You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2022/07/27 21:41:52 UTC
[directory-site] branch master updated (97d77404 -> 9e6d37dc)
This is an automated email from the ASF dual-hosted git repository.
smckinney pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/directory-site.git
from 97d77404 remove extraneous optional params
new 30dd6a38 + imports into code sections
new 9e6d37dc + add/deletePermObj
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
source/fortress/user-guide.md | 8 +--
.../fortress/user-guide/4-fortress-code-samples.md | 2 +
source/fortress/user-guide/4.1-create-session.md | 8 ++-
source/fortress/user-guide/4.10-delete-user.md | 14 +++-
source/fortress/user-guide/4.11-add-permobj.md | 79 ++++++++++++++++++++++
source/fortress/user-guide/4.12-delete-permobj.md | 71 +++++++++++++++++++
source/fortress/user-guide/4.2-check-access.md | 6 ++
.../fortress/user-guide/4.3-session-permissions.md | 6 ++
source/fortress/user-guide/4.4-activate-role.md | 6 ++
source/fortress/user-guide/4.5-deactivate-role.md | 6 ++
source/fortress/user-guide/4.6-authorized-roles.md | 6 ++
source/fortress/user-guide/4.7-add-role.md | 8 +++
source/fortress/user-guide/4.8-delete-role.md | 6 ++
source/fortress/user-guide/4.9-add-user.md | 8 +++
14 files changed, 227 insertions(+), 7 deletions(-)
create mode 100644 source/fortress/user-guide/4.11-add-permobj.md
create mode 100644 source/fortress/user-guide/4.12-delete-permobj.md
[directory-site] 01/02: + imports into code sections
Posted by sm...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
smckinney pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/directory-site.git
commit 30dd6a3818c77d53aba201660fda4608aee06b87
Author: Shawn McKinney <sm...@symas.com>
AuthorDate: Wed Jul 27 16:33:41 2022 -0500
+ imports into code sections
---
source/fortress/user-guide/4.1-create-session.md | 6 ++++++
source/fortress/user-guide/4.10-delete-user.md | 14 ++++++++++++--
source/fortress/user-guide/4.2-check-access.md | 6 ++++++
source/fortress/user-guide/4.3-session-permissions.md | 6 ++++++
source/fortress/user-guide/4.4-activate-role.md | 6 ++++++
source/fortress/user-guide/4.5-deactivate-role.md | 6 ++++++
source/fortress/user-guide/4.6-authorized-roles.md | 6 ++++++
source/fortress/user-guide/4.7-add-role.md | 8 ++++++++
source/fortress/user-guide/4.8-delete-role.md | 6 ++++++
source/fortress/user-guide/4.9-add-user.md | 8 ++++++++
10 files changed, 70 insertions(+), 2 deletions(-)
diff --git a/source/fortress/user-guide/4.1-create-session.md b/source/fortress/user-guide/4.1-create-session.md
index b571122f..4e0840e2 100644
--- a/source/fortress/user-guide/4.1-create-session.md
+++ b/source/fortress/user-guide/4.1-create-session.md
@@ -36,6 +36,12 @@ Throws:
## Simple createSession
```java
+import org.apache.directory.fortress.core.AccessMgr;
+import org.apache.directory.fortress.core.AccessMgrFactory;
+import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.core.model.Session;
+import org.apache.directory.fortress.core.model.User;
+
@test
public void createSessionTest(String userId, String password)
{
diff --git a/source/fortress/user-guide/4.10-delete-user.md b/source/fortress/user-guide/4.10-delete-user.md
index 8343e721..20bf66c0 100644
--- a/source/fortress/user-guide/4.10-delete-user.md
+++ b/source/fortress/user-guide/4.10-delete-user.md
@@ -4,14 +4,16 @@ navPrev: 4.9-add-user.html
navPrevText: 4.9 - Add User
navUp: 4-fortress-code-samples.html
navUpText: 4 - Fortress Code Samples
+navNext: 4.11-add-permobj.html
+navNextText: 4.11 - Add Permission Object
---
+# 4.10 - Delete User
+
```java
void deleteUser(User user) throws SecurityException
```
-# 4.10 - Delete User
-
This command deletes an existing user from the RBAC database.
