001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.opends.server.admin.std.meta;
027
028
029
030import java.util.Collection;
031import java.util.SortedSet;
032import org.forgerock.opendj.config.server.ConfigException;
033import org.opends.server.admin.AdministratorAction;
034import org.opends.server.admin.client.AuthorizationException;
035import org.opends.server.admin.client.CommunicationException;
036import org.opends.server.admin.client.ConcurrentModificationException;
037import org.opends.server.admin.client.IllegalManagedObjectNameException;
038import org.opends.server.admin.client.ManagedObject;
039import org.opends.server.admin.client.ManagedObjectDecodingException;
040import org.opends.server.admin.client.MissingMandatoryPropertiesException;
041import org.opends.server.admin.client.OperationRejectedException;
042import org.opends.server.admin.DefaultBehaviorProvider;
043import org.opends.server.admin.DefinedDefaultBehaviorProvider;
044import org.opends.server.admin.DefinitionDecodingException;
045import org.opends.server.admin.EnumPropertyDefinition;
046import org.opends.server.admin.InstantiableRelationDefinition;
047import org.opends.server.admin.ManagedObjectAlreadyExistsException;
048import org.opends.server.admin.ManagedObjectDefinition;
049import org.opends.server.admin.ManagedObjectNotFoundException;
050import org.opends.server.admin.PropertyException;
051import org.opends.server.admin.PropertyOption;
052import org.opends.server.admin.PropertyProvider;
053import org.opends.server.admin.RelationOption;
054import org.opends.server.admin.server.ConfigurationAddListener;
055import org.opends.server.admin.server.ConfigurationChangeListener;
056import org.opends.server.admin.server.ConfigurationDeleteListener;
057import org.opends.server.admin.server.ServerManagedObject;
058import org.opends.server.admin.std.client.RootDNCfgClient;
059import org.opends.server.admin.std.client.RootDNUserCfgClient;
060import org.opends.server.admin.std.server.RootDNCfg;
061import org.opends.server.admin.std.server.RootDNUserCfg;
062import org.opends.server.admin.Tag;
063import org.opends.server.admin.TopCfgDefn;
064import org.opends.server.types.DN;
065
066
067
068/**
069 * An interface for querying the Root DN managed object definition
070 * meta information.
071 * <p>
072 * The Root DN configuration contains all the Root DN Users defined in
073 * the directory server. In addition, it also defines the default set
074 * of privileges that Root DN Users automatically inherit.
075 */
076public final class RootDNCfgDefn extends ManagedObjectDefinition<RootDNCfgClient, RootDNCfg> {
077
078  // The singleton configuration definition instance.
079  private static final RootDNCfgDefn INSTANCE = new RootDNCfgDefn();
080
081
082
083  /**
084   * Defines the set of permissable values for the "default-root-privilege-name" property.
085   * <p>
086   * Specifies the names of the privileges that root users will be
087   * granted by default.
088   */
089  public static enum DefaultRootPrivilegeName {
090
091    /**
092     * Allows the user to request that the server process backup
093     * tasks.
094     */
095    BACKEND_BACKUP("backend-backup"),
096
097
098
099    /**
100     * Allows the user to request that the server process restore
101     * tasks.
102     */
103    BACKEND_RESTORE("backend-restore"),
104
105
106
107    /**
108     * Allows the associated user to bypass access control checks
109     * performed by the server.
110     */
111    BYPASS_ACL("bypass-acl"),
112
113
114
115    /**
116     * Allows the associated user to bypass server lockdown mode.
117     */
118    BYPASS_LOCKDOWN("bypass-lockdown"),
119
120
121
122    /**
123     * Allows the user to cancel operations in progress on other
124     * client connections.
125     */
126    CANCEL_REQUEST("cancel-request"),
127
128
129
130    /**
131     * Allows the user to perform read operations on the changelog
132     */
133    CHANGELOG_READ("changelog-read"),
134
135
136
137    /**
138     * Allows the associated user to read the server configuration.
139     */
140    CONFIG_READ("config-read"),
141
142
143
144    /**
145     * Allows the associated user to update the server configuration.
146     * The config-read privilege is also required.
147     */
148    CONFIG_WRITE("config-write"),
149
150
151
152    /**
153     * Allows the user to participate in data synchronization.
154     */
155    DATA_SYNC("data-sync"),
156
157
158
159    /**
160     * Allows the user to terminate other client connections.
161     */
162    DISCONNECT_CLIENT("disconnect-client"),
163
164
165
166    /**
167     * Allows the associated user to subscribe to receive JMX
168     * notifications.
