com.ibm.as400.access.PermissionAccess Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of jt400 Show documentation
Show all versions of jt400 Show documentation
The Open Source version of the IBM Toolbox for Java
///////////////////////////////////////////////////////////////////////////////
//
// JTOpen (IBM Toolbox for Java - OSS version)
//
// Filename: PermissionAccess.java
//
// The source code contained herein is licensed under the IBM Public License
// Version 1.0, which has been approved by the Open Source Initiative.
// Copyright (C) 1997-2004 International Business Machines Corporation and
// others. All rights reserved.
//
///////////////////////////////////////////////////////////////////////////////
package com.ibm.as400.access;
import java.beans.PropertyVetoException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.UnknownHostException;
import java.util.Vector;
/**
* The PermissionAccess class is provided to retrieve the user's
* permission information.
*
**/
abstract class PermissionAccess
{
AS400 as400_;
private int ccsid_; // @A4A
private boolean gotCcsid_; // @A4A
//Default receiver length.
private static final int DEFAULT_LENGTH=600;
protected boolean followSymbolicLinks_ = true;
/**
* Constructs a PermissionAccess object.
* @param system
*
**/
public PermissionAccess(AS400 system)
{
if (system==null) throw new NullPointerException("system");
as400_=system;
}
/**
* Adds the authorized user or the UserPermission.
* @param objName The object the authorized user will be added to.
* @param permission The permission of the new authorized user.
* @exception AS400Exception If the server returns an error message.
* @exception AS400SecurityException If a security or authority error occurs.
* @exception ConnectionDroppedException If the connection is dropped unexpectedly.
* @exception ErrorCompletingRequestException If an error occurs before the request is completed.
* @exception InterruptedException If this thread is interrupted.
* @exception IOException If an error occurs while communicating with the server.
* @exception PropertyVetoException If the change is vetoed.
* @exception ServerStartupException If the host server cannot be started.
* @exception UnknownHostException If the server cannot be located.
*
**/
public abstract void addUser(String objName,UserPermission permission)
throws AS400Exception,
AS400SecurityException,
ConnectionDroppedException,
ErrorCompletingRequestException,
InterruptedException,
IOException,
ServerStartupException,
PropertyVetoException,
UnknownHostException;
// @B3a - New Method.
/**
* Prepares the object name for parsing by the IBM i Command Analyzer.
* @param objName The name of an object.
* @return A version of the name that is parsable by the Command Analyzer.
*
**/
protected abstract String expandQuotes(String objName);
/**
* Returns the server
* @return The server object.
* @see #setSystem
*
**/
public AS400 getSystem()
{
return as400_;
}
/**
* Returns authorized users' permissions.
* @param objName
* @return A vector of authorized users' permission.
* @exception AS400Exception If the server returns an error message.
* @exception AS400SecurityException If a security or authority error occurs.
* @exception ConnectionDroppedException If the connection is dropped unexpectedly.
* @exception ErrorCompletingRequestException If an error occurs before the request is completed.
* @exception InterruptedException If this thread is interrupted.
* @exception IOException If an error occurs while communicating with the server.
* @exception ObjectDoesNotExistException If the server object does not exist.
* @throws UnsupportedEncodingException If the Character Encoding is not supported.
* @exception PropertyVetoException If the change is vetoed.
* @exception UnknownHostException If the server cannot be located.
*
**/
public Vector getAuthority(String objName)
throws AS400Exception,
AS400SecurityException,
ConnectionDroppedException,
ErrorCompletingRequestException,
InterruptedException,
IOException,
ObjectDoesNotExistException,
UnsupportedEncodingException,
PropertyVetoException
{
// @B6 Note -- objName is an IFS-style name which is what
// the QSYRTVUS pgm requires. For objects in QSYS, the name
// is "/QSYS.LIB/...". If the object is on an ASP, the asp name
// must be prepended to the path (/aspName/QSYS.LIB/...). Our
// caller must correctly build the name.
if (objName == null) throw new NullPointerException("objName");
// The vector store the information retrieved from system.
Vector vector=new Vector();
// Data contains the feedback information.
byte[] feedbackData;
// Data contains the users' permissions information.
byte[] usersData;
//Record format.
RecordFormat recordFormat;
//Record format for user.
RecordFormat userRecordFormat;
// Constructs ProgramParameters and ProgramCall.
