示例#1
0
 /* Create specified role.  Return null if acl already exists */
 public static RoleAcl createNewRoleAcl(Role role, String aclID) throws DBException {
   RoleAcl roleAcl = RoleAcl.getRoleAcl(role, aclID, true);
   if (roleAcl != null) {
     roleAcl.save();
   }
   return roleAcl;
 }
示例#2
0
  /* set Role access level */
  public static void setAccessLevel(Role role, String aclId, AccessLevel level) throws DBException {

    /* role specified? */
    if (role == null) {
      throw new DBException("Role not specified.");
    }
    String acctId = role.getAccountID();
    String roleId = role.getRoleID();

    /* acl-id specified? */
    if (StringTools.isBlank(aclId)) {
      throw new DBException("Acl-ID not specified.");
    }

    /* get/create role */
    RoleAcl roleAcl = null;
    RoleAcl.Key aclKey = new RoleAcl.Key(acctId, roleId, aclId);
    if (aclKey.exists()) { // may throw DBException
      roleAcl = RoleAcl.getRoleAcl(role, aclId); // may throw DBException
    } else {
      roleAcl = aclKey.getDBRecord();
      roleAcl.setRole(role);
    }

    /* set access level */
    int levelInt = (level != null) ? level.getIntValue() : AccessLevel.NONE.getIntValue();
    roleAcl.setAccessLevel(levelInt);

    /* save */
    roleAcl.save(); // may throw DBException
  }
示例#3
0
 /* return Role access level */
 public static AccessLevel getAccessLevel(Role role, String aclId, AccessLevel dftAccess) {
   if (role == null) {
     return dftAccess;
   } else if (StringTools.isBlank(aclId)) {
     return dftAccess;
   } else {
     try {
       RoleAcl roleAcl = RoleAcl.getRoleAcl(role, aclId); // may throw DBException
       if (roleAcl != null) {
         return RoleAcl.getAccessLevel(roleAcl);
       } else {
         return dftAccess;
       }
     } catch (DBException dbe) {
       // error occurred
       return AccessLevel.NONE;
     }
   }
 }
示例#4
0
  /* Return specified role ACL, create if specified */
  public static RoleAcl getRoleAcl(Role role, String aclId, boolean create) throws DBException {
    // does not return null

    /* role specified? */
    if (role == null) {
      throw new DBNotFoundException("Role not specified.");
    }
    String acctId = role.getAccountID();
    String roleId = role.getRoleID();

    /* acl-id specified? */
    if (StringTools.isBlank(aclId)) {
      throw new DBNotFoundException("Acl-ID not specified.");
    }

    /* get/create role */
    RoleAcl roleAcl = null;
    RoleAcl.Key aclKey = new RoleAcl.Key(acctId, roleId, aclId);
    if (!aclKey.exists()) { // may throw DBException
      if (create) {
        roleAcl = aclKey.getDBRecord();
        roleAcl.setRole(role);
        roleAcl.setCreationDefaultValues();
        return roleAcl; // not yet saved!
      } else {
        throw new DBNotFoundException("Acl-ID does not exists '" + aclKey + "'");
      }
    } else if (create) {
      // we've been asked to create the Acl, and it already exists
      throw new DBAlreadyExistsException("Acl-ID already exists '" + aclKey + "'");
    } else {
      roleAcl = RoleAcl.getRoleAcl(role, aclId); // may throw DBException
      if (roleAcl == null) {
        throw new DBException("Unable to read existing Role-ID '" + aclKey + "'");
      }
      return roleAcl;
    }
  }
示例#5
0
  public static void main(String args[]) {
    DBConfig.cmdLineInit(args, true); // main
    String acctID = RTConfig.getString(ARG_ACCOUNT, "");
    String roleID = RTConfig.getString(ARG_ROLE, "");
    String aclID = RTConfig.getString(ARG_ACL, "");

    /* account-id specified? */
    if ((acctID == null) || acctID.equals("")) {
      Print.logError("Account-ID not specified.");
      usage();
    }

    /* get account */
    Account acct = null;
    try {
      acct = Account.getAccount(acctID); // may return DBException
      if (acct == null) {
        Print.logError("Account-ID does not exist: " + acctID);
        usage();
      }
    } catch (DBException dbe) {
      Print.logException("Error loading Account: " + acctID, dbe);
      // dbe.printException();
      System.exit(99);
    }

    /* role-id specified? */
    if ((roleID == null) || roleID.equals("")) {
      Print.logError("Role-ID not specified.");
      usage();
    }