The command is valid if and only if the user to be deleted is a member of the USERS data set.
The USERS and UA data sets and the assigned_users function are updated. This method performs a "hard" delete.
@@ -30,6 +32,14 @@ Throws:
## deleteUser
```java
+import org.apache.directory.fortress.core.GlobalErrIds;
+import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.core.AdminMgr;
+import org.apache.directory.fortress.core.AdminMgrFactory;
+import org.apache.directory.fortress.core.ReviewMgr;
+import org.apache.directory.fortress.core.ReviewMgrFactory;
+import org.apache.directory.fortress.core.model.User;
+
@test
public static void testDeleteUser(String userId)
{
diff --git a/source/fortress/user-guide/4.2-check-access.md b/source/fortress/user-guide/4.2-check-access.md
index 68fdc7cc..1760d37a 100644
--- a/source/fortress/user-guide/4.2-check-access.md
+++ b/source/fortress/user-guide/4.2-check-access.md
@@ -38,6 +38,12 @@ Throws:
## checkAccess
```java
+import org.apache.directory.fortress.core.AccessMgr;
+import org.apache.directory.fortress.core.AccessMgrFactory;
+import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.core.model.Session;
+import org.apache.directory.fortress.core.model.Permission;
+
@test
public static void testCheckAccess( Session session, String objectName, String operationName )
{
diff --git a/source/fortress/user-guide/4.3-session-permissions.md b/source/fortress/user-guide/4.3-session-permissions.md
index ec2ca368..91fc55ac 100644
--- a/source/fortress/user-guide/4.3-session-permissions.md
+++ b/source/fortress/user-guide/4.3-session-permissions.md
@@ -30,6 +30,12 @@ Throws:
## sessionPermissions
```java
+import org.apache.directory.fortress.core.AccessMgr;
+import org.apache.directory.fortress.core.AccessMgrFactory;
+import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.core.model.Session;
+import org.apache.directory.fortress.core.model.Permission;
+
@test
public static void testSessionPermissions( Session session )
{
diff --git a/source/fortress/user-guide/4.4-activate-role.md b/source/fortress/user-guide/4.4-activate-role.md
index 97379d5a..ee8d16f9 100644
--- a/source/fortress/user-guide/4.4-activate-role.md
+++ b/source/fortress/user-guide/4.4-activate-role.md
@@ -34,6 +34,12 @@ Throws:
## addActiveRole
```java
+import org.apache.directory.fortress.core.AccessMgr;
+import org.apache.directory.fortress.core.AccessMgrFactory;
+import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.core.model.Session;
+import org.apache.directory.fortress.core.model.UserRole;
+
@test
public static void testAddActiveRole( Session session, String roleName )
{
diff --git a/source/fortress/user-guide/4.5-deactivate-role.md b/source/fortress/user-guide/4.5-deactivate-role.md
index 5238bc3f..21095bb9 100644
--- a/source/fortress/user-guide/4.5-deactivate-role.md
+++ b/source/fortress/user-guide/4.5-deactivate-role.md
@@ -32,6 +32,12 @@ Throws:
## dropActiveRole
```java
+import org.apache.directory.fortress.core.AccessMgr;
+import org.apache.directory.fortress.core.AccessMgrFactory;
+import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.core.model.Session;
+import org.apache.directory.fortress.core.model.UserRole;
+
@test
public static void testDropActiveRole( Session session, String roleName )
{
diff --git a/source/fortress/user-guide/4.6-authorized-roles.md b/source/fortress/user-guide/4.6-authorized-roles.md
index e43c7843..543b8d54 100644
--- a/source/fortress/user-guide/4.6-authorized-roles.md