QSYSObjectPathName prgName=new QSYSObjectPathName("QSYS","QSYRTVUA","PGM");
int vrm = as400_.getVRM();
ProgramParameter[] parmList= getParameters(DEFAULT_LENGTH, objName, vrm >= 0x050300);
ProgramCall rtvUsersAUT=new ProgramCall(as400_);
rtvUsersAUT.setProgram(prgName.getPath(),parmList);
// rtvUsersAUT.setThreadSafe(false); // API isn't threadsafe as of V4R4. @A5A
if (rtvUsersAUT.run()!=true)
{
// If any error message return.
AS400Message[] msgList = rtvUsersAUT.getMessageList();
throw new AS400Exception(msgList);
}
else
{
// Gets returned data.
feedbackData=parmList[2].getOutputData();
usersData = parmList[0].getOutputData();
}
// Gets format of returned records feedback information.
recordFormat=getFeedbackRecordFormat();
// Gets the record contains fields.
Record record0=new Record(recordFormat);
// Sets the contents of this record from the specified byte array.
record0.setContents(feedbackData);
Integer bytesAvailable=(Integer)record0.getField("BytesAvailable");
Integer bytesReturn=(Integer)record0.getField("BytesReturn");
int requiredLength=bytesAvailable.intValue();
int receiverLength=bytesReturn.intValue();
if(requiredLength>receiverLength)
{
// If there is not enough space provided, retrieve data again.
parmList = getParameters(requiredLength+400, objName, vrm >= 0x050300);
rtvUsersAUT.setProgram(prgName.getPath(),parmList);
if (rtvUsersAUT.run()!=true)
{
AS400Message[] msgList = rtvUsersAUT.getMessageList();
throw new AS400Exception(msgList);
}
else
{
// Gets returned data.
feedbackData=parmList[2].getOutputData();
usersData = parmList[0].getOutputData();
// Sets the contents of feedback record again.
record0.setContents(feedbackData);
}
}
// Gets the values of the fields in the record.
String owner=((String)record0.getField("owner")).trim();
String primaryGroup=((String)record0.getField("primaryGroup")).trim();
String authorizationList=((String)record0.getField("authorizationList")).trim();
String sensitivityLev=((String)record0.getField("sensitivityLevel")).trim();
Integer sensitivityLevel=Integer.valueOf(getIntValue(sensitivityLev));
// Adds information to vector.
vector.addElement(owner);
vector.addElement(primaryGroup);
vector.addElement(authorizationList);
vector.addElement(sensitivityLevel);
Integer usersNumber=(Integer)record0.getField("usersNumber");
Integer userEntryLength=(Integer)record0.getField("userEntryLength");
int totalUsers=usersNumber.intValue();
int length=userEntryLength.intValue();
// Gets the information record format for each user.
userRecordFormat=getUserRecordFormat();
// Gets the information for each user.
for(int i=0;i> 8);
pathNameBytes[bc*2+1] = (byte)(pathChar);
}
}
byte[] qlgPathNameTStructure = new byte[32 + pathNameBytes.length];
BinaryConverter.intToByteArray(1200, qlgPathNameTStructure, 0); // CCSID
// 2-byte country or region ID... x0000 = use current job settings
// 3-byte language ID... 0x000000 = use current job settings
// 3 bytes reserved
BinaryConverter.intToByteArray(2, qlgPathNameTStructure, 12); // path type indicator: 2 means pathname is a character string and has a two-byte path delimiter
BinaryConverter.intToByteArray(pathNameBytes.length, qlgPathNameTStructure, 16); // length of path name
char delimiter = '/'; // path name delimiter
qlgPathNameTStructure[20] = (byte)(delimiter >> 8); // high-byte
qlgPathNameTStructure[21] = (byte)delimiter; // low-byte
// 10 bytes reserved
System.arraycopy(pathNameBytes, 0, qlgPathNameTStructure, 32, pathNameBytes.length); // path name
parmList[5] = new ProgramParameter(qlgPathNameTStructure);
parmList[6] = new ProgramParameter(BinaryConverter.intToByteArray(-1));
}
byte[] errorInfo = new byte[32];
parmList[7] = new ProgramParameter( errorInfo, 0 );
// If the caller wants to retrieve attributes for the link itself,
// specify optional parameter "Symbolic link" as "*YES".
if (!followSymbolicLinks_)
{
if (Trace.traceOn_) {
Trace.log(Trace.DIAGNOSTIC, "Adding 'Symbolic link: *YES' parameter for QSYRTVUA.");
}
AS400Text text10 = new AS400Text(10, getCcsid(), as400_);
parmList[8]= new ProgramParameter(text10.toBytes("*YES")); // default is *NO
}
return parmList;
}
/**
* Returns the record format of the user's permission.
* @return The record format of the user's permission.
