Examples of org.rhq.core.domain.authz.Role

• org.rhq.core.domain.authz.Role
  A role has zero or more {@link org.rhq.core.domain.resource.group.ResourceGroup}s assigned to it. You can assign a role to zero or more {@link Subject}s. A role defines a set of {@link Permission}s that the assigned {@link Subject}s are authorized for in order to operate on the Resources in the assigned {@link org.rhq.core.domain.resource.group.ResourceGroup}s. @author Greg Hinkle

            @Override
            public TestData execute() throws Exception {
                TestData newTestData = new TestData();
                Subject subject = SessionTestHelper.createNewSubject(em, subjectName);
                newTestData.setSubject(subject);
                Role role = SessionTestHelper.createNewRoleForSubject(em, subject, roleName, Permission.MANAGE_ALERTS,
                    Permission.MANAGE_SETTINGS, Permission.MANAGE_INVENTORY);
                newTestData.setRole(role);
                ResourceType resourceType = SessionTestHelper.createNewResourceType(em);
                newTestData.setResourceType(resourceType);
                ResourceGroup resourceGroup = new ResourceGroup(groupName, resourceType);
                resourceGroup = resourceGroupManager.createResourceGroup(subject, resourceGroup);
                newTestData.setResourceGroup(resourceGroup);
                roleManager.setAssignedResourceGroups(subjectManager.getOverlord(), role.getId(),
                    new int[] { resourceGroup.getId() });
                return newTestData;
            }
        });
        testData.setResources(new ArrayList<Resource>(NUMBER_OF_RESOURCES_TO_CREATE));

            @Override
            public TestData execute() throws Exception {
                TestData newTestData = new TestData();
                Subject subject = SessionTestHelper.createNewSubject(em, "fake subject");
                newTestData.setSubject(subject);
                Role role = SessionTestHelper.createNewRoleForSubject(em, subject, "fake role", Permission.values());
                newTestData.setRole(role);
                ResourceType resourceType = SessionTestHelper.createNewResourceType(em);
                newTestData.setResourceType(resourceType);
                ResourceGroup resourceGroup = new ResourceGroup("fake group", resourceType);
                resourceGroup = resourceGroupManager.createPrivateResourceGroup(subject, resourceGroup);
                newTestData.setResourceGroup(resourceGroup);
                roleManager.setAssignedResourceGroups(subjectManager.getOverlord(), role.getId(),
                    new int[] { resourceGroup.getId() });
                Resource resource = SessionTestHelper.createNewResourceForGroup(em, resourceGroup, "fake resource");
                newTestData.setResource(resource);
                return newTestData;
            }

        });
    }

    @Override
    protected void executeAdd(Record recordToAdd, final DSRequest request, final DSResponse response) {
        final Role roleToAdd = copyValues(recordToAdd);

        roleService.createRole(roleToAdd, new AsyncCallback<Role>() {
            public void onFailure(Throwable caught) {
                if (caught.getMessage() != null
                    && caught.getMessage().contains("javax.persistence.EntityExistsException")) {
                    Map<String, String> errorMessages = new HashMap<String, String>();
                    errorMessages.put(Field.NAME,
                        MSG.view_adminRoles_failCreateRoleWithExistingName(roleToAdd.getName()));
                    sendValidationErrorResponse(request, response, errorMessages);
                } else {
                    throw new RuntimeException(caught);
                }
            }

    }

    @Override
    protected void executeUpdate(Record recordToUpdate, Record oldRecord, final DSRequest request,
        final DSResponse response) {
        Role roleToUpdate = copyValues(recordToUpdate);

        final String rolename = roleToUpdate.getName();
        roleService.updateRole(roleToUpdate, new AsyncCallback<Role>() {
            public void onFailure(Throwable caught) {
                sendFailureResponse(request, response, MSG.view_adminRoles_roleUpdateFailed(rolename), caught);
            }

        });
    }

    @Override
    protected void executeRemove(final Record recordToRemove, final DSRequest request, final DSResponse response) {
        final Role roleToRemove = copyValues(recordToRemove);

        final String rolename = roleToRemove.getName();
        roleService.removeRoles(new int[] { roleToRemove.getId() }, new AsyncCallback<Void>() {
            public void onFailure(Throwable caught) {
                sendFailureResponse(request, response, MSG.view_adminRoles_roleDeleteFailed(rolename), caught);
            }

            public void onSuccess(Void result) {

    }

    @SuppressWarnings("unchecked")
    public Role copyValues(Record from) {
        Role to = new Role();

        to.setId(from.getAttributeAsInt(Field.ID));
        to.setName(from.getAttributeAsString(Field.NAME));
        to.setDescription(from.getAttributeAsString(Field.DESCRIPTION));

