/* * * Copyright (c) 1999 - 2011 my-Channels Ltd * Copyright (c) 2012 - 2017 Software AG, Darmstadt, Germany and/or Software AG USA Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors. * * Use, reproduction, transfer, publication or disclosure is prohibited except as specifically provided for in your License Agreement with Software AG. * */ #include "nSampleApp.h" #include "nRealmNode.h" #include "nLeafNode.h" #include "nChannelACLEntry.h" #include "nSessionAttributes.h" #include "nAdminIllegalArgumentException.h" #include #include #include namespace com { namespace pcbsys { namespace nirvana { namespace nAdminAPI { namespace apps { using namespace com::pcbsys::nirvana::client; using namespace com::pcbsys::nirvana::nAdminAPI; class addqueueacl { /// ///

This application can be used to add a new subject to a queue, and assign permissions /// for operations performed on the queue.

/// private: std::string m_realm; std::string m_name; std::string m_host; bool m_bCanListAcl; bool m_bCanModifyAcl; bool m_bFullPrivileges; bool m_bCanPop; bool m_bCanPeek; bool m_bCanWrite; bool m_bCanPurge; nSessionAttributes *m_pAttr; std::string m_queueName; nRealmNode *m_pNode; public: /// ///

* Consruct an instance of this class using the command line arguments passed /// * when it is executed.

/// addqueueacl(int argc, char** argv) : m_bCanListAcl(false), m_bCanModifyAcl(false), m_bFullPrivileges(false), m_bCanPop(false), m_bCanPeek(false), m_bCanWrite(false), m_bCanPurge(false), m_pAttr(NULL), m_pNode(NULL) { try { getOptions(argc, argv); std::cout << "Connecting to "<< m_realm<<"\n"; // construct the session attributes from the realm m_pAttr = new nSessionAttributes(m_realm); // get the root realm node from the realm admin m_pNode = new nRealmNode(m_pAttr); if (!m_pNode->isAuthorised()) { std::cout << "User not authorised on this node "<< m_realm << std::endl; return; } std::cout << "waiting for namepsace construction....."; m_pNode->waitForEntireNameSpace(); std::cout << "finished" <close(); } catch (Exception e) { std::cout << e.message() << std::endl; } } /// ///

* recursively search through the realm node looking for queue nodes

/// virtual void setQueue(nRealmNode *pNode, nLeafNode *pLeaf) { try { std::cout << "Creating new entry for "<< m_name << "@" << m_host<< std::endl; // create a new acl entry with the name and host nChannelACLEntry *pNewEntry = createNewACLEntry(m_name, m_host); // add the new entry to the acl pLeaf->addACLEntry(pNewEntry); std::cout << "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n"; std::cout << "Added ACL for "<< pLeaf->getName() <<" in realm " << pNode->getName() <<"\n"; std::cout << "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" << std::endl; dump(pNewEntry); } catch (Exception e) { std::cout << e.message() << std::endl; } } /// ///

* search the enumeration of child nodes for other realms and channels

/// void searchNodes(nRealmNode *pNode, fSortedList& nodes) { for (fSortedList::iterator iterator = nodes.begin(); iterator != nodes.end(); iterator++) { nNode *pChild = iterator->second; int type = pChild->getType(); if (type == fBase::LEAFNODE) { nLeafNode *pLeaf = (nLeafNode*)pChild; std::string fullyQualifiedName = pLeaf->getAbsolutePath(); std::cout << "Found "<< fullyQualifiedName <<"\n"; if ((!pLeaf->isChannel()) && ((fullyQualifiedName.compare(m_queueName)) == 0 || (fullyQualifiedName.compare("/"+m_queueName)) == 0)) { setQueue(pNode, pLeaf); return; } } if (type == fBase::REALMNODE) { searchNode((nRealmNode*)pChild); } else if (type == fBase::CONTAINER) { nContainer *pCont = (nContainer*)pChild; searchNodes(pNode, pCont->getNodes()); } } } /// ///

* Create a new acl entry and set the permissions based on the permissions flags

/// virtual nChannelACLEntry* createNewACLEntry(const std::string& name, const std::string& host) { nChannelACLEntry *pAclEntry = NULL; try { pAclEntry = new nChannelACLEntry(name, host); setPermissions(pAclEntry); } catch (nAdminIllegalArgumentException e) { std::cout << e.message() << std::endl; } return pAclEntry; } /// ///

* If you construct an instance of this class from another class, you can set the name /// * and host for the subject.

