001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.forgerock.opendj.server.config.meta;
027
028
029
030import java.util.Collection;
031import java.util.SortedSet;
032import org.forgerock.opendj.config.ACIPropertyDefinition;
033import org.forgerock.opendj.config.AdministratorAction;
034import org.forgerock.opendj.config.AliasDefaultBehaviorProvider;
035import org.forgerock.opendj.config.BooleanPropertyDefinition;
036import org.forgerock.opendj.config.ClassPropertyDefinition;
037import org.forgerock.opendj.config.client.ConcurrentModificationException;
038import org.forgerock.opendj.config.client.ManagedObject;
039import org.forgerock.opendj.config.client.MissingMandatoryPropertiesException;
040import org.forgerock.opendj.config.client.OperationRejectedException;
041import org.forgerock.opendj.config.DefaultBehaviorProvider;
042import org.forgerock.opendj.config.DefinedDefaultBehaviorProvider;
043import org.forgerock.opendj.config.ManagedObjectAlreadyExistsException;
044import org.forgerock.opendj.config.ManagedObjectDefinition;
045import org.forgerock.opendj.config.PropertyOption;
046import org.forgerock.opendj.config.PropertyProvider;
047import org.forgerock.opendj.config.server.ConfigurationChangeListener;
048import org.forgerock.opendj.config.server.ServerManagedObject;
049import org.forgerock.opendj.config.Tag;
050import org.forgerock.opendj.ldap.DN;
051import org.forgerock.opendj.ldap.LdapException;
052import org.forgerock.opendj.server.config.client.DseeCompatAccessControlHandlerCfgClient;
053import org.forgerock.opendj.server.config.server.AccessControlHandlerCfg;
054import org.forgerock.opendj.server.config.server.DseeCompatAccessControlHandlerCfg;
055
056
057
058/**
059 * An interface for querying the Dsee Compat Access Control Handler
060 * managed object definition meta information.
061 * <p>
062 * The Dsee Compat Access Control Handler provides an implementation
063 * that uses syntax compatible with the Sun Java System Directory
064 * Server Enterprise Edition access control handlers.
065 */
066public final class DseeCompatAccessControlHandlerCfgDefn extends ManagedObjectDefinition<DseeCompatAccessControlHandlerCfgClient, DseeCompatAccessControlHandlerCfg> {
067
068  // The singleton configuration definition instance.
069  private static final DseeCompatAccessControlHandlerCfgDefn INSTANCE = new DseeCompatAccessControlHandlerCfgDefn();
070
071
072
073  // The "global-aci" property definition.
074  private static final ACIPropertyDefinition PD_GLOBAL_ACI;
075
076
077
078  // The "java-class" property definition.
079  private static final ClassPropertyDefinition PD_JAVA_CLASS;
080
081
082
083  // Build the "global-aci" property definition.
084  static {
085      ACIPropertyDefinition.Builder builder = ACIPropertyDefinition.createBuilder(INSTANCE, "global-aci");
086      builder.setOption(PropertyOption.MULTI_VALUED);
087      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "global-aci"));
088      builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<String>(INSTANCE, "global-aci"));
089      PD_GLOBAL_ACI = builder.getInstance();
090      INSTANCE.registerPropertyDefinition(PD_GLOBAL_ACI);
091  }
092
093
094
095  // Build the "java-class" property definition.
096  static {
097      ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class");
098      builder.setOption(PropertyOption.MANDATORY);
099      builder.setOption(PropertyOption.ADVANCED);
100      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class"));
101      DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.authorization.dseecompat.AciHandler");
102      builder.setDefaultBehaviorProvider(provider);
103      builder.addInstanceOf("org.opends.server.api.AccessControlHandler");
104      PD_JAVA_CLASS = builder.getInstance();
105      INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS);
106  }
107
108
109
110  // Register the tags associated with this managed object definition.
