Package org.apache.archiva.redback.rbac.ldap

Class LdapRbacManager

java.lang.Object

org.apache.archiva.redback.rbac.AbstractRBACManager

org.apache.archiva.redback.rbac.ldap.LdapRbacManager

All Implemented Interfaces:

RBACManager, RBACManagerListener

@Service("rbacManager#ldap")
public class LdapRbacManager
extends AbstractRBACManager
implements RBACManager, RBACManagerListener

LdapRbacManager will read datas from ldap for mapping groups to role. Write operations will delegate to cached implementation.

Author:

Olivier Lamy

Constructor Summary

Constructors

Constructor	Description
LdapRbacManager()

Method Summary

Modifier and Type	Method	Description
void	addChildRole(Role role, Role childRole)	Adds a child to a role.
void	addListener(RBACManagerListener listener)
protected boolean	checkIfLdapRole(String roleName)
protected void	closeContext(DirContext context)
protected void	closeLdapConnection(LdapConnection ldapConnection)
Operation	createOperation(String name)	Creates an implementation specific Operation, or return an existing Operation, depending on the provided name parameter.
Permission	createPermission(String name)	Creates an implementation specific Permission, or return an existing Permission, depending on the provided name parameter.
Permission	createPermission(String name, String operationName, String resourceIdentifier)	Creates an implementation specific Permission with specified Operation, and Resource identifiers.
Resource	createResource(String identifier)	Creates an implementation specific Resource, or return an existing Resource, depending on the provided identifier parameter.
Role	createRole(String id, String name)	Creates a new role with the given id and role name.
UserAssignment	createUserAssignment(String username)	Creates an implementation specific UserAssignment, or return an existing UserAssignment, depending on the provided identifier parameter.
void	eraseDatabase()
List<Role>	getAllAssignableRoles()	Returns a list of all assignable roles
List<? extends Operation>	getAllOperations()
List<? extends Permission>	getAllPermissions()
List<? extends Resource>	getAllResources()
List<Role>	getAllRoles()	Returns all roles defined in the datastore.
List<UserAssignment>	getAllUserAssignments()	Returns all user assignments defined
Collection<Role>	getAssignedRoles(String username)	returns the active roles for a given principal NOTE: roles that are returned might have have roles themselves, if you just want all permissions then use AbstractRBACManager.getAssignedPermissions(String principal)
Collection<Role>	getAssignedRoles(UserAssignment userAssignment)	returns only the roles that are assigned, not the roles that might be child roles of the assigned roles.
Map<String,? extends Role>	getChildRoleIds(Role role)	Returns all the child roles of a given role as (role id, role) pairs.
Map<String,? extends Role>	getChildRoleNames(Role role)	Returns all the child roles of a given role as (name, role) pairs.
String	getDescriptionKey()
Set<? extends Role>	getEffectiveRoles(Role role)	Returns all effective roles.
Resource	getGlobalResource()	Returns the global resource object
LdapRoleMapper	getLdapRoleMapper()
Operation	getOperation(String operationName)
Map<String,? extends Role>	getParentRoleIds(Role role)	Returns all the parent roles of a given role as map of (id, role) elements.
Map<String,? extends Role>	getParentRoleNames(Role role)	Returns all the parent roles of a given role as map of (name, role) elements.
Permission	getPermission(String permissionName)
RBACManager	getRbacImpl()
protected List<String>	getRealRoles()
Resource	getResource(String resourceIdentifier)
Role	getRole(String roleName)	Returns the role identified by the given name
Role	getRoleById(String id)	Returns the role identified by the given ID
Map<String,? extends Role>	getRoles(Collection<String> roleNames)	Returns the role instances for the given role names.
Collection<Role>	getUnassignedRoles(String username)	Get a list of all assignable roles that are currently not assigned to the specific user.
UserAssignment	getUserAssignment(String username)
List<? extends UserAssignment>	getUserAssignmentsForRoles(Collection<String> roleIds)	Returns the assignments for the given roles
void	initialize()	consumer of user manager can use it to reload various configuration with the configurable implementation is possible to change dynamically the real implementation used.
boolean	isFinalImplementation()
boolean	isReadOnly()	Is the RBACManager read only? if so then create and modify actions are to be disabled
boolean	isWritableLdap()
boolean	operationExists(String name)
boolean	operationExists(Operation operation)
boolean	permissionExists(String name)	Tests for the existence of a permission.
boolean	permissionExists(Permission permission)
void	rbacInit(boolean freshdb)
void	rbacPermissionRemoved(Permission permission)
void	rbacPermissionSaved(Permission permission)
void	rbacRoleRemoved(Role role)
void	rbacRoleSaved(Role role)
void	rbacUserAssignmentRemoved(UserAssignment userAssignment)
void	rbacUserAssignmentSaved(UserAssignment userAssignment)
void	removeListener(RBACManagerListener listener)
void	removeOperation(String operationName)
void	removeOperation(Operation operation)
void	removePermission(String permissionName)
void	removePermission(Permission permission)
void	removeResource(String resourceIdentifier)
void	removeResource(Resource resource)
void	removeRole(String roleName)	Removes the role with the given name from the datastore.
void	removeRole(Role role)	Removes the given role from the datastore.
void	removeUserAssignment(String username)	Method removeAssignment
void	removeUserAssignment(UserAssignment userAssignment)	Method removeAssignment
boolean	resourceExists(String identifier)
boolean	resourceExists(Resource resource)
boolean	roleExists(String name)	Tests for the existence of a Role.
boolean	roleExists(Role role)	Returns true, if the given role exists.
boolean	roleExistsById(String id)	Returns true, if a role with the given id exists.
Operation	saveOperation(Operation operation)	Save the new or existing operation to the store.
Permission	savePermission(Permission permission)
Resource	saveResource(Resource resource)
Role	saveRole(Role role)	Persists the given role to the backend datastore.
void	saveRoles(Collection<Role> roles)	Persists all of the given roles to the backend datastore.
UserAssignment	saveUserAssignment(UserAssignment userAssignment)	Method saveUserAssignment
void	setLdapRoleMapper(LdapRoleMapper ldapRoleMapper)
void	setRbacImpl(RBACManager rbacImpl)
void	setWritableLdap(boolean writableLdap)
boolean	userAssignmentExists(String principal)
boolean	userAssignmentExists(UserAssignment assignment)

