001    /*
002     * CDDL HEADER START
003     *
004     * The contents of this file are subject to the terms of the
005     * Common Development and Distribution License, Version 1.0 only
006     * (the "License").  You may not use this file except in compliance
007     * with the License.
008     *
009     * You can obtain a copy of the license at
010     * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011     * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012     * See the License for the specific language governing permissions
013     * and limitations under the License.
014     *
015     * When distributing Covered Code, include this CDDL HEADER in each
016     * file and include the License file at
017     * trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
018     * add the following below this CDDL HEADER, with the fields enclosed
019     * by brackets "[]" replaced with your own identifying information:
020     *      Portions Copyright [yyyy] [name of copyright owner]
021     *
022     * CDDL HEADER END
023     *
024     *
025     *      Copyright 2008 Sun Microsystems, Inc.
026     */
027    package org.opends.server.admin.std.meta;
028    
029    
030    
031    import java.util.Collection;
032    import java.util.SortedSet;
033    import org.opends.server.admin.AdministratorAction;
034    import org.opends.server.admin.client.AuthorizationException;
035    import org.opends.server.admin.client.CommunicationException;
036    import org.opends.server.admin.client.ConcurrentModificationException;
037    import org.opends.server.admin.client.IllegalManagedObjectNameException;
038    import org.opends.server.admin.client.ManagedObject;
039    import org.opends.server.admin.client.ManagedObjectDecodingException;
040    import org.opends.server.admin.client.MissingMandatoryPropertiesException;
041    import org.opends.server.admin.client.OperationRejectedException;
042    import org.opends.server.admin.DefaultBehaviorException;
043    import org.opends.server.admin.DefaultBehaviorProvider;
044    import org.opends.server.admin.DefinedDefaultBehaviorProvider;
045    import org.opends.server.admin.DefinitionDecodingException;
046    import org.opends.server.admin.EnumPropertyDefinition;
047    import org.opends.server.admin.InstantiableRelationDefinition;
048    import org.opends.server.admin.ManagedObjectAlreadyExistsException;
049    import org.opends.server.admin.ManagedObjectDefinition;
050    import org.opends.server.admin.ManagedObjectNotFoundException;
051    import org.opends.server.admin.PropertyOption;
052    import org.opends.server.admin.PropertyProvider;
053    import org.opends.server.admin.RelationOption;
054    import org.opends.server.admin.server.ConfigurationAddListener;
055    import org.opends.server.admin.server.ConfigurationChangeListener;
056    import org.opends.server.admin.server.ConfigurationDeleteListener;
057    import org.opends.server.admin.server.ServerManagedObject;
058    import org.opends.server.admin.std.client.RootDNCfgClient;
059    import org.opends.server.admin.std.client.RootDNUserCfgClient;
060    import org.opends.server.admin.std.server.RootDNCfg;
061    import org.opends.server.admin.std.server.RootDNUserCfg;
062    import org.opends.server.admin.Tag;
063    import org.opends.server.admin.TopCfgDefn;
064    import org.opends.server.config.ConfigException;
065    import org.opends.server.types.DN;
066    
067    
068    
069    /**
070     * An interface for querying the Root DN managed object definition
071     * meta information.
072     * <p>
073     * The Root DN configuration contains all the Root DN Users defined in
074     * the Directory Server. In addition, it also defines the default set
075     * of privileges that Root DN Users automatically inherit.
076     */
077    public final class RootDNCfgDefn extends ManagedObjectDefinition<RootDNCfgClient, RootDNCfg> {
078    
079      // The singleton configuration definition instance.
080      private static final RootDNCfgDefn INSTANCE = new RootDNCfgDefn();
081    
082    
083    
084      /**
085       * Defines the set of permissable values for the "default-root-privilege-name" property.
086       * <p>
087       * Specifies the names of the privileges that root users will be
088       * granted by default.
089       */
090      public static enum DefaultRootPrivilegeName {
091    
092        /**
093         * Allows the user to request that the server process backup
094         * tasks.
095         */
096        BACKEND_BACKUP("backend-backup"),
097    
098    
099    
100        /**
101         * Allows the user to request that the server process restore
102         * tasks.
103         */
104        BACKEND_RESTORE("backend-restore"),
105    
106    
107    
108        /**
109         * Allows the associated user to bypass access control checks
110         * performed by the server.
111         */
112        BYPASS_ACL("bypass-acl"),
113    
114    
115    
116        /**
117         * Allows the user to cancel operations in progress on other
118         * client connections.
119         */
120        CANCEL_REQUEST("cancel-request"),
121    
122    
123    
124        /**
125         * Allows the associated user to read the server configuration.
