/* Copyright 1999-2011 (c) My-Channels Copyright (c) 2012-2014 Software AG, Darmstadt, Germany and/or Software AG USA Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors. Use, reproduction, transfer, publication or disclosure is prohibited except as specifically provided for in your License Agreement with Software AG. */ package com.pcbsys.nirvana.nAdminAPI.apps; import com.pcbsys.foundation.utils.fEnvironment; import com.pcbsys.nirvana.nAdminAPI.*; import com.pcbsys.nirvana.client.*; import java.util.*; /** * This application can be used to remove a subject from a P2P service acl * * You can also specify to remove an acl entry from all services with the same name within a namespace, by * recursively searching through looking for other realms containing the acl entry * * This is achieved by specifying -r as a command line parameter. */ public class nDelP2PServiceAclEntry { /** * Private variables used in this application */ private String realm = null; private String name = null; private String host = null; private String serviceName = null; private boolean recursive = false; private nSessionAttributes attr = null; private nRealmNode node = null; private nACL acl = null; /** * Consruct an instance of this class using the command line arguments passed * when it is executed. */ public nDelP2PServiceAclEntry(String args[]) { try { // set the parameters required for this operation processArgs(args); System.out.println( "Connecting to " + realm ); // construct the session attributes from the realm attr = new nSessionAttributes( realm ); // get the root realm node from the realm admin node = new nRealmNode(attr); if(!node.isAuthorised()){ System.out.println("User not authorised on this node "+realm); return; } // wait for the entire node namespace to be constructed if // the operation is recursive if (recursive) { node.waitForEntireNameSpace(); } // begin searching the root realm node searchNode(node); node.close(); } catch (Exception e) { e.printStackTrace(); } } /** * remove the subject from the service node */ public void removeSubject(nRealmNode p_node, nServiceNode p_service) { try { // get the acl for the service node acl = p_service.getACLs(); System.out.println( "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" ); System.out.println( "Removing ACL entry for service "+p_service.getName()+" on realm "+p_node.getName() ); System.out.println( "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" ); System.out.println( "Removing entry for " + name + "@" + host ); // create a new acl entry with the name and host acl.remove(name+"@"+host); // set the acl of the service node p_service.setACLs(acl); dump(); } catch (Exception e) { e.printStackTrace(); } } /** * search the enumeration of child nodes for other realms and services */ private void searchNodes( nRealmNode p_node, Enumeration enum1 ) { while ( enum1.hasMoreElements() ) { Object obj = enum1.nextElement(); if ( obj instanceof nServiceNode ) { nServiceNode service = (nServiceNode)obj; System.out.println("Found service "+service.getName()); // we have found the service we were looking for, remove the subject if (service.getName().equals(serviceName)) { removeSubject( p_node, service ); } } else if ( obj instanceof nRealmNode ) { // we have found a realm node, so search this realm for the service with the acl entry searchNode( (nRealmNode)obj ); } else if ( obj instanceof nContainer ) { nContainer cont = (nContainer)obj; searchNodes(p_node, cont.getNodes()); } } } /** * Search the children of the realm passed as a paremeter */ private void searchNode( nRealmNode p_node ) { try { searchNodes( p_node, p_node.getNodes() ); } catch ( Exception ex ) { ex.printStackTrace(); } } /** * If you construct an instance of this class from another class, you can set the name * and host for the subject to remove. */ public void setSubject(String p_name, String p_host) { name = p_name; host = p_host; } /** * Output to system.out the permissions that have been set */ public void dump() { System.out.println( "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" ); System.out.println( "NAME : "+name ); System.out.println( "HOST : "+host ); System.out.println( "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" ); } /** * Set the program variables and flags based on command line args */ public void getOptions(String args[]) { realm = System.getProperty("RNAME", null); if (realm==null) { Usage(); System.exit(1); } name = System.getProperty("NAME", null); if (name==null) { Usage(); System.exit(1); } host = System.getProperty("HOST", null); if (host==null) { Usage(); System.exit(1); } serviceName = System.getProperty("SERVICE", null); if (serviceName==null) { Usage(); System.exit(1); } for (int i = 0; i < args.length; i++) { if (args[i].equalsIgnoreCase("-r")) { recursive = true; } } } private void processArgs(String[] args){ if (args.length == 0) { Usage(); System.exit(1); } switch (args.length){ case 1: if (args[0].equals("-?")) UsageEnv(); System.setProperty("SERVICE",args[0]); getOptions(null); break; case 2: System.setProperty("SERVICE",args[0]); System.setProperty("NAME",args[1]); getOptions(null); break; default: System.setProperty("SERVICE",args[0]); System.setProperty("NAME",args[1]); System.setProperty("HOST",args[2]); getOptions(args); } } private static void processEnvironmentVariable(String variable){ String laxVAR=System.getProperty("lax.nl.env."+variable); if (laxVAR!=null) System.setProperty(variable,laxVAR); } /** * Run this as a command line program passing the command line args. * * Or construct one of these classes from another class ensuring you have added : * * RNAME * NAME * HOST * SERVICE * * as system properties * */ public static void main( String[] args ) { //Process Environment Variables processEnvironmentVariable("RNAME"); processEnvironmentVariable("LOGLEVEL"); processEnvironmentVariable("HPROXY"); processEnvironmentVariable("HAUTH"); processEnvironmentVariable("CKEYSTORE"); processEnvironmentVariable("CKEYSTOREPASSWD"); processEnvironmentVariable("CAKEYSTORE"); processEnvironmentVariable("CAKEYSTOREPASSWD"); // Install any proxy server settings fEnvironment.setProxyEnvironments(); // Install JSSE SSL Environement settings fEnvironment.setSSLEnvironments(); nDelP2PServiceAclEntry setAcl = new nDelP2PServiceAclEntry( args ); System.exit(0); } /** * Prints the usage message for this class */ private static void Usage() { System.out.println( "Usage ...\n" ); System.out.println("ndelp2pacl [-r]\n"); System.out.println( " \n"); System.out.println( " - Service name parameter to delete the service ACL entry from" ); System.out.println( " - User name parameter to delete the service ACL entry from" ); System.out.println( " - Host name parameter to delete the service ACL entry from" ); System.out.println( "\n[Optional Arguments] \n"); System.out.println( "[-r] - Specifies whether recursive traversal of the namespace should be done" ); System.out.println( "\n\nNote: -? provides help on environment variables \n"); } private static void UsageEnv() { System.out.println( "\n\n(Environment Variables) \n"); System.out.println( "(RNAME) - One or more RNAME entries in the form protocol://host:port" ); System.out.println( " protocol - Can be one of nsp, nhp, nsps, or nhps, where:" ); System.out.println( " nsp - Specifies Nirvana Socket Protocol (nsp)" ); System.out.println( " nhp - Specifies Nirvana HTTP Protocol (nhp)" ); System.out.println( " nsps - Specifies Nirvana Socket Protocol Secure (nsps), i.e. using SSL/TLS" ); System.out.println( " nhps - Specifies Nirvana HTTP Protocol Secure (nhps), i.e. using SSL/TLS" ); System.out.println( " port - The port number of the server" ); System.out.println( "\nHint: - For multiple RNAME entries, use comma separated values which will be attempted in connection weight order\n" ); System.out.println( "(LOGLEVEL) - This determines how much information the nirvana api will output 0 = verbose 7 = quiet\n" ); System.out.println( "(CKEYSTORE) - If using SSL, the location of the keystore containing the client cert\n"); System.out.println( "(CKEYSTOREPASSWD) - If using SSL, the password for the keystore containing the client cert\n"); System.out.println( "(CAKEYSTORE) - If using SSL, the location of the ca truststore\n"); System.out.println( "(CAKEYSTOREPASSWD) - If using SSL, the password for the ca truststore\n"); System.out.println( "(HPROXY) - HTTP Proxy details in the form proxyhost:proxyport, where:" ); System.out.println( " proxyhost - The HTTP proxy host" ); System.out.println( " proxyport - The HTTP proxy port\n" ); System.out.println( "(HAUTH) - HTTP Proxy authentication details in the form user:pass, where:" ); System.out.println( " user - The HTTP proxy authentication username" ); System.out.println( " pass - The HTTP proxy authentication password\n" ); System.exit(1); } }