4.33 - Enable Role Constraint

public void enableRoleConstraint( Role role, RoleConstraint roleConstraint ) throws SecurityException;

This method enables a role to be constrained by attributes.

The function is valid if and only if:

  • The role is a member of the ROLES data set.

Required Parameters:

  • Role#name - contains the name of a Role.
  • RoleConstraint#type - type of role constraint: [USER, FILTER, OTHER].
  • RoleConstraint#key - the name of an attribute set targeted for the User-Role.

Throws:

  • SecurityException - is thrown if user is not allowed to activate or runtime error occurs with system.

enableRoleConstraint

import org.apache.directory.fortress.core.AdminMgr;
import org.apache.directory.fortress.core.AdminMgrFactory;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.model.RoleConstraint;

@test
public static void testEnableRoleConstraint( Role role, String key )
{
    String szLocation = ".testEnableRoleConstraint";
    try
    {
        AdminMgr adminMgr = AdminMgrFactory.createInstance();
        RoleConstraint constraint = new RoleConstraint();
        constraint.setType(RoleConstraint.RCType.USER);        
        constraint.setKey( key );
        RoleConstraint out = adminMgr.enableRoleConstraint( role, constraint );
    }
    catch ( SecurityException ex )
    {
        LOG.error( szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}