/* \n Copyright 1999-2011 (c) My-Channels \n Copyright (c) 2012-2014 Software AG, Darmstadt, Germany and/or Software AG USA Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors. \n\n Use, reproduction, transfer, publication or disclosure is prohibited except as specifically provided for in your License Agreement with Software AG.\n */\n #include "nSampleApp.h" #include "nRealmNode.h" #include "nLeafNode.h" #include "nChannelACLEntry.h" #include "nSessionAttributes.h" #include "nAdminIllegalArgumentException.h" #include #include #ifdef WIN32 #include #endif namespace com { namespace pcbsys { namespace nirvana { namespace nAdminAPI { namespace apps { using namespace com::pcbsys::nirvana::client; using namespace com::pcbsys::nirvana::nAdminAPI; class addqueueacl { /// ///

This application can be used to add a new subject to a queue, and assign permissions /// for operations performed on the queue.

/// private: std::string m_realm; std::string m_name; std::string m_host; bool m_bCanListAcl; bool m_bCanModifyAcl; bool m_bFullPrivileges; bool m_bCanPop; bool m_bCanPeek; bool m_bCanWrite; bool m_bCanPurge; nSessionAttributes *m_pAttr; std::string m_queueName; nRealmNode *m_pNode; public: /// ///

* Consruct an instance of this class using the command line arguments passed /// * when it is executed.

/// addqueueacl(int argc, char** argv) : m_bCanListAcl(false), m_bCanModifyAcl(false), m_bFullPrivileges(false), m_bCanPop(false), m_bCanPeek(false), m_bCanWrite(false), m_bCanPurge(false), m_pAttr(NULL), m_pNode(NULL) { try { getOptions(argc, argv); printf("Connecting to %s\n", m_realm.c_str()); // construct the session attributes from the realm m_pAttr = new nSessionAttributes(m_realm); // get the root realm node from the realm admin m_pNode = new nRealmNode(m_pAttr); if (!m_pNode->isAuthorised()) { printf("User not authorised on this node %s\n", m_realm.c_str()); return; } printf("waiting for namepsace construction....."); m_pNode->waitForEntireNameSpace(); printf("finished\n"); dump(); searchNode (m_pNode); m_pNode->close(); } catch (Exception e) { printf("%s\n", e.message().c_str()); } } /// ///

* recursively search through the realm node looking for queue nodes

/// virtual void setQueue(nRealmNode *pNode, nLeafNode *pLeaf) { try { TRACE("Creating new entry for %s@%s\n", m_name.c_str(), m_host.c_str()); printf("Creating new entry for %s@%s\n", m_name.c_str(), m_host.c_str()); // create a new acl entry with the name and host nChannelACLEntry *pNewEntry = createNewACLEntry(m_name, m_host); // add the new entry to the acl pLeaf->addACLEntry(pNewEntry); printf("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n"); printf("Added ACL for %s in realm %s\n", pLeaf->getName().c_str(), pNode->getName().c_str()); printf("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n"); dump(pNewEntry); } catch (Exception e) { printf("%s\n", e.message().c_str()); } } /// ///

* search the enumeration of child nodes for other realms and channels

/// void searchNodes(nRealmNode *pNode, fSortedList& nodes) { for (fSortedList::iterator iterator = nodes.begin(); iterator != nodes.end(); iterator++) { nNode *pChild = iterator->second; int type = pChild->getType(); if (type == fBase::LEAFNODE) { nLeafNode *pLeaf = (nLeafNode*)pChild; std::string fullyQualifiedName = pLeaf->getAbsolutePath(); TRACE ("Found %s\n", fullyQualifiedName.c_str()); printf ("Found %s\n", fullyQualifiedName.c_str()); if ((!pLeaf->isChannel()) && ((fullyQualifiedName.compare(m_queueName)) == 0 || (fullyQualifiedName.compare("/"+m_queueName)) == 0)) { setQueue(pNode, pLeaf); return; } } if (type == fBase::REALMNODE) { searchNode((nRealmNode*)pChild); } else if (type == fBase::CONTAINER) { nContainer *pCont = (nContainer*)pChild; searchNodes(pNode, pCont->getNodes()); } } } /// ///

* Create a new acl entry and set the permissions based on the permissions flags

/// virtual nChannelACLEntry* createNewACLEntry(const std::string& name, const std::string& host) { nChannelACLEntry *pAclEntry = NULL; try { pAclEntry = new nChannelACLEntry(name, host); setPermissions(pAclEntry); } catch (nAdminIllegalArgumentException e) { printf("%s\n", e.message().c_str()); } return pAclEntry; } /// ///

* If you construct an instance of this class from another class, you can set the name /// * and host for the subject.

