/* Create specified role. Return null if acl already exists */ public static RoleAcl createNewRoleAcl(Role role, String aclID) throws DBException { RoleAcl roleAcl = RoleAcl.getRoleAcl(role, aclID, true); if (roleAcl != null) { roleAcl.save(); } return roleAcl; }
/* set Role access level */ public static void setAccessLevel(Role role, String aclId, AccessLevel level) throws DBException { /* role specified? */ if (role == null) { throw new DBException("Role not specified."); } String acctId = role.getAccountID(); String roleId = role.getRoleID(); /* acl-id specified? */ if (StringTools.isBlank(aclId)) { throw new DBException("Acl-ID not specified."); } /* get/create role */ RoleAcl roleAcl = null; RoleAcl.Key aclKey = new RoleAcl.Key(acctId, roleId, aclId); if (aclKey.exists()) { // may throw DBException roleAcl = RoleAcl.getRoleAcl(role, aclId); // may throw DBException } else { roleAcl = aclKey.getDBRecord(); roleAcl.setRole(role); } /* set access level */ int levelInt = (level != null) ? level.getIntValue() : AccessLevel.NONE.getIntValue(); roleAcl.setAccessLevel(levelInt); /* save */ roleAcl.save(); // may throw DBException }
/* return Role access level */ public static AccessLevel getAccessLevel(Role role, String aclId, AccessLevel dftAccess) { if (role == null) { return dftAccess; } else if (StringTools.isBlank(aclId)) { return dftAccess; } else { try { RoleAcl roleAcl = RoleAcl.getRoleAcl(role, aclId); // may throw DBException if (roleAcl != null) { return RoleAcl.getAccessLevel(roleAcl); } else { return dftAccess; } } catch (DBException dbe) { // error occurred return AccessLevel.NONE; } } }
/* Return specified role ACL, create if specified */ public static RoleAcl getRoleAcl(Role role, String aclId, boolean create) throws DBException { // does not return null /* role specified? */ if (role == null) { throw new DBNotFoundException("Role not specified."); } String acctId = role.getAccountID(); String roleId = role.getRoleID(); /* acl-id specified? */ if (StringTools.isBlank(aclId)) { throw new DBNotFoundException("Acl-ID not specified."); } /* get/create role */ RoleAcl roleAcl = null; RoleAcl.Key aclKey = new RoleAcl.Key(acctId, roleId, aclId); if (!aclKey.exists()) { // may throw DBException if (create) { roleAcl = aclKey.getDBRecord(); roleAcl.setRole(role); roleAcl.setCreationDefaultValues(); return roleAcl; // not yet saved! } else { throw new DBNotFoundException("Acl-ID does not exists '" + aclKey + "'"); } } else if (create) { // we've been asked to create the Acl, and it already exists throw new DBAlreadyExistsException("Acl-ID already exists '" + aclKey + "'"); } else { roleAcl = RoleAcl.getRoleAcl(role, aclId); // may throw DBException if (roleAcl == null) { throw new DBException("Unable to read existing Role-ID '" + aclKey + "'"); } return roleAcl; } }
public static void main(String args[]) { DBConfig.cmdLineInit(args, true); // main String acctID = RTConfig.getString(ARG_ACCOUNT, ""); String roleID = RTConfig.getString(ARG_ROLE, ""); String aclID = RTConfig.getString(ARG_ACL, ""); /* account-id specified? */ if ((acctID == null) || acctID.equals("")) { Print.logError("Account-ID not specified."); usage(); } /* get account */ Account acct = null; try { acct = Account.getAccount(acctID); // may return DBException if (acct == null) { Print.logError("Account-ID does not exist: " + acctID); usage(); } } catch (DBException dbe) { Print.logException("Error loading Account: " + acctID, dbe); // dbe.printException(); System.exit(99); } /* role-id