Source code

001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 */
016package org.opends.server.admin.std.meta;
017
018
019
020import java.util.Collection;
021import java.util.SortedSet;
022import org.forgerock.opendj.config.server.ConfigException;
023import org.forgerock.opendj.ldap.DN;
024import org.opends.server.admin.AdministratorAction;
025import org.opends.server.admin.client.AuthorizationException;
026import org.opends.server.admin.client.CommunicationException;
027import org.opends.server.admin.client.ConcurrentModificationException;
028import org.opends.server.admin.client.IllegalManagedObjectNameException;
029import org.opends.server.admin.client.ManagedObject;
030import org.opends.server.admin.client.ManagedObjectDecodingException;
031import org.opends.server.admin.client.MissingMandatoryPropertiesException;
032import org.opends.server.admin.client.OperationRejectedException;
033import org.opends.server.admin.DefaultBehaviorProvider;
034import org.opends.server.admin.DefinedDefaultBehaviorProvider;
035import org.opends.server.admin.DefinitionDecodingException;
036import org.opends.server.admin.EnumPropertyDefinition;
037import org.opends.server.admin.InstantiableRelationDefinition;
038import org.opends.server.admin.ManagedObjectAlreadyExistsException;
039import org.opends.server.admin.ManagedObjectDefinition;
040import org.opends.server.admin.ManagedObjectNotFoundException;
041import org.opends.server.admin.PropertyException;
042import org.opends.server.admin.PropertyOption;
043import org.opends.server.admin.PropertyProvider;
044import org.opends.server.admin.RelationOption;
045import org.opends.server.admin.server.ConfigurationAddListener;
046import org.opends.server.admin.server.ConfigurationChangeListener;
047import org.opends.server.admin.server.ConfigurationDeleteListener;
048import org.opends.server.admin.server.ServerManagedObject;
049import org.opends.server.admin.std.client.RootDNCfgClient;
050import org.opends.server.admin.std.client.RootDNUserCfgClient;
051import org.opends.server.admin.std.server.RootDNCfg;
052import org.opends.server.admin.std.server.RootDNUserCfg;
053import org.opends.server.admin.Tag;
054import org.opends.server.admin.TopCfgDefn;
055
056
057
058/**
059 * An interface for querying the Root DN managed object definition
060 * meta information.
061 * <p>
062 * The Root DN configuration contains all the Root DN Users defined in
063 * the directory server. In addition, it also defines the default set
064 * of privileges that Root DN Users automatically inherit.
065 */
066public final class RootDNCfgDefn extends ManagedObjectDefinition<RootDNCfgClient, RootDNCfg> {
067
068  // The singleton configuration definition instance.
069  private static final RootDNCfgDefn INSTANCE = new RootDNCfgDefn();
070
071
072
073  /**
074   * Defines the set of permissable values for the "default-root-privilege-name" property.
075   * <p>
076   * Specifies the names of the privileges that root users will be
077   * granted by default.
078   */
079  public static enum DefaultRootPrivilegeName {
080
081    /**
082     * Allows the user to request that the server process backup
083     * tasks.
084     */
085    BACKEND_BACKUP("backend-backup"),
086
087
088
089    /**
090     * Allows the user to request that the server process restore
091     * tasks.
092     */
093    BACKEND_RESTORE("backend-restore"),
094
095
096
097    /**
098     * Allows the associated user to bypass access control checks
099     * performed by the server.
100     */
101    BYPASS_ACL("bypass-acl"),
102
103
104
105    /**
106     * Allows the associated user to bypass server lockdown mode.
107     */
108    BYPASS_LOCKDOWN("bypass-lockdown"),
109
110
111
112    /**
113     * Allows the user to cancel operations in progress on other
114     * client connections.
115     */
116    CANCEL_REQUEST("cancel-request"),
117
118
119
120    /**
121     * Allows the user to perform read operations on the changelog
122     */
123    CHANGELOG_READ("changelog-read"),
124
125
126
127    /**
128     * Allows the associated user to read the server configuration.
129     */
130    CONFIG_READ("config-read"),
131
132
133
134    /**
135     * Allows the associated user to update the server configuration.
136     * The config-read privilege is also required.
137     */
138    CONFIG_WRITE("config-write"),
139
140
141
142    /**
143     * Allows the user to participate in data synchronization.
144     */
145    DATA_SYNC("data-sync"),
146
147
148
149    /**
150     * Allows the user to terminate other client connections.
