All Downloads are FREE. Search and download functionalities are using the official Maven repository.

src.com.ibm.as400.access.PermissionAccess Maven / Gradle / Ivy

There is a newer version: 11.1
Show newest version
///////////////////////////////////////////////////////////////////////////////
//
// JTOpen (IBM Toolbox for Java - OSS version)
//
// Filename: PermissionAccess.java
//
// The source code contained herein is licensed under the IBM Public License
// Version 1.0, which has been approved by the Open Source Initiative.
// Copyright (C) 1997-2004 International Business Machines Corporation and
// others. All rights reserved.
//
///////////////////////////////////////////////////////////////////////////////

package com.ibm.as400.access;

import java.beans.PropertyVetoException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.UnknownHostException;
import java.util.Vector;

/**
 * The PermissionAccess class is provided to retrieve the user's
 * permission information.
 *
**/
abstract class PermissionAccess
{
    AS400 as400_;
    private int ccsid_;         // @A4A
    private boolean gotCcsid_;  // @A4A

    //Default receiver length.
    private static final int DEFAULT_LENGTH=600;

    protected boolean followSymbolicLinks_ = true;

    /**
     * Constructs a PermissionAccess object.
     * @param system 
     *
    **/
    public PermissionAccess(AS400 system)
    {
        if (system==null) throw new NullPointerException("system");
        as400_=system;
    }

    /**
     * Adds the authorized user or the UserPermission.
     * @param objName The object the authorized user will be added to.
     * @param permission The permission of the new authorized user.
     * @exception AS400Exception If the server returns an error message.
     * @exception AS400SecurityException If a security or authority error occurs.
     * @exception ConnectionDroppedException If the connection is dropped unexpectedly.
     * @exception ErrorCompletingRequestException If an error occurs before the request is completed.
     * @exception InterruptedException If this thread is interrupted.
     * @exception IOException If an error occurs while communicating with the server.
     * @exception PropertyVetoException If the change is vetoed.
     * @exception ServerStartupException If the host server cannot be started.
     * @exception UnknownHostException If the server cannot be located.
     *
    **/
    public abstract void addUser(String objName,UserPermission permission)
            throws AS400Exception,
                   AS400SecurityException,
                   ConnectionDroppedException,
                   ErrorCompletingRequestException,
                   InterruptedException,
                   IOException,
                   ServerStartupException,
                   PropertyVetoException,
                   UnknownHostException;


    // @B3a - New Method.
    /**
     * Prepares the object name for parsing by the IBM i Command Analyzer.
     * @param objName The name of an object.
     * @return A version of the name that is parsable by the Command Analyzer.
     *
    **/
    protected abstract String expandQuotes(String objName);

    /**
     * Returns the server
     * @return The server object.
     * @see #setSystem
     *
    **/
    public AS400 getSystem()
    {
        return as400_;
    }

    /**
     * Returns authorized users' permissions.
     * @param objName 
     * @return A vector of authorized users' permission.
     * @exception AS400Exception If the server returns an error message.
     * @exception AS400SecurityException If a security or authority error occurs.
     * @exception ConnectionDroppedException If the connection is dropped unexpectedly.
     * @exception ErrorCompletingRequestException If an error occurs before the request is completed.
     * @exception InterruptedException If this thread is interrupted.
     * @exception IOException If an error occurs while communicating with the server.
     * @exception ObjectDoesNotExistException If the server object does not exist.
     * @throws UnsupportedEncodingException If the Character Encoding is not supported. 
     * @exception PropertyVetoException If the change is vetoed.
     * @exception UnknownHostException If the server cannot be located.
     *
    **/
    public Vector getAuthority(String objName)
            throws AS400Exception,
                   AS400SecurityException,
                   ConnectionDroppedException,
                   ErrorCompletingRequestException,
                   InterruptedException,
                   IOException,
                   ObjectDoesNotExistException,
                   UnsupportedEncodingException,
                   PropertyVetoException
    {
        // @B6 Note -- objName is an IFS-style name which is what
        //     the QSYRTVUS pgm requires.  For objects in QSYS, the name
        //     is "/QSYS.LIB/...".  If the object is on an ASP, the asp name
        //     must be prepended to the path (/aspName/QSYS.LIB/...).  Our
        //     caller must correctly build the name.

