directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cp...@apache.org
Subject [13/43] directory-fortress-core git commit: added basic permission attribute creation and retrieval
Date Thu, 06 Oct 2016 17:49:30 GMT
added basic permission attribute creation and retrieval


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/51331f84
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/51331f84
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/51331f84

Branch: refs/heads/master
Commit: 51331f8440b19389d43d792f53f410c12f4ecd36
Parents: 2c69679
Author: clp207 <clp207@psu.edu>
Authored: Mon Jan 25 22:07:04 2016 -0500
Committer: clp207 <clp207@psu.edu>
Committed: Wed Mar 30 15:44:22 2016 -0400

----------------------------------------------------------------------
 .../directory/fortress/core/AdminMgr.java       |   5 +
 .../directory/fortress/core/GlobalErrIds.java   |   5 +
 .../directory/fortress/core/GlobalIds.java      |   5 +
 .../directory/fortress/core/ReviewMgr.java      |  14 +-
 .../fortress/core/impl/AdminMgrImpl.java        |  12 ++
 .../directory/fortress/core/impl/PermDAO.java   |  81 +++++--
 .../directory/fortress/core/impl/PermP.java     |   8 +
 .../fortress/core/impl/ReviewMgrImpl.java       |  18 ++
 .../fortress/core/model/ComparisonOperator.java |  48 +++++
 .../fortress/core/model/ObjectFactory.java      |   8 +
 .../fortress/core/model/Permission.java         |  34 ++-
 .../core/model/PermissionAttribute.java         | 210 +++++++++++++++++++
 .../fortress/core/rest/AdminMgrRestImpl.java    |  13 +-
 .../fortress/core/rest/ReviewMgrRestImpl.java   |  22 +-
 14 files changed, 453 insertions(+), 30 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/AdminMgr.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/AdminMgr.java b/src/main/java/org/apache/directory/fortress/core/AdminMgr.java
index 2eb56c9..c81f1c6 100755
--- a/src/main/java/org/apache/directory/fortress/core/AdminMgr.java
+++ b/src/main/java/org/apache/directory/fortress/core/AdminMgr.java
@@ -22,6 +22,7 @@ package org.apache.directory.fortress.core;
 
 import org.apache.directory.fortress.core.model.PermObj;
 import org.apache.directory.fortress.core.model.Permission;
+import org.apache.directory.fortress.core.model.PermissionAttribute;
 import org.apache.directory.fortress.core.model.Role;
 import org.apache.directory.fortress.core.model.SDSet;
 import org.apache.directory.fortress.core.model.User;
@@ -510,6 +511,10 @@ public interface AdminMgr extends Manageable
     Permission addPermission( Permission perm )
         throws SecurityException;
 
+    
+    //TODO: fill the documentation in
+    PermissionAttribute addPermissionAttribute( PermissionAttribute permAttribute )
+    	throws SecurityException;
 
     /**
      * This method will update permission operation pre-existing in target directory under


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/GlobalErrIds.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/GlobalErrIds.java b/src/main/java/org/apache/directory/fortress/core/GlobalErrIds.java
index 363bb37..a0f6f7e 100755
--- a/src/main/java/org/apache/directory/fortress/core/GlobalErrIds.java
+++ b/src/main/java/org/apache/directory/fortress/core/GlobalErrIds.java
@@ -1655,4 +1655,9 @@ public final class GlobalErrIds
      * The supplied group protocol name failed length check.
      */
     public static final int GROUP_PROTOCOL_INVLD = 10313;
+    
+    /**
+     * The supplied Permission Attribute could not be added to ldap server.
+     */
+    public static final int PERM_ATTR_ADD_FAILED = 10314;
 }

