001 /*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License"). You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at
010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012 * See the License for the specific language governing permissions
013 * and limitations under the License.
014 *
015 * When distributing Covered Code, include this CDDL HEADER in each
016 * file and include the License file at
017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
018 * add the following below this CDDL HEADER, with the fields enclosed
019 * by brackets "[]" replaced with your own identifying information:
020 * Portions Copyright [yyyy] [name of copyright owner]
021 *
022 * CDDL HEADER END
023 *
024 *
025 * Copyright 2008 Sun Microsystems, Inc.
026 */
027 package org.opends.server.admin.std.meta;
028
029
030
031 import java.util.Collection;
032 import java.util.SortedSet;
033 import org.opends.server.admin.AdministratorAction;
034 import org.opends.server.admin.client.AuthorizationException;
035 import org.opends.server.admin.client.CommunicationException;
036 import org.opends.server.admin.client.ConcurrentModificationException;
037 import org.opends.server.admin.client.IllegalManagedObjectNameException;
038 import org.opends.server.admin.client.ManagedObject;
039 import org.opends.server.admin.client.ManagedObjectDecodingException;
040 import org.opends.server.admin.client.MissingMandatoryPropertiesException;
041 import org.opends.server.admin.client.OperationRejectedException;
042 import org.opends.server.admin.DefaultBehaviorException;
043 import org.opends.server.admin.DefaultBehaviorProvider;
044 import org.opends.server.admin.DefinedDefaultBehaviorProvider;
045 import org.opends.server.admin.DefinitionDecodingException;
046 import org.opends.server.admin.EnumPropertyDefinition;
047 import org.opends.server.admin.InstantiableRelationDefinition;
048 import org.opends.server.admin.ManagedObjectAlreadyExistsException;
049 import org.opends.server.admin.ManagedObjectDefinition;
050 import org.opends.server.admin.ManagedObjectNotFoundException;
051 import org.opends.server.admin.PropertyOption;
052 import org.opends.server.admin.PropertyProvider;
053 import org.opends.server.admin.RelationOption;
054 import org.opends.server.admin.server.ConfigurationAddListener;
055 import org.opends.server.admin.server.ConfigurationChangeListener;
056 import org.opends.server.admin.server.ConfigurationDeleteListener;
057 import org.opends.server.admin.server.ServerManagedObject;
058 import org.opends.server.admin.std.client.RootDNCfgClient;
059 import org.opends.server.admin.std.client.RootDNUserCfgClient;
060 import org.opends.server.admin.std.server.RootDNCfg;
061 import org.opends.server.admin.std.server.RootDNUserCfg;
062 import org.opends.server.admin.Tag;
063 import org.opends.server.admin.TopCfgDefn;
064 import org.opends.server.config.ConfigException;
065 import org.opends.server.types.DN;
066
067
068
069 /**
070 * An interface for querying the Root DN managed object definition
071 * meta information.
072 * <p>
073 * The Root DN configuration contains all the Root DN Users defined in
074 * the Directory Server. In addition, it also defines the default set
075 * of privileges that Root DN Users automatically inherit.
076 */
077 public final class RootDNCfgDefn extends ManagedObjectDefinition<RootDNCfgClient, RootDNCfg> {
078
079 // The singleton configuration definition instance.
080 private static final RootDNCfgDefn INSTANCE = new RootDNCfgDefn();
081
082
083
084 /**
085 * Defines the set of permissable values for the "default-root-privilege-name" property.
086 * <p>
087 * Specifies the names of the privileges that root users will be
088 * granted by default.
089 */
090 public static enum DefaultRootPrivilegeName {
091
092 /**
093 * Allows the user to request that the server process backup
094 * tasks.
095 */
096 BACKEND_BACKUP("backend-backup"),
097
098
099
100 /**
101 * Allows the user to request that the server process restore
102 * tasks.
103 */
104 BACKEND_RESTORE("backend-restore"),
105
106
107
108 /**
109 * Allows the associated user to bypass access control checks
110 * performed by the server.
111 */
112 BYPASS_ACL("bypass-acl"),
113
114
115
116 /**
117 * Allows the user to cancel operations in progress on other
118 * client connections.
119 */
120 CANCEL_REQUEST("cancel-request"),
121
122
123
124 /**
125 * Allows the associated user to read the server configuration.
126 */
127 CONFIG_READ("config-read"),
128
129
130
131 /**
132 * Allows the associated user to update the server configuration.
