Class UserRole

  • All Implemented Interfaces:
    Serializable, Constraint
    Direct Known Subclasses:
    UserAdminRole

    public class UserRole
    extends FortEntity
    implements Serializable, Constraint
    The Fortress UserRole entity is used to store an RBAC User to Role assignment along with its temporal constraint values. The contents of the UserRole entity will be stored on the User entity in the 'ftRA' (Role name) and 'ftRC' (Temporal Constraints) attributes on the 'ftUserAttrs' object class. The UserRole entity carries elements of Constraint. Any attributes of Constraint not set within this entity will use same attribute from the Role entity. Thus the UserRole can override Constraint attributes from it's corresponding Role if required by caller.

    UserRole Schema

    ftUserAttrs is used to store RBAC and ARBAC Role role assignments and other security attributes on User entity.
     ------------------------------------------
     Fortress User Attributes Auxiliary Object Class
     objectclass ( 1.3.6.1.4.1.38088.3.1
      NAME 'ftUserAttrs'
      DESC 'Fortress User Attribute AUX Object Class'
      AUXILIARY
      MUST (
          ftId
      )
      MAY (
          ftRC $
          ftRA $
          ftARC $
          ftARA $
          ftCstr $
          ftSystem
      )
     )
     ------------------------------------------
     
    Author:
    Apache Directory Project
    See Also:
    Serialized Form
    • Field Detail

      • userId

        protected String userId
      • isGroupRole

        protected boolean isGroupRole
    • Constructor Detail

      • UserRole

        public UserRole()
        Default constructor is used by internal Fortress classes.
      • UserRole

        public UserRole​(String userId,
                        String role)
        Construct a UserRole entity given the required attributes 'userId' and 'role' name.
        Parameters:
        userId - maps to the 'uid' attribute on the 'inetOrgPerson' object class.
        role - maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.
      • UserRole

        public UserRole​(String userId,
                        String name,
                        boolean isGroupRole)
        Construct a UserRole entity given the required attributes 'userId' and 'role' name.
        Parameters:
        userId - maps to the 'uid' attribute on the 'inetOrgPerson' object class.
        name - role name, maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.
        isGroupRole - defines if value contained in userId is group name rather than user's uid
      • UserRole

        public UserRole​(String userId,
                        Constraint con)
        Construct an RBAC Role with required attribute 'userId' and optional temporal constraint.
        Parameters:
        userId - maps to the 'uid' attribute on the 'inetOrgPerson' object class.
        con - maps to 'ftRC' attribute in 'ftUserAttrs' object class.
      • UserRole

        public UserRole​(String role)
        Construct a UserRole entity given the required attribute role' name.
        Parameters:
        role - maps to the 'ftRA' attribute on the 'ftUserAttrs' object class.
    • Method Detail

      • load

        public void load​(String szRawData,
                         String contextId,
                         ParentUtil parentUtil)
        This method loads UserRole entity temporal constraint instance variables with data that was retrieved from the 'ftRC' attribute on the 'ftUserAttrs' object class. This is the raw format that Fortress uses to condense the temporal data into a compact String for efficient storage and retrieval and is not intended to be called by external programs.
        Parameters:
        szRawData - contains a raw formatted String that maps to 'ftRC' attribute on 'ftUserAttrs' object class
        contextId - contains the tenant id.
        parentUtil - provides method to getParents.
      • getRawData

        public String getRawData()
        Required on DAO classes convert Temporal attributes stored on entity to raw data object format needed for ldap . For internal use only.
        Specified by:
        getRawData in interface Constraint
        Returns:
        String that maps to 'ftRA' attribute on the 'ftUserAttrs' object class.
      • getUserId

        public String getUserId()
        Return the userId that is associated with UserRole. UserId is required attribute and must be set on all UserRole assignment operations.
        Returns:
        attribute maps to 'uid' in 'inetOrgPerson' object class.
      • setUserId

        public void setUserId​(String userId)
        Set the userId that is associated with UserRole. UserId is required attribute and must be set on all UserRole assignment operations.
        Parameters:
        userId - maps to 'uid' in 'inetOrgPerson' object class.
      • setName

        public void setName​(String name)
        Get the Role name required attribute of the UserRole object
        Specified by:
        setName in interface Constraint
        Parameters:
        name - maps to 'ftRC' and 'ftRA' attributes on 'ftUserAttrs' object class.
      • getName

        public String getName()
        Set the Role name required attribute of the UserRole object
        Specified by:
        getName in interface Constraint
        Returns:
        attribute maps to 'ftRC' and 'ftRA' attributes on 'ftUserAttrs' object class.
      • isTemporalSet

        public boolean isTemporalSet()
        temporal boolean flag is used by internal Fortress components.
        Specified by:
        isTemporalSet in interface Constraint
        Returns:
        boolean indicating if temporal constraints are placed on UserRole.
      • setTimeout

        public void setTimeout​(Integer timeout)
        Set the integer timeout that contains max time ((in minutes)) that entity may remain inactive. This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        setTimeout in interface Constraint
        Parameters:
        timeout - maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • setBeginTime

