mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/resource/admin/admin.xsd
@@ -1144,6 +1144,14 @@ </xsd:annotation> <xsd:complexType /> </xsd:element> <xsd:element name="aci"> <xsd:annotation> <xsd:documentation> Used for properties which contain dseecompat ACIs. </xsd:documentation> </xsd:annotation> <xsd:complexType /> </xsd:element> <xsd:element name="java-class"> <xsd:annotation> <xsd:documentation> opends/resource/admin/property-types.xsl
@@ -49,6 +49,7 @@ <xsl:include href="property-types/ip-address-mask.xsl" /> <xsl:include href="property-types/ip-address.xsl" /> <xsl:include href="property-types/java-class.xsl" /> <xsl:include href="property-types/aci.xsl" /> <xsl:include href="property-types/oid.xsl" /> <xsl:include href="property-types/password.xsl" /> <xsl:include href="property-types/size.xsl" /> opends/resource/admin/property-types/aci.xsl
New file @@ -0,0 +1,41 @@ <!-- ! CDDL HEADER START ! ! The contents of this file are subject to the terms of the ! Common Development and Distribution License, Version 1.0 only ! (the "License"). You may not use this file except in compliance ! with the License. ! ! You can obtain a copy of the license at ! trunk/opends/resource/legal-notices/OpenDS.LICENSE ! or https://OpenDS.dev.java.net/OpenDS.LICENSE. ! See the License for the specific language governing permissions ! and limitations under the License. ! ! When distributing Covered Code, include this CDDL HEADER in each ! file and include the License file at ! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, ! add the following below this CDDL HEADER, with the fields enclosed ! by brackets "[]" replaced with your own identifying information: ! Portions Copyright [yyyy] [name of copyright owner] ! ! CDDL HEADER END ! ! ! Portions Copyright 2007 Sun Microsystems, Inc. ! --> <xsl:stylesheet version="1.0" xmlns:adm="http://www.opends.org/admin" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <!-- Templates for processing dseecompat ACI. --> <xsl:template match="adm:aci" mode="java-value-imports"> <import>org.opends.server.authorization.dseecompat.Aci</import> </xsl:template> <xsl:template match="adm:aci" mode="java-value-type"> <xsl:value-of select="'Aci'" /> </xsl:template> <xsl:template match="adm:aci" mode="java-definition-type"> <xsl:value-of select="'ACIPropertyDefinition'" /> </xsl:template> </xsl:stylesheet> opends/src/admin/defn/org/opends/server/admin/std/DseeCompatAccessControlHandlerConfiguration.xml
@@ -75,7 +75,7 @@ </adm:alias> </adm:default-behavior> <adm:syntax> <adm:string /> <adm:aci /> </adm:syntax> <adm:profile name="ldap"> <ldap:attribute> opends/src/server/org/opends/server/admin/ACIPropertyDefinition.java
New file @@ -0,0 +1,151 @@ /* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License, Version 1.0 only * (the "License"). You may not use this file except in compliance * with the License. * * You can obtain a copy of the license at * trunk/opends/resource/legal-notices/OpenDS.LICENSE * or https://OpenDS.dev.java.net/OpenDS.LICENSE. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, * add the following below this CDDL HEADER, with the fields enclosed * by brackets "[]" replaced with your own identifying information: * Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END * * * Portions Copyright 2007 Sun Microsystems, Inc. */ package org.opends.server.admin; import org.opends.server.authorization.dseecompat.Aci; import org.opends.server.authorization.dseecompat.AciException; import org.opends.server.types.DN; import static org.opends.server.util.Validator.ensureNotNull; import org.opends.server.protocols.asn1.ASN1OctetString; import java.util.EnumSet; /** * ACI property definition. */ public class ACIPropertyDefinition extends PropertyDefinition<Aci> { /** * An interface for incrementally constructing ACI property * definitions. */ public static class Builder extends AbstractBuilder<Aci, ACIPropertyDefinition> { // Private constructor private Builder( AbstractManagedObjectDefinition<?, ?> d, String propertyName) { super(d, propertyName); } /** * {@inheritDoc} */ @Override protected ACIPropertyDefinition buildInstance( AbstractManagedObjectDefinition<?, ?> d, String propertyName, EnumSet<PropertyOption> options, AdministratorAction adminAction, DefaultBehaviorProvider<Aci> defaultBehavior) { return new ACIPropertyDefinition(d, propertyName, options, adminAction, defaultBehavior); } } /** * Create a ACI property definition builder. * * @param d * The managed object definition associated with this * property definition. * @param propertyName * The property name. * @return Returns the new ACI property definition builder. */ public static Builder createBuilder( AbstractManagedObjectDefinition<?, ?