Example #1
0
  /**
   * Removes a role from the given user
   *
   * @param loggedInUser The current user
   * @param login The login for the user you would like to remove the role from
   * @param role The role you would like to remove from the user
   * @return Returns 1 if successful (exception otherwise)
   * @throws FaultException A FaultException is thrown if the user doesn't have access to lookup the
   *     user corresponding to login or if the user does not exist.
   * @xmlrpc.doc Remove a role from a user.
   * @xmlrpc.param #param("string", "sessionKey")
   * @xmlrpc.param #param_desc("string", "login", "User login name to update.")
   * @xmlrpc.param #param_desc("string", "role", "Role label to remove. Can be any of:
   *     satellite_admin, org_admin, channel_admin, config_admin, system_group_admin,
   *     activation_key_admin, or monitoring_admin.")
   * @xmlrpc.returntype #return_int_success()
   */
  public int removeRole(User loggedInUser, String login, String role) throws FaultException {
    validateRoleInputs(role, loggedInUser);

    if (RoleFactory.SAT_ADMIN.getLabel().equals(role)) {
      return modifySatAdminRole(loggedInUser, login, false);
    }

    ensureOrgAdmin(loggedInUser);
    User target = XmlRpcUserHelper.getInstance().lookupTargetUser(loggedInUser, login);

    /*
     * Perform some error checking here... we need to make sure that this
     * isn't the last org_admin in the org trying to remove org_admin
     * status from himself.
     */
    if (role.equals(RoleFactory.ORG_ADMIN.getLabel())
        && target.hasRole(RoleFactory.ORG_ADMIN)
        && target.getOrg().numActiveOrgAdmins() <= 1) {
      throw new PermissionCheckFailureException();
    }

    // Retrieve the role object corresponding to the role label passed in and
    // remove from user
    Role r = RoleFactory.lookupByLabel(role);
    target.removePermanentRole(r);

    UserManager.storeUser(target);
    return 1;
  }
Example #2
0
 /**
  * Handles the vagaries related to granting or revoking sat admin role
  *
  * @param loggedInUser the logged in user
  * @param login the login of the user who needs to be granted/revoked sat admin role
  * @param grant true if granting the role to the login, false for revoking...
  * @return 1 if it success.. Ofcourse error on failure..
  */
 private int modifySatAdminRole(User loggedInUser, String login, boolean grant) {
   ensureUserRole(loggedInUser, RoleFactory.SAT_ADMIN);
   SatManager manager = SatManager.getInstance();
   User user = UserFactory.lookupByLogin(login);
   if (grant) {
     manager.grantSatAdminRoleTo(user, loggedInUser);
   } else {
     manager.revokeSatAdminRoleFrom(user, loggedInUser);
   }
   UserManager.storeUser(user);
   return 1;
 }
Example #3
0
 /**
  * Adds a role to the given user
  *
  * @param loggedInUser The current user
  * @param login The login for the user you would like to add the role to
  * @param role The role you would like to give the user
  * @return Returns 1 if successful (exception otherwise)
  * @throws FaultException A FaultException is thrown if the user doesn't have access to lookup the
  *     user corresponding to login or if the user does not exist.
  * @xmlrpc.doc Adds a role to a user.
  * @xmlrpc.param #param("string", "sessionKey")
  * @xmlrpc.param #param_desc("string", "login", "User login name to update.")
  * @xmlrpc.param #param_desc("string", "role", "Role label to add. Can be any of: satellite_admin,
  *     org_admin, channel_admin, config_admin, system_group_admin, activation_key_admin, or
  *     monitoring_admin.")
  * @xmlrpc.returntype #return_int_success()
  */
 public int addRole(User loggedInUser, String login, String role) throws FaultException {
   validateRoleInputs(role, loggedInUser);
   if (RoleFactory.SAT_ADMIN.getLabel().equals(role)) {
     return modifySatAdminRole(loggedInUser, login, true);
   }
   User target = XmlRpcUserHelper.getInstance().lookupTargetUser(loggedInUser, login);
   // Retrieve the role object corresponding to the role label passed in and
   // add to user
   Role r = RoleFactory.lookupByLabel(role);
   target.addPermanentRole(r);
   UserManager.storeUser(target);
   return 1;
 }
Example #4
0
  /**
   * Toggles whether or not a user users pamAuthentication or the basic RHN db auth.
   *
   * @param loggedInUser The current user
   * @param login The login for the user you would like to change
   * @param val The value you would like to set this to (1 = true, 0 = false)
   * @return Returns 1 if successful (exception otherwise)
   * @throws FaultException A FaultException is thrown if the user doesn't have access to lookup the
   *     user corresponding to login or if the user does not exist.
   * @xmlrpc.doc Toggles whether or not a user uses PAM authentication or basic RHN authentication.
   * @xmlrpc.param #param("string", "sessionKey")
   * @xmlrpc.param #param_desc("string", "login", "User's login name.")
   * @xmlrpc.param #param("int", "pam_value") #options() #item("1 to enable PAM authentication")
   *     #item("0 to disable.") #options_end()
   * @xmlrpc.returntype #return_int_success()
   */
  public int usePamAuthentication(User loggedInUser, String login, Integer val)
      throws FaultException {
    // Only org admins can use this method.
    ensureOrgAdmin(loggedInUser);
    User target = XmlRpcUserHelper.getInstance().lookupTargetUser(loggedInUser, login);

    if (val.equals(new Integer(1))) {
      target.setUsePamAuthentication(true);
    } else {
      target.setUsePamAuthentication(false);
    }