specified? */ if ((roleID == null) || roleID.equals("")) { Print.logError("Role-ID not specified."); usage(); } /* get role */ Role role = null; try { role = Role.getRole(acct, roleID); // may return DBException if (role == null) { Print.logError("Role-ID does not exist: " + acctID + "/" + roleID); usage(); } } catch (DBException dbe) { Print.logException("Error loading Role: " + acctID + "/" + roleID, dbe); // dbe.printException(); System.exit(99); } /* RoleAcl exists? */ boolean aclExists = false; if ((aclID != null) && !aclID.equals("")) { try { aclExists = RoleAcl.exists(acctID, roleID, aclID); } catch (DBException dbe) { Print.logError( "Error determining if RoleAcl exists: " + acctID + "/" + roleID + "/" + aclID); System.exit(99); } } /* option count */ int opts = 0; /* list */ if (RTConfig.getBoolean(ARG_LIST, false)) { opts++; try { String aclList[] = role.getAclsForRole(); for (int i = 0; i < aclList.length; i++) { AccessLevel level = RoleAcl.getAccessLevel(role, aclList[i], AccessLevel.NONE); Print.sysPrintln(" " + aclList[i] + " ==> " + level); } } catch (DBException dbe) { Print.logError("Error getting Acl list: " + dbe); System.exit(99); } System.exit(0); } /* delete */ if (RTConfig.getBoolean(ARG_DELETE, false) && !acctID.equals("") && !roleID.equals("")) { opts++; if (!aclExists) { Print.logWarn("RoleAcl does not exist: " + acctID + "/" + roleID + "/" + aclID); Print.logWarn("Continuing with delete process ..."); } try { RoleAcl.Key aclKey = new RoleAcl.Key(acctID, roleID, aclID); aclKey.delete(true); // also delete dependencies Print.logInfo("RoleAcl deleted: " + acctID + "/" + roleID + "/" + aclID); } catch (DBException dbe) { Print.logError("Error deleting RoleAcl: " + acctID + "/" + roleID + "/" + aclID); dbe.printException(); System.exit(99); } System.exit(0); } /* create */ if (RTConfig.getBoolean(ARG_CREATE, false)) { opts++; if (aclExists) { Print.logWarn("RoleAcl already exists: " + acctID + "/" + roleID + "/" + aclID); } else { try { RoleAcl.createNewRoleAcl(role, aclID); Print.logInfo("Created RoleAcl: " + acctID + "/" + roleID + "/" + aclID); aclExists = true; } catch (DBException dbe) { Print.logError("Error creating RoleAcl: " + acctID + "/" + roleID + "/" + aclID); dbe.printException(); System.exit(99); } } } /* set */ if (RTConfig.hasProperty(ARG_SET)) { opts++; AccessLevel aclLevel = EnumTools.getValueOf(AccessLevel.class, RTConfig.getInt(ARG_SET, -1)); try { RoleAcl.setAccessLevel(role, aclID, aclLevel); Print.logInfo( "Set RoleAcl '" + acctID + "/" + roleID + "/" + aclID + "' to level " + aclLevel); } catch (DBException dbe) { Print.logError("Error setting RoleAcl: " + acctID + "/" + roleID + "/" + aclID); dbe.printException(); System.exit(99); } System.exit(0); } /* edit */ if (RTConfig.getBoolean(ARG_EDIT, false)) { opts++; if (!aclExists) { Print.logError("RoleAcl does not exist: " + acctID + "/" + roleID + "/" + aclID); } else { try { RoleAcl roleAcl = RoleAcl.getRoleAcl(role, aclID, false); // may throw DBException DBEdit editor = new DBEdit(roleAcl); editor.edit(); // may throw IOException } catch (IOException ioe) { if (ioe instanceof EOFException) { Print.logError("End of input"); } else { Print.logError("IO Error"); } } catch (DBException dbe) { Print.logError("Error editing RoleAcl: " + acctID + "/" + roleID + "/" + aclID); dbe.printException(); } } System.exit(0); } /* no options specified */ if (opts == 0) { Print.logWarn("Missing options ..."); usage(); } }