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
index 51bb710..4ca88fe 100755
--- a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
+++ b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
@@ -528,4 +528,9 @@ public final class GlobalIds
      */
     public static final String ALL = "all";
     public static final String NULL = "null";
+    
+    /**
+     * The ftPA field contains attributes and associated metadata for permissions.
+     */
+    public static final String FT_PERMISSION_ATTRIBUTE = "ftPA";
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/ReviewMgr.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/ReviewMgr.java b/src/main/java/org/apache/directory/fortress/core/ReviewMgr.java
index 0f73fc2..7205a86 100755
--- a/src/main/java/org/apache/directory/fortress/core/ReviewMgr.java
+++ b/src/main/java/org/apache/directory/fortress/core/ReviewMgr.java
@@ -20,17 +20,18 @@
 package org.apache.directory.fortress.core;
 
 
+import java.util.List;
+import java.util.Set;
+
 import org.apache.directory.fortress.core.model.OrgUnit;
-import org.apache.directory.fortress.core.model.Permission;
 import org.apache.directory.fortress.core.model.PermObj;
+import org.apache.directory.fortress.core.model.Permission;
+import org.apache.directory.fortress.core.model.PermissionAttribute;
 import org.apache.directory.fortress.core.model.Role;
 import org.apache.directory.fortress.core.model.SDSet;
 import org.apache.directory.fortress.core.model.User;
 import org.apache.directory.fortress.core.model.UserRole;
 
-import java.util.List;
-import java.util.Set;
-
 
 /**
  * This interface prescribes the administrative review functions on already provisioned Fortress
RBAC entities
@@ -439,7 +440,10 @@ public interface ReviewMgr extends Manageable
     List<Permission> rolePermissions( Role role, boolean noInheritance )
         throws SecurityException;
 
-
+    //TODO: add documentation
+    Set<PermissionAttribute> rolePermissionAttributes( Role role, boolean noInhertiance
)
+    	throws SecurityException;
+    
     /**
      * This function returns the set of permissions a given user gets through his/her authorized
      * roles. The function is valid if and only if the user is a member of the USERS data
set.

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/impl/AdminMgrImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/AdminMgrImpl.java b/src/main/java/org/apache/directory/fortress/core/impl/AdminMgrImpl.java
index 2326d2b..66ef1fa 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/AdminMgrImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/AdminMgrImpl.java
@@ -34,6 +34,7 @@ import org.apache.directory.fortress.core.model.ConstraintUtil;
 import org.apache.directory.fortress.core.model.Hier;
 import org.apache.directory.fortress.core.model.PermObj;
 import org.apache.directory.fortress.core.model.Permission;
+import org.apache.directory.fortress.core.model.PermissionAttribute;
 import org.apache.directory.fortress.core.model.Relationship;
 import org.apache.directory.fortress.core.model.Role;
 import org.apache.directory.fortress.core.model.SDSet;
@@ -365,6 +366,17 @@ public final class AdminMgrImpl extends Manageable implements AdminMgr,
Serializ
         return permP.add( perm );
     }
 
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public PermissionAttribute addPermissionAttribute( PermissionAttribute permAttribute
) throws SecurityException
+    {
+        String methodName = "addPermissionAttribute";
+        assertContext( CLS_NM, methodName, permAttribute, GlobalErrIds.PERM_OPERATION_NULL
);
+        setEntitySession( CLS_NM, methodName, permAttribute );
+        return permP.add( permAttribute );
+    }    
 
     /**
      * {@inheritDoc}

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/impl/PermDAO.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/PermDAO.java b/src/main/java/org/apache/directory/fortress/core/impl/PermDAO.java
index 31b2f3a..67ed958 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/PermDAO.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/PermDAO.java
@@ -22,6 +22,7 @@ package org.apache.directory.fortress.core.impl;
 
 import java.io.UnsupportedEncodingException;
 import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
 
