nbi.xmlsec.xacml.profile.rbac
Class RoleManager

java.lang.Object
  extended bynbi.xmlsec.xacml.profile.rbac.RoleManager

public class RoleManager
extends Object

This class is the main instance of the role management tool. It realises the different commands based on the command line. The role manager has to be configured using the RoleManager part of the configuration file.

Since:
Version:
$Revision: 1.34 $
Author:
Lutz Suhrbier

Field Summary
private  Configuration configuration
          The RoleManager's configuration
(package private) static Logger logger
           
private static Options options
           
private  PolicyManager polMgr
          The RoleManager's PolicyManager
 
Constructor Summary
RoleManager(Configuration config)
          Inits the RoleManager based on the given configuration.
 
Method Summary
private  void doAdd(CommandLine cmd)
           
private  Permission doAddConditionToPermission(Permission perm, CommandLine cmd)
           
private  void doAddPermissionPolicyToRole(CommandLine cmd)
           
private  void doAddPermissionToPermissionPolicy(CommandLine cmd)
           
private  void doAddUserToRole(CommandLine cmd)
           
 void doCmd(CommandLine cmd)
           
 void doCmd(String[] args)
           
private  void doHelp(CommandLine cmd)
           
private  void doList(CommandLine cmd)
           
private  void doRemove(CommandLine cmd)
           
private  void doRemoveConditionFromPermission(CommandLine cmd)
           
private  void doRemoveDomain(CommandLine cmd)
           
private  void doRemovePermissionFromPermissionPolicy(CommandLine cmd)
           
private  void doRemovePermissionPolicyFromRole(CommandLine cmd)
           
private  void doRemoveRole(CommandLine cmd)
           
private  void doRemoveUserFromRole(CommandLine cmd)
           
protected  Assignment getAssignment(RoleAssignmentPolicySet policySet, CommandLine cmd)
          Gets the assignment from the role assignment policy set, or creates a new from the domain and role arguments from the command line and the configuration.
 String getDefaultDomain()
          Retrieves the policy base directory from the current configuration.
 String getDomainParameter(CommandLine cmd)
          Determines the domain using the command line.
private  List getLabels(List ids)
          Extracts the labels from a list of identifiers.
 boolean getPermissionEffectParameter(CommandLine cmd)
          Determines the permission effect parameter from the command line.
 String[] getPermissionParameter(CommandLine cmd)
          Gets the Values for the PermissionParameter from the command line.
 List getPermissionPolicies(RolePolicySet policySet, CommandLine cmd)
          Gets the permission policies from the command line parameters from the RolePolicySet, or creates and adds new PermissionPolicies to the result list, if they can not be found in the RolePolicySet.
 String[] getPermissionPolicyParameter(CommandLine cmd)
          Gets the Values for the PermissionPolicyParameter from the command line.
protected  PermissionPolicySet getPermissionPolicySet(RolePolicySet policySet, CommandLine cmd)
          Gets the current permission policy set from a role policy set, or creates a new permission policy set using the domain and role arguments from the command line and the configuration.
protected  List getPermissions(PermissionPolicy permPolicy, CommandLine cmd)
          Gets the permission labels listed in the CommandLine from the role policy set or creates new permissions from the domain and permission arguments of the command line and the configuration if the permission was not found in the PermissionPolicy.
 String getPolicyBaseDir()
          Retrieves the policy base directory from the policy manager.
protected  RoleAssignmentPolicySet getRoleAssignmentPolicySet(CommandLine cmd)
          Gets/Creates the current role assignment policy set using the policy manager, the domain arguments from the command line and the configuration.
 String getRoleParameter(CommandLine cmd)
          Determines the role parameter from the command line.
protected  RolePolicySet getRolePolicySet(CommandLine cmd)
          Gets/Creates the current role policy set using the policy manager, the domain and role arguments from the command line and the configuration.
 List getUserCertificates(CommandLine cmd)
          Retrieves the certificates from the User parameter of the command line.
private  void initOptions()
           
static void main(String[] args)
           
private  void printCollection(PrintStream out, Collection coll, String sep, String headerLine)
          Prints the elements of a collection to a stream.
private  void printErrorMsg(String msg, String reason)
           
private  void printMsg(String msg)
           
 void setdefaultDomain(String defaultDomain)
          Sets the policy base directory in the current configuration.
 void setPolicyBaseDir(String policyBaseDir)
          Sets the policy base directory to the policy manager.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

static Logger logger

configuration

private Configuration configuration
The RoleManager's configuration


polMgr

private PolicyManager polMgr
The RoleManager's PolicyManager


options

private static Options options
Constructor Detail

RoleManager

public RoleManager(Configuration config)
            throws Exception
Inits the RoleManager based on the given configuration. Depending on the configuration a RoleManger is set up creating the defined default
  • domain
  • ,
  • PolicyManager
  • and
  • PolicyFinderModules
  • .

    Parameters:
    config - RoleManager's configuration.
    Throws:
    Exception
    Method Detail

    getPolicyBaseDir

    public String getPolicyBaseDir()
    Retrieves the policy base directory from the policy manager.

    Returns:
    The base directory for all policies.

    setPolicyBaseDir

    public void setPolicyBaseDir(String policyBaseDir)
    Sets the policy base directory to the policy manager.

    Returns:
    The base directory for all policies.

    getDefaultDomain

    public String getDefaultDomain()
    Retrieves the policy base directory from the current configuration.

    Returns:
    The base directory for all policies.

    setdefaultDomain

    public void setdefaultDomain(String defaultDomain)
    Sets the policy base directory in the current configuration.

    Returns:
    The base directory for all policies.

    getDomainParameter

    public String getDomainParameter(CommandLine cmd)
    Determines the domain using the command line. If the command line has the option "D", then this value is returned. Otherwise, the value of the defaultDomain configuration parameter is returned if available. Finally, the currentDirectoryPath (.) is returned.

    Returns:
    The domain.

    getRoleParameter

    public String getRoleParameter(CommandLine cmd)
    Determines the role parameter from the command line.

    Returns:
    The role parameter or null.

    getPermissionPolicyParameter

    public String[] getPermissionPolicyParameter(CommandLine cmd)
    Gets the Values for the PermissionPolicyParameter from the command line.

    Parameters:
    cmd - Command line to parse
    Returns:
    PermissionPolicy labels from the command line, or null.

    getPermissionParameter

    public String[] getPermissionParameter(CommandLine cmd)
    Gets the Values for the PermissionParameter from the command line.

    Parameters:
    cmd - Command line to parse
    Returns:
    Permission labels from the command line, or null.

    getPermissionPolicies

    public List getPermissionPolicies(RolePolicySet policySet,
                                      CommandLine cmd)
    Gets the permission policies from the command line parameters from the RolePolicySet, or creates and adds new PermissionPolicies to the result list, if they can not be found in the RolePolicySet.

    Returns:
    List of PermissionPolicies from the command line.

    getUserCertificates

    public List getUserCertificates(CommandLine cmd)
    Retrieves the certificates from the User parameter of the command line. When an exception occurs reading a certificate, this certificate is not added to the list. The reading process continues with the next user argument.

    Returns:
    The list of user certificates read.

    getRolePolicySet

    protected RolePolicySet getRolePolicySet(CommandLine cmd)
    Gets/Creates the current role policy set using the policy manager, the domain and role arguments from the command line and the configuration.

    Returns:
    The role policy set.

    getRoleAssignmentPolicySet

    protected RoleAssignmentPolicySet getRoleAssignmentPolicySet(CommandLine cmd)
    Gets/Creates the current role assignment policy set using the policy manager, the domain arguments from the command line and the configuration. The label of the RoleAssignmentPolicySet is set to value of the domain label.

    Returns:
    The role policy set.

    getPermissionPolicySet

    protected PermissionPolicySet getPermissionPolicySet(RolePolicySet policySet,
                                                         CommandLine cmd)
    Gets the current permission policy set from a role policy set, or creates a new permission policy set using the domain and role arguments from the command line and the configuration.

    Returns:
    The permission policy set.

    getAssignment

    protected Assignment getAssignment(RoleAssignmentPolicySet policySet,
                                       CommandLine cmd)
    Gets the assignment from the role assignment policy set, or creates a new from the domain and role arguments from the command line and the configuration.

    Returns:
    The assignment.

    getPermissions

    protected List getPermissions(PermissionPolicy permPolicy,
                                  CommandLine cmd)
    Gets the permission labels listed in the CommandLine from the role policy set or creates new permissions from the domain and permission arguments of the command line and the configuration if the permission was not found in the PermissionPolicy.

    Returns:
    List of permissions from the command line.

    getPermissionEffectParameter

    public boolean getPermissionEffectParameter(CommandLine cmd)
    Determines the permission effect parameter from the command line.

    Returns:
    true, if the permission is set to permit, false, if the permission is set to deny.

    initOptions

    private void initOptions()

    printErrorMsg

    private void printErrorMsg(String msg,
                               String reason)

    printMsg

    private void printMsg(String msg)

    printCollection

    private void printCollection(PrintStream out,
                                 Collection coll,
                                 String sep,
                                 String headerLine)
    Prints the elements of a collection to a stream. The method calls the toString()method of every element in the collection. The elements are separated by the string sep. If sep is null, no separation is done. Optionally, a headerline may be printed.

    Parameters:
    out - PrintStream to print the collection to.
    coll - The collection to print.
    sep - The separator string to separate the collection's elements or null, if separation is not wanted.
    headerLine - The headerline to print or null, if a headerline is not wanted.

    getLabels

    private List getLabels(List ids)
    Extracts the labels from a list of identifiers.

    Parameters:
    ids - List of Identifiers.
    Returns:
    List of labels extracted from the identifier list.

    doHelp

    private void doHelp(CommandLine cmd)

    doList

    private void doList(CommandLine cmd)

    doAdd

    private void doAdd(CommandLine cmd)

    doAddConditionToPermission

    private Permission doAddConditionToPermission(Permission perm,
                                                  CommandLine cmd)
                                           throws ParsingException,
                                                  UnknownIdentifierException,
                                                  FunctionTypeException
    Throws:
    ParsingException
    UnknownIdentifierException
    FunctionTypeException

    doAddPermissionToPermissionPolicy

    private void doAddPermissionToPermissionPolicy(CommandLine cmd)

    doAddPermissionPolicyToRole

    private void doAddPermissionPolicyToRole(CommandLine cmd)

    doAddUserToRole

    private void doAddUserToRole(CommandLine cmd)

    doRemove

    private void doRemove(CommandLine cmd)

    doRemoveRole

    private void doRemoveRole(CommandLine cmd)

    doRemoveDomain

    private void doRemoveDomain(CommandLine cmd)

    doRemovePermissionPolicyFromRole

    private void doRemovePermissionPolicyFromRole(CommandLine cmd)

    doRemoveConditionFromPermission

    private void doRemoveConditionFromPermission(CommandLine cmd)

    doRemovePermissionFromPermissionPolicy

    private void doRemovePermissionFromPermissionPolicy(CommandLine cmd)

    doRemoveUserFromRole

    private void doRemoveUserFromRole(CommandLine cmd)

    doCmd

    public void doCmd(CommandLine cmd)

    doCmd

    public void doCmd(String[] args)
               throws ParseException
    Throws:
    ParseException

    main

    public static void main(String[] args)
                     throws Exception
    Throws:
    Exception


    Copyright © 2006 Lutz Suhrbier, Freie Universität Berlin. All Rights Reserved.