You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2018/07/14 20:23:43 UTC
directory-fortress-core git commit: FC-235 - Add support for runtime
constraints, support comma sep values for user props
Repository: directory-fortress-core
Updated Branches:
refs/heads/master 91c72452b -> 1af2f9b41
FC-235 - Add support for runtime constraints, support comma sep values for user props
Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/1af2f9b4
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/1af2f9b4
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/1af2f9b4
Branch: refs/heads/master
Commit: 1af2f9b41d2ac16abe4673dd71b48c953a4535e1
Parents: 91c7245
Author: Shawn McKinney <sm...@apache.org>
Authored: Sat Jul 14 14:10:26 2018 -0500
Committer: Shawn McKinney <sm...@apache.org>
Committed: Sat Jul 14 14:10:26 2018 -0500
----------------------------------------------------------------------
.../fortress/core/util/time/Discriminant.java | 29 +++++++++++++++++---
1 file changed, 25 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/1af2f9b4/src/main/java/org/apache/directory/fortress/core/util/time/Discriminant.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/util/time/Discriminant.java b/src/main/java/org/apache/directory/fortress/core/util/time/Discriminant.java
index 475c1ae..d364189 100644
--- a/src/main/java/org/apache/directory/fortress/core/util/time/Discriminant.java
+++ b/src/main/java/org/apache/directory/fortress/core/util/time/Discriminant.java
@@ -26,6 +26,11 @@ import org.apache.directory.fortress.core.model.Session;
import org.apache.directory.fortress.core.util.Config;
import org.apache.directory.fortress.core.util.VUtil;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.StringTokenizer;
+import java.util.TreeSet;
+
/**
* This class performs dynamic constraint validation on role per FC-235
*
@@ -59,15 +64,13 @@ public class Discriminant
{
// Get the constraint value for this user set as property on the user entity keyed with the role's name:
String userProp = session.getUser().getProperty( role.getName() );
-
// Does the user have one set?
if ( StringUtils.isNotEmpty( userProp ) )
{
+ Set<String> values = getValues( userProp );
// This value must be placed here by the caller:
String constraintValue = session.getUser().getProperty( constraintType );
-
- // Verify the role's corresponding property value matches the value passed in by the caller of this function.
- if ( !userProp.equalsIgnoreCase( constraintValue ) )
+ if( StringUtils.isEmpty( constraintValue ) || !values.contains( constraintValue ) )
{
rc = GlobalErrIds.ACTV_FAILED_DISCRIMINANT;
}
@@ -81,4 +84,22 @@ public class Discriminant
}
return rc;
}
+
+ public Set getValues( String members )
+ {
+ Set<String> values = new HashSet<>( );
+ if ( members != null )
+ {
+ StringTokenizer tkn = new StringTokenizer( members, "," );
+ if ( tkn.countTokens() > 0 )
+ {
+ while ( tkn.hasMoreTokens() )
+ {
+ values.add( tkn.nextToken() );
+ }
+ }
+ }
+ return values;
+ }
+
}
\ No newline at end of file