@@ -42,23 +43,24 @@ import org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueEx
 import org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException;
 import org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException;
 import org.apache.directory.api.ldap.model.message.SearchScope;
+import org.apache.directory.fortress.core.CreateException;
+import org.apache.directory.fortress.core.FinderException;
+import org.apache.directory.fortress.core.GlobalErrIds;
+import org.apache.directory.fortress.core.GlobalIds;
+import org.apache.directory.fortress.core.RemoveException;
+import org.apache.directory.fortress.core.UpdateException;
+import org.apache.directory.fortress.core.ldap.ApacheDsDataProvider;
 import org.apache.directory.fortress.core.model.AdminRole;
+import org.apache.directory.fortress.core.model.ObjectFactory;
 import org.apache.directory.fortress.core.model.OrgUnit;
 import org.apache.directory.fortress.core.model.PermObj;
 import org.apache.directory.fortress.core.model.Permission;
+import org.apache.directory.fortress.core.model.PermissionAttribute;
+import org.apache.directory.fortress.core.model.PropUtil;
 import org.apache.directory.fortress.core.model.Role;
 import org.apache.directory.fortress.core.model.Session;
 import org.apache.directory.fortress.core.model.User;
-import org.apache.directory.fortress.core.model.PropUtil;
 import org.apache.directory.ldap.client.api.LdapConnection;
-import org.apache.directory.fortress.core.CreateException;
-import org.apache.directory.fortress.core.FinderException;
-import org.apache.directory.fortress.core.GlobalErrIds;
-import org.apache.directory.fortress.core.GlobalIds;
-import org.apache.directory.fortress.core.model.ObjectFactory;
-import org.apache.directory.fortress.core.RemoveException;
-import org.apache.directory.fortress.core.UpdateException;
-import org.apache.directory.fortress.core.ldap.ApacheDsDataProvider;
 
 
 /**
@@ -182,6 +184,7 @@ final class PermDAO extends ApacheDsDataProvider
     private static final String PERM_NAME = "ftPermName";
     private static final String ROLES = "ftRoles";
     private static final String USERS = "ftUsers";
+    private static final String PERMISSION_ATTRIBUTE = "ftPA";
     private static final String[] PERMISSION_OP_ATRS =
         {
             GlobalIds.FT_IID,
@@ -194,7 +197,8 @@ final class PermDAO extends ApacheDsDataProvider
             TYPE,
             ROLES,
             USERS,
-            GlobalIds.PROPS
+            GlobalIds.PROPS,
+            PERMISSION_ATTRIBUTE
     };
 
     private static final String[] PERMISION_OBJ_ATRS =
@@ -202,8 +206,7 @@ final class PermDAO extends ApacheDsDataProvider
             GlobalIds.FT_IID, GlobalIds.POBJ_NAME, SchemaConstants.DESCRIPTION_AT, SchemaConstants.OU_AT,
TYPE,
             GlobalIds.PROPS
     };
-
-
+    
     /**
      * @param entity
      * @return
@@ -445,7 +448,39 @@ final class PermDAO extends ApacheDsDataProvider
         return entity;
     }
 
+    
+    //TODO: add documentation
+    PermissionAttribute createPermissionAttribute( PermissionAttribute entity ) throws CreateException
+    {
+        LdapConnection ld = null;
+        String dn = getDn( new Permission(entity.getObjName(), entity.getOpName()) , entity.getContextId()
);
 
