4.21 - Add Ascendant
4 - Fortress Code Samples
4.23 - Create SSD Set

4.22 - Add Descendant

void addDescendant(Role parentRole, Role childRole) throws SecurityException

This command creates a new role childRole, and inserts it in the role hierarchy as an immediate descendant of the existing role parentRole.

The command is valid if and only if:

  • The childRole is not a member of the ROLES data set.
  • The parentRole is a member of the ROLES data set.

This method:

  • Adds new role.
  • Assigns role relationship between new childRole and pre-existing parentRole.

required parameters:

  • parentRole - Role#name - contains the name of existing Role to be parent
  • childRole - Role#name - contains the name of new Role to be child

optional parameters childRole

  • childRole - Role#description - maps to description attribute on organizationalRole object class for new child
  • childRole - Role#beginTime - HHMM - determines begin hour role may be activated into user’s RBAC session for new child
  • childRole - Role#endTime - HHMM - determines end hour role may be activated into user’s RBAC session for new child
  • childRole - Role#beginDate - YYYYMMDD - determines date when role may be activated into user’s RBAC session for new child
  • childRole - Role#endDate - YYYYMMDD - indicates latest date role may be activated into user’s RBAC session for new child
  • childRole - Role#beginLockDate - YYYYMMDD - determines beginning of enforced inactive status for new child
  • childRole - Role#endLockDate - YYYYMMDD - determines end of enforced inactive status for new child
  • childRole - Role#dayMask - 1234567, 1 = Sunday, 2 = Monday, etc - specifies which day role may be activated into user’s RBAC session for new child

Throws:

  • SecurityException - thrown in the event of data validation or system error.

addDescendant

import org.apache.directory.fortress.core.AdminMgr;
import org.apache.directory.fortress.core.AdminMgrFactory;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.SecurityException;

@test
public static void testAddDescendant(String childNm, String parentNm)
{
    String szLocation = ".testAddDescendant";
    try
    {
        AdminMgr adminMgr = AdminMgrFactory.createInstance();
        adminMgr.addDescendant( new Role( parentNm ), new Role( childNm ) );
    }
    catch (SecurityException ex)
    {
        LOG.error(szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex);
        fail(ex.getMessage());
    }
}
4.21 - Add Ascendant
4 - Fortress Code Samples
4.23 - Create SSD Set