+++ b/source/fortress/user-guide/4.6-authorized-roles.md
@@ -30,6 +30,12 @@ Throws:
## authorizedRoles
```java
+import org.apache.directory.fortress.core.AccessMgr;
+import org.apache.directory.fortress.core.AccessMgrFactory;
+import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.core.model.Session;
+import org.apache.directory.fortress.core.model.UserRole;
+
@test
public static void testAuthorizedRoles( Session session )
{
diff --git a/source/fortress/user-guide/4.7-add-role.md b/source/fortress/user-guide/4.7-add-role.md
index 20d15d41..25d5f654 100644
--- a/source/fortress/user-guide/4.7-add-role.md
+++ b/source/fortress/user-guide/4.7-add-role.md
@@ -43,6 +43,14 @@ Throws:
## addRole
```java
+import org.apache.directory.fortress.core.AdminMgr;
+import org.apache.directory.fortress.core.AdminMgrFactory;
+import org.apache.directory.fortress.core.GlobalErrIds;
+import org.apache.directory.fortress.core.ReviewMgr;
+import org.apache.directory.fortress.core.ReviewMgrFactory;
+import org.apache.directory.fortress.core.model.Role;
+import org.apache.directory.fortress.core.SecurityException;
+
@test
public static void testCreateRole()
{
diff --git a/source/fortress/user-guide/4.8-delete-role.md b/source/fortress/user-guide/4.8-delete-role.md
index bf12101e..2fbc0885 100644
--- a/source/fortress/user-guide/4.8-delete-role.md
+++ b/source/fortress/user-guide/4.8-delete-role.md
@@ -30,6 +30,12 @@ Throws:
## deleteRole
```java
+import org.apache.directory.fortress.core.AdminMgr;
+import org.apache.directory.fortress.core.AdminMgrFactory;
+import org.apache.directory.fortress.core.GlobalErrIds;
+import org.apache.directory.fortress.core.model.Role;
+import org.apache.directory.fortress.core.SecurityException;
+
@test
public static void testDeleteRole()
{
diff --git a/source/fortress/user-guide/4.9-add-user.md b/source/fortress/user-guide/4.9-add-user.md
index 75d15ec0..b2d85be8 100644
--- a/source/fortress/user-guide/4.9-add-user.md
+++ b/source/fortress/user-guide/4.9-add-user.md
@@ -55,6 +55,14 @@ Throws:
## addUser
```java
+import org.apache.directory.fortress.core.GlobalErrIds;
+import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.core.AdminMgr;
+import org.apache.directory.fortress.core.AdminMgrFactory;
+import org.apache.directory.fortress.core.ReviewMgr;
+import org.apache.directory.fortress.core.ReviewMgrFactory;
+import org.apache.directory.fortress.core.model.User;
+
@test
public static void testCreateUser(String userId, String password, String userOu)
{
[directory-site] 02/02: + add/deletePermObj
Posted by sm...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
smckinney pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/directory-site.git
commit 9e6d37dcd236fd8414cd349210f12d8895a71f29
Author: Shawn McKinney <sm...@symas.com>
AuthorDate: Wed Jul 27 16:41:41 2022 -0500
+ add/deletePermObj
---
source/fortress/user-guide.md | 8 +--
.../fortress/user-guide/4-fortress-code-samples.md | 2 +
source/fortress/user-guide/4.1-create-session.md | 2 +-
source/fortress/user-guide/4.11-add-permobj.md | 79 ++++++++++++++++++++++
source/fortress/user-guide/4.12-delete-permobj.md | 71 +++++++++++++++++++
5 files changed, 157 insertions(+), 5 deletions(-)
diff --git a/source/fortress/user-guide.md b/source/fortress/user-guide.md
index 06f97e47..a1fe6949 100644
--- a/source/fortress/user-guide.md
+++ b/source/fortress/user-guide.md
@@ -31,11 +31,11 @@ This guide is primarily for people new to Fortress.
