Class OrgUnit

  • All Implemented Interfaces:
    Serializable, Graphable
    Direct Known Subclasses:
    OrgUnitAnt

    public class OrgUnit
    extends FortEntity
    implements Graphable, Serializable
    All entities (AdminRole, OrgUnit, SDSet etc...) are used to carry data between three Fortress layers.starting with the (1) Manager layer down thru middle (2) Process layer and it's processing rules into (3) DAO layer where persistence with the LDAP server occurs.

    Fortress Processing Layers

    1. Manager layer: org.apache.directory.fortress.core.impl.DelAdminMgrImpl, DelAccessMgrImpl, DelReviewMgrImpl,...
    2. Process layer: org.apache.directory.fortress.core.impl.AdminRoleP, org.apache.directory.fortress.core.impl.OrgUnitP,...
    3. DAO layer: org.apache.directory.fortress.core.impl.AdminRoleDAO, org.apache.directory.fortress.core.impl.OrgUnitDAO,...
    Fortress clients first instantiate and populate a data entity before invoking any of the Manager APIs. The caller must provide enough information to uniquely identity the entity target within ldap.
    For example, this entity requires name and type set before passing into DelAdminMgrImpl or DelReviewMgrImpl APIs. Create methods usually require more attributes (than Read) due to constraints enforced between entities.

    This entity implements both User and Permission OU pool functionality that defines org membership of entities for ARBAC02 style admin checks..
    The unique key to locate an OrgUnit entity (which is subsequently assigned both to Users and Permissions) is 'OrgUnit.name' and 'OrgUnit.Type'.

    An OrgUnit name may contain alphanumeric and simple symbols that are safe text (.,:;-_). Any non-safe text will be encoded before persistence. Valid names include:

    1. 123
    2. OneTwoThree
    3. One-Two-Three
    4. One_Two_Three
    5. One:2:3
    6. 1:2:3
    7. 1.2.3
    8. 1,2,3
    9. 1_2_3
    10. etc...

    There is a Many-to-One relationship between a User and OrgUnit.

    User*-1 OrgUnit

    There is a Many-to-One relationship between a PermObj object and OrgUnit.

    PermObj*-1 OrgUnit

    Example to create new ARBAC User OrgUnit:

    OrgUnit myUserOU = new OrgUnit("MyUserOrgName", OrgUnit.Type.USER);
    myUserOU.setDescription("This is a test User OrgUnit");
    DelAdminMgr delAdminMgr = DelAdminMgrFactory.createInstance();
    delAdminMgr.add(myUserOU);

    This will create a User OrgUnit that can be used as a target for User OU and AdminRole OS-U assignments.

    Example to create new ARBAC Perm OrgUnit:

    OrgUnit myPermOU = new OrgUnit("MyPermOrgName", OrgUnit.Type.PERM);
    myPermOU.setDescription("This is a test Perm OrgUnit");
    DelAdminMgr delAdminMgr = DelAdminMgrFactory.createInstance();
    delAdminMgr.add(myPermOU);

    This will create a Perm OrgUnit that can be used as a target for Perm OU and AdminRole OS-P assignments.

    OrgUnit Schema

    The Fortress OrgUnit entity is a composite of the following other Fortress structural and aux object classes:

    1. organizationalUnit Structural Object Class is used to store basic attributes like ou and description.

     ------------------------------------------
     objectclass ( 2.5.6.5 NAME 'organizationalUnit'
      DESC 'RFC2256: an organizational unit'
      SUP top STRUCTURAL
      MUST ou
      MAY (
          userPassword $ searchGuide $ seeAlso $ businessCategory $
          x121Address $ registeredAddress $ destinationIndicator $
          preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
          telephoneNumber $ internationaliSDNNumber $
          facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
          postalAddress $ physicalDeliveryOfficeName $ st $ l $ description
      )
     )
     ------------------------------------------
     

    2. ftOrgUnit Structural objectclass is used to store the OrgUnit internal id.

     ------------------------------------------
     Fortress Organizational Structural Object Class
     objectclass    ( 1.3.6.1.4.1.38088.2.6
      NAME 'ftOrgUnit'
      DESC 'Fortress OrgUnit Structural Object Class'
      SUP organizationalunit
      STRUCTURAL
      MUST (
          ftId
      )
      MAY (
          ftParents
      )
     )
     ------------------------------------------
     

    3. ftMods AUXILIARY Object Class is used to store Fortress audit variables on target entity.