151     */
152    DISCONNECT_CLIENT("disconnect-client"),
153
154
155
156    /**
157     * Allows the associated user to subscribe to receive JMX
158     * notifications.
159     */
160    JMX_NOTIFY("jmx-notify"),
161
162
163
164    /**
165     * Allows the associated user to perform JMX read operations.
166     */
167    JMX_READ("jmx-read"),
168
169
170
171    /**
172     * Allows the associated user to perform JMX write operations.
173     */
174    JMX_WRITE("jmx-write"),
175
176
177
178    /**
179     * Allows the user to request that the server process LDIF export
180     * tasks.
181     */
182    LDIF_EXPORT("ldif-export"),
183
184
185
186    /**
187     * Allows the user to request that the server process LDIF import
188     * tasks.
189     */
190    LDIF_IMPORT("ldif-import"),
191
192
193
194    /**
195     * Allows the associated user to modify the server's access
196     * control configuration.
197     */
198    MODIFY_ACL("modify-acl"),
199
200
201
202    /**
203     * Allows the user to reset user passwords.
204     */
205    PASSWORD_RESET("password-reset"),
206
207
208
209    /**
210     * Allows the user to make changes to the set of defined root
211     * privileges, as well as to grant and revoke privileges for users.
212     */
213    PRIVILEGE_CHANGE("privilege-change"),
214
215
216
217    /**
218     * Allows the user to use the proxied authorization control, or to
219     * perform a bind that specifies an alternate authorization
220     * identity.
221     */
222    PROXIED_AUTH("proxied-auth"),
223
224
225
226    /**
227     * Allows the user to place and bring the server of lockdown mode.
228     */
229    SERVER_LOCKDOWN("server-lockdown"),
230
231
232
233    /**
234     * Allows the user to request that the server perform an in-core
235     * restart.
236     */
237    SERVER_RESTART("server-restart"),
238
239
240
241    /**
242     * Allows the user to request that the server shut down.
243     */
244    SERVER_SHUTDOWN("server-shutdown"),
245
246
247
248    /**
249     * Allows the associated user to perform LDAP subentry write
250     * operations.
251     */
252    SUBENTRY_WRITE("subentry-write"),
253
254
255
256    /**
257     * Allows the user to request that the server process a search
258     * that cannot be optimized using server indexes.
259     */
260    UNINDEXED_SEARCH("unindexed-search"),
261
262
263
264    /**
265     * Allows the user to make changes to the server schema.
266     */
267    UPDATE_SCHEMA("update-schema");
268
269
270
271    // String representation of the value.
272    private final String name;
273
274
275
276    // Private constructor.
277    private DefaultRootPrivilegeName(String name) { this.name = name; }
278
279
280
281    /**
282     * {@inheritDoc}
283     */
284    public String toString() { return name; }
285
286  }
287
288
289
290  // The "default-root-privilege-name" property definition.
291  private static final EnumPropertyDefinition<DefaultRootPrivilegeName> PD_DEFAULT_ROOT_PRIVILEGE_NAME;
292
293
294
295  // The "root-dn-users" relation definition.
296  private static final InstantiableRelationDefinition<RootDNUserCfgClient, RootDNUserCfg> RD_ROOT_DN_USERS;
297
298
299
300  // Build the "default-root-privilege-name" property definition.
301  static {
302      EnumPropertyDefinition.Builder<DefaultRootPrivilegeName> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "default-root-privilege-name");
303      builder.setOption(PropertyOption.MULTI_VALUED);
304      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "default-root-privilege-name"));
305      DefaultBehaviorProvider<DefaultRootPrivilegeName> provider = new DefinedDefaultBehaviorProvider<DefaultRootPrivilegeName>("bypass-lockdown", "bypass-acl", "modify-acl", "config-read", "config-write", "ldif-import", "ldif-export", "backend-backup", "backend-restore", "server-lockdown", "server-shutdown", "server-restart", "disconnect-client", "cancel-request", "password-reset", "update-schema", "privilege-change", "unindexed-search", "subentry-write", "changelog-read");
306      builder.setDefaultBehaviorProvider(provider);
307      builder.setEnumClass(DefaultRootPrivilegeName.class);
308      PD_DEFAULT_ROOT_PRIVILEGE_NAME = builder.getInstance();
309      INSTANCE.registerPropertyDefinition(PD_DEFAULT_ROOT_PRIVILEGE_NAME);
310  }
311
312
313
314  // Build the "root-dn-users" relation definition.