* [4.8 - Delete Role](user-guide/4.8-delete-role.html)
* [4.9 - Add User](user-guide/4.9-add-user.html)
* [4.10 - Delete User](user-guide/4.10-delete-user.html)
-
-
+ * [4.11 - Add Permission Object](user-guide/4.11-add-permobj.html)
+ * [4.12 - Delete Permission Object](user-guide/4.12-delete-permobj.html)
+
+
* TODO (more code samples):
- * [4.11 - addPermObj]
- * [4.12 - deletePermObj]
* [4.13 - addPermission]
* [4.14 - deletePermission]
* [4.15 - assignUser]
diff --git a/source/fortress/user-guide/4-fortress-code-samples.md b/source/fortress/user-guide/4-fortress-code-samples.md
index 60d28e30..376006a4 100644
--- a/source/fortress/user-guide/4-fortress-code-samples.md
+++ b/source/fortress/user-guide/4-fortress-code-samples.md
@@ -22,3 +22,5 @@ navNextText: 4.1 - Example Creating RBAC Session
* [4.8 - Delete Role](4.8-delete-role.html)
* [4.9 - Add User](4.9-add-user.html)
* [4.10 - Delete User](4.10-delete-user.html)
+* [4.11 - Add Permission Object](4.11-add-permobj.html)
+* [4.12 - Delete Permission Object](4.12-delete-permobj.html)
diff --git a/source/fortress/user-guide/4.1-create-session.md b/source/fortress/user-guide/4.1-create-session.md
index 4e0840e2..0cef2f1d 100644
--- a/source/fortress/user-guide/4.1-create-session.md
+++ b/source/fortress/user-guide/4.1-create-session.md
@@ -33,7 +33,7 @@ Returns:
Throws:
- SecurityException - in the event of data validation failure, security policy violation or DAO error.
-## Simple createSession
+## createSession
```java
import org.apache.directory.fortress.core.AccessMgr;
diff --git a/source/fortress/user-guide/4.11-add-permobj.md b/source/fortress/user-guide/4.11-add-permobj.md
new file mode 100644
index 00000000..fe0f286d
--- /dev/null
+++ b/source/fortress/user-guide/4.11-add-permobj.md
@@ -0,0 +1,79 @@
+---
+title: 4.11 - Add Permission Object
+navPrev: 4.10-delete-user.html
+navPrevText: 4.10 - Delete User
+navUp: 4-fortress-code-samples.html
+navUpText: 4 - Fortress Code Samples
+navNext: 4.12-delete-permobj.html
+navNextText: 4.12 - Delete Permission Object
+---
+
+# 4.11 - Add Permission Object
+
+```java
+PermObj addPermObj(PermObj pObj) throws SecurityException
+```
+
+This method will add permission object to perms container in directory.
+The perm object must not exist before making this call.
+A PermObj instance exists in a hierarchical, one-many relationship between itself and children as stored in ldap tree: (PermObj->Permission}).
+
+required parameters:
+- PermObj#objName - contains the name of new object being added
+- PermObj#ou - contains the name of an existing PERMS OrgUnit this object is associated with
+
+optional parameters:
+- PermObj#description - any safe text
+- PermObj#type - contains any safe text
+- PermObj#props * - multi-occurring property key and values are separated with a ':'. e.g. mykey1:myvalue1
+
+Parameters:
+- pObj - must contain the PermObj#objName and PermObj#ou. The other attributes are optional.
+
+Returns:
+- copy of PermObj entity.
+
+Throws:
+- SecurityException - - thrown in the event of perm object data or system error.
+
+## addPermObj
+
+```java
+import org.apache.directory.fortress.core.AdminMgr;
+import org.apache.directory.fortress.core.AdminMgrFactory;
+import org.apache.directory.fortress.core.GlobalErrIds;
+import org.apache.directory.fortress.core.ReviewMgr;
+import org.apache.directory.fortress.core.ReviewMgrFactory;
+import org.apache.directory.fortress.core.model.PermObj;
+import org.apache.directory.fortress.core.SecurityException;
+
+@test
+public static void testAddPermObject(String objName, String permOu)
+{
+ String szLocation = ".testAddPermObject";
+ try
+ {
+ // Instantiate the AdminMgr implementation which is used to provision RBAC policies.
