001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.admin.std.meta; 028 029 030 031 import java.util.Collection; 032 import java.util.SortedSet; 033 import org.opends.server.admin.AdministratorAction; 034 import org.opends.server.admin.client.AuthorizationException; 035 import org.opends.server.admin.client.CommunicationException; 036 import org.opends.server.admin.client.ConcurrentModificationException; 037 import org.opends.server.admin.client.IllegalManagedObjectNameException; 038 import org.opends.server.admin.client.ManagedObject; 039 import org.opends.server.admin.client.ManagedObjectDecodingException; 040 import org.opends.server.admin.client.MissingMandatoryPropertiesException; 041 import org.opends.server.admin.client.OperationRejectedException; 042 import org.opends.server.admin.DefaultBehaviorException; 043 import org.opends.server.admin.DefaultBehaviorProvider; 044 import org.opends.server.admin.DefinedDefaultBehaviorProvider; 045 import org.opends.server.admin.DefinitionDecodingException; 046 import org.opends.server.admin.EnumPropertyDefinition; 047 import org.opends.server.admin.InstantiableRelationDefinition; 048 import org.opends.server.admin.ManagedObjectAlreadyExistsException; 049 import org.opends.server.admin.ManagedObjectDefinition; 050 import org.opends.server.admin.ManagedObjectNotFoundException; 051 import org.opends.server.admin.PropertyOption; 052 import org.opends.server.admin.PropertyProvider; 053 import org.opends.server.admin.RelationOption; 054 import org.opends.server.admin.server.ConfigurationAddListener; 055 import org.opends.server.admin.server.ConfigurationChangeListener; 056 import org.opends.server.admin.server.ConfigurationDeleteListener; 057 import org.opends.server.admin.server.ServerManagedObject; 058 import org.opends.server.admin.std.client.RootDNCfgClient; 059 import org.opends.server.admin.std.client.RootDNUserCfgClient; 060 import org.opends.server.admin.std.server.RootDNCfg; 061 import org.opends.server.admin.std.server.RootDNUserCfg; 062 import org.opends.server.admin.Tag; 063 import org.opends.server.admin.TopCfgDefn; 064 import org.opends.server.config.ConfigException; 065 import org.opends.server.types.DN; 066 067 068 069 /** 070 * An interface for querying the Root DN managed object definition 071 * meta information. 072 * <p> 073 * The Root DN configuration contains all the Root DN Users defined in 074 * the Directory Server. In addition, it also defines the default set 075 * of privileges that Root DN Users automatically inherit. 076 */ 077 public final class RootDNCfgDefn extends ManagedObjectDefinition<RootDNCfgClient, RootDNCfg> { 078 079 // The singleton configuration definition instance. 080 private static final RootDNCfgDefn INSTANCE = new RootDNCfgDefn(); 081 082 083 084 /** 085 * Defines the set of permissable values for the "default-root-privilege-name" property. 086 * <p> 087 * Specifies the names of the privileges that root users will be 088 * granted by default. 089 */ 090 public static enum DefaultRootPrivilegeName { 091 092 /** 093 * Allows the user to request that the server process backup 094 * tasks. 095 */ 096 BACKEND_BACKUP("backend-backup"), 097 098 099 100 /** 101 * Allows the user to request that the server process restore 102 * tasks. 103 */ 104 BACKEND_RESTORE("backend-restore"), 105 106 107 108 /** 109 * Allows the associated user to bypass access control checks 110 * performed by the server. 111 */ 112 BYPASS_ACL("bypass-acl"), 113 114 115 116 /** 117 * Allows the user to cancel operations in progress on other 118 * client connections. 119 */ 120 CANCEL_REQUEST("cancel-request"), 121 122 123 124 /** 125 * Allows the associated user to read the server configuration. 126 */ 127 CONFIG_READ("config-read"), 128 129 130 131 /** 132 * Allows the associated user to update the server configuration. 133 * The config-read privilege is also required. 