You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2015/03/08 19:08:32 UTC
directory-fortress-core git commit: add role engineering load file
sample.
Repository: directory-fortress-core
Updated Branches:
refs/heads/master 6e7368fd4 -> a698d74da
add role engineering load file sample.
Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/a698d74d
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/a698d74d
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/a698d74d
Branch: refs/heads/master
Commit: a698d74da4aeb240d5f7b45f4711323bed60da59
Parents: 6e7368f
Author: Shawn McKinney <sm...@apache.org>
Authored: Sun Mar 8 13:08:05 2015 -0500
Committer: Shawn McKinney <sm...@apache.org>
Committed: Sun Mar 8 13:08:05 2015 -0500
----------------------------------------------------------------------
ldap/setup/RoleEngineeringSample.xml | 87 ++++++++++++++++++++
.../directory/fortress/core/rbac/SdDAO.java | 2 +-
.../fortress/core/util/attr/VUtil.java | 5 ++
3 files changed, 93 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/a698d74d/ldap/setup/RoleEngineeringSample.xml
----------------------------------------------------------------------
diff --git a/ldap/setup/RoleEngineeringSample.xml b/ldap/setup/RoleEngineeringSample.xml
new file mode 100644
index 0000000..894a297
--- /dev/null
+++ b/ldap/setup/RoleEngineeringSample.xml
@@ -0,0 +1,87 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<project basedir="." default="all" name="Fortress Sample Data">
+ <taskdef classname="org.apache.directory.fortress.core.ant.FortressAntTask" name="FortressAdmin">
+ <classpath path="${java.class.path}"/>
+ </taskdef>
+
+ <target name="all">
+ <FortressAdmin>
+
+ <adduser>
+ <user userId="johndoe" password="password" description="User has both Buyer and Seller Roles Assigned" cn="Jon Doe" sn="Doe" ou="u1" />
+ <user userId="ssmith" password="password" description="User has Buyer Role Assigned" cn="Steve Smith" sn="Smith" ou="u1" />
+ <user userId="rtaylor" password="password" description="User has Seller Role Assigned" cn="Ricky Taylor" sn="Taylor" ou="u1" />
+ </adduser>
+
+ <adduserrole>
+ <userrole userId="johndoe" name="Buyers"/>
+ <userrole userId="johndoe" name="Sellers"/>
+ <userrole userId="ssmith" name="Buyers"/>
+ <userrole userId="rtaylor" name="Sellers"/>
+ </adduserrole>
+
+ <addrole>
+ <role name="Users" description="Basic rights for all Buyers and Sellers"/>
+ <role name="Buyers" description="May bid on and purchase products"/>
+ <role name="Sellers" description="May start auctions and ship items"/>
+ </addrole>
+
+ <addroleinheritance>
+ <relationship child="Buyers" parent="Users"/>
+ <relationship child="Sellers" parent="Users"/>
+ </addroleinheritance>
+
+ <addsdset>
+ <sdset name="BuySel" setmembers="Buyers,Sellers" cardinality="2" setType="DYNAMIC" description="User can only be activate one role of this set"/>
+ </addsdset>
+
+ <addpermobj>
+ <permobj objName="Item" description="This product is available for purchase" ou="p1" />
+ <permobj objName="Auction" description="Controls a particular online auction" ou="p1" />
+ <permobj objName="Account" description="Each user must have one of these" ou="p1" />
+ </addpermobj>
+
+ <addpermop>
+ <permop objName="Item" opName="bid" description="Bid on a given product"/>
+ <permop objName="Item" opName="buy" description="Purchase a given product"/>
+ <permop objName="Item" opName="ship" description="Place a product up for sale"/>
+ <permop objName="Item" opName="search" description="Search through item list"/>
+ <permop objName="Auction" opName="create" description="May start a new auction"/>
+ <permop objName="Account" opName="create" description="Ability to add a new account"/>
+ </addpermop>
+
+ <addpermgrant>
+ <permgrant objName="Item" opName="bid" roleNm="Buyers"/>
+ <permgrant objName="Item" opName="buy" roleNm="Buyers"/>
+ <permgrant objName="Item" opName="ship" roleNm="Sellers"/>
+ <permgrant objName="Auction" opName="create" roleNm="Sellers"/>
+ <permgrant objName="Item" opName="search" roleNm="Users"/>
+ <permgrant objName="Account" opName="create" roleNm="Users"/>
+ </addpermgrant>
+
+ <addorgunit>
+ <orgunit name="u1" typeName="USER" description="Test User Org for Rbac Role Engineering Sample"/>
+ <orgunit name="p1" typeName="PERM" description="Test Perm Org for Rbac Role Engineering Sample"/>
+ </addorgunit>
+
+ </FortressAdmin>
+ </target>
+</project>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/a698d74d/src/main/java/org/apache/directory/fortress/core/rbac/SdDAO.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rbac/SdDAO.java b/src/main/java/org/apache/directory/fortress/core/rbac/SdDAO.java
index 2a4916a..6088c83 100755
--- a/src/main/java/org/apache/directory/fortress/core/rbac/SdDAO.java
+++ b/src/main/java/org/apache/directory/fortress/core/rbac/SdDAO.java
@@ -404,7 +404,7 @@ final class SdDAO extends ApacheDsDataProvider
catch ( CursorException e )
{
String error = "search sdset name [" + sdset.getName() + "] type [" + sdset.getType()
- + "] caught LdapException=" + e.getMessage();
+ + "] caught CursorException=" + e.getMessage();
int errCode;
if ( sdset.getType() == SDSet.SDType.DYNAMIC )
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/a698d74d/src/main/java/org/apache/directory/fortress/core/util/attr/VUtil.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/util/attr/VUtil.java b/src/main/java/org/apache/directory/fortress/core/util/attr/VUtil.java
index bedc6b9..b0accf8 100755
--- a/src/main/java/org/apache/directory/fortress/core/util/attr/VUtil.java
+++ b/src/main/java/org/apache/directory/fortress/core/util/attr/VUtil.java
@@ -97,6 +97,11 @@ public class VUtil
*/
public static void orgUnit( String orgUnitId ) throws ValidationException
{
+ if(!isNotNullOrEmpty( orgUnitId ))
+ {
+ String error = "orgUnit is null";
+ throw new ValidationException( GlobalErrIds.ORG_NULL, error );
+ }
int length = orgUnitId.length();
if ( length > maxFieldLength )