Methods inherited from class org.apache.archiva.redback.rbac.AbstractRBACManager

createRole, fireRbacInit, fireRbacPermissionRemoved, fireRbacPermissionSaved, fireRbacRoleRemoved, fireRbacRoleSaved, fireRbacUserAssignmentRemoved, fireRbacUserAssignmentSaved, getAssignedPermissionMap, getAssignedPermissions, getEffectivelyAssignedRoles, getEffectivelyAssignedRoles, getEffectivelyUnassignedRoles, removeRoleById

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.archiva.redback.rbac.RBACManager

createRole, getAssignedPermissionMap, getAssignedPermissions, getEffectivelyAssignedRoles, getEffectivelyUnassignedRoles, removeRoleById

Constructor Detail

LdapRbacManager

public LdapRbacManager()

Method Detail

initialize

@PostConstruct
public void initialize()

Description copied from interface: RBACManager

consumer of user manager can use it to reload various configuration with the configurable implementation is possible to change dynamically the real implementation used.

Specified by:

initialize in interface RBACManager

Overrides:

initialize in class AbstractRBACManager

addChildRole

public void addChildRole(Role role,
                         Role childRole)
                  throws RbacObjectInvalidException,
                         RbacManagerException

Description copied from interface: RBACManager

Adds a child to a role.

Specified by:

addChildRole in interface RBACManager

Overrides:

addChildRole in class AbstractRBACManager

Parameters:

role - the parent role

childRole - the child role, that is added to the parent role

Throws:

RbacObjectInvalidException - if one of the role objects was not valid

RbacManagerException - if the access to the backend datastore failed

addListener

public void addListener(RBACManagerListener listener)

Specified by:

addListener in interface RBACManager

Overrides:

addListener in class AbstractRBACManager

createOperation

public Operation createOperation(String name)
                          throws RbacManagerException

Description copied from interface: RBACManager

Creates an implementation specific Operation, or return an existing Operation, depending on the provided name parameter. Note: Be sure to use RBACManager.saveOperation(Operation) in order to persist any changes to the Role.

Specified by:

createOperation in interface RBACManager

Parameters:

name - the name.

Returns:

the new Operation.