126         */
127        CONFIG_READ("config-read"),
128    
129    
130    
131        /**
132         * Allows the associated user to update the server configuration.
133         * The config-read privilege is also required.
134         */
135        CONFIG_WRITE("config-write"),
136    
137    
138    
139        /**
140         * Allows the user to participate in data synchronization.
141         */
142        DATA_SYNC("data-sync"),
143    
144    
145    
146        /**
147         * Allows the user to terminate other client connections.
148         */
149        DISCONNECT_CLIENT("disconnect-client"),
150    
151    
152    
153        /**
154         * Allows the associated user to subscribe to receive JMX
155         * notifications.
156         */
157        JMX_NOTIFY("jmx-notify"),
158    
159    
160    
161        /**
162         * Allows the associated user to perform JMX read operations.
163         */
164        JMX_READ("jmx-read"),
165    
166    
167    
168        /**
169         * Allows the associated user to perform JMX write operations.
170         */
171        JMX_WRITE("jmx-write"),
172    
173    
174    
175        /**
176         * Allows the user to request that the server process LDIF export
177         * tasks.
178         */
179        LDIF_EXPORT("ldif-export"),
180    
181    
182    
183        /**
184         * Allows the user to request that the server process LDIF import
185         * tasks.
186         */
187        LDIF_IMPORT("ldif-import"),
188    
189    
190    
191        /**
192         * Allows the associated user to modify the server's access
193         * control configuration.
194         */
195        MODIFY_ACL("modify-acl"),
196    
197    
198    
199        /**
200         * Allows the user to reset user passwords.
201         */
202        PASSWORD_RESET("password-reset"),
203    
204    
205    
206        /**
207         * Allows the user to make changes to the set of defined root
208         * privileges, as well as to grant and revoke privileges for users.
209         */
210        PRIVILEGE_CHANGE("privilege-change"),
211    
212    
213    
214        /**
215         * Allows the user to use the proxied authorization control, or to
216         * perform a bind that specifies an alternate authorization
217         * identity.
218         */
219        PROXIED_AUTH("proxied-auth"),
220    
221    
222    
223        /**
224         * Allows the user to request that the server perform an in-core
225         * restart.
226         */
227        SERVER_RESTART("server-restart"),
228    
229    
230    
231        /**
232         * Allows the user to request that the server shut down.
233         */
234        SERVER_SHUTDOWN("server-shutdown"),
235    
236    
237    
238        /**
239         * Allows the user to request that the server process a search
240         * that cannot be optimized using server indexes.
241         */
242        UNINDEXED_SEARCH("unindexed-search"),
243    
244    
245    
246        /**
247         * Allows the user to make changes to the server schema.
248         */
249        UPDATE_SCHEMA("update-schema");
250    
251    
252    
253        // String representation of the value.
254        private final String name;
255    
256    
257    
258        // Private constructor.
259        private DefaultRootPrivilegeName(String name) { this.name = name; }
260    
261    
262    
263        /**
264         * {@inheritDoc}
265         */
266        public String toString() { return name; }
267    
268      }
269    
270    
271    
272      // The "default-root-privilege-name" property definition.
273      private static final EnumPropertyDefinition<DefaultRootPrivilegeName> PD_DEFAULT_ROOT_PRIVILEGE_NAME;
274    
275    
276    
277      // The "root-dn-users" relation definition.
278      private static final InstantiableRelationDefinition<RootDNUserCfgClient, RootDNUserCfg> RD_ROOT_DN_USERS;
279    
280    
281    
282      // Build the "default-root-privilege-name" property definition.
283      static {
284          EnumPropertyDefinition.Builder<DefaultRootPrivilegeName> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "default-root-privilege-name");
285          builder.setOption(PropertyOption.MULTI_VALUED);
286          builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "default-root-privilege-name"));
287          DefaultBehaviorProvider<DefaultRootPrivilegeName> provider = new DefinedDefaultBehaviorProvider<DefaultRootPrivilegeName>("bypass-acl", "modify-acl", "config-read", "config-write", "ldif-import", "ldif-export", "backend-backup", "backend-restore", "server-shutdown", "server-restart", "disconnect-client", "cancel-request", "password-reset", "update-schema", "privilege-change", "unindexed-search");
288          builder.setDefaultBehaviorProvider(provider);
289          builder.setEnumClass(DefaultRootPrivilegeName.class);
290          PD_DEFAULT_ROOT_PRIVILEGE_NAME = builder.getInstance();
291          INSTANCE.registerPropertyDefinition(PD_DEFAULT_ROOT_PRIVILEGE_NAME);
292      }
293    
294    
295    
296      // Build the "root-dn-users" relation definition.