169     */
170    JMX_NOTIFY("jmx-notify"),
171
172
173
174    /**
175     * Allows the associated user to perform JMX read operations.
176     */
177    JMX_READ("jmx-read"),
178
179
180
181    /**
182     * Allows the associated user to perform JMX write operations.
183     */
184    JMX_WRITE("jmx-write"),
185
186
187
188    /**
189     * Allows the user to request that the server process LDIF export
190     * tasks.
191     */
192    LDIF_EXPORT("ldif-export"),
193
194
195
196    /**
197     * Allows the user to request that the server process LDIF import
198     * tasks.
199     */
200    LDIF_IMPORT("ldif-import"),
201
202
203
204    /**
205     * Allows the associated user to modify the server's access
206     * control configuration.
207     */
208    MODIFY_ACL("modify-acl"),
209
210
211
212    /**
213     * Allows the user to reset user passwords.
214     */
215    PASSWORD_RESET("password-reset"),
216
217
218
219    /**
220     * Allows the user to make changes to the set of defined root
221     * privileges, as well as to grant and revoke privileges for users.
222     */
223    PRIVILEGE_CHANGE("privilege-change"),
224
225
226
227    /**
228     * Allows the user to use the proxied authorization control, or to
229     * perform a bind that specifies an alternate authorization
230     * identity.
231     */
232    PROXIED_AUTH("proxied-auth"),
233
234
235
236    /**
237     * Allows the user to place and bring the server of lockdown mode.
238     */
239    SERVER_LOCKDOWN("server-lockdown"),
240
241
242
243    /**
244     * Allows the user to request that the server perform an in-core
245     * restart.
246     */
247    SERVER_RESTART("server-restart"),
248
249
250
251    /**
252     * Allows the user to request that the server shut down.
253     */
254    SERVER_SHUTDOWN("server-shutdown"),
255
256
257
258    /**
259     * Allows the associated user to perform LDAP subentry write
260     * operations.
261     */
262    SUBENTRY_WRITE("subentry-write"),
263
264
265
266    /**
267     * Allows the user to request that the server process a search
268     * that cannot be optimized using server indexes.
269     */
270    UNINDEXED_SEARCH("unindexed-search"),
271
272
273
274    /**
275     * Allows the user to make changes to the server schema.
276     */
277    UPDATE_SCHEMA("update-schema");
278
279
280
281    // String representation of the value.
282    private final String name;
283
284
285
286    // Private constructor.
287    private DefaultRootPrivilegeName(String name) { this.name = name; }
288
289
290
291    /**
292     * {@inheritDoc}
293     */
294    public String toString() { return name; }
295
296  }
297
298
299
300  // The "default-root-privilege-name" property definition.
301  private static final EnumPropertyDefinition<DefaultRootPrivilegeName> PD_DEFAULT_ROOT_PRIVILEGE_NAME;
302
303
304
305  // The "root-dn-users" relation definition.
306  private static final InstantiableRelationDefinition<RootDNUserCfgClient, RootDNUserCfg> RD_ROOT_DN_USERS;
307
308
309
310  // Build the "default-root-privilege-name" property definition.
311  static {
312      EnumPropertyDefinition.Builder<DefaultRootPrivilegeName> builder = EnumPropertyDefinition.createBuilder(INSTANCE, "default-root-privilege-name");
313      builder.setOption(PropertyOption.MULTI_VALUED);
314      builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "default-root-privilege-name"));
315      DefaultBehaviorProvider<DefaultRootPrivilegeName> provider = new DefinedDefaultBehaviorProvider<DefaultRootPrivilegeName>("bypass-lockdown", "bypass-acl", "modify-acl", "config-read", "config-write", "ldif-import", "ldif-export", "backend-backup", "backend-restore", "server-lockdown", "server-shutdown", "server-restart", "disconnect-client", "cancel-request", "password-reset", "update-schema", "privilege-change", "unindexed-search", "subentry-write", "changelog-read");
316      builder.setDefaultBehaviorProvider(provider);
317      builder.setEnumClass(DefaultRootPrivilegeName.class);
318      PD_DEFAULT_ROOT_PRIVILEGE_NAME = builder.getInstance();
319      INSTANCE.registerPropertyDefinition(PD_DEFAULT_ROOT_PRIVILEGE_NAME);
320  }
321
322
323
324  // Build the "root-dn-users" relation definition.
