You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by wo...@apache.org on 2008/09/04 18:42:14 UTC
svn commit: r692150 - in
/portals/jetspeed-2/portal/branches/security-refactoring:
components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/
components/jetspeed-security/src/test/java/org/apache/jetspeed/security/
jetspeed-api/src/m...
Author: woonsan
Date: Thu Sep 4 09:42:13 2008
New Revision: 692150
URL: http://svn.apache.org/viewvc?rev=692150&view=rev
Log:
Flattening the Principal API.
Made role manager to extend BaseJetspeedPrincipalManager and implemented the existing methods to delegate to super. Needs more discussions.
Modified:
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RoleManagerImpl.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestAggregationHierarchy.java
portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/JetspeedPrincipalAssociationType.java
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RoleManagerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RoleManagerImpl.java?rev=692150&r1=692149&r2=692150&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RoleManagerImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RoleManagerImpl.java Thu Sep 4 09:42:13 2008
@@ -27,6 +27,17 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.security.AuthenticationProviderProxy;
+import org.apache.jetspeed.security.DependentPrincipalException;
+import org.apache.jetspeed.security.JetspeedPrincipal;
+import org.apache.jetspeed.security.JetspeedPrincipalAssociationHandler;
+import org.apache.jetspeed.security.JetspeedPrincipalAssociationReference;
+import org.apache.jetspeed.security.JetspeedPrincipalAssociationType;
+import org.apache.jetspeed.security.PrincipalAlreadyExistsException;
+import org.apache.jetspeed.security.PrincipalAssociationRequiredException;
+import org.apache.jetspeed.security.PrincipalNotFoundException;
+import org.apache.jetspeed.security.PrincipalNotRemovableException;
+import org.apache.jetspeed.security.PrincipalReadOnlyException;
+import org.apache.jetspeed.security.PrincipalUpdateException;
import org.apache.jetspeed.security.Role;
import org.apache.jetspeed.security.RoleManager;
import org.apache.jetspeed.security.RolePrincipal;
@@ -34,6 +45,8 @@
import org.apache.jetspeed.security.SecurityProvider;
import org.apache.jetspeed.security.attributes.SecurityAttributes;
import org.apache.jetspeed.security.attributes.SecurityAttributesProvider;
+import org.apache.jetspeed.security.spi.JetspeedPrincipalPermissionStorageManager;
+import org.apache.jetspeed.security.spi.JetspeedPrincipalStorageManager;
import org.apache.jetspeed.security.spi.RoleSecurityHandler;
import org.apache.jetspeed.security.spi.SecurityMappingHandler;
@@ -54,32 +67,24 @@
*
* @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>
* @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>
+ * @version $Id$
*/
-public class RoleManagerImpl implements RoleManager
+public class RoleManagerImpl extends BaseJetspeedPrincipalManager implements RoleManager
{
/** The logger. */
private static final Log log = LogFactory.getLog(RoleManagerImpl.class);
-
- /** The authentication provider proxy. */
- private AuthenticationProviderProxy atnProviderProxy = null;
- /** The role security handler. */
- private RoleSecurityHandler roleSecurityHandler = null;
+ private JetspeedPrincipalAssociationHandler associationHandler;
- /** The security mapping handler. */
- private SecurityMappingHandler securityMappingHandler = null;
+ public RoleManagerImpl()
+ {
+ super();
+ }
- private SecurityAttributesProvider attributesProvider;
-
- /**
- * @param securityProvider The security provider.
- */
- public RoleManagerImpl(SecurityProvider securityProvider, SecurityAttributesProvider attributesProvider)
+ public RoleManagerImpl(JetspeedPrincipalStorageManager jetspeedPrincipalStorageManager, JetspeedPrincipalPermissionStorageManager jetspeedPrincipalPermissionStorageManager, JetspeedPrincipalAssociationHandler associationHandler)
{
- this.atnProviderProxy = securityProvider.getAuthenticationProviderProxy();
- this.roleSecurityHandler = securityProvider.getRoleSecurityHandler();
- this.securityMappingHandler = securityProvider.getSecurityMappingHandler();
- this.attributesProvider = attributesProvider;
+ super(jetspeedPrincipalStorageManager, jetspeedPrincipalPermissionStorageManager);
+ this.associationHandler = associationHandler;
}
/**
@@ -91,6 +96,7 @@
{
throw new SecurityException(SecurityException.ROLE_ALREADY_EXISTS.create(roleName));
}
+
RolePrincipal rolePrincipal = new RolePrincipalImpl(roleName);
roleSecurityHandler.storeRolePrincipal(rolePrincipal);
SecurityAttributes sa = attributesProvider.createSecurityAttributes(rolePrincipal);
@@ -104,25 +110,13 @@
*/
public void removeRole(String roleName) throws SecurityException
{
- if (securityMappingHandler.getHierarchyResolver() != null)
+ try
{
- Set<RolePrincipal> roles = securityMappingHandler.getHierarchyResolver().resolveRoles(roleName);
- for (RolePrincipal gp : roles)
- {
- roleSecurityHandler.removeRolePrincipal(gp);
-// TODO: should we use cascading deletes?