    /* get role */
    Role role = null;
    try {
      role = Role.getRole(acct, roleID); // may return DBException
      if (role == null) {
        Print.logError("Role-ID does not exist: " + acctID + "/" + roleID);
        usage();
      }
    } catch (DBException dbe) {
      Print.logException("Error loading Role: " + acctID + "/" + roleID, dbe);
      // dbe.printException();
      System.exit(99);
    }

    /* RoleAcl exists? */
    boolean aclExists = false;
    if ((aclID != null) && !aclID.equals("")) {
      try {
        aclExists = RoleAcl.exists(acctID, roleID, aclID);
      } catch (DBException dbe) {
        Print.logError(
            "Error determining if RoleAcl exists: " + acctID + "/" + roleID + "/" + aclID);
        System.exit(99);
      }
    }

    /* option count */
    int opts = 0;

    /* list */
    if (RTConfig.getBoolean(ARG_LIST, false)) {
      opts++;
      try {
        String aclList[] = role.getAclsForRole();
        for (int i = 0; i < aclList.length; i++) {
          AccessLevel level = RoleAcl.getAccessLevel(role, aclList[i], AccessLevel.NONE);
          Print.sysPrintln("  " + aclList[i] + " ==> " + level);
        }
      } catch (DBException dbe) {
        Print.logError("Error getting Acl list: " + dbe);
        System.exit(99);
      }
      System.exit(0);
    }

    /* delete */
    if (RTConfig.getBoolean(ARG_DELETE, false) && !acctID.equals("") && !roleID.equals("")) {
      opts++;
      if (!aclExists) {
        Print.logWarn("RoleAcl does not exist: " + acctID + "/" + roleID + "/" + aclID);
        Print.logWarn("Continuing with delete process ...");
      }
      try {
        RoleAcl.Key aclKey = new RoleAcl.Key(acctID, roleID, aclID);
        aclKey.delete(true); // also delete dependencies
        Print.logInfo("RoleAcl deleted: " + acctID + "/" + roleID + "/" + aclID);
      } catch (DBException dbe) {
        Print.logError("Error deleting RoleAcl: " + acctID + "/" + roleID + "/" + aclID);
        dbe.printException();
        System.exit(99);
      }
      System.exit(0);
    }

    /* create */
    if (RTConfig.getBoolean(ARG_CREATE, false)) {
      opts++;
      if (aclExists) {
        Print.logWarn("RoleAcl already exists: " + acctID + "/" + roleID + "/" + aclID);
      } else {
        try {
          RoleAcl.createNewRoleAcl(role, aclID);
          Print.logInfo("Created RoleAcl: " + acctID + "/" + roleID + "/" + aclID);
          aclExists = true;
        } catch (DBException dbe) {
          Print.logError("Error creating RoleAcl: " + acctID + "/" + roleID + "/" + aclID);
          dbe.printException();
          System.exit(99);
        }
      }
    }

    /* set */
    if (RTConfig.hasProperty(ARG_SET)) {
      opts++;
      AccessLevel aclLevel = EnumTools.getValueOf(AccessLevel.class, RTConfig.getInt(ARG_SET, -1));
      try {
        RoleAcl.setAccessLevel(role, aclID, aclLevel);
        Print.logInfo(
            "Set RoleAcl '" + acctID + "/" + roleID + "/" + aclID + "' to level " + aclLevel);
      } catch (DBException dbe) {
        Print.logError("Error setting RoleAcl: " + acctID + "/" + roleID + "/" + aclID);
        dbe.printException();
        System.exit(99);
      }
      System.exit(0);
    }

    /* edit */
    if (RTConfig.getBoolean(ARG_EDIT, false)) {
      opts++;
      if (!aclExists) {
        Print.logError("RoleAcl does not exist: " + acctID + "/" + roleID + "/" + aclID);
      } else {
        try {
          RoleAcl roleAcl = RoleAcl.getRoleAcl(role, aclID, false); // may throw DBException
          DBEdit editor = new DBEdit(roleAcl);
          editor.edit(); // may throw IOException
        } catch (IOException ioe) {
          if (ioe instanceof EOFException) {
            Print.logError("End of input");
          } else {
            Print.logError("IO Error");
          }
        } catch (DBException dbe) {
          Print.logError("Error editing RoleAcl: " + acctID + "/" + roleID + "/" + aclID);
          dbe.printException();
        }
      }
      System.exit(0);
    }

    /* no options specified */
    if (opts == 0) {
      Print.logWarn("Missing options ...");
      usage();
    }
  }