325  static {
326    InstantiableRelationDefinition.Builder<RootDNUserCfgClient, RootDNUserCfg> builder =
327      new InstantiableRelationDefinition.Builder<RootDNUserCfgClient, RootDNUserCfg>(INSTANCE, "root-dn-user", "root-dn-users", RootDNUserCfgDefn.getInstance());
328    builder.setOption(RelationOption.HIDDEN);
329    RD_ROOT_DN_USERS = builder.getInstance();
330    INSTANCE.registerRelationDefinition(RD_ROOT_DN_USERS);
331  }
332
333
334
335  // Register the tags associated with this managed object definition.
336  static {
337    INSTANCE.registerTag(Tag.valueOf("core-server"));
338  }
339
340
341
342  /**
343   * Get the Root DN configuration definition singleton.
344   *
345   * @return Returns the Root DN configuration definition singleton.
346   */
347  public static RootDNCfgDefn getInstance() {
348    return INSTANCE;
349  }
350
351
352
353  /**
354   * Private constructor.
355   */
356  private RootDNCfgDefn() {
357    super("root-dn", TopCfgDefn.getInstance());
358  }
359
360
361
362  /**
363   * {@inheritDoc}
364   */
365  public RootDNCfgClient createClientConfiguration(
366      ManagedObject<? extends RootDNCfgClient> impl) {
367    return new RootDNCfgClientImpl(impl);
368  }
369
370
371
372  /**
373   * {@inheritDoc}
374   */
375  public RootDNCfg createServerConfiguration(
376      ServerManagedObject<? extends RootDNCfg> impl) {
377    return new RootDNCfgServerImpl(impl);
378  }
379
380
381
382  /**
383   * {@inheritDoc}
384   */
385  public Class<RootDNCfg> getServerConfigurationClass() {
386    return RootDNCfg.class;
387  }
388
389
390
391  /**
392   * Get the "default-root-privilege-name" property definition.
393   * <p>
394   * Specifies the names of the privileges that root users will be
395   * granted by default.
396   *
397   * @return Returns the "default-root-privilege-name" property definition.
398   */
399  public EnumPropertyDefinition<DefaultRootPrivilegeName> getDefaultRootPrivilegeNamePropertyDefinition() {
400    return PD_DEFAULT_ROOT_PRIVILEGE_NAME;
401  }
402
403
404
405  /**
406   * Get the "root-dn-users" relation definition.
407   *
408   * @return Returns the "root-dn-users" relation definition.
409   */
410  public InstantiableRelationDefinition<RootDNUserCfgClient,RootDNUserCfg> getRootDNUsersRelationDefinition() {
411    return RD_ROOT_DN_USERS;
412  }
413
414
415
416  /**
417   * Managed object client implementation.
418   */
419  private static class RootDNCfgClientImpl implements
420    RootDNCfgClient {
421
422    // Private implementation.
423    private ManagedObject<? extends RootDNCfgClient> impl;
424
425
426
427    // Private constructor.
428    private RootDNCfgClientImpl(
429        ManagedObject<? extends RootDNCfgClient> impl) {
430      this.impl = impl;
431    }
432
433
434
435    /**
436     * {@inheritDoc}
437     */
438    public SortedSet<DefaultRootPrivilegeName> getDefaultRootPrivilegeName() {
439      return impl.getPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition());
440    }
441
442
443
444    /**
445     * {@inheritDoc}
446     */
447    public void setDefaultRootPrivilegeName(Collection<DefaultRootPrivilegeName> values) {
448      impl.setPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition(), values);
449    }
450
451
452
453    /**
454     * {@inheritDoc}
455     */
456    public String[] listRootDNUsers() throws ConcurrentModificationException,
457        AuthorizationException, CommunicationException {
458      return impl.listChildren(INSTANCE.getRootDNUsersRelationDefinition());
459    }
460
461
462
463    /**
464     * {@inheritDoc}
465     */
466    public RootDNUserCfgClient getRootDNUser(String name)
467        throws DefinitionDecodingException, ManagedObjectDecodingException,
468        ManagedObjectNotFoundException, ConcurrentModificationException,
469        AuthorizationException, CommunicationException {
470      return impl.getChild(INSTANCE.getRootDNUsersRelationDefinition(), name).getConfiguration();
471    }
472
473
474
475    /**
476     * {@inheritDoc}
477     */
478    public <M extends RootDNUserCfgClient> M createRootDNUser(
479        ManagedObjectDefinition<M, ? extends RootDNUserCfg> d, String name, Collection<PropertyException> exceptions) throws IllegalManagedObjectNameException {
480      return impl.createChild(INSTANCE.getRootDNUsersRelationDefinition(), d, name, exceptions).getConfiguration();
481    }
482
483
484
485    /**
486     * {@inheritDoc}
487     */
488    public void removeRootDNUser(String name)
489        throws ManagedObjectNotFoundException, ConcurrentModificationException,
490        OperationRejectedException, AuthorizationException, CommunicationException {
491      impl.removeChild(INSTANCE.getRootDNUsersRelationDefinition(), name);
492    }
493
494
495
496    /**
497     * {@inheritDoc}
498     */
499    public ManagedObjectDefinition<? extends RootDNCfgClient, ? extends RootDNCfg> definition() {
500      return INSTANCE;
501    }
502
503
504
505    /**
506     * {@inheritDoc}
507     */
508    public PropertyProvider properties() {
509      return impl;
510    }
511
512
513
514    /**
515     * {@inheritDoc}
516     */
517    public void commit() throws ManagedObjectAlreadyExistsException,
518        MissingMandatoryPropertiesException, ConcurrentModificationException,
519        OperationRejectedException, AuthorizationException,
520        CommunicationException {
521      impl.commit();
522    }
523
524
525
526    /** {@inheritDoc} */
527    public String toString() {
528      return impl.toString();
529    }
530  }
531
532
533
534  /**
535   * Managed object server implementation.
