001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.opends.server.admin.std.meta; 027 028 029 030import java.util.Collection; 031import java.util.SortedSet; 032import org.opends.server.admin.ACIPropertyDefinition; 033import org.opends.server.admin.AdministratorAction; 034import org.opends.server.admin.AliasDefaultBehaviorProvider; 035import org.opends.server.admin.BooleanPropertyDefinition; 036import org.opends.server.admin.ClassPropertyDefinition; 037import org.opends.server.admin.client.AuthorizationException; 038import org.opends.server.admin.client.CommunicationException; 039import org.opends.server.admin.client.ConcurrentModificationException; 040import org.opends.server.admin.client.ManagedObject; 041import org.opends.server.admin.client.MissingMandatoryPropertiesException; 042import org.opends.server.admin.client.OperationRejectedException; 043import org.opends.server.admin.DefaultBehaviorProvider; 044import org.opends.server.admin.DefinedDefaultBehaviorProvider; 045import org.opends.server.admin.ManagedObjectAlreadyExistsException; 046import org.opends.server.admin.ManagedObjectDefinition; 047import org.opends.server.admin.PropertyOption; 048import org.opends.server.admin.PropertyProvider; 049import org.opends.server.admin.server.ConfigurationChangeListener; 050import org.opends.server.admin.server.ServerManagedObject; 051import org.opends.server.admin.std.client.DseeCompatAccessControlHandlerCfgClient; 052import org.opends.server.admin.std.server.AccessControlHandlerCfg; 053import org.opends.server.admin.std.server.DseeCompatAccessControlHandlerCfg; 054import org.opends.server.admin.Tag; 055import org.opends.server.authorization.dseecompat.Aci; 056import org.opends.server.types.DN; 057 058 059 060/** 061 * An interface for querying the Dsee Compat Access Control Handler 062 * managed object definition meta information. 063 * <p> 064 * The Dsee Compat Access Control Handler provides an implementation 065 * that uses syntax compatible with the Sun Java System Directory 066 * Server Enterprise Edition access control handlers. 067 */ 068public final class DseeCompatAccessControlHandlerCfgDefn extends ManagedObjectDefinition<DseeCompatAccessControlHandlerCfgClient, DseeCompatAccessControlHandlerCfg> { 069 070 // The singleton configuration definition instance. 071 private static final DseeCompatAccessControlHandlerCfgDefn INSTANCE = new DseeCompatAccessControlHandlerCfgDefn(); 072 073 074 075 // The "global-aci" property definition. 076 private static final ACIPropertyDefinition PD_GLOBAL_ACI; 077 078 079 080 // The "java-class" property definition. 081 private static final ClassPropertyDefinition PD_JAVA_CLASS; 082 083 084 085 // Build the "global-aci" property definition. 086 static { 087 ACIPropertyDefinition.Builder builder = ACIPropertyDefinition.createBuilder(INSTANCE, "global-aci"); 088 builder.setOption(PropertyOption.MULTI_VALUED); 089 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "global-aci")); 090 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<Aci>(INSTANCE, "global-aci")); 091 PD_GLOBAL_ACI = builder.getInstance(); 092 INSTANCE.registerPropertyDefinition(PD_GLOBAL_ACI); 093 } 094 095 096 097 // Build the "java-class" property definition. 098 static { 099 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 100 builder.setOption(PropertyOption.MANDATORY); 101 builder.setOption(PropertyOption.ADVANCED); 102 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 103 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.authorization.dseecompat.AciHandler"); 104 builder.setDefaultBehaviorProvider(provider); 105 builder.addInstanceOf("org.opends.server.api.AccessControlHandler"); 106 PD_JAVA_CLASS = builder.getInstance(); 107 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 108 } 109 110 111 112 // Register the tags associated with this managed object definition. 113 static { 114 INSTANCE.registerTag(Tag.valueOf("security")); 115 } 116 117 118 119 /** 120 * Get the Dsee Compat Access Control Handler configuration 121 * definition singleton. 122 * 123 * @return Returns the Dsee Compat Access Control Handler 124 * configuration definition singleton. 125 */ 126 public static DseeCompatAccessControlHandlerCfgDefn getInstance() { 127 return INSTANCE; 128 } 129 130 131 132 /** 133 * Private constructor. 134 */ 135 private DseeCompatAccessControlHandlerCfgDefn() { 136 super("dsee-compat-access-control-handler", AccessControlHandlerCfgDefn.getInstance()); 137 } 138 139 140 141 /** 142 * {@inheritDoc} 143 */ 144 public DseeCompatAccessControlHandlerCfgClient createClientConfiguration( 145 ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl) { 146 return new DseeCompatAccessControlHandlerCfgClientImpl(impl); 147 } 148 149 150 151 /** 152 * {@inheritDoc} 153 */ 154 public DseeCompatAccessControlHandlerCfg createServerConfiguration( 155 ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl) { 156 return new DseeCompatAccessControlHandlerCfgServerImpl(impl); 157 } 158 159 160 161 /** 162 * {@inheritDoc} 163 */ 164 public Class<DseeCompatAccessControlHandlerCfg> getServerConfigurationClass() { 165 return DseeCompatAccessControlHandlerCfg.class; 166 } 167 168 169 170 /** 171 * Get the "enabled" property definition. 172 * <p> 173 * Indicates whether the Dsee Compat Access Control Handler is 174 * enabled. If set to FALSE, then no access control is enforced, and 175 * any client (including unauthenticated or anonymous clients) could 176 * be allowed to perform any operation if not subject to other 177 * restrictions, such as those enforced by the privilege subsystem. 178 * 179 * @return Returns the "enabled" property definition. 