+        try
+        {
+            List<Modification> mods = new ArrayList<Modification>();
+            mods.add( new DefaultModification(
+                ModificationOperation.ADD_ATTRIBUTE, PERMISSION_ATTRIBUTE, entity.toFtPAString())
);
+            ld = getAdminConnection();
+            modify( ld, dn, mods, entity );
+            
+            //TODO: make sure not adding same attribute twice...
+        }
+        catch ( LdapException e )
+        {
+            String error = "create perm attribute [" + entity.getObjName() + "] operation
["
+                + entity.getOpName() + "] name [" + entity.getAttributeName() + "] caught
LdapException="
+                + e.getMessage();
+            throw new CreateException( GlobalErrIds.PERM_ATTR_ADD_FAILED, error, e );
+        }
+        finally
+        {
+            closeAdminConnection( ld );
+        }
+        
+        //TODO: need to do anything to returned entity?
+        return entity;
+    }
+    
     /**
      * @param entity
      * @return
@@ -1024,8 +1059,9 @@ final class PermDAO extends ApacheDsDataProvider
         entity.setUsers( getAttributeSet( le, USERS ) );
         entity.setType( getAttribute( le, TYPE ) );
         entity.setDescription( getAttribute( le, SchemaConstants.DESCRIPTION_AT ) );
-        entity.addProperties( PropUtil.getProperties( getAttributes( le, GlobalIds.PROPS
) ) );
+        entity.addProperties( PropUtil.getProperties( getAttributes( le, GlobalIds.PROPS
) ) );        
         entity.setAdmin( isAdmin );
+        entity.setAttributes( unloadPermissionAttributes(le) );
 
         if ( le != null )
         {
@@ -1058,7 +1094,26 @@ final class PermDAO extends ApacheDsDataProvider
         return entity;
     }
 
+    private Set<PermissionAttribute> unloadPermissionAttributes( Entry entry )
+    {
+        Set<PermissionAttribute> permAttributes = null;
+        List<String> ftPAs = getAttributes( entry, GlobalIds.FT_PERMISSION_ATTRIBUTE
);
+
+        if ( ftPAs != null )
+        {
+        	permAttributes = new HashSet<PermissionAttribute>();
 
+            for ( String raw : ftPAs )
+            {
+                PermissionAttribute permAttribute = new ObjectFactory().createPermissionAttribute();
+                permAttribute.load( raw );
+                permAttributes.add( permAttribute );
+            }
+        }
+
+        return permAttributes;
+    }
+    
     /**
      * @param permission
      * @return

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/impl/PermP.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/PermP.java b/src/main/java/org/apache/directory/fortress/core/impl/PermP.java
index d806b60..c1738c7 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/PermP.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/PermP.java
@@ -33,6 +33,7 @@ import org.apache.directory.fortress.core.model.AdminRole;
 import org.apache.directory.fortress.core.model.OrgUnit;
 import org.apache.directory.fortress.core.model.PermObj;
 import org.apache.directory.fortress.core.model.Permission;
+import org.apache.directory.fortress.core.model.PermissionAttribute;
 import org.apache.directory.fortress.core.model.Role;
 import org.apache.directory.fortress.core.model.Session;
 import org.apache.directory.fortress.core.model.User;
@@ -366,6 +367,13 @@ final class PermP
         validate( entity, false );
         return pDao.createOperation( entity );
     }
+    
+    //TODO: add documentation
+    PermissionAttribute add( PermissionAttribute entity ) throws SecurityException
+    {
+        //TODO: add validation
+        return pDao.createPermissionAttribute( entity );
+    }
 
 
     /**

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/impl/ReviewMgrImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/ReviewMgrImpl.java b/src/main/java/org/apache/directory/fortress/core/impl/ReviewMgrImpl.java
index 83dc671..12190c7 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/ReviewMgrImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/ReviewMgrImpl.java
@@ -32,6 +32,7 @@ import org.apache.directory.fortress.core.SecurityException;
 import org.apache.directory.fortress.core.model.OrgUnit;
 import org.apache.directory.fortress.core.model.PermObj;
 import org.apache.directory.fortress.core.model.Permission;
+import org.apache.directory.fortress.core.model.PermissionAttribute;
 import org.apache.directory.fortress.core.model.Role;
 import org.apache.directory.fortress.core.model.SDSet;
 import org.apache.directory.fortress.core.model.User;
@@ -403,6 +404,23 @@ public class ReviewMgrImpl extends Manageable implements ReviewMgr, Serializable
         checkAccess(CLS_NM, methodName);
         return permP.search( role, noInheritance );
     }
+    
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public Set<PermissionAttribute> rolePermissionAttributes( Role role, boolean noInhertiance
)
+    	throws SecurityException
+    {
+    	Set<PermissionAttribute> permAttributes = new HashSet<PermissionAttribute>();
+    	
+    	List<Permission> permissions = this.rolePermissions(role, noInhertiance);
+    	for(Permission perm : permissions){
+    		permAttributes.addAll(perm.getAttributes());
+    	}
+    	
+    	return permAttributes;
+    }
 