+ AdminMgr adminMgr = AdminMgrFactory.createInstance();
+
+ // Add the PermObj entity to ldap. The PermObj entity must have a name and an OrgUnit affiliation.
+ adminMgr.addPermObj(new PermObj(objName, permOu));
+
+ // Instantiate the ReviewMgr implementation which is used to interrogate policy information.
+ ReviewMgr reviewMgr = ReviewMgrFactory.createInstance();
+ // now read the newly created Object entity back:
+ PermObj outObj = reviewMgr.readPermObj(new PermObj(objName));
+
+ // Do some validations.
+ assertNotNull(outObj);
+ assertTrue(szLocation + " failed obj name check", objName.equals(outObj.getObjName()));
+ assertTrue(szLocation + " failed obj ou check", permOu.equals(outObj.getOu()));
+ LOG.info(szLocation + " permission object [" + outObj.getObjName() + "] success");
+ }
+ catch (SecurityException ex)
+ {
+ LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
+ fail(ex.getMessage());
+ }
+}
+```
diff --git a/source/fortress/user-guide/4.12-delete-permobj.md b/source/fortress/user-guide/4.12-delete-permobj.md
new file mode 100644
index 00000000..1fcf2216
--- /dev/null
+++ b/source/fortress/user-guide/4.12-delete-permobj.md
@@ -0,0 +1,71 @@
+---
+title: 4.12 - Delete Permission Object
+navPrev: 4.11-add-permobj.html
+navPrevText: 4.11 - Add Permission Object
+navUp: 4-fortress-code-samples.html
+navUpText: 4 - Fortress Code Samples
+---
+
+# 4.8 - Delete Permission Object
+
+```java
+void deletePermObj(PermObj pObj) throws SecurityException
+```
+
+This method will remove permission object to perms container in directory.
+This method will also remove in associated permission objects that are attached to this object.
+
+required parameters:
+- PermObj#objName - contains the name of existing object targeted for removal
+
+Parameters:
+- pObj - must contain the PermObj#objName of object targeted for removal.
+
+Throws:
+- SecurityException - thrown in the event of perm object data or system error.
+
+## deletePermObj
+
+```java
+import org.apache.directory.fortress.core.AdminMgr;
+import org.apache.directory.fortress.core.AdminMgrFactory;
+import org.apache.directory.fortress.core.GlobalErrIds;
+import org.apache.directory.fortress.core.ReviewMgr;
+import org.apache.directory.fortress.core.ReviewMgrFactory;
+import org.apache.directory.fortress.core.model.PermObj;
+import org.apache.directory.fortress.core.SecurityException;
+
+@test
+public static void testDelPermObjects(String objName)
+{
+ String szLocation = ".testDelPermObjects";
+
+ try
+ {
+ // Instantiate the AdminMgr implementation which is used to provision RBAC policies.
+ AdminMgr adminMgr = AdminMgrFactory.createInstance();
+ // this will remove the object along with any operations associated with it:
+ adminMgr.deletePermObj(new PermObj(deletePermObj));
+
+ // Instantiate the ReviewMgr implementation which is used to interrogate policy information.
+ ReviewMgr reviewMgr = ReviewMgrFactory.createInstance();
+ try
+ {
+ // this should fail:
+ reviewMgr.readPermObj(new PermObj(objName));
+ fail(szLocation + " permission object delete failed");
+ }
+ catch (SecurityException se)
+ {
+ assertTrue(szLocation + " excep id check", se.getErrorId() == GlobalErrIds.PERM_OBJ_NOT_FOUND);
+ // pass
+ }
+ LOG.info(szLocation + " permission object [" + TEST_PERM_OBJECT + "] success");
+ }
+ catch (SecurityException ex)
+ {
+ LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
+ fail(ex.getMessage());
+ }
+}
+```