        if (objName == null) throw new NullPointerException("objName");

        // The vector store the information retrieved from system.
        Vector vector=new Vector();

        // Data contains the feedback information.
        byte[] feedbackData;

        // Data contains the users' permissions information.
        byte[] usersData;

        //Record format.
        RecordFormat recordFormat;

        //Record format for user.
        RecordFormat userRecordFormat;

        // Constructs ProgramParameters and ProgramCall.
        QSYSObjectPathName prgName=new QSYSObjectPathName("QSYS","QSYRTVUA","PGM");

        int vrm = as400_.getVRM();
        ProgramParameter[] parmList= getParameters(DEFAULT_LENGTH, objName, vrm >= 0x050300);

        ProgramCall rtvUsersAUT=new ProgramCall(as400_);
        rtvUsersAUT.setProgram(prgName.getPath(),parmList);
//        rtvUsersAUT.setThreadSafe(false); // API isn't threadsafe as of V4R4. @A5A

        if (rtvUsersAUT.run()!=true)
        {
            // If any error message return.
            AS400Message[] msgList = rtvUsersAUT.getMessageList();
            throw new AS400Exception(msgList);
        }
        else
        {
            // Gets returned data.
            feedbackData=parmList[2].getOutputData();
            usersData = parmList[0].getOutputData();
        }

        // Gets format of returned records feedback information.
        recordFormat=getFeedbackRecordFormat();

        // Gets the record contains fields.
        Record record0=new Record(recordFormat);

        // Sets the contents of this record from the specified byte array.
        record0.setContents(feedbackData);

        Integer bytesAvailable=(Integer)record0.getField("BytesAvailable");
        Integer bytesReturn=(Integer)record0.getField("BytesReturn");
        int requiredLength=bytesAvailable.intValue();
        int receiverLength=bytesReturn.intValue();

        if(requiredLength>receiverLength)
        {
            // If there is not enough space provided, retrieve data again.
            parmList = getParameters(requiredLength+400, objName, vrm >= 0x050300);
            rtvUsersAUT.setProgram(prgName.getPath(),parmList);
            if (rtvUsersAUT.run()!=true)
            {
                AS400Message[] msgList = rtvUsersAUT.getMessageList();
                throw new AS400Exception(msgList);
            }
            else
            {
                // Gets returned data.
                feedbackData=parmList[2].getOutputData();
                usersData = parmList[0].getOutputData();
                // Sets the contents of feedback record again.
                record0.setContents(feedbackData);
            }
        }

        // Gets the values of the fields in the record.
        String owner=((String)record0.getField("owner")).trim();
        String primaryGroup=((String)record0.getField("primaryGroup")).trim();
        String authorizationList=((String)record0.getField("authorizationList")).trim();
        String sensitivityLev=((String)record0.getField("sensitivityLevel")).trim();
        Integer sensitivityLevel=new Integer(getIntValue(sensitivityLev));

        // Adds information to vector.
        vector.addElement(owner);
        vector.addElement(primaryGroup);
        vector.addElement(authorizationList);
        vector.addElement(sensitivityLevel);

        Integer usersNumber=(Integer)record0.getField("usersNumber");
        Integer userEntryLength=(Integer)record0.getField("userEntryLength");
        int totalUsers=usersNumber.intValue();
        int length=userEntryLength.intValue();

        // Gets the information record format for each user.
        userRecordFormat=getUserRecordFormat();