     /**
      * {@inheritDoc}

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/model/ComparisonOperator.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/model/ComparisonOperator.java
b/src/main/java/org/apache/directory/fortress/core/model/ComparisonOperator.java
new file mode 100644
index 0000000..2cb88b4
--- /dev/null
+++ b/src/main/java/org/apache/directory/fortress/core/model/ComparisonOperator.java
@@ -0,0 +1,48 @@
+package org.apache.directory.fortress.core.model;
+
+import java.util.EnumSet;
+import java.util.HashMap;
+import java.util.Map;
+
+public enum ComparisonOperator {
+
+	EQUALS("eq"),
+	NOT_EQUALS("neq"),
+	GREATER_THAN("gt"),
+	GREATER_THAN_OR_EQUAL_TO("gte"),
+	LESS_THAN("lt"),
+	LESS_THAN_OR_EQUAL_TO("lte");
+
+	private final String name;       
+	private static Map<String, ComparisonOperator> reverseLookup_ = new HashMap<String,
ComparisonOperator>();
+
+	static
+	{
+		EnumSet<ComparisonOperator> es = EnumSet.allOf(ComparisonOperator.class);
+
+		for (ComparisonOperator co : es)
+		{
+			reverseLookup_.put(co.toString(), co);
+		}
+	}
+
+	
+	private ComparisonOperator(String s) {
+		name = s;
+	}
+
+	public static ComparisonOperator fromName(String name)
+	{
+		if (name != null)
+		{
+			return reverseLookup_.get(name.trim());
+		}
+
+		return null;
+	}
+	
+	public String toString() {
+		return this.name;
+	}
+	
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/model/ObjectFactory.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/model/ObjectFactory.java b/src/main/java/org/apache/directory/fortress/core/model/ObjectFactory.java
index 58294da..f98f9d6 100755
--- a/src/main/java/org/apache/directory/fortress/core/model/ObjectFactory.java
+++ b/src/main/java/org/apache/directory/fortress/core/model/ObjectFactory.java
@@ -586,4 +586,12 @@ public class ObjectFactory
     {
         return new Warning( id, msg, type, name );
     }
+    
+    /**
+     * Create an instance of {@link org.apache.directory.fortress.core.model.PermissionAttribute}
+     */
+    public PermissionAttribute createPermissionAttribute()
+    {
+        return new PermissionAttribute();
+    }
 }

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/model/Permission.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/model/Permission.java b/src/main/java/org/apache/directory/fortress/core/model/Permission.java
index 53e30da..4974627 100755
--- a/src/main/java/org/apache/directory/fortress/core/model/Permission.java
+++ b/src/main/java/org/apache/directory/fortress/core/model/Permission.java
@@ -20,10 +20,9 @@
 package org.apache.directory.fortress.core.model;
 
 
-import org.apache.commons.lang.StringUtils;
-
 import java.io.Serializable;
 import java.util.Enumeration;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Properties;
 import java.util.Set;
@@ -36,6 +35,8 @@ import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
 import javax.xml.bind.annotation.XmlType;
 
+import org.apache.commons.lang.StringUtils;
+
 
 /*
 ## OC2: Fortress Permission Structural Object Class
@@ -280,7 +281,8 @@ public class Permission extends FortEntity implements Serializable
     private Set<String> roles;
     @XmlElement(nillable = true)
     private Set<String> users;
-
+    @XmlElement(nillable = true)
+    private Set<PermissionAttribute> attributes;
 