134 */ 135 CONFIG_WRITE("config-write"), 136 137 138 139 /** 140 * Allows the user to participate in data synchronization. 141 */ 142 DATA_SYNC("data-sync"), 143 144 145 146 /** 147 * Allows the user to terminate other client connections. 148 */ 149 DISCONNECT_CLIENT("disconnect-client"), 150 151 152 153 /** 154 * Allows the associated user to subscribe to receive JMX 155 * notifications. 156 */ 157 JMX_NOTIFY("jmx-notify"), 158 159 160 161 /** 162 * Allows the associated user to perform JMX read operations. 163 */ 164 JMX_READ("jmx-read"), 165 166 167 168 /** 169 * Allows the associated user to perform JMX write operations. 170 */ 171 JMX_WRITE("jmx-write"), 172 173 174 175 /** 176 * Allows the user to request that the server process LDIF export 177 * tasks. 178 */ 179 LDIF_EXPORT("ldif-export"), 180 181 182 183 /** 184 * Allows the user to request that the server process LDIF import 185 * tasks. 186 */ 187 LDIF_IMPORT("ldif-import"), 188 189 190 191 /** 192 * Allows the associated user to modify the server's access 193 * control configuration. 194 */ 195 MODIFY_ACL("modify-acl"), 196 197 198 199 /** 200 * Allows the user to reset user passwords. 201 */ 202 PASSWORD_RESET("password-reset"), 203 204 205 206 /** 207 * Allows the user to make changes to the set of defined root 208 * privileges, as well as to grant and revoke privileges for users. 209 */ 210 PRIVILEGE_CHANGE("privilege-change"), 211 212 213 214 /** 215 * Allows the user to use the proxied authorization control, or to 216 * perform a bind that specifies an alternate authorization 217 * identity. 218 */ 219 PROXIED_AUTH("proxied-auth"), 220 221 222 223 /** 224 * Allows the user to request that the server perform an in-core 225 * restart. 226 */ 227 SERVER_RESTART("server-restart"), 228 229 230 231 /** 232 * Allows the user to request that the server shut down. 233 */ 234 SERVER_SHUTDOWN("server-shutdown"), 235 236 237 238 /** 239 * Allows the user to request that the server process a search 240 * that cannot be optimized using server indexes. 241 */ 242 UNINDEXED_SEARCH("unindexed-search"), 243 244 245 246 /** 247 * Allows the user to make changes to the server schema. 248 */ 249 UPDATE_SCHEMA("update-schema"); 250 251 252 253 // String representation of the value. 254 private final String name; 255 256 257 258 // Private constructor. 259 private DefaultRootPrivilegeName(String name) { this.name = name; } 260 261 262 263 /** 264 * {@inheritDoc} 265 */ 266 public String toString() { return name; } 267 268 } 269 270 271 272 // The "default-root-privilege-name" property definition. 273 private static final EnumPropertyDefinition<DefaultRootPrivilegeName> PD_DEFAULT_ROOT_PRIVILEGE_NAME; 274 275 276 277 // The "root-dn-users" relation definition. 278 private static final InstantiableRelationDefinition<RootDNUserCfgClient, RootDNUserCfg> RD_ROOT_DN_USERS; 279 280 281 282 // Build the "default-root-privilege-name" property definition. 283 static { 284 EnumPropertyDefinition.Builder<DefaultRootPrivilegeName> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "default-root-privilege-name"); 285 builder.setOption(PropertyOption.MULTI_VALUED); 286 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "default-root-privilege-name")); 287 DefaultBehaviorProvider<DefaultRootPrivilegeName> provider = new DefinedDefaultBehaviorProvider<DefaultRootPrivilegeName>("bypass-acl", "modify-acl", "config-read", "config-write", "ldif-import", "ldif-export", "backend-backup", "backend-restore", "server-shutdown", "server-restart", "disconnect-client", "cancel-request", "password-reset", "update-schema", "privilege-change", "unindexed-search"); 288 builder.setDefaultBehaviorProvider(provider); 289 builder.setEnumClass(DefaultRootPrivilegeName.class); 290 PD_DEFAULT_ROOT_PRIVILEGE_NAME = builder.getInstance(); 291 INSTANCE.registerPropertyDefinition(PD_DEFAULT_ROOT_PRIVILEGE_NAME); 292 } 293 294 295 296 // Build the "root-dn-users" relation definition. 