180 */ 181 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 182 return AccessControlHandlerCfgDefn.getInstance().getEnabledPropertyDefinition(); 183 } 184 185 186 187 /** 188 * Get the "global-aci" property definition. 189 * <p> 190 * Defines global access control rules. 191 * <p> 192 * Global access control rules apply to all entries anywhere in the 193 * data managed by the OpenDJ directory server. The global access 194 * control rules may be overridden by more specific access control 195 * rules placed in the data. 196 * 197 * @return Returns the "global-aci" property definition. 198 */ 199 public ACIPropertyDefinition getGlobalACIPropertyDefinition() { 200 return PD_GLOBAL_ACI; 201 } 202 203 204 205 /** 206 * Get the "java-class" property definition. 207 * <p> 208 * Specifies the fully-qualified name of the Java class that 209 * provides the Dsee Compat Access Control Handler implementation. 210 * 211 * @return Returns the "java-class" property definition. 212 */ 213 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 214 return PD_JAVA_CLASS; 215 } 216 217 218 219 /** 220 * Managed object client implementation. 221 */ 222 private static class DseeCompatAccessControlHandlerCfgClientImpl implements 223 DseeCompatAccessControlHandlerCfgClient { 224 225 // Private implementation. 226 private ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl; 227 228 229 230 // Private constructor. 231 private DseeCompatAccessControlHandlerCfgClientImpl( 232 ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl) { 233 this.impl = impl; 234 } 235 236 237 238 /** 239 * {@inheritDoc} 240 */ 241 public Boolean isEnabled() { 242 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 243 } 244 245 246 247 /** 248 * {@inheritDoc} 249 */ 250 public void setEnabled(boolean value) { 251 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 252 } 253 254 255 256 /** 257 * {@inheritDoc} 258 */ 259 public SortedSet<Aci> getGlobalACI() { 260 return impl.getPropertyValues(INSTANCE.getGlobalACIPropertyDefinition()); 261 } 262 263 264 265 /** 266 * {@inheritDoc} 267 */ 268 public void setGlobalACI(Collection<Aci> values) { 269 impl.setPropertyValues(INSTANCE.getGlobalACIPropertyDefinition(), values); 270 } 271 272 273 274 /** 275 * {@inheritDoc} 276 */ 277 public String getJavaClass() { 278 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 279 } 280 281 282 283 /** 284 * {@inheritDoc} 285 */ 286 public void setJavaClass(String value) { 287 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 288 } 289 290 291 292 /** 293 * {@inheritDoc} 294 */ 295 public ManagedObjectDefinition<? extends DseeCompatAccessControlHandlerCfgClient, ? extends DseeCompatAccessControlHandlerCfg> definition() { 296 return INSTANCE; 297 } 298 299 300 301 /** 302 * {@inheritDoc} 303 */ 304 public PropertyProvider properties() { 305 return impl; 306 } 307 308 309 310 /** 311 * {@inheritDoc} 312 */ 313 public void commit() throws ManagedObjectAlreadyExistsException, 314 MissingMandatoryPropertiesException, ConcurrentModificationException, 315 OperationRejectedException, AuthorizationException, 316 CommunicationException { 317 impl.commit(); 318 } 319 320 } 321 322 323 324 /** 325 * Managed object server implementation. 326 */ 327 private static class DseeCompatAccessControlHandlerCfgServerImpl implements 328 DseeCompatAccessControlHandlerCfg { 329 330 // Private implementation. 331 private ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl; 332 333 // The value of the "enabled" property. 334 private final boolean pEnabled; 335 336 // The value of the "global-aci" property. 337 private final SortedSet<Aci> pGlobalACI; 338 339 // The value of the "java-class" property. 340 private final String pJavaClass; 341 342 343 344 // Private constructor. 345 private DseeCompatAccessControlHandlerCfgServerImpl(ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl) { 346 this.impl = impl; 347 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 348 this.pGlobalACI = impl.getPropertyValues(INSTANCE.getGlobalACIPropertyDefinition()); 349 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 350 } 351 352 353 354 /** 355 * {@inheritDoc} 356 */ 357 public void addDseeCompatChangeListener( 358 ConfigurationChangeListener<DseeCompatAccessControlHandlerCfg> listener) { 359 impl.registerChangeListener(listener); 360 } 361 362 363 364 /** 365 * {@inheritDoc} 366 */ 367 public void removeDseeCompatChangeListener( 368 ConfigurationChangeListener<DseeCompatAccessControlHandlerCfg> listener) { 369 impl.deregisterChangeListener(listener); 370 } 371 /** 372 * {@inheritDoc} 373 */ 374 public void addChangeListener( 375 ConfigurationChangeListener<AccessControlHandlerCfg> listener) { 376 impl.registerChangeListener(listener); 377 } 378 379 380 381 /** 382 * {@inheritDoc} 383 */ 384 public void removeChangeListener( 385 ConfigurationChangeListener<AccessControlHandlerCfg> listener) { 386 impl.deregisterChangeListener(listener); 387 } 388 389 390 391 /** 392 * {@inheritDoc} 393 */ 394 public boolean isEnabled() { 395 return pEnabled; 396 } 397 398 399 400 /** 401 * {@inheritDoc} 402 */ 403 public SortedSet<Aci> getGlobalACI() { 404 return pGlobalACI; 405 } 406 407 408 409 /** 410 * {@inheritDoc} 411 */ 412 public String getJavaClass() { 413 return pJavaClass; 414 } 415 416 417 418 /** 419 * {@inheritDoc} 420 */ 421 public Class<? extends DseeCompatAccessControlHandlerCfg> configurationClass() { 422 return DseeCompatAccessControlHandlerCfg.class; 423 } 424 425 426 427 /** 428 * {@inheritDoc} 429 */ 430 public DN dn() { 431 return impl.getDN(); 432 } 433 434 } 435}