*
**/
RecordFormat getUserRecordFormat()
{
CharacterFieldDescription[] cfd;
cfd=new CharacterFieldDescription[16];
AS400Text text1 = new AS400Text(1, getCcsid(), as400_); //@A2A
AS400Text text10 = new AS400Text(10, getCcsid(), as400_); //@A2A
cfd[0] =new CharacterFieldDescription(text10,"profileName"); //@A2C
cfd[1] =new CharacterFieldDescription(text1,"userOrGroup"); //@A2C
cfd[2] =new CharacterFieldDescription(text10,"dataAuthority"); //@A2C
cfd[3] =new CharacterFieldDescription(text1,"autListMgt"); //@A2C
cfd[4] =new CharacterFieldDescription(text1,"objMgt"); //@A2C
cfd[5] =new CharacterFieldDescription(text1,"objExistence"); //@A2C
cfd[6] =new CharacterFieldDescription(text1,"objAlter"); //@A2C
cfd[7] =new CharacterFieldDescription(text1,"objRef"); //@A2C
cfd[8] =new CharacterFieldDescription(text10,"reserved1"); //@A2C
cfd[9] =new CharacterFieldDescription(text1,"objOperational"); //@A2C
cfd[10] =new CharacterFieldDescription(text1,"dataRead"); //@A2C
cfd[11] =new CharacterFieldDescription(text1,"dataAdd"); //@A2C
cfd[12] =new CharacterFieldDescription(text1,"dataUpdate"); //@A2C
cfd[13] =new CharacterFieldDescription(text1,"dataDelete"); //@A2C
cfd[14] =new CharacterFieldDescription(text1,"dataExecute"); //@A2C
cfd[15] =new CharacterFieldDescription(text10,"reserved2"); //@A2C
RecordFormat userrf=new RecordFormat();
for(int i=0;i<16;i++)
userrf.addFieldDescription(cfd[i]);
return userrf;
}
/**
* Returns the user's permission retrieved from the system.
* @param userRecord
* @return The user's permission retrieved from the system.
* @exception UnsupportedEncodingException The Character Encoding is not supported.
*
**/
abstract public UserPermission getUserPermission(Record userRecord)
throws UnsupportedEncodingException;
/**
* Returns whether symbolic links are resolved when changing or retrieving permissions.
* @return Whether symbolic links are resolved.
* @see #setFollowSymbolicLinks
*
**/
public boolean isFollowSymbolicLinks()
{
return followSymbolicLinks_;
}
/**
* Removes the authorized user.
* @param objName The object the authorized user will be removed from.
* @param userName The profile name of the authorized user.
* @exception AS400Exception If the server returns an error message.
* @exception AS400SecurityException If a security or authority error occurs.
* @exception ConnectionDroppedException If the connection is dropped unexpectedly.
* @exception ErrorCompletingRequestException If an error occurs before the request is completed.
* @exception InterruptedException If this thread is interrupted.
* @exception IOException If an error occurs while communicating with the server.
* @exception PropertyVetoException If the change is vetoed.
* @exception ServerStartupException If the host server cannot be started.
* @exception UnknownHostException If the server cannot be located.
*
**/
abstract public void removeUser(String objName,String userName)
throws AS400Exception,
AS400SecurityException,
ConnectionDroppedException,
ErrorCompletingRequestException,
InterruptedException,
IOException,
ServerStartupException,
UnknownHostException,
PropertyVetoException;
/**
* Sets authorized information.
* @param objName The object the authorized information will be set to.
* @param permission The permission will be set.
* @exception AS400Exception If the server returns an error message.
* @exception AS400SecurityException If a security or authority error occurs.
* @exception ConnectionDroppedException If the connection is dropped unexpectedly.
* @exception ErrorCompletingRequestException If an error occurs before the request is completed.
* @exception InterruptedException If this thread is interrupted.
* @exception IOException If an error occurs while communicating with the server.
* @exception PropertyVetoException If the change is vetoed.
* @exception ServerStartupException If the host server cannot be started.
* @exception UnknownHostException If the server cannot be located.
*
**/
abstract public void setAuthority(String objName,UserPermission permission)
throws AS400Exception,
AS400SecurityException,
ConnectionDroppedException,
ErrorCompletingRequestException,
InterruptedException,
IOException,
ServerStartupException,
UnknownHostException,
PropertyVetoException;
/**
* Sets authorization list of the object.
* @param objName The object the authorized list will be set to.
* @param autList The authorization list will be set.
* @param oldValue The old authorization list will be replaced.
* @exception AS400Exception If the server returns an error message.