        // Gets the information for each user.
        for(int i=0;i> 8);
              pathNameBytes[bc*2+1] = (byte)(pathChar);
            }
          }

          byte[] qlgPathNameTStructure = new byte[32 + pathNameBytes.length];
          BinaryConverter.intToByteArray(1200, qlgPathNameTStructure, 0); // CCSID
          // 2-byte country or region ID... x0000 = use current job settings
          // 3-byte language ID... 0x000000 = use current job settings
          // 3 bytes reserved
          BinaryConverter.intToByteArray(2, qlgPathNameTStructure, 12); // path type indicator: 2 means pathname is a character string and has a two-byte path delimiter
          BinaryConverter.intToByteArray(pathNameBytes.length, qlgPathNameTStructure, 16); // length of path name
          char delimiter = '/'; // path name delimiter
          qlgPathNameTStructure[20] = (byte)(delimiter >> 8); // high-byte
          qlgPathNameTStructure[21] = (byte)delimiter; // low-byte
          // 10 bytes reserved
          System.arraycopy(pathNameBytes, 0, qlgPathNameTStructure, 32, pathNameBytes.length); // path name

          parmList[5] = new ProgramParameter(qlgPathNameTStructure);
          parmList[6] = new ProgramParameter(BinaryConverter.intToByteArray(-1));
        }

        byte[] errorInfo = new byte[32];
        parmList[7] = new ProgramParameter( errorInfo, 0 );

        // If the caller wants to retrieve attributes for the link itself,
        // specify optional parameter "Symbolic link" as "*YES".
        if (!followSymbolicLinks_)
        {
          if (Trace.traceOn_) {
            Trace.log(Trace.DIAGNOSTIC, "Adding 'Symbolic link: *YES' parameter for QSYRTVUA.");
          }
          AS400Text text10 = new AS400Text(10, getCcsid(), as400_);
          parmList[8]= new ProgramParameter(text10.toBytes("*YES")); // default is *NO
        }

        return parmList;
    }


    /**
     * Returns the record format of the user's permission.
     * @return The record format of the user's permission.
     *
    **/
    RecordFormat getUserRecordFormat()
    {
        CharacterFieldDescription[] cfd;
        cfd=new CharacterFieldDescription[16];
        AS400Text text1 = new AS400Text(1, getCcsid(), as400_); //@A2A
        AS400Text text10 = new AS400Text(10, getCcsid(), as400_); //@A2A
        cfd[0]  =new CharacterFieldDescription(text10,"profileName"); //@A2C
        cfd[1]  =new CharacterFieldDescription(text1,"userOrGroup"); //@A2C
        cfd[2]  =new CharacterFieldDescription(text10,"dataAuthority"); //@A2C
        cfd[3]  =new CharacterFieldDescription(text1,"autListMgt"); //@A2C
        cfd[4]  =new CharacterFieldDescription(text1,"objMgt"); //@A2C
        cfd[5]  =new CharacterFieldDescription(text1,"objExistence"); //@A2C
        cfd[6]  =new CharacterFieldDescription(text1,"objAlter"); //@A2C
        cfd[7]  =new CharacterFieldDescription(text1,"objRef"); //@A2C
        cfd[8]  =new CharacterFieldDescription(text10,"reserved1"); //@A2C
        cfd[9]  =new CharacterFieldDescription(text1,"objOperational"); //@A2C
        cfd[10] =new CharacterFieldDescription(text1,"dataRead"); //@A2C
        cfd[11] =new CharacterFieldDescription(text1,"dataAdd"); //@A2C
        cfd[12] =new CharacterFieldDescription(text1,"dataUpdate"); //@A2C
        cfd[13] =new CharacterFieldDescription(text1,"dataDelete"); //@A2C
        cfd[14] =new CharacterFieldDescription(text1,"dataExecute"); //@A2C
        cfd[15] =new CharacterFieldDescription(text10,"reserved2"); //@A2C
        RecordFormat userrf=new RecordFormat();
        for(int i=0;i<16;i++)
            userrf.addFieldDescription(cfd[i]);
        return userrf;
    }

    /**
     * Returns the user's permission retrieved from the system.
     * @param userRecord 
     * @return The user's permission retrieved from the system.
     * @exception UnsupportedEncodingException The Character Encoding is not supported.
     *
    **/
    abstract public UserPermission getUserPermission(Record userRecord)
         throws UnsupportedEncodingException;