     /**
      * This constructor is commonly used to create Permission that is a target for authorization
API.
@@ -674,6 +676,32 @@ public class Permission extends FortEntity implements Serializable
         this.props = value;
     }
 
+    /**
+     * Return the collection of optional Attributes that have been loaded into this entity.
 This is stored as a multi-occurring
+     * attribute of ftPA entries on the 'ftOperation' object class.
+     *
+     * @return Set containing the roles which maps to 'ftRoles' attribute in 'ftOperation'
object class.
+     */
+    public Set<PermissionAttribute> getAttributes()
+    {
+    	if(this.attributes == null){
+    		attributes = new HashSet<PermissionAttribute>();
+    	}
+    	
+        return this.attributes;
+    }
+
+
+    /**
+     * Set the collection of optional Attributes that have been loaded into this entity.
 This is stored as a multi-occurring
+     * attribute of ftPAs on the 'ftOperation' object class.
+     *
+     * @param attributes maps to 'ftPA' attribute in 'ftOperation' object class.
+     */
+    public void setAttributes( Set<PermissionAttribute> attributes )
+    {
+        this.attributes = attributes;
+    }
 
     /**
      * Add name/value pair to list of properties associated with Permission.  These values
are not constrained by Fortress.

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/model/PermissionAttribute.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/model/PermissionAttribute.java
b/src/main/java/org/apache/directory/fortress/core/model/PermissionAttribute.java
new file mode 100644
index 0000000..a69d92f
--- /dev/null
+++ b/src/main/java/org/apache/directory/fortress/core/model/PermissionAttribute.java
@@ -0,0 +1,210 @@
+package org.apache.directory.fortress.core.model;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
+
+import org.apache.commons.lang.StringUtils;
+
+//AccountId?dataType=int&required=true&validValues=SELF,ANY,int&comparator=equals&default=SELF
+
+@XmlRootElement(name = "ftPA")
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "permission", propOrder =
+    {
+        "opName",
+        "objName",
+        "required",
+        "operator",
+        "dataType",
+        "validValues",
+        "defaultValue"
+})
+public class PermissionAttribute extends FortEntity implements Serializable {
+
+    /** Default serialVersionUID */
+    private static final long serialVersionUID = 1L;
+    
+    private static final String REQUIRED_PARAM_NAME = "required";
+    private static final String OPERATOR_PARAM_NAME = "operator";
+    private static final String DATA_TYPE_PARAM_NAME = "dataType";
+    private static final String VALID_VALUES_PARAM_NAME = "validValues";
+    private static final String DEFAULT_VALUE_PARAM_NAME = "defaultValue";
+    
+    private String opName;
+    private String objName;
+    private String attributeName;
+    private Boolean required;
+    private ComparisonOperator operator;
+    //TODO: make this an enum?
+    private String dataType;
+    //TODO: should this be an enum?
+    private List<String> validValues;
+    private String defaultValue;
+    
+    public PermissionAttribute(String objName, String opName )
+    {
+        this.objName = objName;
+        this.opName = opName;
+    }
+    
+    public PermissionAttribute(){
+    	
+    }
+    
+    public String toFtPAString(){
+    	String ftPA = attributeName + "?";
+    	
+    	List<String> qualifiers = new ArrayList<String>();    	
+    	
+    	if(required != null){
+    		qualifiers.add(REQUIRED_PARAM_NAME + "=" + String.valueOf(required));
+    	}
+    	if(operator != null){
+    		qualifiers.add(OPERATOR_PARAM_NAME + "=" + operator);
+    	}
+    	if(dataType != null){
+    		qualifiers.add(DATA_TYPE_PARAM_NAME + "=" + dataType);
+    	}
+    	if(validValues != null && validValues.size() > 0){    		    		
+    		qualifiers.add(VALID_VALUES_PARAM_NAME + "=" + StringUtils.join(validValues, ","));
+    	}
+    	if(defaultValue != null){
+    		qualifiers.add(DEFAULT_VALUE_PARAM_NAME + "=" + defaultValue);
+    	}