111  static {
112    INSTANCE.registerTag(Tag.valueOf("security"));
113  }
114
115
116
117  /**
118   * Get the Dsee Compat Access Control Handler configuration
119   * definition singleton.
120   *
121   * @return Returns the Dsee Compat Access Control Handler
122   *         configuration definition singleton.
123   */
124  public static DseeCompatAccessControlHandlerCfgDefn getInstance() {
125    return INSTANCE;
126  }
127
128
129
130  /**
131   * Private constructor.
132   */
133  private DseeCompatAccessControlHandlerCfgDefn() {
134    super("dsee-compat-access-control-handler", AccessControlHandlerCfgDefn.getInstance());
135  }
136
137
138
139  /**
140   * {@inheritDoc}
141   */
142  public DseeCompatAccessControlHandlerCfgClient createClientConfiguration(
143      ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl) {
144    return new DseeCompatAccessControlHandlerCfgClientImpl(impl);
145  }
146
147
148
149  /**
150   * {@inheritDoc}
151   */
152  public DseeCompatAccessControlHandlerCfg createServerConfiguration(
153      ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl) {
154    return new DseeCompatAccessControlHandlerCfgServerImpl(impl);
155  }
156
157
158
159  /**
160   * {@inheritDoc}
161   */
162  public Class<DseeCompatAccessControlHandlerCfg> getServerConfigurationClass() {
163    return DseeCompatAccessControlHandlerCfg.class;
164  }
165
166
167
168  /**
169   * Get the "enabled" property definition.
170   * <p>
171   * Indicates whether the Dsee Compat Access Control Handler is
172   * enabled. If set to FALSE, then no access control is enforced, and
173   * any client (including unauthenticated or anonymous clients) could
174   * be allowed to perform any operation if not subject to other
175   * restrictions, such as those enforced by the privilege subsystem.
176   *
177   * @return Returns the "enabled" property definition.
178   */
179  public BooleanPropertyDefinition getEnabledPropertyDefinition() {
180    return AccessControlHandlerCfgDefn.getInstance().getEnabledPropertyDefinition();
181  }
182
183
184
185  /**
186   * Get the "global-aci" property definition.
187   * <p>
188   * Defines global access control rules.
189   * <p>
190   * Global access control rules apply to all entries anywhere in the
191   * data managed by the OpenDJ directory server. The global access
192   * control rules may be overridden by more specific access control
193   * rules placed in the data.
194   *
195   * @return Returns the "global-aci" property definition.
196   */
197  public ACIPropertyDefinition getGlobalACIPropertyDefinition() {
198    return PD_GLOBAL_ACI;
199  }
200
201
202
203  /**
204   * Get the "java-class" property definition.
205   * <p>
206   * Specifies the fully-qualified name of the Java class that
207   * provides the Dsee Compat Access Control Handler implementation.
208   *
209   * @return Returns the "java-class" property definition.
210   */
211  public ClassPropertyDefinition getJavaClassPropertyDefinition() {
212    return PD_JAVA_CLASS;
213  }
214
215
216
217  /**
218   * Managed object client implementation.
219   */
220  private static class DseeCompatAccessControlHandlerCfgClientImpl implements
221    DseeCompatAccessControlHandlerCfgClient {
222
223    // Private implementation.
224    private ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl;
225
226
227
228    // Private constructor.
229    private DseeCompatAccessControlHandlerCfgClientImpl(
230        ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl) {
231      this.impl = impl;
232    }
233
234
235
236    /**
237     * {@inheritDoc}
238     */
239    public Boolean isEnabled() {
240      return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
241    }
242
243
244
245    /**
246     * {@inheritDoc}
247     */
248    public void setEnabled(boolean value) {
249      impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value);
250    }
251
252
253
254    /**
255     * {@inheritDoc}
256     */
257    public SortedSet<String> getGlobalACI() {
258      return impl.getPropertyValues(INSTANCE.getGlobalACIPropertyDefinition());
259    }
260
261
262
263    /**
264     * {@inheritDoc}
265     */
266    public void setGlobalACI(Collection<String> values) {
267      impl.setPropertyValues(INSTANCE.getGlobalACIPropertyDefinition(), values);
268    }
269
270
271
272    /**
273     * {@inheritDoc}
274     */
275    public String getJavaClass() {
276      return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
277    }
278
279
280
281    /**
282     * {@inheritDoc}
283     */
284    public void setJavaClass(String value) {
285      impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value);
286    }
287
288
289
290    /**
291     * {@inheritDoc}
292     */
293    public ManagedObjectDefinition<? extends DseeCompatAccessControlHandlerCfgClient, ? extends DseeCompatAccessControlHandlerCfg> definition() {
294      return INSTANCE;
295    }
296
297
298
299    /**
300     * {@inheritDoc}
301     */
302    public PropertyProvider properties() {
303      return impl;
304    }
305
306
307
308    /**
309     * {@inheritDoc}
310     */
311    public void commit() throws ManagedObjectAlreadyExistsException,
312        MissingMandatoryPropertiesException, ConcurrentModificationException,
313        OperationRejectedException, LdapException {
314      impl.commit();
315    }
316
317  }
318
319
320
321  /**
322   * Managed object server implementation.
323   */
324  private static class DseeCompatAccessControlHandlerCfgServerImpl implements
325    DseeCompatAccessControlHandlerCfg {
326
327    // Private implementation.
328    private ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl;
329
330    // The value of the "enabled" property.
331    private final boolean pEnabled;
332
333    // The value of the "global-aci" property.
334    private final SortedSet<String> pGlobalACI;
335
336    // The value of the "java-class" property.
337    private final String pJavaClass;
338
339
340
341    // Private constructor.
342    private DseeCompatAccessControlHandlerCfgServerImpl(ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl) {
343      this.impl = impl;
344      this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition());
345      this.pGlobalACI = impl.getPropertyValues(INSTANCE.getGlobalACIPropertyDefinition());
346      this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition());
347    }
348
349
350
351    /**
352     * {@inheritDoc}
353     */
354    public void addDseeCompatChangeListener(
355        ConfigurationChangeListener<DseeCompatAccessControlHandlerCfg> listener) {
356      impl.registerChangeListener(listener);
357    }
358
359
360
361    /**
362     * {@inheritDoc}
363     */
364    public void removeDseeCompatChangeListener(
365        ConfigurationChangeListener<DseeCompatAccessControlHandlerCfg> listener) {
366      impl.deregisterChangeListener(listener);
367    }
368    /**
369     * {@inheritDoc}
370     */
371    public void addChangeListener(
372        ConfigurationChangeListener<AccessControlHandlerCfg> listener) {
373      impl.registerChangeListener(listener);
374    }
375
376
377
378    /**
379     * {@inheritDoc}
380     */
381    public void removeChangeListener(
382        ConfigurationChangeListener<AccessControlHandlerCfg> listener) {
383      impl.deregisterChangeListener(listener);
384    }
385
386
387
388    /**
389     * {@inheritDoc}
390     */
391    public boolean isEnabled() {
392      return pEnabled;
393    }
394
395
396
397    /**
398     * {@inheritDoc}
399     */
400    public SortedSet<String> getGlobalACI() {
401      return pGlobalACI;
402    }
403
404
405
406    /**
407     * {@inheritDoc}
408     */
409    public String getJavaClass() {
410      return pJavaClass;
411    }
412
413
414
415    /**
416     * {@inheritDoc}
417     */
418    public Class<? extends DseeCompatAccessControlHandlerCfg> configurationClass() {
419      return DseeCompatAccessControlHandlerCfg.class;
420    }
421
422
423
424    /**
425     * {@inheritDoc}
426     */
427    public DN dn() {
428      return impl.getDN();
429    }
430
431  }
432}