Class OrgUnit
- java.lang.Object
-
- org.apache.directory.fortress.core.model.FortEntity
-
- org.apache.directory.fortress.core.model.OrgUnit
-
- All Implemented Interfaces:
Serializable
,Graphable
- Direct Known Subclasses:
OrgUnitAnt
public class OrgUnit extends FortEntity implements Graphable, Serializable
All entities (AdminRole
,OrgUnit
,SDSet
etc...) are used to carry data between three Fortress layers.starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs.Fortress Processing Layers
- Manager layer: org.apache.directory.fortress.core.impl.DelAdminMgrImpl,
DelAccessMgrImpl
,DelReviewMgrImpl
,... - Process layer: org.apache.directory.fortress.core.impl.AdminRoleP, org.apache.directory.fortress.core.impl.OrgUnitP,...
- DAO layer: org.apache.directory.fortress.core.impl.AdminRoleDAO, org.apache.directory.fortress.core.impl.OrgUnitDAO,...
For example, this entity requiresname
andtype
set before passing intoDelAdminMgrImpl
orDelReviewMgrImpl
APIs. Create methods usually require more attributes (than Read) due to constraints enforced between entities.This entity implements both User and Permission OU pool functionality that defines org membership of entities for ARBAC02 style admin checks..
The unique key to locate an OrgUnit entity (which is subsequently assigned both to Users and Permissions) is 'OrgUnit.name' and 'OrgUnit.Type'.
An OrgUnit name may contain alphanumeric and simple symbols that are safe text (.,:;-_). Any non-safe text will be encoded before persistence. Valid names include:
- 123
- OneTwoThree
- One-Two-Three
- One_Two_Three
- One:2:3
- 1:2:3
- 1.2.3
- 1,2,3
- 1_2_3
- etc...
There is a Many-to-One relationship between a User and OrgUnit.
User
*-1OrgUnit
There is a Many-to-One relationship between a
PermObj
object andOrgUnit
.PermObj
*-1OrgUnit
Example to create new ARBAC User OrgUnit:
OrgUnit myUserOU = new OrgUnit("MyUserOrgName", OrgUnit.Type.USER);
myUserOU.setDescription("This is a test User OrgUnit");
DelAdminMgr delAdminMgr = DelAdminMgrFactory.createInstance();
delAdminMgr.add(myUserOU);
This will create a User OrgUnit that can be used as a target for User OU and AdminRole OS-U assignments.
Example to create new ARBAC Perm OrgUnit:
OrgUnit myPermOU = new OrgUnit("MyPermOrgName", OrgUnit.Type.PERM);
myPermOU.setDescription("This is a test Perm OrgUnit");
DelAdminMgr delAdminMgr = DelAdminMgrFactory.createInstance();
delAdminMgr.add(myPermOU);
This will create a Perm OrgUnit that can be used as a target for Perm OU and AdminRole OS-P assignments.
OrgUnit Schema
The Fortress OrgUnit entity is a composite of the following other Fortress structural and aux object classes:1. organizationalUnit Structural Object Class is used to store basic attributes like ou and description.
------------------------------------------ objectclass ( 2.5.6.5 NAME 'organizationalUnit' DESC 'RFC2256: an organizational unit' SUP top STRUCTURAL MUST ou MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $ x121Address $ registeredAddress $ destinationIndicator $ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) ) ------------------------------------------
2. ftOrgUnit Structural objectclass is used to store the OrgUnit internal id.
------------------------------------------ Fortress Organizational Structural Object Class objectclass ( 1.3.6.1.4.1.38088.2.6 NAME 'ftOrgUnit' DESC 'Fortress OrgUnit Structural Object Class' SUP organizationalunit STRUCTURAL MUST ( ftId ) MAY ( ftParents ) ) ------------------------------------------
3. ftMods AUXILIARY Object Class is used to store Fortress audit variables on target entity.
------------------------------------------ Fortress Audit Modification Auxiliary Object Class objectclass ( 1.3.6.1.4.1.38088.3.4 NAME 'ftMods' DESC 'Fortress Modifiers AUX Object Class' AUXILIARY MAY ( ftModifier $ ftModCode $ ftModId ) ) ------------------------------------------
- Author:
- Apache Directory Project
- See Also:
- Serialized Form
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
OrgUnit.Type
The OrgUnit 'Type' attribute is required and used to specify which OrgUnit tree a particular entity is in reference to.
