org.glite.security.voms.service.admin
Class VOMSAdminSoapBindingImpl

java.lang.Object
  extended byorg.glite.security.voms.service.admin.VOMSAdminSoapBindingImpl
All Implemented Interfaces:
VOMSAdmin

public final class VOMSAdminSoapBindingImpl
extends java.lang.Object
implements VOMSAdmin

Server side of the VOMS Administrative service.

It handles access control, synchronization, transactions and exceptions.

Author:
Karoly Lorentey, Akos Frohner

Constructor Summary
VOMSAdminSoapBindingImpl()
           
 
Method Summary
 void addACLEntry(java.lang.String container, ACLEntry aclEntry)
          Adds a new entry to an ACL of a container.
 void addDefaultACLEntry(java.lang.String groupname, ACLEntry aclEntry)
          Manipulates the default ACL, which is applied on every group created as a subgroup of this one.
 void addMember(java.lang.String container, java.lang.String username, java.lang.String userca)
          Adds a new member to the group.
 void assignCapability(java.lang.String capability, java.lang.String username, java.lang.String userca)
          Assigns a new capability to the user.
 void assignRole(java.lang.String groupname, java.lang.String rolename, java.lang.String username, java.lang.String userca)
          Assigns a new role to the user.
 void createCapability(java.lang.String capability)
          Creates a new capability.
 void createGroup(java.lang.String parentname, java.lang.String groupname)
          Creates a new group as a subgroup of an existing group.
 void createRole(java.lang.String rolename)
          Creates a new role.
 void createUser(User user)
          Creates a new user in the VOMS database.
 void deleteCapability(java.lang.String capability)
          Deletes a capability.
 void deleteGroup(java.lang.String groupname)
          Deletes a group.
 void deleteRole(java.lang.String rolename)
          Deletes a role.
 void deleteUser(java.lang.String username, java.lang.String userca)
          Removes a user from the VOMS database.
 void dismissCapability(java.lang.String capability, java.lang.String username, java.lang.String userca)
          Dismisses a capability of a user.
 void dismissRole(java.lang.String groupname, java.lang.String rolename, java.lang.String username, java.lang.String userca)
          Dismisses a role of a user.
 ACLEntry[] getACL(java.lang.String container)
          Returns the whole ACL associated with a container.
 ACLEntry[] getDefaultACL(java.lang.String groupname)
          Manipulates the default ACL, which is applied on every group created as a subgroup of this one.
 java.lang.String[] getGroupPath(java.lang.String groupname)
          Returns the absolute "path" down to this group.
 int getMajorVersionNumber()
          Returns the major version number.
 int getMinorVersionNumber()
          Returns the minor version number.
 int getPatchVersionNumber()
          Returns the patch version number.
 User getUser(java.lang.String username, java.lang.String userca)
          Returns information about a user in the VOMS database.
 java.lang.String getVOName()
          Return the name of this VO.
 java.lang.String[] listCapabilities()
          Lists capabilities.
 java.lang.String[] listCapabilities(java.lang.String username, java.lang.String userca)
          Lists capabilities of a user.
 java.lang.String[] listCAs()
          Lists certificate authorities.
 java.lang.String[] listGroups(java.lang.String username, java.lang.String userca)
          Lists groups of a user.
 User[] listMembers(java.lang.String container)
          Lists members of a group.
 java.lang.String[] listRoles()
          Lists roles.
 java.lang.String[] listRoles(java.lang.String username, java.lang.String userca)
          Lists roles of a user.
 java.lang.String[] listSubGroups(java.lang.String groupname)
          Lists immediate sub-groups of a group.
 User[] listUsersWithCapability(java.lang.String capability)
          Lists assigned users of a capability.
 User[] listUsersWithRole(java.lang.String groupname, java.lang.String rolename)
          Lists assigned users of a role associated with a group.
 void removeACLEntry(java.lang.String container, ACLEntry aclEntry)
          Removes an existing entry from the ACL.
 void removeDefaultACLEntry(java.lang.String groupname, ACLEntry aclEntry)
          Manipulates the default ACL, which is applied on every group created as a subgroup of this one.
 void removeMember(java.lang.String container, java.lang.String username, java.lang.String userca)
          Removes a member of a group.
 void setACL(java.lang.String container, ACLEntry[] acl)
          Replaces the existing ACL on this container.
 void setDefaultACL(java.lang.String groupname, ACLEntry[] acl)
          Manipulates the default ACL, which is applied on every group created as a subgroup of this one.
 void setUser(User user)
          Updates auxiliary information about a user in the VOMS database.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