315  static {
316    InstantiableRelationDefinition.Builder<RootDNUserCfgClient, RootDNUserCfg> builder =
317      new InstantiableRelationDefinition.Builder<RootDNUserCfgClient, RootDNUserCfg>(INSTANCE, "root-dn-user", "root-dn-users", RootDNUserCfgDefn.getInstance());
318    builder.setOption(RelationOption.HIDDEN);
319    RD_ROOT_DN_USERS = builder.getInstance();
320    INSTANCE.registerRelationDefinition(RD_ROOT_DN_USERS);
321  }
322
323
324
325  // Register the tags associated with this managed object definition.
326  static {
327    INSTANCE.registerTag(Tag.valueOf("core-server"));
328  }
329
330
331
332  /**
333   * Get the Root DN configuration definition singleton.
334   *
335   * @return Returns the Root DN configuration definition singleton.
336   */
337  public static RootDNCfgDefn getInstance() {
338    return INSTANCE;
339  }
340
341
342
343  /**
344   * Private constructor.
345   */
346  private RootDNCfgDefn() {
347    super("root-dn", TopCfgDefn.getInstance());
348  }
349
350
351
352  /**
353   * {@inheritDoc}
354   */
355  public RootDNCfgClient createClientConfiguration(
356      ManagedObject<? extends RootDNCfgClient> impl) {
357    return new RootDNCfgClientImpl(impl);
358  }
359
360
361
362  /**
363   * {@inheritDoc}
364   */
365  public RootDNCfg createServerConfiguration(
366      ServerManagedObject<? extends RootDNCfg> impl) {
367    return new RootDNCfgServerImpl(impl);
368  }
369
370
371
372  /**
373   * {@inheritDoc}
374   */
375  public Class<RootDNCfg> getServerConfigurationClass() {
376    return RootDNCfg.class;
377  }
378
379
380
381  /**
382   * Get the "default-root-privilege-name" property definition.
383   * <p>
384   * Specifies the names of the privileges that root users will be
385   * granted by default.
386   *
387   * @return Returns the "default-root-privilege-name" property definition.
388   */
389  public EnumPropertyDefinition<DefaultRootPrivilegeName> getDefaultRootPrivilegeNamePropertyDefinition() {
390    return PD_DEFAULT_ROOT_PRIVILEGE_NAME;
391  }
392
393
394
395  /**
396   * Get the "root-dn-users" relation definition.
397   *
398   * @return Returns the "root-dn-users" relation definition.
399   */
400  public InstantiableRelationDefinition<RootDNUserCfgClient,RootDNUserCfg> getRootDNUsersRelationDefinition() {
401    return RD_ROOT_DN_USERS;
402  }
403
404
405
406  /**
407   * Managed object client implementation.
408   */
409  private static class RootDNCfgClientImpl implements
410    RootDNCfgClient {
411
412    // Private implementation.
413    private ManagedObject<? extends RootDNCfgClient> impl;
414
415
416
417    // Private constructor.
418    private RootDNCfgClientImpl(
419        ManagedObject<? extends RootDNCfgClient> impl) {
420      this.impl = impl;
421    }
422
423
424
425    /**
426     * {@inheritDoc}
427     */
428    public SortedSet<DefaultRootPrivilegeName> getDefaultRootPrivilegeName() {
429      return impl.getPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition());
430    }
431
432
433
434    /**
435     * {@inheritDoc}
436     */
437    public void setDefaultRootPrivilegeName(Collection<DefaultRootPrivilegeName> values) {
438      impl.setPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition(), values);
439    }
440
441
442
443    /**
444     * {@inheritDoc}
445     */
446    public String[] listRootDNUsers() throws ConcurrentModificationException,
447        AuthorizationException, CommunicationException {
448      return impl.listChildren(INSTANCE.getRootDNUsersRelationDefinition());
449    }
450
451
452
453    /**
454     * {@inheritDoc}
455     */
456    public RootDNUserCfgClient getRootDNUser(String name)
457        throws DefinitionDecodingException, ManagedObjectDecodingException,
458        ManagedObjectNotFoundException, ConcurrentModificationException,
459        AuthorizationException, CommunicationException {
460      return impl.getChild(INSTANCE.getRootDNUsersRelationDefinition(), name).getConfiguration();
461    }
462
463
464
465    /**
466     * {@inheritDoc}
467     */
468    public <M extends RootDNUserCfgClient> M createRootDNUser(
469        ManagedObjectDefinition<M, ? extends RootDNUserCfg> d, String name, Collection<PropertyException> exceptions) throws IllegalManagedObjectNameException {
470      return impl.createChild(INSTANCE.getRootDNUsersRelationDefinition(), d, name, exceptions).getConfiguration();
471    }
472
473
474
475    /**
476     * {@inheritDoc}
477     */
478    public void removeRootDNUser(String name)
479        throws ManagedObjectNotFoundException, ConcurrentModificationException,
480        OperationRejectedException, AuthorizationException, CommunicationException {
481      impl.removeChild(INSTANCE.getRootDNUsersRelationDefinition(), name);
482    }
483
484
485
486    /**
487     * {@inheritDoc}
488     */
489    public ManagedObjectDefinition<? extends RootDNCfgClient, ? extends RootDNCfg> definition() {
490      return INSTANCE;
491    }
492
493
494
495    /**
496     * {@inheritDoc}
497     */
498    public PropertyProvider properties() {
499      return impl;
500    }
501
502
503
504    /**
505     * {@inheritDoc}
506     */
507    public void commit() throws ManagedObjectAlreadyExistsException,
508        MissingMandatoryPropertiesException, ConcurrentModificationException,
509        OperationRejectedException, AuthorizationException,
510        CommunicationException {
511      impl.commit();
512    }
513
514
515
516    /** {@inheritDoc} */
517    public String toString() {
518      return impl.toString();
519    }
520  }
521
522
523
524  /**
525   * Managed object server implementation.