     ------------------------------------------
     Fortress Audit Modification Auxiliary Object Class
     objectclass ( 1.3.6.1.4.1.38088.3.4
      NAME 'ftMods'
      DESC 'Fortress Modifiers AUX Object Class'
      AUXILIARY
      MAY (
          ftModifier $
          ftModCode $
          ftModId
      )
     )
     ------------------------------------------
     
    Author:
    Apache Directory Project
    See Also:
    Serialized Form
    • Field Detail

      • type

        public OrgUnit.Type type
        Maps to the location for a particular OrgUnit entity to either the User, ou=OS-U, or Permission, ou=OS-P, tree in ldap.
    • Constructor Detail

      • OrgUnit

        public OrgUnit()
        Default constructor is used by internal Fortress classes.
      • OrgUnit

        public OrgUnit​(String ou)
        Construct a OrgUnit entity with a given ou name.
        Parameters:
        ou - maps to same name on on 'organizationalUnit' object class.
      • OrgUnit

        public OrgUnit​(String ou,
                       OrgUnit.Type type)
        Construct a OrgUnit entity with a given ou name and specified type - 'USER' or 'PERM'.
        Parameters:
        ou - maps to same name on on 'organizationalUnit' object class.
        type - is used to determine which OrgUnit tree is being targeted - 'USER' or 'PERM'.
    • Method Detail

      • getName

        public String getName()
        Get the name required attribute of the OrgUnit object
        Specified by:
        getName in interface Graphable
        Returns:
        attribute maps to 'ou' attribute on 'organizationalUnit' object class.
      • setName

        public void setName​(String name)
        Sets the required name attribute on the OrgUnit object
        Specified by:
        setName in interface Graphable
        Parameters:
        name - The name to set
      • getId

        public String getId()
        Return the internal id that is associated with OrgUnit. This attribute is generated automatically by Fortress when new OrgUnit is added to directory and is not known or changeable by external client.
        Returns:
        attribute maps to 'ftId' in 'ftOrgUnit' object class.
      • setId

        public void setId​(String id)
        Set the internal Id that is associated with OrgUnit. This method is used by DAO class and is generated automatically by Fortress. Attribute stored in LDAP cannot be changed by external caller. This method can be used by client for search purposes only.
        Parameters:
        id - maps to 'ftId' in 'ftOrgUnit' object class.
      • setId

        public void setId()
        Generate an internal Id that is associated with OrgUnit. This method is used by DAO class and is not available to outside classes. The generated attribute maps to 'ftId' in 'ftOrgUnit' object class.
      • getType

        public OrgUnit.Type getType()
        Return the type of OrgUnit for this entity. This field is required for this entity.
        Returns:
        Type contains 'PERM' or 'USER'.
      • setType

        public void setType​(OrgUnit.Type type)
        Get the type of OrgUnit for this entity. This field is required for this entity.
        Parameters:
        type - contains 'PERM' or 'USER'.
      • getDescription

        public String getDescription()
        Returns optional description that is associated with OrgUnit. This attribute is validated but not constrained by Fortress.
        Returns:
        value that is mapped to 'description' in 'organizationalUnit' object class.
      • setDescription

        public void setDescription​(String description)
        Sets the optional description that is associated with OrgUnit. This attribute is validated but not constrained by Fortress.
        Parameters:
        description - that is mapped to same name in 'organizationalUnit' object class.
      • getParents

        public Set<String> getParents()
        Get the names of orgUnits that are parents (direct ascendants) of this orgUnit.
        Specified by:
        getParents in interface Graphable
        Returns:
        Set of parent orgUnit names assigned to this orgUnit.
      • setParents

        public void setParents​(Set<String> parents)
        Set the names of orgUnit names that are parents (direct ascendants) of this orgUnit.
        Specified by:
        setParents in interface Graphable
        Parameters:
        parents - contains the Set of parent orgUnit names assigned to this orgUnit.
      • setParent

        public void setParent​(String parent)
        Set the occupant attribute with the contents of the User dn.
        Specified by:
        setParent in interface Graphable
        Parameters:
        parent - maps to 'ftParents' attribute on 'ftRls' object class.
      • delParent

        public void delParent​(String parent)
        Set the occupant attribute with the contents of the User dn.
        Specified by:
        delParent in interface Graphable
        Parameters:
        parent - maps to 'ftParents' attribute on 'ftRls' object class.
      • getChildren

        public Set<String> getChildren()
        Return the Set of child orgUnit names (direct descendants) of this orgUnit.
        Returns:
        Set of child orgUnit names assigned to this orgUnit.
      • setChildren

        public void setChildren​(Set<String> children)
        Set the Set of child orgUnit names (direct descendants) of this orgUnit
        Parameters:
        children - contains the Set of child orgUnit names assigned to this orgUnit.
      • equals

        public boolean equals​(Object thatObj)
        Overrides:
        equals in class Object
        Parameters:
        thatObj - The OrgUnit to compare
        Returns:
        boolean value of 'true if objects match
      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object