VOMSAdminSoapBindingImpl

public VOMSAdminSoapBindingImpl()
Method Detail

getUser

public User getUser(java.lang.String username,
                    java.lang.String userca)
             throws VOMSException
Description copied from interface: VOMSAdmin
Returns information about a user in the VOMS database. The user attributes are returned in a User object.

Permission: LIST on the VO group.

Specified by:
getUser in interface VOMSAdmin
Parameters:
username - The name of the user to look up.
userca - The certificate authority of the user.
Returns:
All information about the user that is known to VOMS.
Throws:
VOMSException
See Also:
User

setUser

public void setUser(User user)
             throws VOMSException
Description copied from interface: VOMSAdmin
Updates auxiliary information about a user in the VOMS database. The new attributes are passed in the User object.

Permission: ADD on the VO group.

Specified by:
setUser in interface VOMSAdmin
Parameters:
user - The user to update.
Throws:
VOMSException
See Also:
User

createUser

public void createUser(User user)
                throws VOMSException
Description copied from interface: VOMSAdmin
Creates a new user in the VOMS database.

Permission: ADD on the VO group.

Specified by:
createUser in interface VOMSAdmin
Parameters:
user - The user to be added.
Throws:
VOMSException

deleteUser

public void deleteUser(java.lang.String username,
                       java.lang.String userca)
                throws VOMSException
Description copied from interface: VOMSAdmin
Removes a user from the VOMS database. Deletes all the associated group, role membership information and corresponding ACL entries as well. It is basically a call to removeMember(VO, user).

Permission: REMOVE on the VO group.

Specified by:
deleteUser in interface VOMSAdmin
Parameters:
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException
See Also:
VOMSAdmin.removeMember(java.lang.String, java.lang.String, java.lang.String)

createGroup

public void createGroup(java.lang.String parentname,
                        java.lang.String groupname)
                 throws VOMSException
Description copied from interface: VOMSAdmin
Creates a new group as a subgroup of an existing group. Copies the default ACL list of the parent to the new group and adds an extra entry for the administrator with full privileges.

Permission: CREATE on parent group.

Specified by:
createGroup in interface VOMSAdmin
Parameters:
parentname - The parent group's name.
groupname - The group's name.
Throws:
VOMSException

deleteGroup

public void deleteGroup(java.lang.String groupname)
                 throws VOMSException
Description copied from interface: VOMSAdmin
Deletes a group. The operation deletes the group, all of its sub-groups and associated roles with all the membership information.

Warning: Deleting the VO "group" effectively wipes out the whole database, so use with care!

Permission: DELETE on the group.

Specified by:
deleteGroup in interface VOMSAdmin
Parameters:
groupname - The group's name.
Throws:
VOMSException

createRole

public void createRole(java.lang.String rolename)
                throws VOMSException
Description copied from interface: VOMSAdmin
Creates a new role. Copies the default ACL list of the VO Group to the new role and adds an extra entry for the administrator with full privileges.

Permission: CREATE on the VO group.

Specified by:
createRole in interface VOMSAdmin
Parameters:
rolename - The role to be added.
Throws:
VOMSException

deleteRole

public void deleteRole(java.lang.String rolename)
                throws VOMSException
Description copied from interface: VOMSAdmin
Deletes a role. The role is removed with all the membership information.

Permission: DELETE on the role.

Specified by:
deleteRole in interface VOMSAdmin
Parameters:
rolename - The role to be deleted.
Throws:
VOMSException

createCapability

public void createCapability(java.lang.String capability)
                      throws VOMSException
Description copied from interface: VOMSAdmin
Creates a new capability. Copies the default ACL list of the VO to the new capability and adds an extra entry for the administrator with full privileges.

