001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.admin.std.meta; 028 029 030 031 import java.util.Collection; 032 import java.util.SortedSet; 033 import org.opends.server.admin.ACIPropertyDefinition; 034 import org.opends.server.admin.AdministratorAction; 035 import org.opends.server.admin.AliasDefaultBehaviorProvider; 036 import org.opends.server.admin.BooleanPropertyDefinition; 037 import org.opends.server.admin.ClassPropertyDefinition; 038 import org.opends.server.admin.client.AuthorizationException; 039 import org.opends.server.admin.client.CommunicationException; 040 import org.opends.server.admin.client.ConcurrentModificationException; 041 import org.opends.server.admin.client.ManagedObject; 042 import org.opends.server.admin.client.MissingMandatoryPropertiesException; 043 import org.opends.server.admin.client.OperationRejectedException; 044 import org.opends.server.admin.DefaultBehaviorProvider; 045 import org.opends.server.admin.DefinedDefaultBehaviorProvider; 046 import org.opends.server.admin.ManagedObjectAlreadyExistsException; 047 import org.opends.server.admin.ManagedObjectDefinition; 048 import org.opends.server.admin.PropertyOption; 049 import org.opends.server.admin.PropertyProvider; 050 import org.opends.server.admin.server.ConfigurationChangeListener; 051 import org.opends.server.admin.server.ServerManagedObject; 052 import org.opends.server.admin.std.client.DseeCompatAccessControlHandlerCfgClient; 053 import org.opends.server.admin.std.server.AccessControlHandlerCfg; 054 import org.opends.server.admin.std.server.DseeCompatAccessControlHandlerCfg; 055 import org.opends.server.admin.Tag; 056 import org.opends.server.authorization.dseecompat.Aci; 057 import org.opends.server.types.DN; 058 059 060 061 /** 062 * An interface for querying the Dsee Compat Access Control Handler 063 * managed object definition meta information. 064 * <p> 065 * The Dsee Compat Access Control Handler provides an implementation 066 * that uses syntax compatible with the Sun Java System Directory 067 * Server Enterprise Edition access control handlers. 068 */ 069 public final class DseeCompatAccessControlHandlerCfgDefn extends ManagedObjectDefinition<DseeCompatAccessControlHandlerCfgClient, DseeCompatAccessControlHandlerCfg> { 070 071 // The singleton configuration definition instance. 072 private static final DseeCompatAccessControlHandlerCfgDefn INSTANCE = new DseeCompatAccessControlHandlerCfgDefn(); 073 074 075 076 // The "global-aci" property definition. 077 private static final ACIPropertyDefinition PD_GLOBAL_ACI; 078 079 080 081 // The "java-class" property definition. 082 private static final ClassPropertyDefinition PD_JAVA_CLASS; 083 084 085 086 // Build the "global-aci" property definition. 087 static { 088 ACIPropertyDefinition.Builder builder = ACIPropertyDefinition.createBuilder(INSTANCE, "global-aci"); 089 builder.setOption(PropertyOption.MULTI_VALUED); 090 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "global-aci")); 091 builder.setDefaultBehaviorProvider(new AliasDefaultBehaviorProvider<Aci>(INSTANCE, "global-aci")); 092 PD_GLOBAL_ACI = builder.getInstance(); 093 INSTANCE.registerPropertyDefinition(PD_GLOBAL_ACI); 094 } 095 096 097 098 // Build the "java-class" property definition. 099 static { 100 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 101 builder.setOption(PropertyOption.MANDATORY); 102 builder.setOption(PropertyOption.ADVANCED); 103 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 104 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.authorization.dseecompat.AciProvider"); 105 builder.setDefaultBehaviorProvider(provider); 106 builder.addInstanceOf("org.opends.server.api.AccessControlHandler"); 107 PD_JAVA_CLASS = builder.getInstance(); 108 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 109 } 110 111 112 113 // Register the tags associated with this managed object definition. 114 static { 115 INSTANCE.registerTag(Tag.valueOf("security")); 116 } 117 118 119 120 /** 121 * Get the Dsee Compat Access Control Handler configuration 122 * definition singleton. 123 * 124 * @return Returns the Dsee Compat Access Control Handler 125 * configuration definition singleton. 126 */ 127 public static DseeCompatAccessControlHandlerCfgDefn getInstance() { 128 return INSTANCE; 129 } 130 131 132 133 /** 134 * Private constructor. 135 */ 136 private DseeCompatAccessControlHandlerCfgDefn() { 137 super("dsee-compat-access-control-handler", AccessControlHandlerCfgDefn.getInstance()); 138 } 139 140 141 142 /** 143 * {@inheritDoc} 144 */ 145 public DseeCompatAccessControlHandlerCfgClient createClientConfiguration( 146 ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl) { 147 return new DseeCompatAccessControlHandlerCfgClientImpl(impl); 148 } 149 150 151 152 /** 153 * {@inheritDoc} 154 */ 155 public DseeCompatAccessControlHandlerCfg createServerConfiguration( 156 ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl) { 157 return new DseeCompatAccessControlHandlerCfgServerImpl(impl); 158 } 159 160 161 162 /** 163 * {@inheritDoc} 164 */ 165 public Class<DseeCompatAccessControlHandlerCfg> getServerConfigurationClass() { 166 return DseeCompatAccessControlHandlerCfg.class; 167 } 168 169 170 171 /** 172 * Get the "enabled" property definition. 173 * <p> 174 * Indicates whether the Dsee Compat Access Control Handler is 175 * enabled. If set to FALSE, then no access control is enforced, and 176 * any client (including unauthenticated or anonymous clients) could 177 * be allowed to perform any operation if not subject to other 178 * restrictions, such as those enforced by the privilege subsystem. 179 * 180 * @return Returns the "enabled" property definition. 181 */ 182 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 183 return AccessControlHandlerCfgDefn.getInstance().getEnabledPropertyDefinition(); 184 } 185 186 187 188 /** 189 * Get the "global-aci" property definition. 190 * <p> 191 * Defines global access control rules. 192 * <p> 193 * Global access control rules apply to all entries anywhere in the 194 * data managed by the Directory Server. The global access control 195 * rules may be overridden by more specific access control rules 196 * placed in the data. 197 * 198 * @return Returns the "global-aci" property definition. 199 */ 200 public ACIPropertyDefinition getGlobalACIPropertyDefinition() { 201 return PD_GLOBAL_ACI; 202 } 203 204 205 206 /** 207 * Get the "java-class" property definition. 208 * <p> 209 * Specifies the fully-qualified name of the Java class that 210 * provides the Dsee Compat Access Control Handler implementation. 211 * 212 * @return Returns the "java-class" property definition. 213 */ 214 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 215 return PD_JAVA_CLASS; 216 } 217 218 219 220 /** 221 * Managed object client implementation. 222 */ 223 private static class DseeCompatAccessControlHandlerCfgClientImpl implements 224 DseeCompatAccessControlHandlerCfgClient { 225 226 // Private implementation. 227 private ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl; 228 229 230 231 // Private constructor. 232 private DseeCompatAccessControlHandlerCfgClientImpl( 233 ManagedObject<? extends DseeCompatAccessControlHandlerCfgClient> impl) { 234 this.impl = impl; 235 } 236 237 238 239 /** 240 * {@inheritDoc} 241 */ 242 public Boolean isEnabled() { 243 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 244 } 245 246 247 248 /** 249 * {@inheritDoc} 250 */ 251 public void setEnabled(boolean value) { 252 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 253 } 254 255 256 257 /** 258 * {@inheritDoc} 259 */ 260 public SortedSet<Aci> getGlobalACI() { 261 return impl.getPropertyValues(INSTANCE.getGlobalACIPropertyDefinition()); 262 } 263 264 265 266 /** 267 * {@inheritDoc} 268 */ 269 public void setGlobalACI(Collection<Aci> values) { 270 impl.setPropertyValues(INSTANCE.getGlobalACIPropertyDefinition(), values); 271 } 272 273 274 275 /** 276 * {@inheritDoc} 277 */ 278 public String getJavaClass() { 279 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 280 } 281 282 283 284 /** 285 * {@inheritDoc} 286 */ 287 public void setJavaClass(String value) { 288 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 289 } 290 291 292 293 /** 294 * {@inheritDoc} 295 */ 296 public ManagedObjectDefinition<? extends DseeCompatAccessControlHandlerCfgClient, ? extends DseeCompatAccessControlHandlerCfg> definition() { 297 return INSTANCE; 298 } 299 300 301 302 /** 303 * {@inheritDoc} 304 */ 305 public PropertyProvider properties() { 306 return impl; 307 } 308 309 310 311 /** 312 * {@inheritDoc} 313 */ 314 public void commit() throws ManagedObjectAlreadyExistsException, 315 MissingMandatoryPropertiesException, ConcurrentModificationException, 316 OperationRejectedException, AuthorizationException, 317 CommunicationException { 318 impl.commit(); 319 } 320 321 } 322 323 324 325 /** 326 * Managed object server implementation. 327 */ 328 private static class DseeCompatAccessControlHandlerCfgServerImpl implements 329 DseeCompatAccessControlHandlerCfg { 330 331 // Private implementation. 332 private ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl; 333 334 // The value of the "enabled" property. 335 private final boolean pEnabled; 336 337 // The value of the "global-aci" property. 338 private final SortedSet<Aci> pGlobalACI; 339 340 // The value of the "java-class" property. 341 private final String pJavaClass; 342 343 344 345 // Private constructor. 346 private DseeCompatAccessControlHandlerCfgServerImpl(ServerManagedObject<? extends DseeCompatAccessControlHandlerCfg> impl) { 347 this.impl = impl; 348 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 349 this.pGlobalACI = impl.getPropertyValues(INSTANCE.getGlobalACIPropertyDefinition()); 350 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 351 } 352 353 354 355 /** 356 * {@inheritDoc} 357 */ 358 public void addDseeCompatChangeListener( 359 ConfigurationChangeListener<DseeCompatAccessControlHandlerCfg> listener) { 360 impl.registerChangeListener(listener); 361 } 362 363 364 365 /** 366 * {@inheritDoc} 367 */ 368 public void removeDseeCompatChangeListener( 369 ConfigurationChangeListener<DseeCompatAccessControlHandlerCfg> listener) { 370 impl.deregisterChangeListener(listener); 371 } 372 /** 373 * {@inheritDoc} 374 */ 375 public void addChangeListener( 376 ConfigurationChangeListener<AccessControlHandlerCfg> listener) { 377 impl.registerChangeListener(listener); 378 } 379 380 381 382 /** 383 * {@inheritDoc} 384 */ 385 public void removeChangeListener( 386 ConfigurationChangeListener<AccessControlHandlerCfg> listener) { 387 impl.deregisterChangeListener(listener); 388 } 389 390 391 392 /** 393 * {@inheritDoc} 394 */ 395 public boolean isEnabled() { 396 return pEnabled; 397 } 398 399 400 401 /** 402 * {@inheritDoc} 403 */ 404 public SortedSet<Aci> getGlobalACI() { 405 return pGlobalACI; 406 } 407 408 409 410 /** 411 * {@inheritDoc} 412 */ 413 public String getJavaClass() { 414 return pJavaClass; 415 } 416 417 418 419 /** 420 * {@inheritDoc} 421 */ 422 public Class<? extends DseeCompatAccessControlHandlerCfg> configurationClass() { 423 return DseeCompatAccessControlHandlerCfg.class; 424 } 425 426 427 428 /** 429 * {@inheritDoc} 430 */ 431 public DN dn() { 432 return impl.getDN(); 433 } 434 435 } 436 }