    UserManager.storeUser(target);

    return 1;
  }
Example #5
0
  /**
   * Add ServerGroups to the list of Default System groups. The ServerGroups <strong>MUST</strong>
   * exist otherwise a IllegalArgumentException is thrown.
   *
   * @param loggedInUser The current user in user.
   * @param login The login for the user whose Default ServerGroup list will be affected.
   * @param sgNames names of ServerGroups.
   * @return Returns 1 if successful (exception otherwise)
   * @xmlrpc.doc Add system groups to user's list of default system groups.
   * @xmlrpc.param #param("string", "sessionKey")
   * @xmlrpc.param #param_desc("string", "login", "User's login name.")
   * @xmlrpc.param #array_single("string", "serverGroupName")
   * @xmlrpc.returntype #return_int_success()
   */
  public int addDefaultSystemGroups(User loggedInUser, String login, List sgNames) {

    User target = XmlRpcUserHelper.getInstance().lookupTargetUser(loggedInUser, login);

    if (sgNames == null || sgNames.size() < 1) {
      throw new IllegalArgumentException("no servergroup names supplied");
    }

    List groups = ServerGroupFactory.listManagedGroups(target.getOrg());

    Map groupMap = new HashMap();

    // sigh.  After looking through all of the apache collections package
    // I couldn't find anything that would create a map from a list using
    // a property from the object in the list as the key. This is where
    // python would be useful.
    for (Iterator itr = groups.iterator(); itr.hasNext(); ) {
      ServerGroup sg = (ServerGroup) itr.next();
      groupMap.put(sg.getName(), sg);
    }

    // Doing full check of all supplied names, if one is bad
    // throw an exception, prior to altering the DefaultSystemGroup Set.
    for (Iterator itr = sgNames.iterator(); itr.hasNext(); ) {
      String name = (String) itr.next();
      ServerGroup sg = (ServerGroup) groupMap.get(name);
      if (sg == null) {
        throw new LookupServerGroupException(name);
      }
    }

    // now for the real reason we're in this method.
    Set defaults = target.getDefaultSystemGroupIds();
    for (Iterator itr = sgNames.iterator(); itr.hasNext(); ) {
      ServerGroup sg = (ServerGroup) groupMap.get(itr.next());
      if (sg != null) {
        // not a simple add to the groups.  Needs to call
        // UserManager as DataSource is being used.
        defaults.add(sg.getId());
      }
    }

    UserManager.setDefaultSystemGroupIds(target, defaults);
    UserManager.storeUser(target);

    return 1;
  }
  public void testSelectAll() throws Exception {
    BaseSystemListAction action = createAction();
    ActionHelper ah = new ActionHelper();
    ah.setUpAction(action);
    ah.setupProcessPagination();

    User user = ah.getUser();
    user.addPermanentRole(RoleFactory.ORG_ADMIN);
    UserManager.storeUser(user);
    ah.getRequest().setupAddParameter("items_on_page", (String[]) null);
    ah.getRequest().setupAddParameter("items_selected", (String[]) null);
    ah.executeAction("selectall");
    // This test only ensures that 'Select All' doesn't blow up.
    // To really test that something got selected, we would have to create an
    // appropriate system for each of the subclasses. The fact that the set cleaner
    // doesn't clean servers that should stay in the set is already tested by
    // testAddOne()
  }
  public void testAddOne() throws Exception {
    BaseSystemListAction action = createAction();
    ActionHelper ah = new ActionHelper();
    ah.setUpAction(action);
    ah.setupProcessPagination();

    User user = ah.getUser();
    user.addPermanentRole(RoleFactory.ORG_ADMIN);
    // Create a server that can be put in the set. Note that the
    // server is not set up entirely right for subclasses, which would
    // only display servers with certain attributes, e.g. a satellite.
    // But this test is only concerned with keeping a server in the set
    // w/o having it cleaned up by the set cleaner
    Server server =
        ServerFactoryTest.createTestServer(
            user, true, ServerConstants.getServerGroupTypeEnterpriseEntitled());
    UserManager.storeUser(user);
    String sid = server.getId().toString();
    ah.getRequest().setupAddParameter("items_on_page", (String[]) null);
    ah.getRequest().setupAddParameter("items_selected", new String[] {sid});
    ah.executeAction("updatelist");

    RhnSetActionTest.verifyRhnSetData(ah.getUser(), RhnSetDecl.SYSTEMS, 1);
  }