You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2015/03/01 16:56:38 UTC
directory-fortress-core git commit: FC-74 - DSD checking on
hierarchical relationships incorrect
Repository: directory-fortress-core
Updated Branches:
refs/heads/master c886b6aa5 -> f57e2b705
FC-74 - DSD checking on hierarchical relationships incorrect
Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/f57e2b70
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/f57e2b70
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/f57e2b70
Branch: refs/heads/master
Commit: f57e2b705a870b61c5c75b186221779cfdb8bbf3
Parents: c886b6a
Author: Shawn McKinney <sm...@apache.org>
Authored: Sun Mar 1 09:56:22 2015 -0600
Committer: Shawn McKinney <sm...@apache.org>
Committed: Sun Mar 1 09:56:22 2015 -0600
----------------------------------------------------------------------
.../directory/fortress/core/rbac/DSDChecker.java | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/f57e2b70/src/main/java/org/apache/directory/fortress/core/rbac/DSDChecker.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rbac/DSDChecker.java b/src/main/java/org/apache/directory/fortress/core/rbac/DSDChecker.java
index 605acf0..c80c32a 100755
--- a/src/main/java/org/apache/directory/fortress/core/rbac/DSDChecker.java
+++ b/src/main/java/org/apache/directory/fortress/core/rbac/DSDChecker.java
@@ -25,6 +25,7 @@ import java.util.List;
import java.util.Set;
import org.apache.directory.fortress.core.*;
+import org.apache.directory.fortress.core.util.attr.VUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -129,20 +130,21 @@ public class DSDChecker
matchCount++;
if ( matchCount >= dsd.getCardinality() )
{
- // remove the assigned role from session (not the authorized role):
- activatedRoles.remove();
String warning = "validate userId [" + session.getUserId()
+ "] assignedRole [" + activatedRole.getName() + "] parentRole ["
+ parentRole + "] validates DSD Set Name:" + dsd.getName()
+ " Cardinality:" + dsd.getCardinality();
- LOG.warn( warning );
rc = GlobalErrIds.ACTV_FAILED_DSD;
+
+ // remove the assigned role from session (not the authorized role):
+ activatedRoles.remove();
+
session.setWarning( new ObjectFactory().createWarning( rc, warning,
Warning.Type.ROLE, activatedRole.getName() ) );
+ LOG.warn( warning );
+ // Breaking out of the loop because assigned role has been removed from session.
+ break;
}
- // Breaking out of the loop here means the DSD algorithm will only match one
- // role per parent.
- break;
}
}
}