Permission: CREATE on the VO group.

Specified by:
createCapability in interface VOMSAdmin
Parameters:
capability - The capability to be created.
Throws:
VOMSException

deleteCapability

public void deleteCapability(java.lang.String capability)
                      throws VOMSException
Description copied from interface: VOMSAdmin
Deletes a capability. Deletes the capability with all the membership information.

Permission: DELETE on the capability.

Specified by:
deleteCapability in interface VOMSAdmin
Parameters:
capability - The capability to be deleted.
Throws:
VOMSException

addMember

public void addMember(java.lang.String container,
                      java.lang.String username,
                      java.lang.String userca)
               throws VOMSException
Description copied from interface: VOMSAdmin
Adds a new member to the group. The user must be a member of the parent group.

Permission: ADD on the group.

Specified by:
addMember in interface VOMSAdmin
Parameters:
container - The group's name.
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException

removeMember

public void removeMember(java.lang.String container,
                         java.lang.String username,
                         java.lang.String userca)
                  throws VOMSException
Description copied from interface: VOMSAdmin
Removes a member of a group. Also removes the membership information from the group's sub-groups and associated roles of these groups. If it is the VO group, then it will also delete the user with all its ACL entries.

Permission: REMOVE on the group.

Specified by:
removeMember in interface VOMSAdmin
Parameters:
container - The group's name.
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException
See Also:
VOMSAdmin.deleteUser(java.lang.String, java.lang.String)

assignRole

public void assignRole(java.lang.String groupname,
                       java.lang.String rolename,
                       java.lang.String username,
                       java.lang.String userca)
                throws VOMSException
Description copied from interface: VOMSAdmin
Assigns a new role to the user. The user must be a member of the parent group.

Permission: ADD on the role.

Specified by:
assignRole in interface VOMSAdmin
Parameters:
groupname - The name of the group associated with this assignment.
rolename - The role's name.
username - The name of the user to add.
userca - The CA of the user to add.
Throws:
VOMSException

dismissRole

public void dismissRole(java.lang.String groupname,
                        java.lang.String rolename,
                        java.lang.String username,
                        java.lang.String userca)
                 throws VOMSException
Description copied from interface: VOMSAdmin
Dismisses a role of a user.

Permission: REMOVE on the role.

Specified by:
dismissRole in interface VOMSAdmin
Parameters:
groupname - The parent group's name.
rolename - The role's name.
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException

assignCapability

public void assignCapability(java.lang.String capability,
                             java.lang.String username,
                             java.lang.String userca)
                      throws VOMSException
Description copied from interface: VOMSAdmin
Assigns a new capability to the user.

Permission: ADD on the capability.

Specified by:
assignCapability in interface VOMSAdmin
Parameters:
capability - The capability's name.
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException

dismissCapability

public void dismissCapability(java.lang.String capability,
                              java.lang.String username,
                              java.lang.String userca)
                       throws VOMSException
Description copied from interface: VOMSAdmin
Dismisses a capability of a user.

Permission: REMOVE on the capability.

Specified by:
dismissCapability in interface VOMSAdmin
Parameters:
capability - The capability's name.
username - The user's DN.
userca - The user's CA.
Throws:
VOMSException

listMembers

public User[] listMembers(java.lang.String container)
                   throws VOMSException
Description copied from interface: VOMSAdmin
Lists members of a group.

Permission:LIST on the group.

Specified by:
listMembers in interface VOMSAdmin
Parameters:
container - The group's name (null is the VO group).
Returns:
List of users in this group.
Throws:
VOMSException

listUsersWithRole

public User[] listUsersWithRole(java.lang.String groupname,
                                java.lang.String rolename)
                         throws VOMSException
Description copied from interface: VOMSAdmin
Lists assigned users of a role associated with a group.

Permission:LIST on the role.