297 static { 298 InstantiableRelationDefinition.Builder<RootDNUserCfgClient, RootDNUserCfg> builder = 299 new InstantiableRelationDefinition.Builder<RootDNUserCfgClient, RootDNUserCfg>(INSTANCE, "root-dn-user", "root-dn-users", RootDNUserCfgDefn.getInstance()); 300 builder.setOption(RelationOption.HIDDEN); 301 RD_ROOT_DN_USERS = builder.getInstance(); 302 INSTANCE.registerRelationDefinition(RD_ROOT_DN_USERS); 303 } 304 305 306 307 // Register the tags associated with this managed object definition. 308 static { 309 INSTANCE.registerTag(Tag.valueOf("core-server")); 310 } 311 312 313 314 /** 315 * Get the Root DN configuration definition singleton. 316 * 317 * @return Returns the Root DN configuration definition singleton. 318 */ 319 public static RootDNCfgDefn getInstance() { 320 return INSTANCE; 321 } 322 323 324 325 /** 326 * Private constructor. 327 */ 328 private RootDNCfgDefn() { 329 super("root-dn", TopCfgDefn.getInstance()); 330 } 331 332 333 334 /** 335 * {@inheritDoc} 336 */ 337 public RootDNCfgClient createClientConfiguration( 338 ManagedObject<? extends RootDNCfgClient> impl) { 339 return new RootDNCfgClientImpl(impl); 340 } 341 342 343 344 /** 345 * {@inheritDoc} 346 */ 347 public RootDNCfg createServerConfiguration( 348 ServerManagedObject<? extends RootDNCfg> impl) { 349 return new RootDNCfgServerImpl(impl); 350 } 351 352 353 354 /** 355 * {@inheritDoc} 356 */ 357 public Class<RootDNCfg> getServerConfigurationClass() { 358 return RootDNCfg.class; 359 } 360 361 362 363 /** 364 * Get the "default-root-privilege-name" property definition. 365 * <p> 366 * Specifies the names of the privileges that root users will be 367 * granted by default. 368 * 369 * @return Returns the "default-root-privilege-name" property definition. 370 */ 371 public EnumPropertyDefinition<DefaultRootPrivilegeName> getDefaultRootPrivilegeNamePropertyDefinition() { 372 return PD_DEFAULT_ROOT_PRIVILEGE_NAME; 373 } 374 375 376 377 /** 378 * Get the "root-dn-users" relation definition. 379 * 380 * @return Returns the "root-dn-users" relation definition. 381 */ 382 public InstantiableRelationDefinition<RootDNUserCfgClient,RootDNUserCfg> getRootDNUsersRelationDefinition() { 383 return RD_ROOT_DN_USERS; 384 } 385 386 387 388 /** 389 * Managed object client implementation. 390 */ 391 private static class RootDNCfgClientImpl implements 392 RootDNCfgClient { 393 394 // Private implementation. 395 private ManagedObject<? extends RootDNCfgClient> impl; 396 397 398 399 // Private constructor. 400 private RootDNCfgClientImpl( 401 ManagedObject<? extends RootDNCfgClient> impl) { 402 this.impl = impl; 403 } 404 405 406 407 /** 408 * {@inheritDoc} 409 */ 410 public SortedSet<DefaultRootPrivilegeName> getDefaultRootPrivilegeName() { 411 return impl.getPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition()); 412 } 413 414 415 416 /** 417 * {@inheritDoc} 418 */ 419 public void setDefaultRootPrivilegeName(Collection<DefaultRootPrivilegeName> values) { 420 impl.setPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition(), values); 421 } 422 423 424 425 /** 426 * {@inheritDoc} 427 */ 428 public String[] listRootDNUsers() throws ConcurrentModificationException, 429 AuthorizationException, CommunicationException { 430 return impl.listChildren(INSTANCE.getRootDNUsersRelationDefinition()); 431 } 432 433 434 435 /** 436 * {@inheritDoc} 437 */ 438 public RootDNUserCfgClient getRootDNUser(String name) 439 throws DefinitionDecodingException, ManagedObjectDecodingException, 440 ManagedObjectNotFoundException, ConcurrentModificationException, 441 AuthorizationException, CommunicationException { 442 return impl.getChild(INSTANCE.getRootDNUsersRelationDefinition(), name).getConfiguration(); 443 } 444 445 446 447 /** 448 * {@inheritDoc} 449 */ 450 public <M extends RootDNUserCfgClient> M createRootDNUser( 451 ManagedObjectDefinition<M, ? extends RootDNUserCfg> d, String name, Collection<DefaultBehaviorException> exceptions) throws