        Record[] permissionRecords = from.getAttributeAsRecordArray(Field.PERMISSIONS);
        Set<Permission> permissions = toPermissionSet(permissionRecords);
        to.setPermissions(permissions);

        Record[] resourceGroupRecords = from.getAttributeAsRecordArray(Field.RESOURCE_GROUPS);
        Set<ResourceGroup> resourceGroups = ResourceGroupsDataSource.getInstance().buildDataObjects(
            resourceGroupRecords);
        to.setResourceGroups(resourceGroups);

        Record[] subjectRecords = from.getAttributeAsRecordArray(Field.SUBJECTS);
        Set<Subject> subjects = UsersDataSource.getInstance().buildDataObjects(subjectRecords);
        to.setSubjects(subjects);

        Record[] ldapGroupRecords = from.getAttributeAsRecordArray(Field.LDAP_GROUPS);
        Set<LdapGroup> ldapGroups = new RoleLdapGroupSelector.LdapGroupsDataSource().buildDataObjects(ldapGroupRecords);
        to.setLdapGroups(ldapGroups);

        Record[] bundleGroupRecords = from.getAttributeAsRecordArray(Field.BUNDLE_GROUPS);
        Set<BundleGroup> bundleGroups = BundleGroupsDataSource.getInstance().buildDataObjects(bundleGroupRecords);
        to.setBundleGroups(bundleGroups);

        return to;
    }

        ActionForward forward = checkSubmit(request, mapping, form, true);
        if (forward != null) {
            return forward;
        }

        Role role = new Role(newForm.getName());
        role.setDescription(newForm.getDescription());
        role.setFsystem(false);

        List<String> newPermissionStrings = newForm.getPermissionsStrings();
        for (String permString : newPermissionStrings) {
            Permission p = Enum.valueOf(Permission.class, permString);
            role.addPermission(p);
        }

        log.trace("creating role [" + role.getName() + "] with attributes " + newForm);

        try {
            RoleManagerLocal roleManager = LookupUtil.getRoleManager();
            role = roleManager.createRole(RequestUtils.getSubject(request), role);
        } catch (Exception ex) {
            log.debug("role creation failed:", ex);
            RequestUtils.setError(request, Constants.ERR_ROLE_CREATION);
            return returnFailure(request, mapping);
        }

        log.trace("new role id: [" + role.getId() + "]");

        RequestUtils.setConfirmation(request, "admin.role.confirm.Create", role.getName());
        return returnNew(request, mapping, Constants.ROLE_PARAM, role.getId());
    }

        if (roleId == null) {
            roleId = RequestUtils.getRoleId(request);
        }

        Role role = (Role) request.getAttribute(Constants.ROLE_ATTR);
        if (role == null) {
            RequestUtils.setError(request, Constants.ERR_ROLE_NOT_FOUND);
            return null;
        }

        addForm.setR(role.getId());

        PageControl pca = WebUtility.getPageControl(request, "a");
        PageControl pcp = WebUtility.getPageControl(request, "p");

        /* pending groups are those on the right side of the "add

        if (roleId == null) {
            roleId = RequestUtils.getRoleId(request);
        }

        Role role = (Role) request.getAttribute(Constants.ROLE_ATTR);
        if (role == null) {
            RequestUtils.setError(request, Constants.ERR_ROLE_NOT_FOUND);
            return null;
        }

        if (AuthzConstants.authzResourceGroupId.intValue() == roleId.intValue()) {
            throw new PermissionException("can't change super user role");
        }

        changeForm.setR(role.getId());

        //        Integer sessionId = RequestUtils.getSessionId(request);
        //        PageControl pc = RequestUtils.getPageControl(request);
        ServletContext ctx = getServlet().getServletContext();
        //        AuthzBoss boss = ContextUtils.getAuthzBoss(ctx);

    public ActionForward editRole(ActionMapping mapping, ActionForm form, HttpServletRequest request,
        HttpServletResponse response) throws Exception {
        setRole(request);

        // can't edit system roles
        Role role = (Role) request.getAttribute(Constants.ROLE_ATTR);
        if (role.getFsystem()) {
            RequestUtils.setError(request, "admin.role.error.EditPermission");
            throw new PermissionException();
        }

        Portal portal = Portal.createPortal(TITLE_EDIT, PORTLET_EDIT);