Specified by:
listUsersWithRole in interface VOMSAdmin
Parameters:
groupname - The group's name.
rolename - The role's name.
Returns:
List of users for this role.
Throws:
VOMSException

listUsersWithCapability

public User[] listUsersWithCapability(java.lang.String capability)
                               throws VOMSException
Description copied from interface: VOMSAdmin
Lists assigned users of a capability.

Permission:LIST on the capability.

Specified by:
listUsersWithCapability in interface VOMSAdmin
Parameters:
capability - The capability's name.
Returns:
List of users with this capability.
Throws:
VOMSException

getVOName

public java.lang.String getVOName()
                           throws VOMSException
Description copied from interface: VOMSAdmin
Return the name of this VO.

Permission:LIST on the VO group.

Specified by:
getVOName in interface VOMSAdmin
Returns:
The name of this VO.
Throws:
VOMSException

getGroupPath

public java.lang.String[] getGroupPath(java.lang.String groupname)
                                throws VOMSException
Description copied from interface: VOMSAdmin
Returns the absolute "path" down to this group. The first element is the VO group and the last is the group itself. There is at least one element in this path if the group exists: the VO group.

Permission:LIST on parent groups.

Specified by:
getGroupPath in interface VOMSAdmin
Parameters:
groupname - The group's name (null is the VO group).
Returns:
Path to the group.
Throws:
VOMSException

listSubGroups

public java.lang.String[] listSubGroups(java.lang.String groupname)
                                 throws VOMSException
Description copied from interface: VOMSAdmin
Lists immediate sub-groups of a group.

Permission:LIST on the group.

Specified by:
listSubGroups in interface VOMSAdmin
Parameters:
groupname - The group's name (null is the VO group).
Returns:
List of groups in this group.
Throws:
VOMSException

listGroups

public java.lang.String[] listGroups(java.lang.String username,
                                     java.lang.String userca)
                              throws VOMSException
Description copied from interface: VOMSAdmin
Lists groups of a user.

Permission:LIST on the VO group.

Specified by:
listGroups in interface VOMSAdmin
Parameters:
username - The user's DN.
userca - The user's CA.
Returns:
List of groups in this group.
Throws:
VOMSException

listRoles

public java.lang.String[] listRoles()
                             throws VOMSException
Description copied from interface: VOMSAdmin
Lists roles.

Permission:LIST on the VO group.

Specified by:
listRoles in interface VOMSAdmin
Returns:
List of roles in this VO.
Throws:
VOMSException

listRoles

public java.lang.String[] listRoles(java.lang.String username,
                                    java.lang.String userca)
                             throws VOMSException
Description copied from interface: VOMSAdmin
Lists roles of a user.

Permission:LIST on the VO group.

Specified by:
listRoles in interface VOMSAdmin
Parameters:
username - The user's DN.
userca - The user's CA.
Returns:
List of roles in this group.
Throws:
VOMSException

listCapabilities

public java.lang.String[] listCapabilities()
                                    throws VOMSException
Description copied from interface: VOMSAdmin
Lists capabilities.

Permission:LIST on the VO group.

Specified by:
listCapabilities in interface VOMSAdmin
Returns:
List of capabilities.
Throws:
VOMSException

listCapabilities

public java.lang.String[] listCapabilities(java.lang.String username,
                                           java.lang.String userca)
                                    throws VOMSException
Description copied from interface: VOMSAdmin
Lists capabilities of a user.

Permission:LIST on the VO group.

Specified by:
listCapabilities in interface VOMSAdmin
Parameters:
username - The user's DN.
userca - The user's CA.
Returns:
List of capabilities.
Throws:
VOMSException

listCAs

public java.lang.String[] listCAs()
                           throws VOMSException
Description copied from interface: VOMSAdmin
Lists certificate authorities.

Permission:LIST on the VO group.

Specified by:
listCAs in interface VOMSAdmin
Returns:
List of certificate authority DNs.
Throws:
VOMSException

getACL

public ACLEntry[] getACL(java.lang.String container)
                  throws VOMSException
Description copied from interface: VOMSAdmin
Returns the whole ACL associated with a container.

Permission: GETACL on the container.