IllegalManagedObjectNameException { 452 return impl.createChild(INSTANCE.getRootDNUsersRelationDefinition(), d, name, exceptions).getConfiguration(); 453 } 454 455 456 457 /** 458 * {@inheritDoc} 459 */ 460 public void removeRootDNUser(String name) 461 throws ManagedObjectNotFoundException, ConcurrentModificationException, 462 OperationRejectedException, AuthorizationException, CommunicationException { 463 impl.removeChild(INSTANCE.getRootDNUsersRelationDefinition(), name); 464 } 465 466 467 468 /** 469 * {@inheritDoc} 470 */ 471 public ManagedObjectDefinition<? extends RootDNCfgClient, ? extends RootDNCfg> definition() { 472 return INSTANCE; 473 } 474 475 476 477 /** 478 * {@inheritDoc} 479 */ 480 public PropertyProvider properties() { 481 return impl; 482 } 483 484 485 486 /** 487 * {@inheritDoc} 488 */ 489 public void commit() throws ManagedObjectAlreadyExistsException, 490 MissingMandatoryPropertiesException, ConcurrentModificationException, 491 OperationRejectedException, AuthorizationException, 492 CommunicationException { 493 impl.commit(); 494 } 495 496 } 497 498 499 500 /** 501 * Managed object server implementation. 502 */ 503 private static class RootDNCfgServerImpl implements 504 RootDNCfg { 505 506 // Private implementation. 507 private ServerManagedObject<? extends RootDNCfg> impl; 508 509 // The value of the "default-root-privilege-name" property. 510 private final SortedSet<DefaultRootPrivilegeName> pDefaultRootPrivilegeName; 511 512 513 514 // Private constructor. 515 private RootDNCfgServerImpl(ServerManagedObject<? extends RootDNCfg> impl) { 516 this.impl = impl; 517 this.pDefaultRootPrivilegeName = impl.getPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition()); 518 } 519 520 521 522 /** 523 * {@inheritDoc} 524 */ 525 public void addChangeListener( 526 ConfigurationChangeListener<RootDNCfg> listener) { 527 impl.registerChangeListener(listener); 528 } 529 530 531 532 /** 533 * {@inheritDoc} 534 */ 535 public void removeChangeListener( 536 ConfigurationChangeListener<RootDNCfg> listener) { 537 impl.deregisterChangeListener(listener); 538 } 539 540 541 542 /** 543 * {@inheritDoc} 544 */ 545 public SortedSet<DefaultRootPrivilegeName> getDefaultRootPrivilegeName() { 546 return pDefaultRootPrivilegeName; 547 } 548 549 550 551 /** 552 * {@inheritDoc} 553 */ 554 public String[] listRootDNUsers() { 555 return impl.listChildren(INSTANCE.getRootDNUsersRelationDefinition()); 556 } 557 558 559 560 /** 561 * {@inheritDoc} 562 */ 563 public RootDNUserCfg getRootDNUser(String name) throws ConfigException { 564 return impl.getChild(INSTANCE.getRootDNUsersRelationDefinition(), name).getConfiguration(); 565 } 566 567 568 569 /** 570 * {@inheritDoc} 571 */ 572 public void addRootDNUserAddListener( 573 ConfigurationAddListener<RootDNUserCfg> listener) throws ConfigException { 574 impl.registerAddListener(INSTANCE.getRootDNUsersRelationDefinition(), listener); 575 } 576 577 578 579 /** 580 * {@inheritDoc} 581 */ 582 public void removeRootDNUserAddListener( 583 ConfigurationAddListener<RootDNUserCfg> listener) { 584 impl.deregisterAddListener(INSTANCE.getRootDNUsersRelationDefinition(), listener); 585 } 586 587 588 589 /** 590 * {@inheritDoc} 591 */ 592 public void addRootDNUserDeleteListener( 593 ConfigurationDeleteListener<RootDNUserCfg> listener) throws ConfigException { 594 impl.registerDeleteListener(INSTANCE.getRootDNUsersRelationDefinition(), listener); 595 } 596 597 598 599 /** 600 * {@inheritDoc} 601 */ 602 public void removeRootDNUserDeleteListener( 603 ConfigurationDeleteListener<RootDNUserCfg> listener) { 604 impl.deregisterDeleteListener(INSTANCE.getRootDNUsersRelationDefinition(), listener); 605 } 606 607 608 609 /** 610 * {@inheritDoc} 611 */ 612 public Class<? extends RootDNCfg> configurationClass() { 613 return RootDNCfg.class; 614 } 615 616 617 618 /** 619 * {@inheritDoc} 620 */ 621 public DN dn() { 622 return impl.getDN(); 623 } 624 625 } 626 }