297      static {
298        InstantiableRelationDefinition.Builder<RootDNUserCfgClient, RootDNUserCfg> builder =
299          new InstantiableRelationDefinition.Builder<RootDNUserCfgClient, RootDNUserCfg>(INSTANCE, "root-dn-user", "root-dn-users", RootDNUserCfgDefn.getInstance());
300        builder.setOption(RelationOption.HIDDEN);
301        RD_ROOT_DN_USERS = builder.getInstance();
302        INSTANCE.registerRelationDefinition(RD_ROOT_DN_USERS);
303      }
304    
305    
306    
307      // Register the tags associated with this managed object definition.
308      static {
309        INSTANCE.registerTag(Tag.valueOf("core-server"));
310      }
311    
312    
313    
314      /**
315       * Get the Root DN configuration definition singleton.
316       *
317       * @return Returns the Root DN configuration definition singleton.
318       */
319      public static RootDNCfgDefn getInstance() {
320        return INSTANCE;
321      }
322    
323    
324    
325      /**
326       * Private constructor.
327       */
328      private RootDNCfgDefn() {
329        super("root-dn", TopCfgDefn.getInstance());
330      }
331    
332    
333    
334      /**
335       * {@inheritDoc}
336       */
337      public RootDNCfgClient createClientConfiguration(
338          ManagedObject<? extends RootDNCfgClient> impl) {
339        return new RootDNCfgClientImpl(impl);
340      }
341    
342    
343    
344      /**
345       * {@inheritDoc}
346       */
347      public RootDNCfg createServerConfiguration(
348          ServerManagedObject<? extends RootDNCfg> impl) {
349        return new RootDNCfgServerImpl(impl);
350      }
351    
352    
353    
354      /**
355       * {@inheritDoc}
356       */
357      public Class<RootDNCfg> getServerConfigurationClass() {
358        return RootDNCfg.class;
359      }
360    
361    
362    
363      /**
364       * Get the "default-root-privilege-name" property definition.
365       * <p>
366       * Specifies the names of the privileges that root users will be
367       * granted by default.
368       *
369       * @return Returns the "default-root-privilege-name" property definition.
370       */
371      public EnumPropertyDefinition<DefaultRootPrivilegeName> getDefaultRootPrivilegeNamePropertyDefinition() {
372        return PD_DEFAULT_ROOT_PRIVILEGE_NAME;
373      }
374    
375    
376    
377      /**
378       * Get the "root-dn-users" relation definition.
379       *
380       * @return Returns the "root-dn-users" relation definition.
381       */
382      public InstantiableRelationDefinition<RootDNUserCfgClient,RootDNUserCfg> getRootDNUsersRelationDefinition() {
383        return RD_ROOT_DN_USERS;
384      }
385    
386    
387    
388      /**
389       * Managed object client implementation.
390       */
391      private static class RootDNCfgClientImpl implements
392        RootDNCfgClient {
393    
394        // Private implementation.
395        private ManagedObject<? extends RootDNCfgClient> impl;
396    
397    
398    
399        // Private constructor.
400        private RootDNCfgClientImpl(
401            ManagedObject<? extends RootDNCfgClient> impl) {
402          this.impl = impl;
403        }
404    
405    
406    
407        /**
408         * {@inheritDoc}
409         */
410        public SortedSet<DefaultRootPrivilegeName> getDefaultRootPrivilegeName() {
411          return impl.getPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition());
412        }
413    
414    
415    
416        /**
417         * {@inheritDoc}
418         */
419        public void setDefaultRootPrivilegeName(Collection<DefaultRootPrivilegeName> values) {
420          impl.setPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition(), values);
421        }
422    
423    
424    
425        /**
426         * {@inheritDoc}
427         */
428        public String[] listRootDNUsers() throws ConcurrentModificationException,
429            AuthorizationException, CommunicationException {
430          return impl.listChildren(INSTANCE.getRootDNUsersRelationDefinition());
431        }
432    
433    
434    
435        /**
436         * {@inheritDoc}
437         */
438        public RootDNUserCfgClient getRootDNUser(String name)
439            throws DefinitionDecodingException, ManagedObjectDecodingException,
440            ManagedObjectNotFoundException, ConcurrentModificationException,
441            AuthorizationException, CommunicationException {
442          return impl.getChild(INSTANCE.getRootDNUsersRelationDefinition(), name).getConfiguration();
443        }
444    
445    
446    
447        /**
448         * {@inheritDoc}
449         */
450        public <M extends RootDNUserCfgClient> M createRootDNUser(
451            ManagedObjectDefinition<M, ? extends RootDNUserCfg> d, String name, Collection<DefaultBehaviorException> exceptions) throws IllegalManagedObjectNameException {
452          return impl.createChild(INSTANCE.getRootDNUsersRelationDefinition(), d, name, exceptions).getConfiguration();
453        }
454    
455    
456    
457        /**
458         * {@inheritDoc}
459         */
460        public void removeRootDNUser(String name)
461            throws ManagedObjectNotFoundException, ConcurrentModificationException,
462            OperationRejectedException, AuthorizationException, CommunicationException {
463          impl.removeChild(INSTANCE.getRootDNUsersRelationDefinition(), name);
464        }
465    
466    
467    
468        /**
469         * {@inheritDoc}
470         */
471        public ManagedObjectDefinition<? extends RootDNCfgClient, ? extends RootDNCfg> definition() {
472          return INSTANCE;
473        }
474    
475    
476    
477        /**
478         * {@inheritDoc}
479         */
480        public PropertyProvider properties() {
481          return impl;
482        }
483    
484    
485    
486        /**
487         * {@inheritDoc}
488         */
489        public void commit() throws ManagedObjectAlreadyExistsException,
490            MissingMandatoryPropertiesException, ConcurrentModificationException,
491            OperationRejectedException, AuthorizationException,
492            CommunicationException {
493          impl.commit();
494        }
495    
496      }
497    
498    
499    
500      /**
501       * Managed object server implementation.
502       */
503      private static class RootDNCfgServerImpl implements
504        RootDNCfg {
505    
506        // Private implementation.
507        private ServerManagedObject<? extends RootDNCfg> impl;
508    
509        // The value of the "default-root-privilege-name" property.
510        private final SortedSet<DefaultRootPrivilegeName> pDefaultRootPrivilegeName;
511    
512    
513    
514        // Private constructor.
515        private RootDNCfgServerImpl(ServerManagedObject<? extends RootDNCfg> impl) {
516          this.impl = impl;
517          this.pDefaultRootPrivilegeName = impl.getPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition());
518        }
519    
520    
521    
522        /**
523         * {@inheritDoc}
524         */
525        public void addChangeListener(
526            ConfigurationChangeListener<RootDNCfg> listener) {
527          impl.registerChangeListener(listener);
528        }
529    
530    
531    
532        /**
533         * {@inheritDoc}
534         */
535        public void removeChangeListener(
536            ConfigurationChangeListener<RootDNCfg> listener) {
537          impl.deregisterChangeListener(listener);
538        }
539    
540    
541    
542        /**
543         * {@inheritDoc}
544         */
545        public SortedSet<DefaultRootPrivilegeName> getDefaultRootPrivilegeName() {
546          return pDefaultRootPrivilegeName;
547        }
548    
549    
550    
551        /**
552         * {@inheritDoc}
553         */
554        public String[] listRootDNUsers() {
555          return impl.listChildren(INSTANCE.getRootDNUsersRelationDefinition());
556        }
557    
558    
559    
560        /**
561         * {@inheritDoc}
562         */
563        public RootDNUserCfg getRootDNUser(String name) throws ConfigException {
564          return impl.getChild(INSTANCE.getRootDNUsersRelationDefinition(), name).getConfiguration();
565        }
566    
567    
568    
569        /**
570         * {@inheritDoc}
571         */
572        public void addRootDNUserAddListener(
573            ConfigurationAddListener<RootDNUserCfg> listener) throws ConfigException {
574          impl.registerAddListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
575        }
576    
577    
578    
579        /**
580         * {@inheritDoc}
581         */
582        public void removeRootDNUserAddListener(
583            ConfigurationAddListener<RootDNUserCfg> listener) {
584          impl.deregisterAddListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
585        }
586    
587    
588    
589        /**
590         * {@inheritDoc}
591         */
592        public void addRootDNUserDeleteListener(
593            ConfigurationDeleteListener<RootDNUserCfg> listener) throws ConfigException {
594          impl.registerDeleteListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
595        }
596    
597    
598    
599        /**
600         * {@inheritDoc}
601         */
602        public void removeRootDNUserDeleteListener(
603            ConfigurationDeleteListener<RootDNUserCfg> listener) {
604          impl.deregisterDeleteListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
605        }
606    
607    
608    
609        /**
610         * {@inheritDoc}
611         */
612        public Class<? extends RootDNCfg> configurationClass() {
613          return RootDNCfg.class;
614        }
615    
616    
617    
618        /**
619         * {@inheritDoc}
620         */
621        public DN dn() {
622          return impl.getDN();
623        }
624    
625      }
626    }