526   */
527  private static class RootDNCfgServerImpl implements
528    RootDNCfg {
529
530    // Private implementation.
531    private ServerManagedObject<? extends RootDNCfg> impl;
532
533    // The value of the "default-root-privilege-name" property.
534    private final SortedSet<DefaultRootPrivilegeName> pDefaultRootPrivilegeName;
535
536
537
538    // Private constructor.
539    private RootDNCfgServerImpl(ServerManagedObject<? extends RootDNCfg> impl) {
540      this.impl = impl;
541      this.pDefaultRootPrivilegeName = impl.getPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition());
542    }
543
544
545
546    /**
547     * {@inheritDoc}
548     */
549    public void addChangeListener(
550        ConfigurationChangeListener<RootDNCfg> listener) {
551      impl.registerChangeListener(listener);
552    }
553
554
555
556    /**
557     * {@inheritDoc}
558     */
559    public void removeChangeListener(
560        ConfigurationChangeListener<RootDNCfg> listener) {
561      impl.deregisterChangeListener(listener);
562    }
563
564
565
566    /**
567     * {@inheritDoc}
568     */
569    public SortedSet<DefaultRootPrivilegeName> getDefaultRootPrivilegeName() {
570      return pDefaultRootPrivilegeName;
571    }
572
573
574
575    /**
576     * {@inheritDoc}
577     */
578    public String[] listRootDNUsers() {
579      return impl.listChildren(INSTANCE.getRootDNUsersRelationDefinition());
580    }
581
582
583
584    /**
585     * {@inheritDoc}
586     */
587    public RootDNUserCfg getRootDNUser(String name) throws ConfigException {
588      return impl.getChild(INSTANCE.getRootDNUsersRelationDefinition(), name).getConfiguration();
589    }
590
591
592
593    /**
594     * {@inheritDoc}
595     */
596    public void addRootDNUserAddListener(
597        ConfigurationAddListener<RootDNUserCfg> listener) throws ConfigException {
598      impl.registerAddListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
599    }
600
601
602
603    /**
604     * {@inheritDoc}
605     */
606    public void removeRootDNUserAddListener(
607        ConfigurationAddListener<RootDNUserCfg> listener) {
608      impl.deregisterAddListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
609    }
610
611
612
613    /**
614     * {@inheritDoc}
615     */
616    public void addRootDNUserDeleteListener(
617        ConfigurationDeleteListener<RootDNUserCfg> listener) throws ConfigException {
618      impl.registerDeleteListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
619    }
620
621
622
623    /**
624     * {@inheritDoc}
625     */
626    public void removeRootDNUserDeleteListener(
627        ConfigurationDeleteListener<RootDNUserCfg> listener) {
628      impl.deregisterDeleteListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
629    }
630
631
632
633    /**
634     * {@inheritDoc}
635     */
636    public Class<? extends RootDNCfg> configurationClass() {
637      return RootDNCfg.class;
638    }
639
640
641
642    /**
643     * {@inheritDoc}
644     */
645    public DN dn() {
646      return impl.getDN();
647    }
648
649
650
651    /** {@inheritDoc} */
652    public String toString() {
653      return impl.toString();
654    }
655  }
656}