- attributesProvider.deleteAttributes(gp);
- }
- }
- else
+ super.removePrincipal(roleName);
+ }
+ catch (Exception e)
{
- RolePrincipal rp = roleSecurityHandler.getRolePrincipal(roleName);
- if (rp != null)
- {
- roleSecurityHandler.removeRolePrincipal(new RolePrincipalImpl(roleName));
-// TODO: should we use cascading deletes?
- attributesProvider.deleteAttributes(rp);
- }
+ throw new SecurityException(e);
}
}
@@ -131,9 +125,7 @@
*/
public boolean roleExists(String roleName)
{
- Principal principal = roleSecurityHandler.getRolePrincipal(roleName);
- boolean roleExists = (null != principal);
- return roleExists;
+ return super.principalExists(roleName);
}
/**
@@ -141,14 +133,14 @@
*/
public Role getRole(String roleName) throws SecurityException
{
- Principal rolePrincipal = roleSecurityHandler.getRolePrincipal(roleName);
- if (null == rolePrincipal)
+ Role role = (Role) super.getPrincipal(roleName);
+
+ if (null == role)
{
throw new SecurityException(
SecurityException.ROLE_DOES_NOT_EXIST.create(roleName));
}
- SecurityAttributes attributes = this.attributesProvider.retrieveAttributes(rolePrincipal);
- Role role = new RoleImpl(rolePrincipal, attributes);
+
return role;
}
@@ -158,13 +150,18 @@
public Collection<Role> getRolesForUser(String username) throws SecurityException
{
Collection<Role> roles = new ArrayList<Role>();
-
- Set<RolePrincipal> rolePrincipals = securityMappingHandler.getRolePrincipals(username);
- for (RolePrincipal rolePrincipal : rolePrincipals)
+ // retrieve associated principals of which the user is the part
+ List<JetspeedPrincipal> principals = super.getAssociatedFrom(username, JetspeedPrincipalAssociationType.IS_PART_OF);
+
+ for (JetspeedPrincipal principal : principals)
{
- SecurityAttributes attributes = this.attributesProvider.retrieveAttributes(rolePrincipal);
- roles.add(new RoleImpl(rolePrincipal, attributes));
+ // TODO: the next literal should be defined as a constant in somewhere.
+ if ("org.apache.jetspeed.security.role".equals(principal.getType().getName()))
+ {
+ roles.add((Role) principal);
+ }
}
+
return roles;
}
@@ -174,12 +171,18 @@
public Collection<Role> getRolesInGroup(String groupName) throws SecurityException
{
Collection<Role> roles = new ArrayList<Role>();
- Set<RolePrincipal> rolePrincipals = securityMappingHandler.getRolePrincipalsInGroup(groupName);
- for (RolePrincipal rolePrincipal : rolePrincipals)
+ // retrieve associated principals which are part of the group
+ List<JetspeedPrincipal> principals = super.getAssociatedTo(groupName, JetspeedPrincipalAssociationType.IS_PART_OF);
+
+ for (JetspeedPrincipal principal : principals)
{
- SecurityAttributes attributes = this.attributesProvider.retrieveAttributes(rolePrincipal);
- roles.add(new RoleImpl(rolePrincipal, attributes));
+ // TODO: the next literal should be defined as a constant in somewhere.
