You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2021/08/31 19:34:59 UTC
[tomcat] branch main updated: Fix group roles not working
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 5907d8f Fix group roles not working
5907d8f is described below
commit 5907d8f284aa50cc970b43dd6352da143c95cd31
Author: remm <re...@apache.org>
AuthorDate: Tue Aug 31 21:34:41 2021 +0200
Fix group roles not working
Also for a simple schema, the roles didn't work properly. Now when
there's no role table, roles exist when they are assigned to a user.
---
.../catalina/users/DataSourceUserDatabase.java | 26 +++++++++++++++-------
1 file changed, 18 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/catalina/users/DataSourceUserDatabase.java b/java/org/apache/catalina/users/DataSourceUserDatabase.java
index a5bff3a..2c6eb5e 100644
--- a/java/org/apache/catalina/users/DataSourceUserDatabase.java
+++ b/java/org/apache/catalina/users/DataSourceUserDatabase.java
@@ -128,7 +128,7 @@ public class DataSourceUserDatabase extends SparseUserDatabase {
/**
* The generated string for the groups PreparedStatement
*/
- private String preparedGroupsR = null;
+ private String preparedGroupRoles = null;
/**
@@ -640,7 +640,7 @@ public class DataSourceUserDatabase extends SparseUserDatabase {
ArrayList<Role> groupRoles = new ArrayList<>();
if (groupName != null) {
groupName = groupName.trim();
- try (PreparedStatement stmt2 = dbConnection.prepareStatement(preparedGroupsR)) {
+ try (PreparedStatement stmt2 = dbConnection.prepareStatement(preparedGroupRoles)) {
stmt2.setString(1, groupName);
try (ResultSet rs2 = stmt2.executeQuery()) {
while (rs2.next()) {
@@ -869,7 +869,7 @@ public class DataSourceUserDatabase extends SparseUserDatabase {
temp.append(" = ?");
preparedRoles = temp.toString();
- if (userGroupTable != null && userGroupTable.length() > 0) {
+ if (userGroupTable != null) {
temp = new StringBuilder("SELECT ");
temp.append(groupNameCol);
temp.append(" FROM ");
@@ -880,15 +880,15 @@ public class DataSourceUserDatabase extends SparseUserDatabase {
preparedGroups = temp.toString();
}
- if (groupRoleTable != null && groupRoleTable.length() > 0) {
+ if (groupRoleTable != null) {
temp = new StringBuilder("SELECT ");
- temp.append(groupNameCol);
+ temp.append(roleNameCol);
temp.append(" FROM ");
temp.append(groupRoleTable);
temp.append(" WHERE ");
temp.append(groupNameCol);
temp.append(" = ?");
- preparedGroupsR = temp.toString();
+ preparedGroupRoles = temp.toString();
}
temp = new StringBuilder("SELECT ");
@@ -909,7 +909,7 @@ public class DataSourceUserDatabase extends SparseUserDatabase {
temp.append(userTable);
preparedAllUsers = temp.toString();
- if (groupTable != null && groupTable.length() > 0) {
+ if (groupTable != null) {
temp = new StringBuilder("SELECT ");
temp.append(groupNameCol);
if (roleAndGroupDescriptionCol != null) {
@@ -929,7 +929,7 @@ public class DataSourceUserDatabase extends SparseUserDatabase {
preparedAllGroups = temp.toString();
}
- if (roleTable != null && roleTable.length() > 0) {
+ if (roleTable != null) {
// Create the role PreparedStatement string
temp = new StringBuilder("SELECT ");
temp.append(roleNameCol);
@@ -948,6 +948,16 @@ public class DataSourceUserDatabase extends SparseUserDatabase {
temp.append(" FROM ");
temp.append(roleTable);
preparedAllRoles = temp.toString();
+ } else {
+ // Validate roles existence from the user <-> roles table
+ temp = new StringBuilder("SELECT ");
+ temp.append(roleNameCol);
+ temp.append(" FROM ");
+ temp.append(userRoleTable);
+ temp.append(" WHERE ");
+ temp.append(roleNameCol);
+ temp.append(" = ?");
+ preparedRole = temp.toString();
}
} finally {
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org