+    		
+    	ftPA += StringUtils.join(qualifiers, "&");
+    	
+    	return ftPA;
+    }
+    
+	public Boolean getRequired() {
+		return required;
+	}
+	public void setRequired(Boolean required) {
+		this.required = required;
+	}
+	public ComparisonOperator getOperator() {
+		return operator;
+	}
+	public void setOperator(ComparisonOperator operator) {
+		this.operator = operator;
+	}
+	public String getDataType() {
+		return dataType;
+	}
+	public void setDataType(String dataType) {
+		this.dataType = dataType;
+	}
+	public List<String> getValidValues() {
+		return validValues;
+	}
+	public void setValidValues(List<String> validValues) {
+		this.validValues = validValues;
+	}
+	public String getDefaultValue() {
+		return defaultValue;
+	}
+	public void setDefaultValue(String defaultValue) {
+		this.defaultValue = defaultValue;
+	}
+	public String getOpName() {
+		return opName;
+	}
+	public void setOpName(String opName) {
+		this.opName = opName;
+	}
+	public String getObjName() {
+		return objName;
+	}
+	public void setObjName(String objName) {
+		this.objName = objName;
+	}
+	public String getAttributeName() {
+		return attributeName;
+	}
+	public void setAttributeName(String attributeName) {
+		this.attributeName = attributeName;
+	}
+	
+	/**
+     * This method loads PermissionAttribute entity instance variables with data that was
retrieved from the
+     * 'ftPA' attribute on the 'ftOperation' object class.
+     *
+     * @param szRawData contains a raw formatted String that maps to 'ftPA' attribute on
'ftOperation' object class
+     */
+    public void load( String szRawData )
+    {    	
+        if ( ( szRawData != null ) && ( szRawData.length() > 0 ) )
+        {
+            String[] data = StringUtils.split(szRawData, "?"); 
+            attributeName = data[0];
+            		
+            String[] parameters = data[1].split("&");
+            for (String param : parameters){
+            	String[] paramSplit = param.split("=");
+            	String name = paramSplit[0];
+            	String val = paramSplit[1];
+            	
+            	if(name.equals(REQUIRED_PARAM_NAME)){
+            		required = Boolean.parseBoolean(val);
+            	}
+            	if(name.equals(OPERATOR_PARAM_NAME)){
+            		operator = ComparisonOperator.fromName(val);
+            	}
+            	if(name.equals(DATA_TYPE_PARAM_NAME)){
+            		dataType = val;
+            	}
+            	if(name.equals(VALID_VALUES_PARAM_NAME)){
+            		validValues = Arrays.asList(val.split(","));
+            	}
+            	if(name.equals(DEFAULT_VALUE_PARAM_NAME)){
+            		defaultValue = val;
+            	}
+            	
+            }
+        }
+    }
+    
+    /**
+     * Matches the objName, opName and attributeName from two Permission entities.
+     *
+     * @param o contains a PermissionAttribute entity.
+     * @return boolean indicating both PermissionAttributes contain matching objName, opName,
and attributeName attributes.
+     */
+    @Override
+    public boolean equals(Object o)
+    {
+        if ( this == o )
+        {
+            return true;
+        }
+        if ( o == null || getClass() != o.getClass() )
+        {
+            return false;
+        }
+
+        PermissionAttribute that = ( PermissionAttribute ) o;
+        
+        if ( objName != null ? !objName.equalsIgnoreCase( that.objName ) : that.objName !=
null )
+        {
+            return false;
+        }
+        if ( opName != null ? !opName.equalsIgnoreCase( that.opName ) : that.opName != null
)
+        {
+            return false;
+        }
+        if ( attributeName != null ? !attributeName.equalsIgnoreCase( that.attributeName
) : that.attributeName != null )
+        {
+            return false;
+        }
+
+        return true;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java b/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
index f22f6f5..94bb53e 100644
--- a/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
@@ -21,19 +21,20 @@ package org.apache.directory.fortress.core.rest;
 