* @exception AS400SecurityException If a security or authority error occurs.
* @exception ConnectionDroppedException If the connection is dropped unexpectedly.
* @exception ErrorCompletingRequestException If an error occurs before the request is completed.
* @exception InterruptedException If this thread is interrupted.
* @exception IOException If an error occurs while communicating with the server.
* @exception PropertyVetoException If the change is vetoed.
* @exception ServerStartupException If the host server cannot be started.
* @exception UnknownHostException If the server cannot be located.
*
**/
abstract public void setAuthorizationList(String objName,String autList,String oldValue)
throws AS400Exception,
AS400SecurityException,
ConnectionDroppedException,
ErrorCompletingRequestException,
InterruptedException,
IOException,
ServerStartupException,
UnknownHostException,
PropertyVetoException;
/**
* Sets from authorization list of the object.
* @param objName The object the authorized list will be set to.
* @param fromAutl true if the permission is from the authorization list;
* false otherwise.
* @exception AS400Exception If the server returns an error message.
* @exception AS400SecurityException If a security or authority error occurs.
* @exception ConnectionDroppedException If the connection is dropped unexpectedly.
* @exception ErrorCompletingRequestException If an error occurs before the request is completed.
* @exception InterruptedException If this thread is interrupted.
* @exception IOException If an error occurs while communicating with the server.
* @exception PropertyVetoException If the change is vetoed.
* @exception ServerStartupException If the host server cannot be started.
* @exception UnknownHostException If the server cannot be located.
*
**/
abstract public void setFromAuthorizationList(String objName,boolean fromAutl)
throws AS400Exception,
AS400SecurityException,
ConnectionDroppedException,
ErrorCompletingRequestException,
InterruptedException,
IOException,
ServerStartupException,
UnknownHostException,
PropertyVetoException;
// @B2a
/**
* Sets the owner of the object.
* @param objName The object whose ownership is being reset.
* @param owner The owner of the object.
* @param revokeOldAuthority Specifies whether the authorities for the current
* owner are revoked when ownership is transferred to the new owner.
* @exception AS400Exception If the server returns an error message.
* @exception AS400SecurityException If a security or authority error occurs.
* @exception ConnectionDroppedException If the connection is dropped unexpectedly.
* @exception ErrorCompletingRequestException If an error occurs before the request is completed.
* @exception InterruptedException If this thread is interrupted.
* @exception IOException If an error occurs while communicating with the server.
* @exception PropertyVetoException If the change is vetoed.
* @exception ServerStartupException If the host server cannot be started.
* @exception UnknownHostException If the server cannot be located.
*
**/
public void setOwner(String objName, String owner, boolean revokeOldAuthority)
throws AS400Exception,
AS400SecurityException,
ConnectionDroppedException,
ErrorCompletingRequestException,
InterruptedException,
IOException,
ServerStartupException,
UnknownHostException,
PropertyVetoException
{
// @B6 Note -- objName is an IFS-style name which is what
// the CHGOWN command requires. For objects in QSYS, the name
// is "/QSYS.LIB/...". If the object is on an ASP, the asp name
// must be prepended to the path (/aspName/QSYS.LIB/...). Our
// caller must correctly build the name.
if (objName == null) throw new NullPointerException("objName");
if (owner == null) throw new NullPointerException("owner");
String upperCasePath = toUpperCasePath(objName).trim();
// If this begins with /QOPENSYS, do use the uppercase version because
// QOPENSYS is case sensitive
if (upperCasePath.indexOf("/QOPENSYS/") == 0) {
// Don't uppercase the object name
} else {
objName = toUpperCasePath(objName);
}
CommandCall cmd = new CommandCall(as400_);
String revokeOldAut;
if (revokeOldAuthority) revokeOldAut = "*YES";
else revokeOldAut = "*NO";
String cmdString = "CHGOWN " +
"OBJ("+expandQuotes(objName)+") " + // @B3c @B4c
"NEWOWN("+owner+") " +
"RVKOLDAUT("+revokeOldAut+")";
if (!followSymbolicLinks_)
{
cmdString += " SYMLNK(*YES)";
}
cmd.setCommand(cmdString);
// cmd.setThreadSafe(false); // CHGOWN isn't threadsafe.
if(cmd.run()!=true)
{
AS400Message[] msgList=cmd.getMessageList();
throw new AS400Exception(msgList);
}
}
/**
* Sets the primary group of the object.
* @param objName The object whose primary group is being reset.
* @param primaryGroup The primary group.
* @param revokeOldAuthority Specifies whether the authorities for the current
* primary group are revoked when the primary group is changed to the new value.