133 * The config-read privilege is also required.
134 */
135 CONFIG_WRITE("config-write"),
136
137
138
139 /**
140 * Allows the user to participate in data synchronization.
141 */
142 DATA_SYNC("data-sync"),
143
144
145
146 /**
147 * Allows the user to terminate other client connections.
148 */
149 DISCONNECT_CLIENT("disconnect-client"),
150
151
152
153 /**
154 * Allows the associated user to subscribe to receive JMX
155 * notifications.
156 */
157 JMX_NOTIFY("jmx-notify"),
158
159
160
161 /**
162 * Allows the associated user to perform JMX read operations.
163 */
164 JMX_READ("jmx-read"),
165
166
167
168 /**
169 * Allows the associated user to perform JMX write operations.
170 */
171 JMX_WRITE("jmx-write"),
172
173
174
175 /**
176 * Allows the user to request that the server process LDIF export
177 * tasks.
178 */
179 LDIF_EXPORT("ldif-export"),
180
181
182
183 /**
184 * Allows the user to request that the server process LDIF import
185 * tasks.
186 */
187 LDIF_IMPORT("ldif-import"),
188
189
190
191 /**
192 * Allows the associated user to modify the server's access
193 * control configuration.
194 */
195 MODIFY_ACL("modify-acl"),
196
197
198
199 /**
200 * Allows the user to reset user passwords.
201 */
202 PASSWORD_RESET("password-reset"),
203
204
205
206 /**
207 * Allows the user to make changes to the set of defined root
208 * privileges, as well as to grant and revoke privileges for users.
209 */
210 PRIVILEGE_CHANGE("privilege-change"),
211
212
213
214 /**
215 * Allows the user to use the proxied authorization control, or to
216 * perform a bind that specifies an alternate authorization
217 * identity.
218 */
219 PROXIED_AUTH("proxied-auth"),
220
221
222
223 /**
224 * Allows the user to request that the server perform an in-core
225 * restart.
226 */
227 SERVER_RESTART("server-restart"),
228
229
230
231 /**
232 * Allows the user to request that the server shut down.
233 */
234 SERVER_SHUTDOWN("server-shutdown"),
235
236
237
238 /**
239 * Allows the user to request that the server process a search
240 * that cannot be optimized using server indexes.
241 */
242 UNINDEXED_SEARCH("unindexed-search"),
243
244
245
246 /**
247 * Allows the user to make changes to the server schema.
248 */
249 UPDATE_SCHEMA("update-schema");
250
251
252
253 // String representation of the value.
254 private final String name;
255
256
257
258 // Private constructor.
259 private DefaultRootPrivilegeName(String name) { this.name = name; }
260
261
262
263 /**
264 * {@inheritDoc}
265 */
266 public String toString() { return name; }
267
268 }
269
270
271
272 // The "default-root-privilege-name" property definition.
273 private static final EnumPropertyDefinition<DefaultRootPrivilegeName> PD_DEFAULT_ROOT_PRIVILEGE_NAME;
274
275
276
277 // The "root-dn-users" relation definition.
278 private static final InstantiableRelationDefinition<RootDNUserCfgClient, RootDNUserCfg> RD_ROOT_DN_USERS;
279
280
281
282 // Build the "default-root-privilege-name" property definition.
283 static {
284 EnumPropertyDefinition.Builder<DefaultRootPrivilegeName> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "default-root-privilege-name");
285 builder.setOption(PropertyOption.MULTI_VALUED);
286 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "default-root-privilege-name"));
287 DefaultBehaviorProvider<DefaultRootPrivilegeName> provider = new DefinedDefaultBehaviorProvider<DefaultRootPrivilegeName>("bypass-acl", "modify-acl", "config-read", "config-write", "ldif-import", "ldif-export", "backend-backup", "backend-restore", "server-shutdown", "server-restart", "disconnect-client", "cancel-request", "password-reset", "update-schema", "privilege-change", "unindexed-search");
288 builder.setDefaultBehaviorProvider(provider);
289 builder.setEnumClass(DefaultRootPrivilegeName.class);
290 PD_DEFAULT_ROOT_PRIVILEGE_NAME = builder.getInstance();
291 INSTANCE.registerPropertyDefinition(PD_DEFAULT_ROOT_PRIVILEGE_NAME);
292 }
293
294
295
296 // Build the "root-dn-users" relation definition.
297 static {
298 InstantiableRelationDefinition.Builder<RootDNUserCfgClient, RootDNUserCfg> builder =
299 new InstantiableRelationDefinition.Builder<RootDNUserCfgClient, RootDNUserCfg>(INSTANCE, "root-dn-user", "root-dn-users", RootDNUserCfgDefn.getInstance());
300 builder.setOption(RelationOption.HIDDEN);
301 RD_ROOT_DN_USERS = builder.getInstance();
302 INSTANCE.registerRelationDefinition(RD_ROOT_DN_USERS);
303 }
304
305
306
307 // Register the tags associated with this managed object definition.
308 static {
309 INSTANCE.registerTag(Tag.valueOf("core-server"));
310 }
311
312
313
314 /**
315 * Get the Root DN configuration definition singleton.
316 *
317 * @return Returns the Root DN configuration definition singleton.
318 */
319 public static RootDNCfgDefn getInstance() {
320 return INSTANCE;
321 }
322
323
324
325 /**
326 * Private constructor.
327 */
328 private RootDNCfgDefn() {
329 super("root-dn", TopCfgDefn.getInstance());
330 }
331
332
333
334 /**
335 * {@inheritDoc}
336 */
337 public RootDNCfgClient createClientConfiguration(
338 ManagedObject<? extends RootDNCfgClient> impl) {
339 return new RootDNCfgClientImpl(impl);
340 }
341
342
343
344 /**
345 * {@inheritDoc}
346 */
347 public RootDNCfg createServerConfiguration(
348 ServerManagedObject<? extends RootDNCfg> impl) {
349 return new RootDNCfgServerImpl(impl);
350 }
351
352
353
354 /**
355 * {@inheritDoc}
356 */
357 public Class<RootDNCfg> getServerConfigurationClass() {
358 return RootDNCfg.class;
359 }
360
361
362
363 /**
364 * Get the "default-root-privilege-name" property definition.
365 * <p>
366 * Specifies the names of the privileges that root users will be
367 * granted by default.
368 *
369 * @return Returns the "default-root-privilege-name" property definition.
370 */
371 public EnumPropertyDefinition<DefaultRootPrivilegeName> getDefaultRootPrivilegeNamePropertyDefinition() {
372 return PD_DEFAULT_ROOT_PRIVILEGE_NAME;
373 }
374
375
376
377 /**
378 * Get the "root-dn-users" relation definition.
379 *
380 * @return Returns the "root-dn-users" relation definition.
381 */
382 public InstantiableRelationDefinition<RootDNUserCfgClient,RootDNUserCfg> getRootDNUsersRelationDefinition() {
383 return RD_ROOT_DN_USERS;
384 }
385
386
387
388 /**
389 * Managed object client implementation.
390 */
391 private static class RootDNCfgClientImpl implements
392 RootDNCfgClient {
393
394 // Private implementation.
395 private ManagedObject<? extends RootDNCfgClient> impl;
396
397
398
399 // Private constructor.
400 private RootDNCfgClientImpl(
401 ManagedObject<? extends RootDNCfgClient> impl) {
402 this.impl = impl;
403 }
404
405
406
407 /**
408 * {@inheritDoc}
409 */
410 public SortedSet<DefaultRootPrivilegeName> getDefaultRootPrivilegeName() {
411 return impl.getPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition());
412 }
413
414
415
416 /**
417 * {@inheritDoc}
418 */
419 public void setDefaultRootPrivilegeName(Collection<DefaultRootPrivilegeName> values) {
420 impl.setPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition(), values);
421 }
422
423
424
425 /**
426 * {@inheritDoc}
427 */
428 public String[] listRootDNUsers() throws ConcurrentModificationException,
429 AuthorizationException, CommunicationException {
430 return impl.listChildren(INSTANCE.getRootDNUsersRelationDefinition());
431 }
432
433
434
435 /**
436 * {@inheritDoc}
437 */
438 public RootDNUserCfgClient getRootDNUser(String name)
439 throws DefinitionDecodingException, ManagedObjectDecodingException,
440 ManagedObjectNotFoundException, ConcurrentModificationException,
441 AuthorizationException, CommunicationException {
442 return impl.getChild(INSTANCE.getRootDNUsersRelationDefinition(), name).getConfiguration();
443 }
444
445
446
447 /**
448 * {@inheritDoc}
449 */
450 public <M extends RootDNUserCfgClient> M createRootDNUser(
451 ManagedObjectDefinition<M, ? extends RootDNUserCfg> d, String name, Collection<DefaultBehaviorException> exceptions) throws IllegalManagedObjectNameException {
452 return impl.createChild(INSTANCE.getRootDNUsersRelationDefinition(), d, name, exceptions).getConfiguration();
453 }
454
455
456
457 /**
458 * {@inheritDoc}
459 */
460 public void removeRootDNUser(String name)
461 throws ManagedObjectNotFoundException, ConcurrentModificationException,
462 OperationRejectedException, AuthorizationException, CommunicationException {
463 impl.removeChild(INSTANCE.getRootDNUsersRelationDefinition(), name);
464 }
465
466
467
468 /**
469 * {@inheritDoc}
470 */
471 public ManagedObjectDefinition<? extends RootDNCfgClient, ? extends RootDNCfg> definition() {
472 return INSTANCE;
473 }
474
475
476
477 /**
478 * {@inheritDoc}
479 */
480 public PropertyProvider properties() {
481 return impl;
482 }
483
484
485
486 /**
487 * {@inheritDoc}
488 */
489 public void commit() throws ManagedObjectAlreadyExistsException,
490 MissingMandatoryPropertiesException, ConcurrentModificationException,
491 OperationRejectedException, AuthorizationException,
492 CommunicationException {
493 impl.commit();
494 }
495
496 }
497
498
499
500 /**
501 * Managed object server implementation.
502 */
503 private static class RootDNCfgServerImpl implements
504 RootDNCfg {
505
506 // Private implementation.
507 private ServerManagedObject<? extends RootDNCfg> impl;
508
509 // The value of the "default-root-privilege-name" property.
510 private final SortedSet<DefaultRootPrivilegeName> pDefaultRootPrivilegeName;
511
512
513
514 // Private constructor.
515 private RootDNCfgServerImpl(ServerManagedObject<? extends RootDNCfg> impl) {
516 this.impl = impl;
517 this.pDefaultRootPrivilegeName = impl.getPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition());
518 }
519
520
521
522 /**
523 * {@inheritDoc}
524 */
525 public void addChangeListener(
526 ConfigurationChangeListener<RootDNCfg> listener) {
527 impl.registerChangeListener(listener);
528 }
529
530
531
532 /**
533 * {@inheritDoc}
534 */
535 public void removeChangeListener(
536 ConfigurationChangeListener<RootDNCfg> listener) {
537 impl.deregisterChangeListener(listener);
538 }
539
540
541
542 /**
543 * {@inheritDoc}
544 */
545 public SortedSet<DefaultRootPrivilegeName> getDefaultRootPrivilegeName() {
546 return pDefaultRootPrivilegeName;
547 }
548
549
550
551 /**
552 * {@inheritDoc}
553 */
554 public String[] listRootDNUsers() {
555 return impl.listChildren(INSTANCE.getRootDNUsersRelationDefinition());
556 }
557
558
559
560 /**
561 * {@inheritDoc}
562 */
563 public RootDNUserCfg getRootDNUser(String name) throws ConfigException {
564 return impl.getChild(INSTANCE.getRootDNUsersRelationDefinition(), name).getConfiguration();
565 }
566
567
568
569 /**
570 * {@inheritDoc}
571 */
572 public void addRootDNUserAddListener(
573 ConfigurationAddListener<RootDNUserCfg> listener) throws ConfigException {
574 impl.registerAddListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
575 }
576
577
578
579 /**
580 * {@inheritDoc}
581 */
582 public void removeRootDNUserAddListener(
583 ConfigurationAddListener<RootDNUserCfg> listener) {
584 impl.deregisterAddListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
585 }
586
587
588
589 /**
590 * {@inheritDoc}
591 */
592 public void addRootDNUserDeleteListener(
593 ConfigurationDeleteListener<RootDNUserCfg> listener) throws ConfigException {
594 impl.registerDeleteListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
595 }
596
597
598
599 /**
600 * {@inheritDoc}
601 */
602 public void removeRootDNUserDeleteListener(
603 ConfigurationDeleteListener<RootDNUserCfg> listener) {
604 impl.deregisterDeleteListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
605 }
606
607
608
609 /**
610 * {@inheritDoc}
611 */
612 public Class<? extends RootDNCfg> configurationClass() {
613 return RootDNCfg.class;
614 }
615
616
617
618 /**
619 * {@inheritDoc}
620 */
621 public DN dn() {
622 return impl.getDN();
623 }
624
625 }
626 }