From ed39262fa647434d4a0e31f07754a263ce2b16e3 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Fri, 09 Feb 2007 21:51:09 +0000
Subject: [PATCH] Add an initial set of privilege support to OpenDS.  The current privileges are currently defined and implemented: * config-read (allow reading the configuration) * config-write (allow updating the configuration) * ldif-import (allow invoking LDIF import tasks) * ldif-export (allow invoking LDIF export tasks) * backend-backup (allow invoking backup tasks) * backend-restore (allow invoking restore tasks) * server-shutdown (allow invoking server shutdown tasks) * server-restart (allow invoking server restart tasks) * server-restart (allow invoking server restart tasks) * password-reset (allow resetting user passwords) * update-schema (allow updating the server schema) * privilege-change (allow changing the set of privileges for a user)

---
 opends/src/server/org/opends/server/core/DirectoryServer.java |   23 ++++++++++++++++++++++-
 1 files changed, 22 insertions(+), 1 deletions(-)

diff --git a/opends/src/server/org/opends/server/core/DirectoryServer.java b/opends/src/server/org/opends/server/core/DirectoryServer.java
index cf95ab6..831cad5 100644
--- a/opends/src/server/org/opends/server/core/DirectoryServer.java
+++ b/opends/src/server/org/opends/server/core/DirectoryServer.java
@@ -146,6 +146,7 @@
 import org.opends.server.types.ObjectClassType;
 import org.opends.server.types.OperatingSystem;
 import org.opends.server.types.OperationType;
+import org.opends.server.types.Privilege;
 import org.opends.server.types.RDN;
 import org.opends.server.types.ResultCode;
 import org.opends.server.types.Schema;
@@ -473,6 +474,9 @@
   // The special backend used for the Directory Server root DSE.
   private RootDSEBackend rootDSEBackend;
 
+  // The root DN config manager for the server.
+  private RootDNConfigManager rootDNConfigManager;
+
   // The SASL mechanism config manager for the Directory Server.
   private SASLConfigManager saslConfigManager;
 
@@ -982,7 +986,8 @@
 
 
       // Initialize the root DNs.
-      new RootDNConfigManager().initializeRootDNs();
+      rootDNConfigManager = new RootDNConfigManager();
+      rootDNConfigManager.initializeRootDNs();
 
 
       // Initialize the group manager.
@@ -5007,6 +5012,22 @@
 
 
   /**
+   * Retrieves the set of privileges that should automatically be granted to
+   * root users when they authenticate.
+   *
+   * @return  The set of privileges that should automatically be granted to root
+   *          users when they authenticate.
+   */
+  public static Set<Privilege> getRootPrivileges()
+  {
+    assert debugEnter(CLASS_NAME, "getRootPrivileges");
+
+    return directoryServer.rootDNConfigManager.getRootPrivileges();
+  }
+
+
+
+  /**
    * Retrieves the DNs for the root users configured in the Directory Server.
    * Note that this set should only contain the actual DNs for the root users
    * and not any alternate DNs.  Also, the contents of the returned set must not

--
Gitblit v1.10.0