4.20 - Delete Inheritance
4 - Fortress Code Samples
4.22 - Add Descendant

4.21 - Add Ascendant

void addAscendant(Role childRole, Role parentRole) throws SecurityException

This command creates a new role parentRole, and inserts it in the role hierarchy as an immediate ascendant of the existing role childRole.

The command is valid if and only if:

  • The parentRole is not a member of the ROLES data set.
  • The childRole is a member of the ROLES data set.

This method:

  • Adds new role.
  • Assigns role relationship between new parentRole and pre-existing childRole.

required parameters:

  • childRole - Role#name - contains the name of existing child Role
  • parentRole - Role#name - contains the name of new Role to be parent

optional parameters parentRole

  • parentRole - Role#description - maps to description attribute on organizationalRole object class for new parent
  • parentRole - Role#beginTime - HHMM - determines begin hour role may be activated into user’s RBAC session for new parent
  • parentRole - Role#endTime - HHMM - determines end hour role may be activated into user’s RBAC session for new parent
  • parentRole - Role#beginDate - YYYYMMDD - determines date when role may be activated into user’s RBAC session for new parent
  • parentRole - Role#endDate - YYYYMMDD - indicates latest date role may be activated into user’s RBAC session for new parent
  • parentRole - Role#beginLockDate - YYYYMMDD - determines beginning of enforced inactive status for new parent
  • parentRole - Role#endLockDate - YYYYMMDD - determines end of enforced inactive status for new parent
  • parentRole - Role#dayMask - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into user’s RBAC session for new parent

Throws:

  • SecurityException - thrown in the event of data validation or system error.

addAscendant

import org.apache.directory.fortress.core.AdminMgr;
import org.apache.directory.fortress.core.AdminMgrFactory;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.SecurityException;

@test
public static void testAddAscendant(String childNm, String parentNm)
{
    String szLocation = ".testAddAscendant";
    try
    {
        AdminMgr adminMgr = AdminMgrFactory.createInstance();
        adminMgr.addAscendant( new Role( childNm ), new Role( parentNm ) );
    }
    catch (SecurityException ex)
    {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
4.20 - Delete Inheritance
4 - Fortress Code Samples
4.22 - Add Descendant