536   */
537  private static class RootDNCfgServerImpl implements
538    RootDNCfg {
539
540    // Private implementation.
541    private ServerManagedObject<? extends RootDNCfg> impl;
542
543    // The value of the "default-root-privilege-name" property.
544    private final SortedSet<DefaultRootPrivilegeName> pDefaultRootPrivilegeName;
545
546
547
548    // Private constructor.
549    private RootDNCfgServerImpl(ServerManagedObject<? extends RootDNCfg> impl) {
550      this.impl = impl;
551      this.pDefaultRootPrivilegeName = impl.getPropertyValues(INSTANCE.getDefaultRootPrivilegeNamePropertyDefinition());
552    }
553
554
555
556    /**
557     * {@inheritDoc}
558     */
559    public void addChangeListener(
560        ConfigurationChangeListener<RootDNCfg> listener) {
561      impl.registerChangeListener(listener);
562    }
563
564
565
566    /**
567     * {@inheritDoc}
568     */
569    public void removeChangeListener(
570        ConfigurationChangeListener<RootDNCfg> listener) {
571      impl.deregisterChangeListener(listener);
572    }
573
574
575
576    /**
577     * {@inheritDoc}
578     */
579    public SortedSet<DefaultRootPrivilegeName> getDefaultRootPrivilegeName() {
580      return pDefaultRootPrivilegeName;
581    }
582
583
584
585    /**
586     * {@inheritDoc}
587     */
588    public String[] listRootDNUsers() {
589      return impl.listChildren(INSTANCE.getRootDNUsersRelationDefinition());
590    }
591
592
593
594    /**
595     * {@inheritDoc}
596     */
597    public RootDNUserCfg getRootDNUser(String name) throws ConfigException {
598      return impl.getChild(INSTANCE.getRootDNUsersRelationDefinition(), name).getConfiguration();
599    }
600
601
602
603    /**
604     * {@inheritDoc}
605     */
606    public void addRootDNUserAddListener(
607        ConfigurationAddListener<RootDNUserCfg> listener) throws ConfigException {
608      impl.registerAddListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
609    }
610
611
612
613    /**
614     * {@inheritDoc}
615     */
616    public void removeRootDNUserAddListener(
617        ConfigurationAddListener<RootDNUserCfg> listener) {
618      impl.deregisterAddListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
619    }
620
621
622
623    /**
624     * {@inheritDoc}
625     */
626    public void addRootDNUserDeleteListener(
627        ConfigurationDeleteListener<RootDNUserCfg> listener) throws ConfigException {
628      impl.registerDeleteListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
629    }
630
631
632
633    /**
634     * {@inheritDoc}
635     */
636    public void removeRootDNUserDeleteListener(
637        ConfigurationDeleteListener<RootDNUserCfg> listener) {
638      impl.deregisterDeleteListener(INSTANCE.getRootDNUsersRelationDefinition(), listener);
639    }
640
641
642
643    /**
644     * {@inheritDoc}
645     */
646    public Class<? extends RootDNCfg> configurationClass() {
647      return RootDNCfg.class;
648    }
649
650
651
652    /**
653     * {@inheritDoc}
654     */
655    public DN dn() {
656      return impl.getDN();
657    }
658
659
660
661    /** {@inheritDoc} */
662    public String toString() {
663      return impl.toString();
664    }
665  }
666}