/// virtual void setSubject(const std::string& name, const std::string& host) { m_name = name; m_host = host; } /// ///

* Set the permissions on the realm acl entry

/// virtual void setPermissions(nChannelACLEntry *pAclEntry) { pAclEntry->setList(m_bCanListAcl); pAclEntry->setModify(m_bCanModifyAcl); pAclEntry->setFullPrivileges(m_bFullPrivileges); pAclEntry->setRead(m_bCanPeek); pAclEntry->setWrite(m_bCanWrite); pAclEntry->setPurge(m_bCanPurge); pAclEntry->setPop(m_bCanPop); } /// ///

* Output to system.out the permissions that have been set

/// virtual void dump(nChannelACLEntry *pEntry) { printf("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n"); printf("List ACL : %d\n", pEntry->canList()); printf("Set ACL : %d\n", pEntry->canModify()); printf("Full Privileges : %d\n", pEntry->hasFullPrivileges()); printf("Peek queue : %d\n", pEntry->canRead()); printf("Write to queue : %d\n", pEntry->canWrite()); printf("Purge queue : %d\n", pEntry->canPurge()); printf("Pop queue : %d\n", pEntry->canPop()); printf("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n"); } /// ///

* Output to system.out the permissions that will be set

/// virtual void dump() { printf("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n"); printf("ACL will be set to.... \n"); printf("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"); printf("List ACL : %d\n", m_bCanListAcl); printf("Set ACL : %d\n", m_bCanModifyAcl); printf("Full Privileges : %d\n", m_bFullPrivileges); printf("Peek queue : %d\n", m_bCanPeek); printf("Write to queue : %d\n", m_bCanWrite); printf("Purge queue : %d\n", m_bCanPurge); printf("Pop queue : %d\n", m_bCanPop); printf("~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n"); } virtual void getOptions(int argc, char** argv) { if (argv == NULL || argc < 5) { Usage(); exit(1); } m_realm = argv[1]; m_name = argv[2]; m_host = argv[3]; m_queueName = argv[4]; for (int i = 5; i < argc; i++) { if (!strcmp(argv[i], "list_acl")) { m_bCanListAcl = true; } else if (!strcmp(argv[i], "modify_acl")) { m_bCanModifyAcl = true; } else if (!strcmp(argv[i], "full")) { m_bFullPrivileges = true; } else if (!strcmp(argv[i], "peek")) { m_bCanPeek = true; } else if (!strcmp(argv[i], "write")) { m_bCanWrite = true; } else if (!strcmp(argv[i], "purge")) { m_bCanPurge = true; } else if (!strcmp(argv[i], "pop")) { m_bCanPop = true; } } } private: /// ///

* Search the children of the realm passed as a paremeter

/// void searchNode(nRealmNode *pNode) { try { searchNodes(pNode, pNode->getNodes()); } catch (Exception ex) { printf ("%s\n", ex.message().c_str()); } } /// ///

* Prints the usage message for this class

/// static void Usage() { printf("Usage ...\n\n"); printf("naddqueueacl [list_acl] [modify_acl] [full] [peek] [write] [purge] [pop]\n\n"); printf(" \n\n"); printf(" - the rname of the server to connect to\n"); printf(" - User name parameter for the new ACL entry\n"); printf(" - Host name parameter for the new ACL entry\n"); printf(" - Queue name parameter for the new ACL entry\n"); printf("\n[Optional Arguments] \n\n"); printf("[list_acl] - Specifies that the list acl permission should be added"); printf("[modify_acl] - Specifies that the modify acl permission should be added\n"); printf("[full] - Specifies that the full permission should be added\n"); printf("[peek] - Specifies that the read permission should be added\n"); printf("[write] - Specifies that the write permission should be added\n"); printf("[purge] - Specifies that the purge permission should be added\n"); printf("[pop] - Specifies that the pop permission should be added\n"); } }; } } } } } using namespace com::pcbsys::nirvana::nAdminAPI::apps; int main (int argc, char** argv) { addqueueacl *pAdd = new addqueueacl (argc, argv); return 0; }