    /**
     * Returns whether symbolic links are resolved when changing or retrieving permissions.
     * @return Whether symbolic links are resolved.
     * @see #setFollowSymbolicLinks
     *
    **/
    public boolean isFollowSymbolicLinks()
    {
      return followSymbolicLinks_;
    }


    /**
     * Removes the authorized user.
     * @param objName The object the authorized user will be removed from.
     * @param userName The profile name of the authorized user.
     * @exception AS400Exception If the server returns an error message.
     * @exception AS400SecurityException If a security or authority error occurs.
     * @exception ConnectionDroppedException If the connection is dropped unexpectedly.
     * @exception ErrorCompletingRequestException If an error occurs before the request is completed.
     * @exception InterruptedException If this thread is interrupted.
     * @exception IOException If an error occurs while communicating with the server.
     * @exception PropertyVetoException If the change is vetoed.
     * @exception ServerStartupException If the host server cannot be started.
     * @exception UnknownHostException If the server cannot be located.
     *
    **/
    abstract public void removeUser(String objName,String userName)
            throws AS400Exception,
                   AS400SecurityException,
                   ConnectionDroppedException,
                   ErrorCompletingRequestException,
                   InterruptedException,
                   IOException,
                   ServerStartupException,
                   UnknownHostException,
                   PropertyVetoException;

    /**
     * Sets authorized information.
     * @param objName The object the authorized information will be set to.
     * @param permission The permission will be set.
     * @exception AS400Exception If the server returns an error message.
     * @exception AS400SecurityException If a security or authority error occurs.
     * @exception ConnectionDroppedException If the connection is dropped unexpectedly.
     * @exception ErrorCompletingRequestException If an error occurs before the request is completed.
     * @exception InterruptedException If this thread is interrupted.
     * @exception IOException If an error occurs while communicating with the server.
     * @exception PropertyVetoException If the change is vetoed.
     * @exception ServerStartupException If the host server cannot be started.
     * @exception UnknownHostException If the server cannot be located.
     *
    **/
    abstract public void setAuthority(String objName,UserPermission permission)
            throws AS400Exception,
                   AS400SecurityException,
                   ConnectionDroppedException,
                   ErrorCompletingRequestException,
                   InterruptedException,
                   IOException,
                   ServerStartupException,
                   UnknownHostException,
                   PropertyVetoException;

    /**
     * Sets authorization list of the object.
     * @param objName The object the authorized list will be set to.
     * @param autList The authorization list will be set.
     * @param oldValue The old authorization list will be replaced.
     * @exception AS400Exception If the server returns an error message.
     * @exception AS400SecurityException If a security or authority error occurs.
     * @exception ConnectionDroppedException If the connection is dropped unexpectedly.
     * @exception ErrorCompletingRequestException If an error occurs before the request is completed.
     * @exception InterruptedException If this thread is interrupted.
     * @exception IOException If an error occurs while communicating with the server.
     * @exception PropertyVetoException If the change is vetoed.
     * @exception ServerStartupException If the host server cannot be started.
     * @exception UnknownHostException If the server cannot be located.
     *
    **/
    abstract public void setAuthorizationList(String objName,String autList,String oldValue)
            throws AS400Exception,
                   AS400SecurityException,
                   ConnectionDroppedException,
                   ErrorCompletingRequestException,
                   InterruptedException,
                   IOException,
                   ServerStartupException,
                   UnknownHostException,
                   PropertyVetoException;

    /**
     * Sets from authorization list of the object.
     * @param objName The object the authorized list will be set to.
     * @param fromAutl true if the permission is from the authorization list;
     * false otherwise.
     * @exception AS400Exception If the server returns an error message.
     * @exception AS400SecurityException If a security or authority error occurs.
     * @exception ConnectionDroppedException If the connection is dropped unexpectedly.
     * @exception ErrorCompletingRequestException If an error occurs before the request is completed.
     * @exception InterruptedException If this thread is interrupted.
     * @exception IOException If an error occurs while communicating with the server.
     * @exception PropertyVetoException If the change is vetoed.
     * @exception ServerStartupException If the host server cannot be started.
     * @exception UnknownHostException If the server cannot be located.
     *
    **/
    abstract public void setFromAuthorizationList(String objName,boolean fromAutl)
            throws AS400Exception,
                   AS400SecurityException,
                   ConnectionDroppedException,
                   ErrorCompletingRequestException,
                   InterruptedException,
                   IOException,
                   ServerStartupException,
                   UnknownHostException,
                   PropertyVetoException;

