- private void grantClientRolePerms(MR_Client client, ApiError err) {
- AafService aaf = new AafServiceImpl(ServiceType.AAF_TopicMgr);
-
- String instance = ":topic." + client.getFqtn();
- client.setStatus(DmaapObject_Status.VALID);
- String role = client.getClientRole();
- for (String want : client.getAction()) {
- int rc;
- DmaapPerm perm = new DmaapPerm(dmaap.getTopicPerm(), instance, want);
- if (role != null) {
- DmaapGrant g = new DmaapGrant(perm, role);
- rc = aaf.addGrant(g);
- if (rc != 201 && rc != 409) {
- client.setStatus(DmaapObject_Status.INVALID);
- err.setCode(rc);
- err.setMessage("Grant of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " failed for " + role);
- logger.warn(err.getMessage());
- return;
- }
- } else {
- logger.warn("No Grant of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " because role is null ");
- }
- }
- }
-
- private void assignIdentityToRole(MR_Client client, String role, ApiError err) {
- AafService aaf = new AafServiceImpl(ServiceType.AAF_TopicMgr);
-
- AafUserRole ur = new AafUserRole(client.getClientIdentity(), role);
- int rc = aaf.addUserRole(ur);
- if (rc != 201 && rc != 409) {
- client.setStatus(DmaapObject_Status.INVALID);
- err.setCode(rc);
- err.setMessage("Failed to add user " + client.getClientIdentity() + " to " + role);
- logger.warn(err.getMessage());
- return;
- }
- client.setStatus(DmaapObject_Status.VALID);
-
- }
-
- private void revokeClientPerms(MR_Client client, ApiError err) {
- AafService aaf = new AafServiceImpl(ServiceType.AAF_TopicMgr);
-
- String instance = ":topic." + client.getFqtn();
- client.setStatus(DmaapObject_Status.VALID);
- for (String want : client.getAction()) {
- int rc;
- DmaapPerm perm = new DmaapPerm(dmaap.getTopicPerm(), instance, want);
- DmaapGrant g = new DmaapGrant(perm, client.getClientRole());
- rc = aaf.delGrant(g);
- if (rc != 200 && rc != 404) {
- client.setStatus(DmaapObject_Status.INVALID);
- err.setCode(rc);
- err.setMessage("Revoke of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " failed for " + client.getClientRole());
- logger.warn(err.getMessage());
- return;
- }
- }
- }
-