 
 import org.apache.directory.fortress.core.AdminMgr;
-import org.apache.directory.fortress.core.SecurityException;
 import org.apache.directory.fortress.core.GlobalErrIds;
+import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.core.impl.Manageable;
 import org.apache.directory.fortress.core.model.FortRequest;
 import org.apache.directory.fortress.core.model.FortResponse;
 import org.apache.directory.fortress.core.model.PermGrant;
 import org.apache.directory.fortress.core.model.PermObj;
 import org.apache.directory.fortress.core.model.Permission;
+import org.apache.directory.fortress.core.model.PermissionAttribute;
 import org.apache.directory.fortress.core.model.Role;
 import org.apache.directory.fortress.core.model.RoleRelationship;
 import org.apache.directory.fortress.core.model.SDSet;
 import org.apache.directory.fortress.core.model.User;
 import org.apache.directory.fortress.core.model.UserRole;
-import org.apache.directory.fortress.core.impl.Manageable;
 import org.apache.directory.fortress.core.util.VUtil;
 
 
@@ -1239,4 +1240,12 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
         }
         return retSet;
     }
+
+
+	@Override
+	public PermissionAttribute addPermissionAttribute(
+			PermissionAttribute permAttribute) throws SecurityException {
+		// TODO Auto-generated method stub
+		return null;
+	}
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/51331f84/src/main/java/org/apache/directory/fortress/core/rest/ReviewMgrRestImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rest/ReviewMgrRestImpl.java
b/src/main/java/org/apache/directory/fortress/core/rest/ReviewMgrRestImpl.java
index 0e7bfd5..77d8c01 100755
--- a/src/main/java/org/apache/directory/fortress/core/rest/ReviewMgrRestImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/rest/ReviewMgrRestImpl.java
@@ -19,26 +19,27 @@
  */
 package org.apache.directory.fortress.core.rest;
 
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
+import java.util.TreeSet;
+
 import org.apache.directory.fortress.core.GlobalErrIds;
 import org.apache.directory.fortress.core.ReviewMgr;
 import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.core.impl.Manageable;
 import org.apache.directory.fortress.core.model.FortRequest;
 import org.apache.directory.fortress.core.model.FortResponse;
-import org.apache.directory.fortress.core.impl.Manageable;
 import org.apache.directory.fortress.core.model.OrgUnit;
 import org.apache.directory.fortress.core.model.PermObj;
 import org.apache.directory.fortress.core.model.Permission;
+import org.apache.directory.fortress.core.model.PermissionAttribute;
 import org.apache.directory.fortress.core.model.Role;
 import org.apache.directory.fortress.core.model.SDSet;
 import org.apache.directory.fortress.core.model.User;
 import org.apache.directory.fortress.core.model.UserRole;
 import org.apache.directory.fortress.core.util.VUtil;
 
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Set;
-import java.util.TreeSet;
-
 /**
  * This class performs administrative review functions on already provisioned Fortress RBAC
entities using HTTP access to En Masse REST server.
  * These APIs map directly to similar named APIs specified by ANSI and NIST RBAC models.
@@ -759,7 +760,13 @@ public class ReviewMgrRestImpl extends Manageable implements ReviewMgr
         return retPerms;
     }
 
-
+	@Override
+	public Set<PermissionAttribute> rolePermissionAttributes(Role role,
+			boolean noInhertiance) throws SecurityException {
+		// TODO Auto-generated method stub
+		return null;
+	}
+    
     /**
      * {@inheritDoc}
      */
@@ -1245,4 +1252,5 @@ public class ReviewMgrRestImpl extends Manageable implements ReviewMgr
         }
         return retSet.getCardinality();
     }
+
 }
\ No newline at end of file


Mime
View raw message