*
*/
public class Role extends Cmd {
- private static final String[] options = {"add", "del", "setTo","extend"};
+ private static final String[] options = {"add", "del", "extend"};
public Role(User parent) {
- super(parent, "role", new Param(optionsToString(options), true), new Param("user", true), new Param(
- "role[,role]* (!REQ S)", false));
+ super(parent, "role", new Param(optionsToString(options), true), new Param("user", true),
+ new Param("role[,role]*", false));
}
@Override
Future<?> fp = null;
- if (option != 2) {
- if (args.length < 5) {
- throw new CadiException(build(new StringBuilder("Too few args: "), null).toString());
+ if (args.length < 5) {
+ throw new CadiException(build(new StringBuilder("Too few args: "), null).toString());
+ }
+ String[] roles = args[idx++].split(",");
+ for (String role : roles) {
+ String verb = null,participle=null;
+ urr.setRole(role);
+ // You can request to be added or removed from role.
+ setQueryParamsOn(client);
+ switch(option) {
+ case 0:
+ fp = client.create("/authz/userRole", getDF(UserRoleRequest.class), urr);
+ verb = "Added";
+ participle = "] to User [" ;
+ break;
+ case 1:
+ fp = client.delete("/authz/userRole/" + urr.getUser() + '/' + urr.getRole(), Void.class);
+ verb = "Removed";
+ participle = "] from User [" ;
+ break;
+ case 2:
+ fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
+ verb = "Extended";
+ participle = "] to User [" ;
+ break;
+ default:
+ throw new CadiException("Invalid action [" + key + ']');
}
- String[] roles = args[idx++].split(",");
- for (String role : roles) {
- String verb = null,participle=null;
- urr.setRole(role);
- // You can request to be added or removed from role.
- setQueryParamsOn(client);
- switch(option) {
- case 0:
- fp = client.create("/authz/userRole", getDF(UserRoleRequest.class), urr);
- verb = "Added";
- participle = "] to User [" ;
- break;
- case 1:
- fp = client.delete("/authz/userRole/" + urr.getUser() + '/' + urr.getRole(), Void.class);
- verb = "Removed";
- participle = "] from User [" ;
- break;
- case 3:
- fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
- verb = "Extended";
- participle = "] to User [" ;
+ if (fp.get(AAFcli.timeout())) {
+ pw().print(verb);
+ pw().print(" Role [");
+ pw().print(urr.getRole());
+ pw().print(participle);
+ pw().print(urr.getUser());
+ pw().println(']');
+ } else {
+ switch(fp.code()) {
+ case 202:
+ pw().print("UserRole ");
+ pw().print(option == 0 ? "Creation" : option==1?"Deletion":"Extension");
+ pw().println(" Accepted, but requires Approvals before actualizing");
break;
- default:
- throw new CadiException("Invalid action [" + key + ']');
- }
- if (fp.get(AAFcli.timeout())) {
- pw().print(verb);
- pw().print(" Role [");
- pw().print(urr.getRole());
- pw().print(participle);
- pw().print(urr.getUser());
- pw().println(']');
- } else {
- switch(fp.code()) {
- case 202:
- pw().print("UserRole ");
- pw().print(option == 0 ? "Creation" : option==1?"Deletion":"Extension");
- pw().println(" Accepted, but requires Approvals before actualizing");
+ case 404:
+ if (option==3) {
+ pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
break;
- case 404:
- if (option==3) {
- pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
- break;
- }
- default:
- error(fp);
}
+ default:
+ error(fp);
}
}
- } else {
- // option 2 is setTo command (an update call)
- String allRoles = "";
- if (idx < args.length)
- allRoles = args[idx++];
-
- urr.setRole(allRoles);
- fp = client.update("/authz/userRole/user", getDF(UserRoleRequest.class), urr);
- if (fp.get(AAFcli.timeout())) {
- pw().println("Set User's Roles to [" + allRoles + "]");
- } else {
- error(fp);
- }
}
return fp == null ? 0 : fp.code();
}
@Override
public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb, indent, "Add OR Delete a User to/from a Role OR");
- detailLine(sb, indent, "Set a User's Roles to the roles supplied");
+ detailLine(sb, indent, "Add or Delete a User to/from a Role OR extend Expiration");
detailLine(sb, indent + 2, "user - ID of User");
detailLine(sb, indent + 2, "role(s) - Role or Roles to which to add the User");
sb.append('\n');
- detailLine(sb, indent + 2, "Note: this is the same as \"role user add...\" except allows");
- detailLine(sb, indent + 2, "assignment of user to multiple roles");
- detailLine(sb, indent + 2, "WARNING: Roles supplied with setTo will be the ONLY roles attached to this user");
- detailLine(sb, indent + 2, "If no roles are supplied, user's roles are reset.");
api(sb, indent, HttpMethods.POST, "authz/userRole", UserRoleRequest.class, true);
api(sb, indent, HttpMethods.DELETE, "authz/userRole/<user>/<role>", Void.class, false);
- api(sb, indent, HttpMethods.PUT, "authz/userRole/<user>", UserRoleRequest.class, false);
+ api(sb,indent,HttpMethods.PUT,"authz/userRole/extend/<user>/<role>",Void.class,false);
+
}
}