Class UserRole
- java.lang.Object
-
- org.apache.directory.fortress.core.model.FortEntity
-
- org.apache.directory.fortress.core.model.UserRole
-
- All Implemented Interfaces:
Serializable
,Constraint
- Direct Known Subclasses:
UserAdminRole
public class UserRole extends FortEntity implements Serializable, Constraint
The Fortress UserRole entity is used to store an RBAC User to Role assignment along with its temporal constraint values. The contents of the UserRole entity will be stored on the User entity in the 'ftRA' (Role name) and 'ftRC' (Temporal Constraints) attributes on the 'ftUserAttrs' object class. The UserRole entity carries elements ofConstraint
. Any attributes of Constraint not set within this entity will use same attribute from theRole
entity. Thus the UserRole can override Constraint attributes from it's corresponding Role if required by caller.UserRole Schema
ftUserAttrs is used to store RBAC and ARBAC Role role assignments and other security attributes on User entity.------------------------------------------ Fortress User Attributes Auxiliary Object Class objectclass ( 1.3.6.1.4.1.38088.3.1 NAME 'ftUserAttrs' DESC 'Fortress User Attribute AUX Object Class' AUXILIARY MUST ( ftId ) MAY ( ftRC $ ftRA $ ftARC $ ftARA $ ftCstr $ ftSystem ) ) ------------------------------------------
- Author:
- Apache Directory Project
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description protected boolean
isGroupRole
protected String
name
protected String
userId
-
Fields inherited from class org.apache.directory.fortress.core.model.FortEntity
adminSession, contextId, modCode, modId, sequenceId
-
-
Constructor Summary
Constructors Constructor Description UserRole()
Default constructor is used by internal Fortress classes.UserRole(String role)
Construct a UserRole entity given the required attribute role' name.UserRole(String userId, String role)
Construct a UserRole entity given the required attributes 'userId' and 'role' name.UserRole(String userId, String name, boolean isGroupRole)
Construct a UserRole entity given the required attributes 'userId' and 'role' name.UserRole(String userId, Constraint con)
Construct an RBAC Role with required attribute 'userId' and optional temporal constraint.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
equals(Object thatObj)
Matches the userId and role name from two UserRole entities.String
getBeginDate()
Contains the begin date when entity is allowed to be activated in system.String
getBeginLockDate()
Contains the begin lock date when entity is temporarily not allowed to activated in system.String
getBeginTime()
Contains the begin time of day entity is allowed to be activated in system.List<RoleConstraint>
getConstraints()
Return a list of role constraints on entity.String
getDayMask()
Get the daymask that indicates what days of week entity is allowed to be activated in system.String
getEndDate()
Contains the end date when entity is allowed to be activated in system.String
getEndLockDate()
Contains the end lock date when entity is allowed to be activated in system once again.String
getEndTime()
Contains the end time of day entity is allowed to be activated in system.String
getName()
Set the Role name required attribute of the UserRole objectSet<String>
getParents()
Get the names of roles that are parents (direct ascendants) of this role.String
getRawData()
Required on DAO classes convert Temporal attributes stored on entity to raw data object format needed for ldap .List<RoleConstraint>
getRoleConstraints()
Integer
getTimeout()
Return the integer timeout that contains total time ((in minutes)) that entity may remain inactive.String
getUserId()
Return the userId that is associated with UserRole.int
hashCode()
boolean
isGroupRole()
Returns 'true' if value in userId refers to group nameboolean
isTemporalSet()
temporal boolean flag is used by internal Fortress components.void
load(String szRawData, String contextId, ParentUtil parentUtil)
This method loads UserRole entity temporal constraint instance variables with data that was retrieved from the 'ftRC' attribute on the 'ftUserAttrs' object class.void
setBeginDate(String beginDate)
Set the beginDate when entity is allowed to be activated in system.void
setBeginLockDate(String beginLockDate)
Set the begin lock date when entity is temporarily not allowed to be activated in system.void
setBeginTime(String beginTime)
Set the begin time of day entity is allowed to be activated in system.void
setDayMask(String dayMask)
Set the daymask that specifies what days of week entity is allowed to be activated in system.void
setEndDate(String endDate)
Set the end date when entity is not allowed to be activated in system.void
setEndLockDate(String endLockDate)
Set the end lock date when entity is allowed to be activated in system once again.void
setEndTime(String endTime)
Set the end time of day entity is allowed to be activated in system.void
setGroupRole(boolean groupRole)
Set to 'true' if userId contains group namevoid
setName(String name)
Get the Role name required attribute of the UserRole objectvoid
setParents(Set<String> parents)
Set the names of roles names that are parents (direct ascendants) of this role.void
setRoleConstraints(List<RoleConstraint> roleConstraints)
void
setTimeout(Integer timeout)
Set the integer timeout that contains max time ((in minutes)) that entity may remain inactive.void
setUserId(String userId)
Set the userId that is associated with UserRole.String
toString()
Used to retrieve UserRole Role name attribute.-
Methods inherited from class org.apache.directory.fortress.core.model.FortEntity
getAdminSession, getContextId, getModCode, getModId, getSequenceId, setAdminSession, setContextId, setModCode, setSequenceId
-
-
-
-
Constructor Detail
-
UserRole
public UserRole()
Default constructor is used by internal Fortress classes.
