001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008-2010 Sun Microsystems, Inc. 025 * Portions Copyright 2014-2015 ForgeRock AS 026 */ 027package org.opends.server.core; 028 029import java.util.HashSet; 030import java.util.List; 031import java.util.Set; 032 033import org.forgerock.i18n.LocalizableMessage; 034import org.opends.server.admin.server.ConfigurationChangeListener; 035import org.opends.server.admin.std.meta.RootDNCfgDefn; 036import org.opends.server.admin.std.server.RootDNCfg; 037import org.forgerock.opendj.config.server.ConfigChangeResult; 038import org.opends.server.types.Privilege; 039 040/** 041 * This class defines a data structure that is used to handle changes to the set 042 * of default root privileges. 043 */ 044public class RootPrivilegeChangeListener 045 implements ConfigurationChangeListener<RootDNCfg> 046{ 047 /** The set of privileges that will be given to root users by default. */ 048 private Set<Privilege> defaultRootPrivileges; 049 050 /** Creates a new instance of this root privilege change listener. */ 051 public RootPrivilegeChangeListener() 052 { 053 defaultRootPrivileges = Privilege.getDefaultRootPrivileges(); 054 } 055 056 /** {@inheritDoc} */ 057 @Override 058 public boolean isConfigurationChangeAcceptable(RootDNCfg configuration, 059 List<LocalizableMessage> unacceptableReasons) 060 { 061 // No special validation is required. 062 return true; 063 } 064 065 /** {@inheritDoc} */ 066 @Override 067 public ConfigChangeResult applyConfigurationChange(RootDNCfg configuration) 068 { 069 setDefaultRootPrivileges(configuration); 070 return new ConfigChangeResult(); 071 } 072 073 /** 074 * Retrieves the set of privileges that will be automatically granted to root 075 * users. 076 * 077 * @return The set of privileges that will be automatically granted to root 078 * users. 079 */ 080 public Set<Privilege> getDefaultRootPrivileges() 081 { 082 return defaultRootPrivileges; 083 } 084 085 086 087 /** 088 * Specifies the set of privileges that will be automatically granted to root 089 * users. 090 * 091 * @param configuration The configuration object that specifies the set of 092 * privileges that will be automatically granted to 093 * root users. 094 */ 095 void setDefaultRootPrivileges(RootDNCfg configuration) 096 { 097 Set<RootDNCfgDefn.DefaultRootPrivilegeName> configPrivSet = 098 configuration.getDefaultRootPrivilegeName(); 099 100 HashSet<Privilege> privSet = new HashSet<>(configPrivSet.size()); 101 for (RootDNCfgDefn.DefaultRootPrivilegeName p : configPrivSet) 102 { 103 privSet.add(Privilege.privilegeForName(p.toString())); 104 } 105 106 defaultRootPrivileges = privSet; 107 } 108}