+ if ("org.apache.jetspeed.security.role".equals(principal.getType().getName()))
+ {
+ roles.add((Role) principal);
+ }
}
+
return roles;
}
@@ -288,14 +291,14 @@
*/
public Collection<Role> getRoles(String filter) throws SecurityException
{
- List<Role> roles = new LinkedList<Role>();
- Collection<RolePrincipal> rolePrincipals = roleSecurityHandler.getRolePrincipals(filter);
- for (RolePrincipal principal : rolePrincipals)
- {
- SecurityAttributes attributes = this.attributesProvider.retrieveAttributes(principal);
- Role role = new RoleImpl(principal, attributes);
- roles.add(role);
+ Collection<Role> roles = new ArrayList<Role>();
+ List<JetspeedPrincipal> principals = super.getPrincipals(filter);
+
+ for (JetspeedPrincipal principal : principals)
+ {
+ roles.add((Role) principal);
}
+
return roles;
}
@@ -304,15 +307,68 @@
*/
public void setRoleEnabled(String roleName, boolean enabled) throws SecurityException
{
- RolePrincipalImpl rolePrincipal = (RolePrincipalImpl)roleSecurityHandler.getRolePrincipal(roleName);
- if (null == rolePrincipal)
+ Role role = (Role) super.getPrincipal(roleName);
+
+ if (null == role)
{
throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(roleName));
}
- if ( enabled != rolePrincipal.isEnabled() )
+
+ try
+ {
+ if (enabled != role.isEnabled())
+ {
+ role.setEnabled(enabled);
+ // TODO: store this role principal
+ }
+
+ role.setEnabled(enabled);
+ }
+ catch (PrincipalReadOnlyException e)
{
- rolePrincipal.setEnabled(enabled);
- roleSecurityHandler.storeRolePrincipal(rolePrincipal);
+ throw new SecurityException(e);
}
}
+
+ public JetspeedPrincipal newPrincipal(String name, boolean mapped)
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public JetspeedPrincipal newTransientPrincipal(String name)
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public void addPrincipal(JetspeedPrincipal principal,
+ Set<JetspeedPrincipalAssociationReference> associations)
+ throws PrincipalAlreadyExistsException,
+ PrincipalAssociationRequiredException
+ {
+ // TODO Auto-generated method stub
+
+ }
+
+ public boolean isMapped()
+ {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ public void removePrincipal(JetspeedPrincipal principal)
+ throws PrincipalNotFoundException, PrincipalNotRemovableException,
+ DependentPrincipalException
+ {
+ // TODO Auto-generated method stub
+
+ }
+
+ public void updatePrincipal(JetspeedPrincipal principal)
+ throws PrincipalUpdateException, PrincipalNotFoundException
+ {
+ // TODO Auto-generated method stub
+
+ }
}
\ No newline at end of file
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestAggregationHierarchy.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestAggregationHierarchy.java?rev=692150&r1=692149&r2=692150&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestAggregationHierarchy.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestAggregationHierarchy.java Thu Sep 4 09:42:13 2008
@@ -99,7 +99,7 @@
rms.addRoleToUser("test", "rootrole");
user = ums.getUser("test");
- Subject subject = user.getSubject();
+ Subject subject = ums.getSubject("test");
assertNotNull("subject is null", subject);
Collection principals = getPrincipals(subject, RolePrincipal.class);
assertEquals("should have 3 principals;", 3, principals.size());
@@ -112,7 +112,8 @@
rms.removeRoleFromUser("test", "rootrole");
user = ums.getUser("test");
- principals = getPrincipals(user.getSubject(), RolePrincipal.class);
+ subject = ums.getSubject("test");
+ principals = getPrincipals(subject, RolePrincipal.class);
assertEquals("should not have any principals;", 0, principals.size());
}
@@ -126,7 +127,7 @@
rms.addRoleToUser("test", "rootrole.childrole1");
user = ums.getUser("test");
- Subject subject = user.getSubject();
+ Subject subject = ums.getSubject("test");
assertNotNull("subject is null", subject);
Collection principals = getPrincipals(subject, RolePrincipal.class);
assertEquals("shoud have 1 principal;", 1, principals.size());
@@ -137,7 +138,8 @@
rms.removeRoleFromUser("test", "rootrole.childrole1");
user = ums.getUser("test");
- principals = getPrincipals(user.getSubject(), RolePrincipal.class);
+ subject = ums.getSubject("test");
+ principals = getPrincipals(subject, RolePrincipal.class);
assertEquals("should not have any principals;", 0, principals.size());
}
Modified: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/JetspeedPrincipalAssociationType.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/JetspeedPrincipalAssociationType.java?rev=692150&r1=692149&r2=692150&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/JetspeedPrincipalAssociationType.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-api/src/main/java/org/apache/jetspeed/security/JetspeedPrincipalAssociationType.java Thu Sep 4 09:42:13 2008
@@ -21,6 +21,9 @@
*/
public interface JetspeedPrincipalAssociationType
{
+ String IS_A = "is_a"; // FROM node is a TO node.
+ String IS_PART_OF = "part_of"; // FROM node is part of TO node.
+
String getAssociationName();
JetspeedPrincipalType getFromPrincipalType();
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org