Package org.ejbca.core.ejb.authorization

Examples of org.ejbca.core.ejb.authorization.AdminGroupData


        // certificate, such as batch tool etc
        if (AdminGroupData.findByGroupName(entityManager, AdminGroup.DEFAULTGROUPNAME) == null) {
            LOG.debug("initialize: FinderEx, add default group.");
            // Add Default Special Admin Group
            try {
                final AdminGroupData agdl = new AdminGroupData(Integer.valueOf(findFreeAdminGroupId()), AdminGroup.DEFAULTGROUPNAME);
                entityManager.persist(agdl);

                final ArrayList<AdminEntity> adminentities = new ArrayList<AdminEntity>();
                adminentities.add(new AdminEntity(AdminEntity.SPECIALADMIN_BATCHCOMMANDLINEADMIN));
                adminentities.add(new AdminEntity(AdminEntity.SPECIALADMIN_CACOMMANDLINEADMIN));
                adminentities.add(new AdminEntity(AdminEntity.SPECIALADMIN_RAADMIN));
                adminentities.add(new AdminEntity(AdminEntity.SPECIALADMIN_INTERNALUSER));
                agdl.addAdminEntities(entityManager, adminentities);

                final ArrayList<AccessRule> accessrules = new ArrayList<AccessRule>();
                accessrules.add(new AccessRule(AccessRulesConstants.ROLE_ADMINISTRATOR, AccessRule.RULE_ACCEPT, true));
                accessrules.add(new AccessRule(AccessRulesConstants.ROLE_SUPERADMINISTRATOR, AccessRule.RULE_ACCEPT, false));

                accessrules.add(new AccessRule(AccessRulesConstants.REGULAR_CAFUNCTIONALTY, AccessRule.RULE_ACCEPT, true));
                accessrules.add(new AccessRule(AccessRulesConstants.REGULAR_RAFUNCTIONALITY, AccessRule.RULE_ACCEPT, true));
                accessrules.add(new AccessRule(AccessRulesConstants.REGULAR_LOGFUNCTIONALITY, AccessRule.RULE_ACCEPT, true));
                accessrules.add(new AccessRule(AccessRulesConstants.REGULAR_SYSTEMFUNCTIONALITY, AccessRule.RULE_ACCEPT, true));
                accessrules.add(new AccessRule(AccessRulesConstants.HARDTOKEN_HARDTOKENFUNCTIONALITY, AccessRule.RULE_ACCEPT, true));
                accessrules.add(new AccessRule(AccessRulesConstants.CABASE, AccessRule.RULE_ACCEPT, true));
                accessrules.add(new AccessRule(AccessRulesConstants.ENDENTITYPROFILEBASE, AccessRule.RULE_ACCEPT, true));

                agdl.addAccessRules(entityManager, accessrules);

                authTreeSession.signalForAuthorizationTreeUpdate();
            } catch (Exception ce) {
                LOG.error("initialize continues after Exception: ", ce);
            }
        }
        // Add Public Web Group
        final AdminGroupData agl = AdminGroupData.findByGroupName(entityManager, AdminGroup.PUBLICWEBGROUPNAME);
        if (agl == null) {
            LOG.debug("initialize: Can't find public web group");
            try {
                final AdminGroupData agdl = new AdminGroupData(Integer.valueOf(findFreeAdminGroupId()), AdminGroup.PUBLICWEBGROUPNAME);
                entityManager.persist(agdl);
                addDefaultPublicWebGroupRules(agdl);
                authTreeSession.signalForAuthorizationTreeUpdate();
            } catch (Exception ce) {
                LOG.error("initialize continues after Exception: ", ce);
View Full Code Here


  
    @Override
    public void addAccessRules(final Admin admin, final String admingroupname, final Collection<AccessRule> accessrules) {
        if (!admingroupname.equals(AdminGroup.DEFAULTGROUPNAME)) {
            try {
                final AdminGroupData agd = AdminGroupData.findByGroupName(entityManager, admingroupname);
                if (agd == null) {
                    throw new FinderException("Could not find admin group " + admingroupname);
                }
                agd.addAccessRules(entityManager, accessrules);
                authTreeSession.signalForAuthorizationTreeUpdate();
                final String msg = INTRES.getLocalizedMessage("authorization.accessrulesadded", admingroupname);
                logSession.log(admin, LogConstants.INTERNALCAID, LogConstants.MODULE_RA, new java.util.Date(), null, null,
                        LogConstants.EVENT_INFO_EDITEDADMINISTRATORPRIVILEGES, msg);
            } catch (Exception e) {
View Full Code Here

    public void addAdminGroup(final Admin admin, final String admingroupname) throws AdminGroupExistsException {
        if (!(admingroupname.equals(AdminGroup.DEFAULTGROUPNAME))) {
            boolean success = false;
            if (AdminGroupData.findByGroupName(entityManager, admingroupname) == null) {
                try {
                    entityManager.persist(new AdminGroupData(Integer.valueOf(findFreeAdminGroupId()), admingroupname));
                    success = true;
                } catch (Exception e) {
                    final String msg = INTRES.getLocalizedMessage("authorization.erroraddadmingroup", admingroupname);
                    LOG.error(msg, e);
                }
View Full Code Here

   
    @TransactionAttribute(TransactionAttributeType.SUPPORTS)
    @Override
    public boolean existsAdministratorInGroup(final Admin admin, final int admingrouppk) {
        boolean returnval = false;
        final AdminGroupData agdl = AdminGroupData.findByPrimeKey(entityManager, Integer.valueOf(admingrouppk));
        if (agdl != null) {
            for(AdminEntity ae : agdl.getAdminGroup().getAdminEntities()) {    
                returnval = returnval || ae.match(admin.getAdminInformation());
            }
        }
        return returnval;
    }
View Full Code Here

   
    @TransactionAttribute(TransactionAttributeType.SUPPORTS)
    @Override
    public AdminGroup getAdminGroup(final Admin admin, final String admingroupname) {
        AdminGroup returnval = null;
        final AdminGroupData agd = AdminGroupData.findByGroupName(entityManager, admingroupname);
        if (agd == null) {
            LOG.info("Can't get admingroup: " + admingroupname);
        } else {
            returnval = agd.getAdminGroup();
        }
        return returnval;
    }
View Full Code Here

        if (LOG.isDebugEnabled()) {
            LOG.debug("Removing admin group " + admingroupname);
        }
        if (!(admingroupname.equals(AdminGroup.DEFAULTGROUPNAME))) {
            try {
                final AdminGroupData agl = AdminGroupData.findByGroupName(entityManager, admingroupname);
                if (agl == null) {
                    throw new FinderException("No Admin Group w name " + admingroupname);
                }
                removeEntitiesAndRulesFromGroup(agl);
                entityManager.remove(agl);
View Full Code Here

    @Override
    public void removeAccessRules(final Admin admin, final String admingroupname, final List<String> accessrules) {
        if (!admingroupname.equals(AdminGroup.DEFAULTGROUPNAME)) {
            try {
                final AdminGroupData agd = AdminGroupData.findByGroupName(entityManager, admingroupname);
                if (agd == null) {
                    throw new FinderException("Could not find admin group " + admingroupname);
                }
                agd.removeAccessRules(entityManager, accessrules);
                authTreeSession.signalForAuthorizationTreeUpdate();
                final String msg = INTRES.getLocalizedMessage("authorization.accessrulesremoved", admingroupname);
                logSession.log(admin, LogConstants.INTERNALCAID, LogConstants.MODULE_RA, new java.util.Date(), null, null,
                        LogConstants.EVENT_INFO_EDITEDADMINISTRATORPRIVILEGES, msg);
            } catch (Exception e) {
View Full Code Here

    @Override
    public void replaceAccessRules(final Admin admin, final String admingroupname, final Collection<AccessRule> accessrules) {
        if (!admingroupname.equals(AdminGroup.DEFAULTGROUPNAME)) {
            try {
                final AdminGroupData agdl = AdminGroupData.findByGroupName(entityManager, admingroupname);
                if (agdl == null) {
                    throw new FinderException("Could not find admin group " + admingroupname);
                }
                final Collection<AccessRule> currentrules = agdl.getAdminGroup().getAccessRules();
                final ArrayList<String> removerules = new ArrayList<String>();
                final Iterator<AccessRule> iter = currentrules.iterator();
                while (iter.hasNext()) {
                    removerules.add(iter.next().getAccessRule());
                }
                agdl.removeAccessRules(entityManager, removerules);
                agdl.addAccessRules(entityManager, accessrules);
                authTreeSession.signalForAuthorizationTreeUpdate();
                final String msg = INTRES.getLocalizedMessage("authorization.accessrulesreplaced", admingroupname);
                logSession.log(admin, LogConstants.INTERNALCAID, LogConstants.MODULE_RA, new java.util.Date(), null, null,
                        LogConstants.EVENT_INFO_EDITEDADMINISTRATORPRIVILEGES, msg);
            } catch (Exception e) {
View Full Code Here

 
    @Override
    public void renameAdminGroup(final Admin admin, final String oldname, final String newname) throws AdminGroupExistsException {
        if (!(oldname.equals(AdminGroup.DEFAULTGROUPNAME))) {
            boolean success = false;
            AdminGroupData agl = AdminGroupData.findByGroupName(entityManager, newname);
            if (agl == null) {
                try {
                    agl = AdminGroupData.findByGroupName(entityManager, oldname);
                    if (agl == null) {
                        throw new FinderException("Cant find admin group w name " + oldname);
                    }
                    agl.setAdminGroupName(newname);
                    authTreeSession.signalForAuthorizationTreeUpdate();
                    success = true;
                } catch (Exception e) {
                    LOG.error("Can't rename admingroup: ", e);
                }
View Full Code Here

   
    @Override
    public void addAdminEntities(final Admin admin, final String admingroupname, final Collection<AdminEntity> adminentities) {
        if (!admingroupname.equals(AdminGroup.DEFAULTGROUPNAME)) {
            try {
                final AdminGroupData agdl = AdminGroupData.findByGroupName(entityManager, admingroupname);
                if (agdl == null) {
                    String msg = INTRES.getLocalizedMessage("authorization.erroraddadmin", admingroupname);
                    msg += ". Admin group does not exist.";
                    LOG.info(msg);
                }         
                agdl.addAdminEntities(entityManager, adminentities);
                authTreeSession.signalForAuthorizationTreeUpdate();
                final String msg = INTRES.getLocalizedMessage("authorization.adminadded", admingroupname);
                logSession.log(admin, LogConstants.INTERNALCAID, LogConstants.MODULE_RA, new java.util.Date(), null, null,
                        LogConstants.EVENT_INFO_EDITEDADMINISTRATORPRIVILEGES, msg);
            } catch (Exception e) {
View Full Code Here

TOP

Related Classes of org.ejbca.core.ejb.authorization.AdminGroupData

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.