    // @B2a
    /**
     * Sets the owner of the object.
     * @param objName The object whose ownership is being reset.
     * @param owner The owner of the object.
     * @param revokeOldAuthority Specifies whether the authorities for the current
     * owner are revoked when ownership is transferred to the new owner.
     * @exception AS400Exception If the server returns an error message.
     * @exception AS400SecurityException If a security or authority error occurs.
     * @exception ConnectionDroppedException If the connection is dropped unexpectedly.
     * @exception ErrorCompletingRequestException If an error occurs before the request is completed.
     * @exception InterruptedException If this thread is interrupted.
     * @exception IOException If an error occurs while communicating with the server.
     * @exception PropertyVetoException If the change is vetoed.
     * @exception ServerStartupException If the host server cannot be started.
     * @exception UnknownHostException If the server cannot be located.
     *
    **/
    public void setOwner(String objName, String owner, boolean revokeOldAuthority)
            throws AS400Exception,
                   AS400SecurityException,
                   ConnectionDroppedException,
                   ErrorCompletingRequestException,
                   InterruptedException,
                   IOException,
                   ServerStartupException,
                   UnknownHostException,
                   PropertyVetoException
    {
      // @B6 Note -- objName is an IFS-style name which is what
      //     the CHGOWN command requires.  For objects in QSYS, the name
      //     is "/QSYS.LIB/...".  If the object is on an ASP, the asp name
      //     must be prepended to the path (/aspName/QSYS.LIB/...).  Our
      //     caller must correctly build the name.

      if (objName == null) throw new NullPointerException("objName");
      if (owner == null) throw new NullPointerException("owner");

      String upperCasePath = toUpperCasePath(objName).trim();
      // If this begins with /QOPENSYS, do use the uppercase version because 
      // QOPENSYS is case sensitive
      if (upperCasePath.indexOf("/QOPENSYS/") == 0) {
    	  // Don't uppercase the object name 
      } else { 
          objName = toUpperCasePath(objName);
      }
      CommandCall cmd = new CommandCall(as400_);
      String revokeOldAut;
      if (revokeOldAuthority) revokeOldAut = "*YES";
      else                    revokeOldAut = "*NO";
      String cmdString = "CHGOWN " +
        "OBJ("+expandQuotes(objName)+") " +                 // @B3c @B4c
        "NEWOWN("+owner+") " +
        "RVKOLDAUT("+revokeOldAut+")";
      if (!followSymbolicLinks_)
      {
        cmdString += " SYMLNK(*YES)";
      }
      cmd.setCommand(cmdString);
//      cmd.setThreadSafe(false); // CHGOWN isn't threadsafe.
      if(cmd.run()!=true)
      {
        AS400Message[] msgList=cmd.getMessageList();
        throw new AS400Exception(msgList);
      }
    }


    /**
     * Sets the primary group of the object.
     * @param objName The object whose primary group is being reset.
     * @param primaryGroup The primary group.
     * @param revokeOldAuthority Specifies whether the authorities for the current
     * primary group are revoked when the primary group is changed to the new value.
     * @exception AS400Exception If the server returns an error message.
     * @exception AS400SecurityException If a security or authority error occurs.
     * @exception ConnectionDroppedException If the connection is dropped unexpectedly.
     * @exception ErrorCompletingRequestException If an error occurs before the request is completed.
     * @exception InterruptedException If this thread is interrupted.
     * @exception IOException If an error occurs while communicating with the server.
     * @exception PropertyVetoException If the change is vetoed.
     * @exception ServerStartupException If the host server cannot be started.
     * @exception UnknownHostException If the server cannot be located.
     *
    **/
    public void setPrimaryGroup(String objName, String primaryGroup, boolean revokeOldAuthority)
            throws AS400Exception,
                   AS400SecurityException,
                   ConnectionDroppedException,
                   ErrorCompletingRequestException,
                   InterruptedException,
                   IOException,
                   ServerStartupException,
                   UnknownHostException,
                   PropertyVetoException
    {
      // Note -- objName is an IFS-style name which is what
      //     the CHGPGP command requires.  For objects in QSYS, the name
      //     is "/QSYS.LIB/...".  If the object is on an ASP, the asp name
      //     must be prepended to the path (/aspName/QSYS.LIB/...).  Our
      //     caller must correctly build the name.