Specified by:
getACL in interface VOMSAdmin
Parameters:
container - The container's name (null is the VO group).
Returns:
The access control list.
Throws:
VOMSException

setACL

public void setACL(java.lang.String container,
                   ACLEntry[] acl)
            throws VOMSException
Description copied from interface: VOMSAdmin
Replaces the existing ACL on this container.

Permission: SETACL on the container.

Specified by:
setACL in interface VOMSAdmin
Parameters:
container - The container's name.
acl - The new access control list.
Throws:
VOMSException

addACLEntry

public void addACLEntry(java.lang.String container,
                        ACLEntry aclEntry)
                 throws VOMSException
Description copied from interface: VOMSAdmin
Adds a new entry to an ACL of a container.

Permission: SETACL on the container.

Specified by:
addACLEntry in interface VOMSAdmin
Parameters:
container - The container's name.
aclEntry - The new access control list entry.
Throws:
VOMSException

removeACLEntry

public void removeACLEntry(java.lang.String container,
                           ACLEntry aclEntry)
                    throws VOMSException
Description copied from interface: VOMSAdmin
Removes an existing entry from the ACL.

Permission: SETACL on the container.

Specified by:
removeACLEntry in interface VOMSAdmin
Parameters:
container - The container's name.
aclEntry - The access control list entry to be removed.
Throws:
VOMSException

getDefaultACL

public ACLEntry[] getDefaultACL(java.lang.String groupname)
                         throws VOMSException
Description copied from interface: VOMSAdmin
Manipulates the default ACL, which is applied on every group created as a subgroup of this one.

Specified by:
getDefaultACL in interface VOMSAdmin
Parameters:
groupname - The group's name.
Returns:
The access control list.
Throws:
VOMSException
See Also:
VOMSAdmin.getACL(java.lang.String)

setDefaultACL

public void setDefaultACL(java.lang.String groupname,
                          ACLEntry[] acl)
                   throws VOMSException
Description copied from interface: VOMSAdmin
Manipulates the default ACL, which is applied on every group created as a subgroup of this one.

Specified by:
setDefaultACL in interface VOMSAdmin
Parameters:
groupname - The group's name.
acl - The new access control list.
Throws:
VOMSException
See Also:
VOMSAdmin.setACL(java.lang.String, org.glite.security.voms.service.ACLEntry[])

addDefaultACLEntry

public void addDefaultACLEntry(java.lang.String groupname,
                               ACLEntry aclEntry)
                        throws VOMSException
Description copied from interface: VOMSAdmin
Manipulates the default ACL, which is applied on every group created as a subgroup of this one.

Specified by:
addDefaultACLEntry in interface VOMSAdmin
Parameters:
groupname - The group's name.
aclEntry - The new access control list entry.
Throws:
VOMSException
See Also:
VOMSAdmin.addACLEntry(java.lang.String, org.glite.security.voms.service.ACLEntry)

removeDefaultACLEntry

public void removeDefaultACLEntry(java.lang.String groupname,
                                  ACLEntry aclEntry)
                           throws VOMSException
Description copied from interface: VOMSAdmin
Manipulates the default ACL, which is applied on every group created as a subgroup of this one.

Specified by:
removeDefaultACLEntry in interface VOMSAdmin
Parameters:
groupname - The group's name.
aclEntry - The access control list entry to be removed.
Throws:
VOMSException
See Also:
VOMSAdmin.removeACLEntry(java.lang.String, org.glite.security.voms.service.ACLEntry)

getMajorVersionNumber

public int getMajorVersionNumber()
Description copied from interface: VOMSAdmin
Returns the major version number.

Specified by:
getMajorVersionNumber in interface VOMSAdmin

getMinorVersionNumber

public int getMinorVersionNumber()
Description copied from interface: VOMSAdmin
Returns the minor version number.

Specified by:
getMinorVersionNumber in interface VOMSAdmin

getPatchVersionNumber

public int getPatchVersionNumber()
Description copied from interface: VOMSAdmin
Returns the patch version number.

Specified by:
getPatchVersionNumber in interface VOMSAdmin