        public void setBeginTime​(String beginTime)
        Set the begin time of day entity is allowed to be activated in system. The format is military time - HHMM, i.e. 0800 (8:00 am) or 1700 (5:00 p.m.). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        setBeginTime in interface Constraint
        Parameters:
        beginTime - maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • setEndTime

        public void setEndTime​(String endTime)
        Set the end time of day entity is allowed to be activated in system. The format is military time - HHMM, i.e. 0000 (12:00 am) or 2359 (11:59 p.m.). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        setEndTime in interface Constraint
        Parameters:
        endTime - maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • setBeginDate

        public void setBeginDate​(String beginDate)
        Set the beginDate when entity is allowed to be activated in system. The format is - YYYYMMDD, i.e. 20100101 (January 1, 2001). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        setBeginDate in interface Constraint
        Parameters:
        beginDate - maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • setEndDate

        public void setEndDate​(String endDate)
        Set the end date when entity is not allowed to be activated in system. The format is - YYYYMMDD, i.e. 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        setEndDate in interface Constraint
        Parameters:
        endDate - maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • setDayMask

        public void setDayMask​(String dayMask)
        Set the daymask that specifies what days of week entity is allowed to be activated in system. The format is 1234567, i.e. 23456 (Monday, Tuesday, Wednesday, Thursday, Friday). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        setDayMask in interface Constraint
        Parameters:
        dayMask - maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • setBeginLockDate

        public void setBeginLockDate​(String beginLockDate)
        Set the begin lock date when entity is temporarily not allowed to be activated in system. The format is - YYYYMMDD, 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        setBeginLockDate in interface Constraint
        Parameters:
        beginLockDate - maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • setEndLockDate

        public void setEndLockDate​(String endLockDate)
        Set the end lock date when entity is allowed to be activated in system once again. The format is - YYYYMMDD, i.e. 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        setEndLockDate in interface Constraint
        Parameters:
        endLockDate - maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • getTimeout

        public Integer getTimeout()
        Return the integer timeout that contains total time ((in minutes)) that entity may remain inactive. This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        getTimeout in interface Constraint
        Returns:
        int that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • getBeginTime

        public String getBeginTime()
        Contains the begin time of day entity is allowed to be activated in system. The format is military time - HHMM, i.e. 0800 (8:00 am) or 1700 (5:00 p.m.). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        getBeginTime in interface Constraint
        Returns:
        String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • getEndTime

        public String getEndTime()
        Contains the end time of day entity is allowed to be activated in system. The format is military time - HHMM, i.e. 0000 (12:00 am) or 2359 (11:59 p.m.). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        getEndTime in interface Constraint
        Returns:
        String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • getBeginDate

        public String getBeginDate()
        Contains the begin date when entity is allowed to be activated in system. The format is - YYYYMMDD, i.e. 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        getBeginDate in interface Constraint
        Returns:
        String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • getEndDate

        public String getEndDate()
        Contains the end date when entity is allowed to be activated in system. The format is - YYYYMMDD, i.e. 20101231 (December 31, 2011). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        getEndDate in interface Constraint
        Returns:
        String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • getBeginLockDate

        public String getBeginLockDate()
        Contains the begin lock date when entity is temporarily not allowed to activated in system. The format is - YYYYMMDD, i.e. 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        getBeginLockDate in interface Constraint
        Returns:
        String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • getEndLockDate

        public String getEndLockDate()
        Contains the end lock date when entity is allowed to be activated in system once again. The format is - YYYYMMDD, i.e. 20100101 (January 1. 2010). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        getEndLockDate in interface Constraint
        Returns:
        String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • getDayMask

        public String getDayMask()
        Get the daymask that indicates what days of week entity is allowed to be activated in system. The format is 1234567, i.e. 23456 (Monday, Tuesday, Wednesday, Thursday, Friday). This attribute is optional but if set will be validated for reasonableness.
        Specified by:
        getDayMask in interface Constraint
        Returns:
        String that maps to 'ftRC', attribute on 'ftUserAttrs' object class.
      • getParents

        public Set<String> getParents()
        Get the names of roles that are parents (direct ascendants) of this role.
        Returns:
        Set of parent role names assigned to this role.
      • setParents

        public void setParents​(Set<String> parents)
        Set the names of roles names that are parents (direct ascendants) of this role.
        Parameters:
        parents - contains the Set of parent role names assigned to this role.
      • isGroupRole

        public boolean isGroupRole()
        Returns 'true' if value in userId refers to group name
        Returns:
        if userId contains group name
      • setGroupRole

        public void setGroupRole​(boolean groupRole)
        Set to 'true' if userId contains group name
        Parameters:
        groupRole - specifies if value in userId contains group name
      • equals

        public boolean equals​(Object thatObj)
        Matches the userId and role name from two UserRole entities.
        Overrides:
        equals in class Object
        Parameters:
        thatObj - contains a UserRole entity.
        Returns:
        boolean indicating both objects contain matching userId and Role names.
      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object
      • toString

        public String toString()
        Used to retrieve UserRole Role name attribute. The Fortress UserRole name maps to 'ftRA' attribute on 'ftUserAttrs' object class.
        Overrides:
        toString in class Object
      • setRoleConstraints

        public void setRoleConstraints​(List<RoleConstraint> roleConstraints)