from interface:RBACManager
Save the new or existing operation to the store.- Specified by:
saveOperation
in interfaceRBACManager
- Parameters:
operation
- the operation to save (new or existing)- Returns:
- the Operation that was saved.
- Throws:
RbacObjectInvalidException
- if the object is not valid and cannot be savedRbacManagerException
- if the access to the backend datastore failed
-
savePermission
public Permission savePermission(Permission permission) throws RbacManagerException
- Specified by:
savePermission
in interfaceRBACManager
- Throws:
RbacManagerException
-
saveResource
public Resource saveResource(Resource resource) throws RbacManagerException
- Specified by:
saveResource
in interfaceRBACManager
- Throws:
RbacManagerException
-
saveRole
public Role saveRole(Role role) throws RbacManagerException
Description copied from interface:RBACManager
Persists the given role to the backend datastore.- Specified by:
saveRole
in interfaceRBACManager
- Parameters:
role
- the role to save- Returns:
- the persisted role, if the method was successful
- Throws:
RbacObjectInvalidException
- if the given role object was not validRbacManagerException
- if the access to the backend datastore failed
-
saveRoles
public void saveRoles(Collection<Role> roles) throws RbacManagerException
Description copied from interface:RBACManager
Persists all of the given roles to the backend datastore. Implementations should try to save all role instances and throw exceptions afterwards.- Specified by:
saveRoles
in interfaceRBACManager
- Parameters:
roles
- the list of roles to save- Throws:
RbacObjectInvalidException
- if one of the given role objects was not validRbacManagerException
- if the access to the backend datastore failed
-
saveUserAssignment
public UserAssignment saveUserAssignment(UserAssignment userAssignment) throws RbacManagerException
Description copied from interface:RBACManager
Method saveUserAssignment- Specified by:
saveUserAssignment
in interfaceRBACManager
- Parameters:
userAssignment
- the user assignment instance to save- Throws:
RbacObjectInvalidException
- if the instance has invalid data and cannot be savedRbacManagerException
- if the access to the backend datastore failed
-
userAssignmentExists
public boolean userAssignmentExists(String principal)
- Specified by:
userAssignmentExists
in interfaceRBACManager
- Overrides:
userAssignmentExists
in classAbstractRBACManager
-
userAssignmentExists
public boolean userAssignmentExists(UserAssignment assignment)
- Specified by:
userAssignmentExists
in interfaceRBACManager
- Overrides:
userAssignmentExists
in classAbstractRBACManager
-
getRbacImpl
public RBACManager getRbacImpl()
-
setRbacImpl
public void setRbacImpl(RBACManager rbacImpl)
-
isWritableLdap
public boolean isWritableLdap()
-
setWritableLdap
public void setWritableLdap(boolean writableLdap)
-
getLdapRoleMapper
public LdapRoleMapper getLdapRoleMapper()
-
setLdapRoleMapper
public void setLdapRoleMapper(LdapRoleMapper ldapRoleMapper)
-
isFinalImplementation
public boolean isFinalImplementation()
- Specified by:
isFinalImplementation
in interfaceRBACManager
- Overrides:
isFinalImplementation
in classAbstractRBACManager
- Returns:
- true if this implementation is a final one and not a wrapper (configurable, cached)
-
getDescriptionKey
public String getDescriptionKey()
- Specified by:
getDescriptionKey
in interfaceRBACManager
- Returns:
- a key to be able to customize label in UI
-
isReadOnly
public boolean isReadOnly()
Description copied from interface:RBACManager
Is the RBACManager read only? if so then create and modify actions are to be disabled- Specified by:
isReadOnly
in interfaceRBACManager
- Returns:
- boolean true if user manager is read only
-
-