-
UserRole
public UserRole(String userId, String role)
Construct a UserRole entity given the required attributes 'userId' and 'role' name.- Parameters:
userId
- maps to the 'uid' attribute on the 'inetOrgPerson' object class.role
- maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.
-
UserRole
public UserRole(String userId, String name, boolean isGroupRole)
Construct a UserRole entity given the required attributes 'userId' and 'role' name.- Parameters:
userId
- maps to the 'uid' attribute on the 'inetOrgPerson' object class.name
- role name, maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.isGroupRole
- defines if value contained in userId is group name rather than user's uid
-
UserRole
public UserRole(String userId, Constraint con)
Construct an RBAC Role with required attribute 'userId' and optional temporal constraint.- Parameters:
userId
- maps to the 'uid' attribute on the 'inetOrgPerson' object class.con
- maps to 'ftRC' attribute in 'ftUserAttrs' object class.
-
UserRole
public UserRole(String role)
Construct a UserRole entity given the required attribute role' name.- Parameters:
role
- maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.
-
-
Method Detail
-
load
public void load(String szRawData, String contextId, ParentUtil parentUtil)
This method loads UserRole entity temporal constraint instance variables with data that was retrieved from the 'ftRC' attribute on the 'ftUserAttrs' object class. This is the raw format that Fortress uses to condense the temporal data into a compact String for efficient storage and retrieval and is not intended to be called by external programs.- Parameters:
szRawData
- contains a raw formatted String that maps to 'ftRC' attribute on 'ftUserAttrs' object classcontextId
- contains the tenant id.parentUtil
- provides method to getParents.
-
getRawData
public String getRawData()
Required on DAO classes convert Temporal attributes stored on entity to raw data object format needed for ldap . For internal use only.- Specified by:
getRawData
in interfaceConstraint
- Returns:
- String that maps to 'ftRA' attribute on the 'ftUserAttrs' object class.
-
getUserId
public String getUserId()
Return the userId that is associated with UserRole. UserId is required attribute and must be set on all UserRole assignment operations.- Returns:
- attribute maps to 'uid' in 'inetOrgPerson' object class.
-
setUserId
public void setUserId(String userId)
Set the userId that is associated with UserRole. UserId is required attribute and must be set on all UserRole assignment operations.- Parameters:
userId
- maps to 'uid' in 'inetOrgPerson' object class.
-
setName
public void setName(String name)
Get the Role name required attribute of the UserRole object- Specified by:
setName
in interfaceConstraint
- Parameters:
name
- maps to 'ftRC' and 'ftRA' attributes on 'ftUserAttrs' object class.
-
getName
public String getName()
Set the Role name required attribute of the UserRole object- Specified by:
getName
in interfaceConstraint
- Returns:
- attribute maps to 'ftRC' and 'ftRA' attributes on 'ftUserAttrs' object class.
-
isTemporalSet
public boolean isTemporalSet()
temporal boolean flag is used by internal Fortress components.- Specified by:
isTemporalSet
in interfaceConstraint
- Returns:
- boolean indicating if temporal constraints are placed on UserRole.