> d, String propertyName) { return new Builder(d, propertyName); } // Private constructor. private ACIPropertyDefinition( AbstractManagedObjectDefinition<?, ?> d, String propertyName, EnumSet<PropertyOption> options, AdministratorAction adminAction, DefaultBehaviorProvider<Aci> defaultBehavior) { super(d, Aci.class, propertyName, options, adminAction, defaultBehavior); } /** * {@inheritDoc} */ @Override public void validateValue(Aci value) throws IllegalPropertyValueException { ensureNotNull(value); // No additional validation required. } /** * {@inheritDoc} */ @Override public Aci decodeValue(String value) throws IllegalPropertyValueStringException { ensureNotNull(value); try { return Aci.decode(new ASN1OctetString(value), DN.NULL_DN); } catch (AciException e) { // TODO: it would be nice to throw the cause. throw new IllegalPropertyValueStringException(this, value); } } /** * {@inheritDoc} */ @Override public <R, P> R accept(PropertyDefinitionVisitor<R, P> v, P p) { return v.visitACI(this, p); } /** * {@inheritDoc} */ @Override public <R, P> R accept(PropertyValueVisitor<R, P> v, Aci value, P p) { return v.visitACI(this, value, p); } /** * {@inheritDoc} */ @Override public int compare(Aci o1, Aci o2) { return o1.toString().compareTo(o2.toString()); } } opends/src/server/org/opends/server/admin/PropertyDefinitionUsageBuilder.java
@@ -88,7 +88,14 @@ return Message.raw("OID"); } /** * {@inheritDoc} */ @Override public Message visitACI(ACIPropertyDefinition d, Void p) { return Message.raw("ACI"); } /** * {@inheritDoc} opends/src/server/org/opends/server/admin/PropertyDefinitionVisitor.java
@@ -223,6 +223,19 @@ } /** * Visit a dseecompat Global ACI property definition. * * @param d * The Global ACI property definition to visit. * @param p * A visitor specified parameter. * @return Returns a visitor specified result. */ public R visitACI(ACIPropertyDefinition d, P p) { return visitUnknown(d, p); } /** * Visit a size property definition. opends/src/server/org/opends/server/admin/PropertyValueVisitor.java
@@ -34,7 +34,7 @@ import org.opends.server.types.AddressMask; import org.opends.server.types.AttributeType; import org.opends.server.types.DN; import org.opends.server.authorization.dseecompat.Aci; /** @@ -255,6 +255,23 @@ } /** * Visit a dseecompat ACI. * * @param d * The dseecompat ACI property definition. * @param v * The property value to visit. * @param p * A visitor specified parameter. * @return Returns a visitor specified result. */ public R visitACI(ACIPropertyDefinition d, Aci v, P p) { return visitUnknown(d, v, p); } /** * Visit a size. opends/src/server/org/opends/server/authorization/dseecompat/Aci.java
@@ -387,7 +387,7 @@ * @return A string representation of the ACI. */ public String toString() { return aciString; return new String(aciString); } /** opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java
@@ -231,26 +231,12 @@ private void processGlobalAcis( DseeCompatAccessControlHandlerCfg configuration) throws InitializationException { LinkedList<Message>failedACIMsgs=new LinkedList<Message>(); SortedSet<String> globalAci = configuration.getGlobalACI(); SortedSet<Aci> globalAcis = configuration.getGlobalACI(); try { if (globalAci != null) { LinkedHashSet<AttributeValue> attVals = new LinkedHashSet<AttributeValue>(globalAci.size()); for (String aci : globalAci) { attVals.add(new AttributeValue(globalAciType,aci)); } Attribute attr = new Attribute(globalAciType, globalAciType.toString(), attVals); Entry e = new Entry(configuration.dn(), null, null, null); e.addAttribute(attr, new ArrayList<AttributeValue>()); int aciCount = aciList.addAci(e, false, true, failedACIMsgs); if(!failedACIMsgs.isEmpty()) aciListenerMgr.logMsgsSetLockDownMode(failedACIMsgs); if (globalAcis != null) { aciList.addAci(DN.nullDN(),globalAcis); Message message = INFO_ACI_ADD_LIST_GLOBAL_ACIS.get( Integer.toString(aciCount)); Integer.toString(globalAcis.size())); logError(message); } else { Message message = INFO_ACI_ADD_LIST_NO_GLOBAL_ACIS.get(); opends/src/server/org/opends/server/authorization/dseecompat/AciList.java
@@ -159,6 +159,19 @@ } /** * Add a set of ACIs to the ACI list. This is usually used a startup, when * global ACIs are processed. * * @param dn The DN to add the ACIs under. * * @param acis A set of ACIs to add to the ACI list. * */ public synchronized void addAci(DN dn, SortedSet<Aci> acis) { aciList.put(dn, new LinkedList<Aci>(acis)); } /** * Add all of an entry's ACI (global or regular) attribute values to the * ACI list. * @param entry The entry containing the ACI attributes.