      if (objName == null) throw new NullPointerException("objName");
      if (primaryGroup == null) throw new NullPointerException("primaryGroup");

      String upperCasePath = toUpperCasePath(objName).trim();
      // If this begins with /QOPENSYS, do use the uppercase version because QOPENSYS is case sensitive
      if (upperCasePath.indexOf("/QOPENSYS/") == 0) {
    	  // Don't uppercase the object name 
      } else { 
    	  objName = toUpperCasePath(objName);
      }
      CommandCall cmd = new CommandCall(as400_);
      String revokeOldAut;
      if (revokeOldAuthority) revokeOldAut = "*YES";
      else                    revokeOldAut = "*NO";
      String cmdString = "CHGPGP " +
        "OBJ("+expandQuotes(objName)+") " +
        "NEWPGP("+primaryGroup+") " +
        "RVKOLDAUT("+revokeOldAut+")";
      cmd.setCommand(cmdString);
//      cmd.setThreadSafe(false); // CHGPGP isn't threadsafe.
      if(cmd.run()!=true)
      {
        AS400Message[] msgList=cmd.getMessageList();
        throw new AS400Exception(msgList);
      }
    }


    /**
     * Sets whether to resolve symbolic links when changing or retrieving permissions.
     * The default value is true; that is, symbolic links are always resolved.
     * By default, if the IBM i object is a symbolic link, then the requested action
     * is performed on the object ultimately pointed to by the symbolic link,
     * rather than on the symbolic link itself.
     * 
Note: This method is effective only for IBM i release V5R4 and higher. * For earlier releases, symbolic links are always resolved, and this method is ignored. * @param followLinks Whether symbolic links are resolved. * @see #isFollowSymbolicLinks * **/ public void setFollowSymbolicLinks(boolean followLinks) { // Assume that the caller has already verified that we're running to V5R4 or higher. // Note to programmer: If this class ever becomes public, add a VRM check here, // as in Permission.setFollowSymbolicLinks(). followSymbolicLinks_ = followLinks; } /** * Sets the sensitivity level of the object. * @param objName The object the sensitivity level will be set to. * @param sensitivityLevel The sensitivity level. * @exception AS400Exception If the server returns an error message. * @exception AS400SecurityException If a security or authority error occurs. * @exception ConnectionDroppedException If the connection is dropped unexpectedly. * @exception ErrorCompletingRequestException If an error occurs before the request is completed. * @exception InterruptedException If this thread is interrupted. * @exception IOException If an error occurs while communicating with the server. * @exception PropertyVetoException If the change is vetoed. * @exception ServerStartupException If the host server cannot be started. * @exception UnknownHostException If the server cannot be located. * **/ abstract public void setSensitivity(String objName,int sensitivityLevel) throws AS400Exception, AS400SecurityException, ConnectionDroppedException, ErrorCompletingRequestException, InterruptedException, IOException, ServerStartupException, UnknownHostException, PropertyVetoException; /** * Sets the system where object authority information resides. * * @param system The server object. * @see #getSystem **/ public void setSystem(AS400 system) { if (system == null) throw new NullPointerException("system"); as400_ = system; } // Uppercases the specified path string. Any characters enclosed in quotes are not changed. static final String toUpperCasePath(String path) { if (path == null || path.length() == 0) return (String)path; else return QSYSObjectPathName.toQSYSName(path); } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy