Exemplo n.º 1
0
 /**
  * Add an <code>Attribute</code> to a <code>GroupType</code>.
  *
  * <p>
  *
  * @param i BeanShell interpreter.
  * @param stack BeanShell call stack.
  * @param type Add to this <code>GroupType</code>.
  * @param name Name of <code>Attribute</code>.
  * @param read <code>Privilege</code> required for reading.
  * @param write <code>Privilege</code> required for writing.
  * @param req Is <code>Attribute</code> required.
  * @return <code>Field</code>
  * @throws GrouperShellException
  * @since 0.1.0
  */
 public static Field invoke(
     Interpreter i,
     CallStack stack,
     String type,
     String name,
     Privilege read,
     Privilege write,
     boolean req)
     throws GrouperShellException {
   GrouperShell.setOurCommand(i, true);
   try {
     GrouperSession s = GrouperShell.getSession(i);
     GroupType t = GroupTypeFinder.find(type);
     return t.addAttribute(s, name, read, write, req);
   } catch (InsufficientPrivilegeException eIP) {
     GrouperShell.error(i, eIP);
   } catch (SchemaException eS) {
     GrouperShell.error(i, eS);
   }
   throw new GrouperShellException(E.TYPE_ADDATTR + name);
 } // public static Field invoke(i, stack, type, name, read, write, req)
Exemplo n.º 2
0
 /**
  * Update Groups Registry from XML at URL.
  *
  * <p>
  *
  * @param i BeanShell interpreter.
  * @param stack BeanShell call stack.
  * @param url Use the XML at this <tt>URL</tt> for updates.
  * @return True if successful.
  * @throws GrouperShellException
  * @since 0.1.0
  */
 public static boolean invoke(Interpreter i, CallStack stack, URL url)
     throws GrouperShellException {
   GrouperShell.setOurCommand(i, true);
   try {
     GrouperSession s = GrouperShell.getSession(i);
     XmlImporter importer = new XmlImporter(s, new Properties());
     importer.update(XmlReader.getDocumentFromURL(url));
     return true;
   } catch (GrouperException eG) {
     GrouperShell.error(i, eG);
   }
   return false;
 } // public static boolean invoke(i, stack, url)
Exemplo n.º 3
0
  /**
   * Check if subject has privilege.
   *
   * <p>
   *
   * @param i BeanShell interpreter.
   * @param stack BeanShell call stack.
   * @param name Check for privilege on this {@link Group} or {@link Stem}.
   * @param subjId Check if this {@link Subject} has privilege.
   * @param priv Check this {@link AccessPrivilege}.
   * @return True if succeeds.
   * @throws GrouperShellException
   * @since 0.0.1
   */
  public static boolean invoke(
      Interpreter i, CallStack stack, String name, String subjId, Privilege priv)
      throws GrouperShellException {
    GrouperShell.setOurCommand(i, true);
    try {
      GrouperSession s = GrouperShell.getSession(i);
      Subject subj = SubjectFinder.findByIdOrIdentifier(subjId, true);
      if (Privilege.isAccess(priv)) {
        Group g = GroupFinder.findByName(s, name, true);
        if (priv.equals(AccessPrivilege.ADMIN)) {
          return g.hasAdmin(subj);
        } else if (priv.equals(AccessPrivilege.OPTIN)) {
          return g.hasOptin(subj);
        } else if (priv.equals(AccessPrivilege.OPTOUT)) {
          return g.hasOptout(subj);
        } else if (priv.equals(AccessPrivilege.READ)) {
          return g.hasRead(subj);
        } else if (priv.equals(AccessPrivilege.UPDATE)) {
          return g.hasUpdate(subj);
        } else if (priv.equals(AccessPrivilege.GROUP_ATTR_READ)) {
          return g.hasGroupAttrRead(subj);
        } else if (priv.equals(AccessPrivilege.GROUP_ATTR_UPDATE)) {
          return g.hasGroupAttrUpdate(subj);
        } else if (priv.equals(AccessPrivilege.VIEW)) {
          return g.hasView(subj);
        } else {
          throw new RuntimeException("Not expecting privilege: " + priv);
        }
      } else if (Privilege.isNaming(priv)) {
        Stem ns = StemFinder.findByName(s, name, true);
        if (priv.equals(NamingPrivilege.CREATE)) {
          return ns.hasCreate(subj);
        } else if (priv.equals(NamingPrivilege.STEM_ATTR_READ)) {
          return ns.hasStemAttrRead(subj);
        } else if (priv.equals(NamingPrivilege.STEM_ATTR_UPDATE)) {
          return ns.hasStemAttrUpdate(subj);
        } else if (priv.equals(NamingPrivilege.STEM) || priv.equals(NamingPrivilege.STEM_ADMIN)) {
          return ns.hasStemAdmin(subj);
        } else {
          throw new RuntimeException("Not expecting privilege: " + priv);
        }
      } else if (Privilege.isAttributeDef(priv)) {
        AttributeDef attributeDef = AttributeDefFinder.findByName(name, true);
        if (priv.equals(AttributeDefPrivilege.ATTR_ADMIN)) {
          return attributeDef.getPrivilegeDelegate().hasAttrAdmin(subj);
        } else if (priv.equals(AttributeDefPrivilege.ATTR_OPTIN)) {
          return attributeDef.getPrivilegeDelegate().hasAttrOptin(subj);
        } else if (priv.equals(AttributeDefPrivilege.ATTR_OPTOUT)) {
          return attributeDef.getPrivilegeDelegate().hasAttrOptout(subj);
        } else if (priv.equals(AttributeDefPrivilege.ATTR_READ)) {
          return attributeDef.getPrivilegeDelegate().hasAttrRead(subj);
        } else if (priv.equals(AttributeDefPrivilege.ATTR_UPDATE)) {
          return attributeDef.getPrivilegeDelegate().hasAttrUpdate(subj);
        } else if (priv.equals(AttributeDefPrivilege.ATTR_DEF_ATTR_READ)) {
          return attributeDef.getPrivilegeDelegate().hasAttrDefAttrRead(subj);
        } else if (priv.equals(AttributeDefPrivilege.ATTR_DEF_ATTR_UPDATE)) {
          return attributeDef.getPrivilegeDelegate().hasAttrDefAttrUpdate(subj);
        } else if (priv.equals(AttributeDefPrivilege.ATTR_VIEW)) {
          return attributeDef.getPrivilegeDelegate().hasAttrView(subj);
        } else {
          throw new RuntimeException("Not expecting privilege: " + priv);
        }

      } else {
        throw new RuntimeException("Invalid privilege type: " + priv);
      }
    } catch (GroupNotFoundException eGNF) {
      GrouperShell.error(i, eGNF);
    } catch (StemNotFoundException eNSNF) {
      GrouperShell.error(i, eNSNF);
    } catch (SubjectNotFoundException eSNF) {
      GrouperShell.error(i, eSNF);
    } catch (SubjectNotUniqueException eSNU) {
      GrouperShell.error(i, eSNU);
    }
    return false;
  } // public static boolean invoke(i, stack, name, subjId, priv)