/// virtual void setSubject(const std::string& name, const std::string& host) { m_name = name; m_host = host; } /// ///

* Set the permissions on the realm acl entry

/// virtual void setPermissions(nChannelACLEntry *pAclEntry) { pAclEntry->setList(m_bCanListAcl); pAclEntry->setModify(m_bCanModifyAcl); pAclEntry->setFullPrivileges(m_bFullPrivileges); pAclEntry->setRead(m_bCanPeek); pAclEntry->setWrite(m_bCanWrite); pAclEntry->setPurge(m_bCanPurge); pAclEntry->setPop(m_bCanPop); } /// ///

* Output to system.out the permissions that have been set

/// virtual void dump(nChannelACLEntry *pEntry) { std::cout << "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n" << "List ACL : "<< pEntry->canList() <<"\n" <<"Set ACL : "<< pEntry->canModify() <<"\n" <<"Full Privileges : "<< pEntry->hasFullPrivileges() <<"\n" <<"Peek queue : "<< pEntry->canRead() <<"\n" <<"Write to queue : "<< pEntry->canWrite() <<"\n" <<"Purge queue : "<< pEntry->canPurge() <<"\n" <<"Pop queue : "<< pEntry->canPop() <<"\n" <<"~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"<< std::endl; } /// ///

* Output to system.out the permissions that will be set

/// virtual void dump() { std::cout <<"~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n" <<"ACL will be set to.... \n" <<"~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" << "List ACL : "<< m_bCanListAcl <<"\n" <<"Set ACL : "<< m_bCanModifyAcl <<"\n" <<"Full Privileges : "<< m_bFullPrivileges <<"\n" <<"Peek queue : "<< m_bCanPeek <<"\n" <<"Write to queue : "<< m_bCanWrite <<"\n" <<"Purge queue : "<< m_bCanPurge <<"\n" <<"Pop queue : "<< m_bCanPop <<"\n" <<"~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"<< std::endl; } virtual void getOptions(int argc, char** argv) { if (argv == NULL || argc < 5) { Usage(); exit(1); } m_realm = argv[1]; m_name = argv[2]; m_host = argv[3]; m_queueName = argv[4]; for (int i = 5; i < argc; i++) { if (!strcmp(argv[i], "list_acl")) { m_bCanListAcl = true; } else if (!strcmp(argv[i], "modify_acl")) { m_bCanModifyAcl = true; } else if (!strcmp(argv[i], "full")) { m_bFullPrivileges = true; } else if (!strcmp(argv[i], "peek")) { m_bCanPeek = true; } else if (!strcmp(argv[i], "write")) { m_bCanWrite = true; } else if (!strcmp(argv[i], "purge")) { m_bCanPurge = true; } else if (!strcmp(argv[i], "pop")) { m_bCanPop = true; } } } private: /// ///

* Search the children of the realm passed as a paremeter

/// void searchNode(nRealmNode *pNode) { try { searchNodes(pNode, pNode->getNodes()); } catch (Exception ex) { std::cout << ex.message() << std::endl; } } /// ///

* Prints the usage message for this class

/// static void Usage() { std::cout << "Usage ...\n\n"; std::cout << "naddqueueacl [list_acl] [modify_acl] [full] [peek] [write] [purge] [pop]\n\n"; std::cout << " \n\n"; std::cout << " - the rname of the server to connect to\n"; std::cout << " - User name parameter for the new ACL entry\n"; std::cout << " - Host name parameter for the new ACL entry\n"; std::cout << " - Queue name parameter for the new ACL entry\n"; std::cout << "\n[Optional Arguments] \n\n"; std::cout << "[list_acl] - Specifies that the list acl permission should be added\n"; std::cout << "[modify_acl] - Specifies that the modify acl permission should be added\n"; std::cout << "[full] - Specifies that the full permission should be added\n"; std::cout << "[peek] - Specifies that the read permission should be added\n"; std::cout << "[write] - Specifies that the write permission should be added\n"; std::cout << "[purge] - Specifies that the purge permission should be added\n"; std::cout << "[pop] - Specifies that the pop permission should be added" <