-
Field Summary
Fields Modifier and Type Field Description OrgUnit.Type
type
Maps to the location for a particular OrgUnit entity to either the User,ou=OS-U
, or Permission,ou=OS-P
, tree in ldap.-
Fields inherited from class org.apache.directory.fortress.core.model.FortEntity
adminSession, contextId, modCode, modId, sequenceId
-
-
Constructor Summary
Constructors Constructor Description OrgUnit()
Default constructor is used by internal Fortress classes.OrgUnit(String ou)
Construct a OrgUnit entity with a given ou name.OrgUnit(String ou, OrgUnit.Type type)
Construct a OrgUnit entity with a given ou name and specified type - 'USER' or 'PERM'.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
delParent(String parent)
Set the occupant attribute with the contents of the User dn.boolean
equals(Object thatObj)
Set<String>
getChildren()
Return the Set of child orgUnit names (direct descendants) of this orgUnit.String
getDescription()
Returns optional description that is associated with OrgUnit.String
getId()
Return the internal id that is associated with OrgUnit.String
getName()
Get the name required attribute of the OrgUnit objectSet<String>
getParents()
Get the names of orgUnits that are parents (direct ascendants) of this orgUnit.OrgUnit.Type
getType()
Return the type of OrgUnit for this entity.int
hashCode()
void
setChildren(Set<String> children)
Set the Set of child orgUnit names (direct descendants) of this orgUnitvoid
setDescription(String description)
Sets the optional description that is associated with OrgUnit.void
setId()
Generate an internal Id that is associated with OrgUnit.void
setId(String id)
Set the internal Id that is associated with OrgUnit.void
setName(String name)
Sets the required name attribute on the OrgUnit objectvoid
setParent(String parent)
Set the occupant attribute with the contents of the User dn.void
setParents(Set<String> parents)
Set the names of orgUnit names that are parents (direct ascendants) of this orgUnit.void
setType(OrgUnit.Type type)
Get the type of OrgUnit for this entity.String
toString()
-
Methods inherited from class org.apache.directory.fortress.core.model.FortEntity
getAdminSession, getContextId, getModCode, getModId, getSequenceId, setAdminSession, setContextId, setModCode, setSequenceId
-
-
-
-
Field Detail
-
type
public OrgUnit.Type type
Maps to the location for a particular OrgUnit entity to either the User,ou=OS-U
, or Permission,ou=OS-P
, tree in ldap.
-
-
Constructor Detail
-
OrgUnit
public OrgUnit()
Default constructor is used by internal Fortress classes.
-
OrgUnit
public OrgUnit(String ou)
Construct a OrgUnit entity with a given ou name.- Parameters:
ou
- maps to same name on on 'organizationalUnit' object class.
-
OrgUnit
public OrgUnit(String ou, OrgUnit.Type type)
Construct a OrgUnit entity with a given ou name and specified type - 'USER' or 'PERM'.- Parameters:
ou
- maps to same name on on 'organizationalUnit' object class.type
- is used to determine which OrgUnit tree is being targeted - 'USER' or 'PERM'.
-
-
Method Detail
-
getName
public String getName()
Get the name required attribute of the OrgUnit object
-
setName
public void setName(String name)
Sets the required name attribute on the OrgUnit object
-
getId
public String getId()
Return the internal id that is associated with OrgUnit. This attribute is generated automatically by Fortress when new OrgUnit is added to directory and is not known or changeable by external client.- Returns:
- attribute maps to 'ftId' in 'ftOrgUnit' object class.
-
setId
public void setId(String id)
Set the internal Id that is associated with OrgUnit. This method is used by DAO class and is generated automatically by Fortress. Attribute stored in LDAP cannot be changed by external caller. This method can be used by client for search purposes only.- Parameters:
id
- maps to 'ftId' in 'ftOrgUnit' object class.
-
setId
public void setId()
Generate an internal Id that is associated with OrgUnit. This method is used by DAO class and is not available to outside classes. The generated attribute maps to 'ftId' in 'ftOrgUnit' object class.
-
getType
public OrgUnit.Type getType()
Return the type of OrgUnit for this entity. This field is required for this entity.- Returns:
- Type contains 'PERM' or 'USER'.
-
setType
public void setType(OrgUnit.Type type)
Get the type of OrgUnit for this entity. This field is required for this entity.- Parameters:
type
- contains 'PERM' or 'USER'.
-
getDescription
public String getDescription()
Returns optional description that is associated with OrgUnit. This attribute is validated but not constrained by Fortress.- Returns:
- value that is mapped to 'description' in 'organizationalUnit' object class.
-
setDescription
public void setDescription(String description)
Sets the optional description that is associated with OrgUnit. This attribute is validated but not constrained by Fortress.- Parameters:
description
- that is mapped to same name in 'organizationalUnit' object class.
-
getParents
public Set<String> getParents()
Get the names of orgUnits that are parents (direct ascendants) of this orgUnit.- Specified by:
getParents
in interfaceGraphable
- Returns:
- Set of parent orgUnit names assigned to this orgUnit.
-
setParents
public void setParents(Set<String> parents)
Set the names of orgUnit names that are parents (direct ascendants) of this orgUnit.- Specified by:
setParents
in interfaceGraphable
- Parameters:
parents
- contains the Set of parent orgUnit names assigned to this orgUnit.
-
setParent
public void setParent(String parent)
Set the occupant attribute with the contents of the User dn.
-
delParent
public void delParent(String parent)
Set the occupant attribute with the contents of the User dn.
-
getChildren
public Set<String> getChildren()
Return the Set of child orgUnit names (direct descendants) of this orgUnit.- Returns:
- Set of child orgUnit names assigned to this orgUnit.
-
setChildren
public void setChildren(Set<String> children)
Set the Set of child orgUnit names (direct descendants) of this orgUnit- Parameters:
children
- contains the Set of child orgUnit names assigned to this orgUnit.
-
equals
public boolean equals(Object thatObj)
-
toString
public String toString()
- Overrides:
toString
in classObject
- See Also:
Object.toString()
-
-