-
setTimeout
public void setTimeout(Integer timeout)
Set the integer timeout that contains max time ((in minutes)) that entity may remain inactive. This attribute is optional but if set will be validated for reasonableness.- Specified by:
setTimeout
in interfaceConstraint
- Parameters:
timeout
- maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
setBeginTime
public void setBeginTime(String beginTime)
Set the begin time of day entity is allowed to be activated in system. The format is military time - HHMM, i.e. 0800 (8:00 am) or 1700 (5:00 p.m.). This attribute is optional but if set will be validated for reasonableness.- Specified by:
setBeginTime
in interfaceConstraint
- Parameters:
beginTime
- maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
setEndTime
public void setEndTime(String endTime)
Set the end time of day entity is allowed to be activated in system. The format is military time - HHMM, i.e. 0000 (12:00 am) or 2359 (11:59 p.m.). This attribute is optional but if set will be validated for reasonableness.- Specified by:
setEndTime
in interfaceConstraint
- Parameters:
endTime
- maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
setBeginDate
public void setBeginDate(String beginDate)
Set the beginDate when entity is allowed to be activated in system. The format is - YYYYMMDD, i.e. 20100101 (January 1, 2001). This attribute is optional but if set will be validated for reasonableness.- Specified by:
setBeginDate
in interfaceConstraint
- Parameters:
beginDate
- maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
setEndDate
public void setEndDate(String endDate)
Set the end date when entity is not allowed to be activated in system. The format is - YYYYMMDD, i.e. 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.- Specified by:
setEndDate
in interfaceConstraint
- Parameters:
endDate
- maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
setDayMask
public void setDayMask(String dayMask)
Set the daymask that specifies what days of week entity is allowed to be activated in system. The format is 1234567, i.e. 23456 (Monday, Tuesday, Wednesday, Thursday, Friday). This attribute is optional but if set will be validated for reasonableness.- Specified by:
setDayMask
in interfaceConstraint
- Parameters:
dayMask
- maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
setBeginLockDate
public void setBeginLockDate(String beginLockDate)
Set the begin lock date when entity is temporarily not allowed to be activated in system. The format is - YYYYMMDD, 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.- Specified by:
setBeginLockDate
in interfaceConstraint
- Parameters:
beginLockDate
- maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
setEndLockDate
public void setEndLockDate(String endLockDate)
Set the end lock date when entity is allowed to be activated in system once again. The format is - YYYYMMDD, i.e. 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.- Specified by:
setEndLockDate
in interfaceConstraint
- Parameters:
endLockDate
- maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
getTimeout
public Integer getTimeout()
Return the integer timeout that contains total time ((in minutes)) that entity may remain inactive. This attribute is optional but if set will be validated for reasonableness.- Specified by:
getTimeout
in interfaceConstraint
- Returns:
- int that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
getBeginTime
public String getBeginTime()
Contains the begin time of day entity is allowed to be activated in system. The format is military time - HHMM, i.e. 0800 (8:00 am) or 1700 (5:00 p.m.). This attribute is optional but if set will be validated for reasonableness.- Specified by:
getBeginTime
in interfaceConstraint
- Returns:
- String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
getEndTime
public String getEndTime()
Contains the end time of day entity is allowed to be activated in system. The format is military time - HHMM, i.e. 0000 (12:00 am) or 2359 (11:59 p.m.). This attribute is optional but if set will be validated for reasonableness.- Specified by:
getEndTime
in interfaceConstraint
- Returns:
- String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
getBeginDate
public String getBeginDate()
Contains the begin date when entity is allowed to be activated in system. The format is - YYYYMMDD, i.e. 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.- Specified by:
getBeginDate
in interfaceConstraint
- Returns:
- String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
getEndDate
public String getEndDate()
Contains the end date when entity is allowed to be activated in system. The format is - YYYYMMDD, i.e. 20101231 (December 31, 2011). This attribute is optional but if set will be validated for reasonableness.- Specified by:
getEndDate
in interfaceConstraint
- Returns:
- String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
getBeginLockDate
public String getBeginLockDate()
Contains the begin lock date when entity is temporarily not allowed to activated in system. The format is - YYYYMMDD, i.e. 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.- Specified by:
getBeginLockDate
in interfaceConstraint
- Returns:
- String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
getEndLockDate
public String getEndLockDate()
Contains the end lock date when entity is allowed to be activated in system once again. The format is - YYYYMMDD, i.e. 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.- Specified by:
getEndLockDate
in interfaceConstraint
- Returns:
- String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
getDayMask
public String getDayMask()
Get the daymask that indicates what days of week entity is allowed to be activated in system. The format is 1234567, i.e. 23456 (Monday, Tuesday, Wednesday, Thursday, Friday). This attribute is optional but if set will be validated for reasonableness.- Specified by:
getDayMask
in interfaceConstraint
- Returns:
- String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
-
getConstraints
public List<RoleConstraint> getConstraints()
Description copied from interface:Constraint
Return a list of role constraints on entity.- Specified by:
getConstraints
in interfaceConstraint
- Returns:
-
getParents
public Set<String> getParents()
Get the names of roles that are parents (direct ascendants) of this role.- Returns:
- Set of parent role names assigned to this role.
-
setParents
public void setParents(Set<String> parents)
Set the names of roles names that are parents (direct ascendants) of this role.- Parameters:
parents
- contains the Set of parent role names assigned to this role.
-
isGroupRole
public boolean isGroupRole()
Returns 'true' if value in userId refers to group name- Returns:
- if userId contains group name
-
setGroupRole
public void setGroupRole(boolean groupRole)
Set to 'true' if userId contains group name- Parameters:
groupRole
- specifies if value in userId contains group name
-
equals
public boolean equals(Object thatObj)
Matches the userId and role name from two UserRole entities.
-
toString
public String toString()
Used to retrieve UserRole Role name attribute. The Fortress UserRole name maps to 'ftRA' attribute on 'ftUserAttrs' object class.
-
getRoleConstraints
public List<RoleConstraint> getRoleConstraints()
-
setRoleConstraints
public void setRoleConstraints(List<RoleConstraint> roleConstraints)
-
-