Throws:

RbacManagerException - if the access to the backend datastore failed

createPermission

public Permission createPermission(String name)
                            throws RbacManagerException

Description copied from interface: RBACManager

Creates an implementation specific Permission, or return an existing Permission, depending on the provided name parameter. Note: Be sure to use RBACManager.savePermission(Permission) in order to persist any changes to the Role.

Specified by:

createPermission in interface RBACManager

Parameters:

name - the name.

Returns:

the new Permission.

Throws:

RbacManagerException - if the access to the backend datastore failed

createPermission

public Permission createPermission(String name,
                                   String operationName,
                                   String resourceIdentifier)
                            throws RbacManagerException

Description copied from interface: RBACManager

Creates an implementation specific Permission with specified Operation, and Resource identifiers. Note: Be sure to use RBACManager.savePermission(Permission) in order to persist any changes to the Role.

Specified by:

createPermission in interface RBACManager

Parameters:

name - the name.

operationName - the Operation.setName(String) value

resourceIdentifier - the Resource.setIdentifier(String) value

Returns:

the new Permission.

Throws:

RbacManagerException - if the access to the backend datastore failed

createResource

public Resource createResource(String identifier)
                        throws RbacManagerException

Description copied from interface: RBACManager

Creates an implementation specific Resource, or return an existing Resource, depending on the provided identifier parameter. Note: Be sure to use RBACManager.saveResource(Resource) in order to persist any changes to the Role.

Specified by:

createResource in interface RBACManager

Parameters:

identifier - the identifier.

Returns:

the new Resource.

Throws:

RbacManagerException - if the access to the backend datastore failed

createRole

public Role createRole(String id,
                       String name)

Description copied from interface: RBACManager

Creates a new role with the given id and role name.

Specified by:

createRole in interface RBACManager

Parameters:

id - the role identifier, which must be unique

name - the role name, which must be unique

Returns:

the new role instance

createUserAssignment

public UserAssignment createUserAssignment(String username)
                                    throws RbacManagerException

Description copied from interface: RBACManager

Creates an implementation specific UserAssignment, or return an existing UserAssignment, depending on the provided identifier parameter. Note: Be sure to use RBACManager.saveUserAssignment(UserAssignment) in order to persist any changes to the Role.

Specified by:

createUserAssignment in interface RBACManager

Parameters:

username - the principal reference to the user.

Returns:

the new UserAssignment object.

Throws:

RbacManagerException - if the access to the backend datastore failed

eraseDatabase

public void eraseDatabase()

Specified by:

eraseDatabase in interface RBACManager

getAllAssignableRoles

public List<Role> getAllAssignableRoles()
                                 throws RbacManagerException

Description copied from interface: RBACManager

Returns a list of all assignable roles

Specified by:

getAllAssignableRoles in interface RBACManager

Overrides:

getAllAssignableRoles in class AbstractRBACManager

Returns:

list of assignable roles

Throws:

RbacManagerException - if the access to the backend datastore failed

See Also:

RBACManager.getAllAssignableRoles()

getAllOperations

public List<? extends Operation> getAllOperations()
                                           throws RbacManagerException

Specified by:

getAllOperations in interface RBACManager

Throws:

RbacManagerException

getAllPermissions

public List<? extends Permission> getAllPermissions()
                                             throws RbacManagerException

Specified by:

getAllPermissions in interface RBACManager

Throws:

RbacManagerException

getAllResources

public List<? extends Resource> getAllResources()
                                         throws RbacManagerException

Specified by:

getAllResources in interface RBACManager

Throws:

RbacManagerException

getAllRoles

public List<Role> getAllRoles()
                       throws RbacManagerException

Description copied from interface: RBACManager

Returns all roles defined in the datastore.

Specified by:

getAllRoles in interface RBACManager

Returns:

the list of roles defined in the datastore

Throws:

RbacManagerException - if the access to the backend datastore failed

getAllUserAssignments

public List<UserAssignment> getAllUserAssignments()
                                           throws RbacManagerException

Description copied from interface: RBACManager

Returns all user assignments defined

Specified by:

getAllUserAssignments in interface RBACManager

Returns:

list of assignments

Throws:

RbacManagerException - if the access to the backend datastore failed

closeLdapConnection

protected void closeLdapConnection(LdapConnection ldapConnection)

closeContext

protected void closeContext(DirContext context)

getRealRoles

protected List<String> getRealRoles()
                             throws RbacManagerException

Throws:

RbacManagerException

getAssignedRoles

public Collection<Role> getAssignedRoles(String username)
                                  throws RbacManagerException

Description copied from class: AbstractRBACManager

returns the active roles for a given principal NOTE: roles that are returned might have have roles themselves, if you just want all permissions then use AbstractRBACManager.getAssignedPermissions(String principal)

Specified by:

getAssignedRoles in interface RBACManager

Overrides:

getAssignedRoles in class AbstractRBACManager

Parameters:

username - the user principal to search for assignments

Returns:

Collection of Role objects.

Throws:

RbacObjectNotFoundException - if the user with the given principal name was not found

RbacManagerException - if the access to the backend datastore failed

getAssignedRoles

public Collection<Role> getAssignedRoles(UserAssignment userAssignment)
                                  throws RbacManagerException

Description copied from class: AbstractRBACManager

returns only the roles that are assigned, not the roles that might be child roles of the assigned roles.

Specified by:

getAssignedRoles in interface RBACManager

Overrides:

getAssignedRoles in class AbstractRBACManager

Parameters:

userAssignment - the user assignment instance

Returns:

Collection of Role objects for the provided UserAssignment.

Throws:

RbacObjectNotFoundException - if the assignment could not be found

RbacManagerException - if the access to the backend datastore failed

getChildRoleNames

public Map<String,? extends Role> getChildRoleNames(Role role)
                                                   throws RbacManagerException

Description copied from interface: RBACManager

Returns all the child roles of a given role as (name, role) pairs.

Specified by:

getChildRoleNames in interface RBACManager

Overrides:

getChildRoleNames in class AbstractRBACManager

Parameters:

role - the parent role

Returns:

the list of child roles

Throws:

RbacManagerException - if the access to the backend datastore failed

getChildRoleIds

public Map<String,? extends Role> getChildRoleIds(Role role)
                                                 throws RbacManagerException

Description copied from interface: RBACManager

Returns all the child roles of a given role as (role id, role) pairs.

Specified by:

getChildRoleIds in interface RBACManager

Overrides:

getChildRoleIds in class AbstractRBACManager

Parameters:

role - the parent role

Returns:

the map of child roles as (role id, role) pairs

Throws:

RbacManagerException - if the access to the backend datastore failed

getParentRoleNames

public Map<String,? extends Role> getParentRoleNames(Role role)
                                                    throws RbacManagerException

Description copied from interface: RBACManager

Returns all the parent roles of a given role as map of (name, role) elements.

Specified by:

getParentRoleNames in interface RBACManager

Overrides:

getParentRoleNames in class AbstractRBACManager

Parameters:

role - the role to check for parent roles

Returns:

the list of parent roles that have role als child

Throws:

RbacManagerException - if the access to the backend datastore failed

getParentRoleIds

public Map<String,? extends Role> getParentRoleIds(Role role)
                                                  throws RbacManagerException

Description copied from interface: RBACManager

Returns all the parent roles of a given role as map of (id, role) elements.

Specified by:

getParentRoleIds in interface RBACManager

Overrides:

getParentRoleIds in class AbstractRBACManager

Parameters:

role - the role to check for parents roles

Returns:

a map of (role id, role) pairs that have role as child

Throws:

RbacManagerException - if the access to the backend datastore failed

getEffectiveRoles

public Set<? extends Role> getEffectiveRoles(Role role)
                                      throws RbacManagerException

Description copied from interface: RBACManager

Returns all effective roles. Which means a list with the current role and all child roles recursively.

Specified by:

getEffectiveRoles in interface RBACManager

Overrides:

getEffectiveRoles in class AbstractRBACManager

Parameters:

role - the role to use as starting point

Returns:

the set of roles that are found as children of the given role

Throws:

RbacObjectNotFoundException - if the given role was not found

RbacManagerException - if the access to the backend datastore failed

getGlobalResource

public Resource getGlobalResource()
                           throws RbacManagerException

Description copied from interface: RBACManager

Returns the global resource object

Specified by:

getGlobalResource in interface RBACManager

Overrides:

getGlobalResource in class AbstractRBACManager

Returns:

the global resource object

Throws:

RbacManagerException - if the access to the backend datastore failed

getOperation

public Operation getOperation(String operationName)
                       throws RbacManagerException

Specified by:

getOperation in interface RBACManager

Throws:

RbacManagerException

getPermission

public Permission getPermission(String permissionName)
                         throws RbacManagerException

Specified by:

getPermission in interface RBACManager

Throws:

RbacManagerException

getResource

public Resource getResource(String resourceIdentifier)
                     throws RbacManagerException

Specified by:

getResource in interface RBACManager

Throws:

RbacManagerException

getRole

public Role getRole(String roleName)
             throws RbacManagerException

Description copied from interface: RBACManager

Returns the role identified by the given name

Specified by:

getRole in interface RBACManager

Parameters:

roleName - the role name

Returns:

the role instance, if a role by this name was found

Throws:

RbacObjectNotFoundException - if not role was found with the given name

RbacManagerException - if the access to the underlying datastore failed

checkIfLdapRole

protected boolean checkIfLdapRole(String roleName)
                           throws RbacManagerException

Throws:

RbacManagerException

getRoleById

public Role getRoleById(String id)
                 throws RbacObjectNotFoundException,
                        RbacManagerException

Description copied from interface: RBACManager

Returns the role identified by the given ID

Specified by:

getRoleById in interface RBACManager

Parameters:

id - the role id

Returns:

the role object, if the role with the given id exists

Throws:

RbacObjectNotFoundException - if no role was found with the given id

RbacManagerException - if the access to the underlying datastore failed

getRoles

public Map<String,? extends Role> getRoles(Collection<String> roleNames)
                                          throws RbacManagerException

Description copied from interface: RBACManager

Returns the role instances for the given role names.

Specified by:

getRoles in interface RBACManager

Overrides:

getRoles in class AbstractRBACManager

Parameters:

roleNames - the list of role names.

Returns:

a map of (name,role) pairs

Throws:

RbacObjectNotFoundException - if one of the given roles was not found

RbacManagerException - if the access to the backend datastore failed

getUnassignedRoles

public Collection<Role> getUnassignedRoles(String username)
                                    throws RbacManagerException

Description copied from interface: RBACManager

Get a list of all assignable roles that are currently not assigned to the specific user.

Specified by:

getUnassignedRoles in interface RBACManager

Overrides:

getUnassignedRoles in class AbstractRBACManager

Parameters:

username - the user principal name

Returns:

the list of roles not assigned to the given user

Throws:

RbacManagerException - if the access to the backend datastore failed

RbacObjectNotFoundException - if the user with the given principal was not found

getUserAssignment

public UserAssignment getUserAssignment(String username)
                                 throws RbacManagerException

Specified by:

getUserAssignment in interface RBACManager

Throws:

RbacManagerException

getUserAssignmentsForRoles

public List<? extends UserAssignment> getUserAssignmentsForRoles(Collection<String> roleIds)
                                                          throws RbacManagerException

Description copied from interface: RBACManager

Returns the assignments for the given roles

Specified by:

getUserAssignmentsForRoles in interface RBACManager

Parameters:

roleIds - collection of role names

Throws:

RbacManagerException - if the access to the backend datastore failed

operationExists

public boolean operationExists(Operation operation)

Specified by:

operationExists in interface RBACManager

Overrides:

operationExists in class AbstractRBACManager

operationExists

public boolean operationExists(String name)

Specified by:

operationExists in interface RBACManager

Overrides:

operationExists in class AbstractRBACManager

permissionExists

public boolean permissionExists(Permission permission)

Specified by:

permissionExists in interface RBACManager

Overrides:

permissionExists in class AbstractRBACManager

permissionExists

public boolean permissionExists(String name)

Description copied from interface: RBACManager

Tests for the existence of a permission.

Specified by:

permissionExists in interface RBACManager

Overrides:

permissionExists in class AbstractRBACManager

Parameters:

name - the name to test for.

Returns:

true if permission exists.

rbacInit

public void rbacInit(boolean freshdb)

Specified by:

rbacInit in interface RBACManagerListener

rbacPermissionRemoved

public void rbacPermissionRemoved(Permission permission)

Specified by:

rbacPermissionRemoved in interface RBACManagerListener

rbacPermissionSaved

public void rbacPermissionSaved(Permission permission)

Specified by:

rbacPermissionSaved in interface RBACManagerListener

rbacRoleRemoved

public void rbacRoleRemoved(Role role)

Specified by:

rbacRoleRemoved in interface RBACManagerListener

rbacRoleSaved

public void rbacRoleSaved(Role role)

Specified by:

rbacRoleSaved in interface RBACManagerListener

rbacUserAssignmentRemoved

public void rbacUserAssignmentRemoved(UserAssignment userAssignment)

Specified by:

rbacUserAssignmentRemoved in interface RBACManagerListener

rbacUserAssignmentSaved

public void rbacUserAssignmentSaved(UserAssignment userAssignment)

Specified by:

rbacUserAssignmentSaved in interface RBACManagerListener

removeListener

public void removeListener(RBACManagerListener listener)

Specified by:

removeListener in interface RBACManager

Overrides:

removeListener in class AbstractRBACManager

removeOperation

public void removeOperation(Operation operation)
                     throws RbacManagerException

Specified by:

removeOperation in interface RBACManager

Throws:

RbacManagerException

removeOperation

public void removeOperation(String operationName)
                     throws RbacManagerException

Specified by:

removeOperation in interface RBACManager

Overrides:

removeOperation in class AbstractRBACManager

Throws:

RbacManagerException

removePermission

public void removePermission(Permission permission)
                      throws RbacManagerException

Specified by:

removePermission in interface RBACManager

Throws:

RbacManagerException

removePermission

public void removePermission(String permissionName)
                      throws RbacManagerException

Specified by:

removePermission in interface RBACManager

Overrides:

removePermission in class AbstractRBACManager

Throws:

RbacManagerException

removeResource

public void removeResource(Resource resource)
                    throws RbacManagerException

Specified by:

removeResource in interface RBACManager

Throws:

RbacManagerException

removeResource

public void removeResource(String resourceIdentifier)
                    throws RbacManagerException

Specified by:

removeResource in interface RBACManager

Overrides:

removeResource in class AbstractRBACManager

Throws:

RbacManagerException

removeRole

public void removeRole(Role role)
                throws RbacManagerException

Description copied from interface: RBACManager

Removes the given role from the datastore.

Specified by:

removeRole in interface RBACManager

Parameters:

role - the role to remove

Throws:

RbacManagerException - if the access to the backend datastore failed

RbacObjectNotFoundException - if the given role was not found

RbacObjectInvalidException - if the given role has invalid data

removeRole

public void removeRole(String roleName)
                throws RbacManagerException

Description copied from interface: RBACManager

Removes the role with the given name from the datastore.

Specified by:

removeRole in interface RBACManager

Overrides:

removeRole in class AbstractRBACManager

Parameters:

roleName - the role name

Throws:

RbacObjectNotFoundException - if the role with the given name was not found

RbacManagerException - if the access to the backend datastore failed

removeUserAssignment

public void removeUserAssignment(String username)
                          throws RbacManagerException

Description copied from interface: RBACManager

Method removeAssignment

Specified by:

removeUserAssignment in interface RBACManager

Overrides:

removeUserAssignment in class AbstractRBACManager

Parameters:

username - the principal for which the assignment should be removed

Throws:

RbacObjectNotFoundException - if the user with the given principal name was not found

RbacObjectInvalidException - if the principal string was invalid

RbacManagerException - if the access to the backend datastore failed

removeUserAssignment

public void removeUserAssignment(UserAssignment userAssignment)
                          throws RbacManagerException

Description copied from interface: RBACManager

Method removeAssignment

Specified by:

removeUserAssignment in interface RBACManager

Parameters:

userAssignment - the assignment to remove

Throws:

RbacObjectNotFoundException - if the assignment was not found

RbacObjectInvalidException - if the provided assignment instance has invalid data

RbacManagerException - if the access to the backend datastore failed

resourceExists

public boolean resourceExists(Resource resource)

Specified by:

resourceExists in interface RBACManager

Overrides:

resourceExists in class AbstractRBACManager

resourceExists

public boolean resourceExists(String identifier)

Specified by:

resourceExists in interface RBACManager

Overrides:

resourceExists in class AbstractRBACManager

roleExists

public boolean roleExists(Role role)
                   throws RbacManagerException

Description copied from interface: RBACManager

Returns true, if the given role exists.

Specified by:

roleExists in interface RBACManager

Overrides:

roleExists in class AbstractRBACManager

Parameters:

role - the role to check

Returns:

true, if the role exists, otherwise false

Throws:

RbacManagerException - if the access to the backend datastore failed

roleExists

public boolean roleExists(String name)
                   throws RbacManagerException

Description copied from interface: RBACManager

Tests for the existence of a Role.

Specified by:

roleExists in interface RBACManager

Overrides:

roleExists in class AbstractRBACManager

Returns:

true if role exists in store.

Throws:

RbacManagerException - if the access to the backend datastore failed

roleExistsById

public boolean roleExistsById(String id)
                       throws RbacManagerException

Description copied from interface: RBACManager

Returns true, if a role with the given id exists.

Specified by:

roleExistsById in interface RBACManager

Overrides:

roleExistsById in class AbstractRBACManager

Parameters:

id - the role id

Returns:

true, if the role with the given id exists, otherwise false

Throws:

RbacManagerException - if the access to the backend datastore failed

saveOperation

public Operation saveOperation(Operation operation)
                        throws RbacManagerException

Description copied from interface: RBACManager

Save the new or existing operation to the store.

Specified by:

saveOperation in interface RBACManager

Parameters:

operation - the operation to save (new or existing)

Returns:

the Operation that was saved.

Throws:

RbacObjectInvalidException - if the object is not valid and cannot be saved

RbacManagerException - if the access to the backend datastore failed

savePermission

public Permission savePermission(Permission permission)
                          throws RbacManagerException

Specified by:

savePermission in interface RBACManager

Throws:

RbacManagerException

saveResource

public Resource saveResource(Resource resource)
                      throws RbacManagerException

Specified by:

saveResource in interface RBACManager

Throws:

RbacManagerException

saveRole

public Role saveRole(Role role)
              throws RbacManagerException

Description copied from interface: RBACManager

Persists the given role to the backend datastore.

Specified by:

saveRole in interface RBACManager

Parameters:

role - the role to save

Returns:

the persisted role, if the method was successful

Throws:

RbacObjectInvalidException - if the given role object was not valid

RbacManagerException - if the access to the backend datastore failed

saveRoles

public void saveRoles(Collection<Role> roles)
               throws RbacManagerException

Description copied from interface: RBACManager

Persists all of the given roles to the backend datastore. Implementations should try to save all role instances and throw exceptions afterwards.

Specified by:

saveRoles in interface RBACManager

Parameters:

roles - the list of roles to save

Throws:

RbacObjectInvalidException - if one of the given role objects was not valid

RbacManagerException - if the access to the backend datastore failed

saveUserAssignment

public UserAssignment saveUserAssignment(UserAssignment userAssignment)
                                  throws RbacManagerException

Description copied from interface: RBACManager

Method saveUserAssignment

Specified by:

saveUserAssignment in interface RBACManager

Parameters:

userAssignment - the user assignment instance to save

Throws:

RbacObjectInvalidException - if the instance has invalid data and cannot be saved

RbacManagerException - if the access to the backend datastore failed

userAssignmentExists

public boolean userAssignmentExists(String principal)

Specified by:

userAssignmentExists in interface RBACManager

Overrides:

userAssignmentExists in class AbstractRBACManager

userAssignmentExists

public boolean userAssignmentExists(UserAssignment assignment)

Specified by:

userAssignmentExists in interface RBACManager

Overrides:

userAssignmentExists in class AbstractRBACManager

getRbacImpl

public RBACManager getRbacImpl()

setRbacImpl

public void setRbacImpl(RBACManager rbacImpl)

isWritableLdap

public boolean isWritableLdap()

setWritableLdap

public void setWritableLdap(boolean writableLdap)

getLdapRoleMapper

public LdapRoleMapper getLdapRoleMapper()

setLdapRoleMapper

public void setLdapRoleMapper(LdapRoleMapper ldapRoleMapper)

isFinalImplementation

public boolean isFinalImplementation()

Specified by:

isFinalImplementation in interface RBACManager

Overrides:

isFinalImplementation in class AbstractRBACManager

Returns:

true if this implementation is a final one and not a wrapper (configurable, cached)

getDescriptionKey

public String getDescriptionKey()

Specified by:

getDescriptionKey in interface RBACManager

Returns:

a key to be able to customize label in UI

isReadOnly

public boolean isReadOnly()

Description copied from interface: RBACManager

Is the RBACManager read only? if so then create and modify actions are to be disabled

Specified by:

isReadOnly in interface RBACManager

Returns:

boolean true if user manager is read only