8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The contents of this file are subject to the terms
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * of the Common Development and Distribution License
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * (the License). You may not use this file except in
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * compliance with the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * You can obtain a copy of the License at
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * See the License for the specific language governing
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * permission and limitations under the License.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * When distributing Covered Code, include this CDDL
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Header Notice in each file and include the License file
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * If applicable, add the following below the CDDL Header,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * with the fields enclosed by brackets [] replaced by
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * your own identifying information:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * $Id: Resource.java,v 1.5 2009/01/28 05:34:50 ww203982 Exp $
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington * Portions Copyright 2015 ForgeRock AS.
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunningtonimport org.forgerock.opendj.ldap.SearchScope;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Represents a user entry in UMS.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @supported.api
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterpublic class Resource extends PersistentObject {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug = Debug.getInstance(IUMSConstants.UMS_DEBUG);
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * No args constructor; used to construct the right object as entries are
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * read from persistent storage.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Construct user entry from session and a given guid.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param session
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * authenticated session maintained by Session Manager
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param guid
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * globally unique identifier for the entity
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Resource(Principal principal, Guid guid) throws UMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Construct Resource object without a session. Unlike the constructor with
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * a session parameter; this one simply creates a Resource object in memory,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * using the default template. The save() method must be called to save the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * object to the persistent store.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param attrSet
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Resource(AttrSet attrSet) throws UMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster this(TemplateManager.getTemplateManager().getCreationTemplate(_class,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Construct Resource object without session. Unlike constructor with
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * session, this one simply creates a Resource object in memory. Call the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * save() method to save the object to data store.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param template
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * template to the Resource
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param attrSet
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @supported.api
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public Resource(CreationTemplate template, AttrSet attrSet)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Return attribute set according to a supplied search template. The search
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * template is used as attribute retrieval guidelines.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param template
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Search template
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return attribute set with attribute names defined in the template
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @supported.api
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public AttrSet getAttributes(SearchTemplate template) throws UMSException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster String[] attrNames = template.getAttributeNames();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * Get the access rights associated with the user; this will return an
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * aggregation of all the attribute access rights granted by each of the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * user's roles. The aggregation will only include from the 'guid' parameter
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * on up the DIT.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @param guid
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * The starting location of the role (rights) aggregation.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @return AccessRightObject associated with the user
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster * @supported.api
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster public AccessRightObject getAccessRight(Guid guid) throws UMSException,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster com.iplanet.services.ldap.aci.ACIParseException {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster AccessRightObject aro = new AccessRightObject();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message("Resource.getAccessRight : Get rights for : "
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington DN roleGuidDn = DN.valueOf(roleGuid.getDn());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message("Resource.getAccessRight : Role Dn : "
bee2440354b4bc8796e1de0b6cbd60e1f68deba0Phill Cunnington if (roleGuidDn.parent().isInScopeOf(guidDn, SearchScope.SUBORDINATES))
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster BaseRole role = (BaseRole) UMSObject.getObject(getPrincipal(),
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message("Resource.getAccessRight : Role "
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster AccessRightObject right = role.getAccessRight();
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster aro.grantReadPermission(right.getReadableAttributeNames());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster aro.grantWritePermission(right.getWritableAttributeNames());
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster debug.message("Resource.getAccessRight : Done grant");
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster static final String NEW_INSTANCE_FAILED = "newinstancefailed";
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster private static final Class _class = com.iplanet.ums.Resource.class;