* @exception AS400Exception If the server returns an error message.
* @exception AS400SecurityException If a security or authority error occurs.
* @exception ConnectionDroppedException If the connection is dropped unexpectedly.
* @exception ErrorCompletingRequestException If an error occurs before the request is completed.
* @exception InterruptedException If this thread is interrupted.
* @exception IOException If an error occurs while communicating with the server.
* @exception PropertyVetoException If the change is vetoed.
* @exception ServerStartupException If the host server cannot be started.
* @exception UnknownHostException If the server cannot be located.
*
**/
public void setPrimaryGroup(String objName, String primaryGroup, boolean revokeOldAuthority)
throws AS400Exception,
AS400SecurityException,
ConnectionDroppedException,
ErrorCompletingRequestException,
InterruptedException,
IOException,
ServerStartupException,
UnknownHostException,
PropertyVetoException
{
// Note -- objName is an IFS-style name which is what
// the CHGPGP command requires. For objects in QSYS, the name
// is "/QSYS.LIB/...". If the object is on an ASP, the asp name
// must be prepended to the path (/aspName/QSYS.LIB/...). Our
// caller must correctly build the name.
if (objName == null) throw new NullPointerException("objName");
if (primaryGroup == null) throw new NullPointerException("primaryGroup");
String upperCasePath = toUpperCasePath(objName).trim();
// If this begins with /QOPENSYS, do use the uppercase version because QOPENSYS is case sensitive
if (upperCasePath.indexOf("/QOPENSYS/") == 0) {
// Don't uppercase the object name
} else {
objName = toUpperCasePath(objName);
}
CommandCall cmd = new CommandCall(as400_);
String revokeOldAut;
if (revokeOldAuthority) revokeOldAut = "*YES";
else revokeOldAut = "*NO";
String cmdString = "CHGPGP " +
"OBJ("+expandQuotes(objName)+") " +
"NEWPGP("+primaryGroup+") " +
"RVKOLDAUT("+revokeOldAut+")";
cmd.setCommand(cmdString);
// cmd.setThreadSafe(false); // CHGPGP isn't threadsafe.
if(cmd.run()!=true)
{
AS400Message[] msgList=cmd.getMessageList();
throw new AS400Exception(msgList);
}
}
/**
* Sets whether to resolve symbolic links when changing or retrieving permissions.
* The default value is true; that is, symbolic links are always resolved.
* By default, if the IBM i object is a symbolic link, then the requested action
* is performed on the object ultimately pointed to by the symbolic link,
* rather than on the symbolic link itself.
*
Note: This method is effective only for IBM i release V5R4 and higher.
* For earlier releases, symbolic links are always resolved, and this method is ignored.
* @param followLinks Whether symbolic links are resolved.
* @see #isFollowSymbolicLinks
*
**/
public void setFollowSymbolicLinks(boolean followLinks)
{
// Assume that the caller has already verified that we're running to V5R4 or higher.
// Note to programmer: If this class ever becomes public, add a VRM check here,
// as in Permission.setFollowSymbolicLinks().
followSymbolicLinks_ = followLinks;
}
/**
* Sets the sensitivity level of the object.
* @param objName The object the sensitivity level will be set to.
* @param sensitivityLevel The sensitivity level.
* @exception AS400Exception If the server returns an error message.
* @exception AS400SecurityException If a security or authority error occurs.
* @exception ConnectionDroppedException If the connection is dropped unexpectedly.
* @exception ErrorCompletingRequestException If an error occurs before the request is completed.
* @exception InterruptedException If this thread is interrupted.
* @exception IOException If an error occurs while communicating with the server.
* @exception PropertyVetoException If the change is vetoed.
* @exception ServerStartupException If the host server cannot be started.
* @exception UnknownHostException If the server cannot be located.
*
**/
abstract public void setSensitivity(String objName,int sensitivityLevel)
throws AS400Exception,
AS400SecurityException,
ConnectionDroppedException,
ErrorCompletingRequestException,
InterruptedException,
IOException,
ServerStartupException,
UnknownHostException,
PropertyVetoException;
/**
* Sets the system where object authority information resides.
*
* @param system The server object.
* @see #getSystem
**/
public void setSystem(AS400 system)
{
if (system == null) throw new NullPointerException("system");
as400_ = system;
}
// Uppercases the specified path string. Any characters enclosed in quotes are not changed.
static final String toUpperCasePath(String path)
{
if (path == null || path.length() == 0) return (String)path;
else return QSYSObjectPathName.toQSYSName(path);
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy