You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@turbine.apache.org by tv...@apache.org on 2007/09/01 15:09:36 UTC
svn commit: r571795 [2/2] - in /turbine/core/branches/TURBINE_2_3_BRANCH: ./
src/java/org/apache/turbine/om/security/
src/java/org/apache/turbine/om/security/peer/
src/java/org/apache/turbine/services/security/
src/java/org/apache/turbine/services/secu...
Modified: turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/db/DBSecurityService.java
URL: http://svn.apache.org/viewvc/turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/db/DBSecurityService.java?rev=571795&r1=571794&r2=571795&view=diff
==============================================================================
--- turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/db/DBSecurityService.java (original)
+++ turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/db/DBSecurityService.java Sat Sep 1 06:09:35 2007
@@ -19,35 +19,8 @@
* under the License.
*/
-import java.util.ArrayList;
-import java.util.Hashtable;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Vector;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.torque.om.BaseObject;
-import org.apache.torque.util.Criteria;
-import org.apache.turbine.om.security.Group;
-import org.apache.turbine.om.security.Permission;
-import org.apache.turbine.om.security.Role;
-import org.apache.turbine.om.security.User;
-import org.apache.turbine.om.security.peer.GroupPeer;
-import org.apache.turbine.om.security.peer.PermissionPeer;
-import org.apache.turbine.om.security.peer.RolePeer;
-import org.apache.turbine.om.security.peer.RolePermissionPeer;
-import org.apache.turbine.om.security.peer.UserGroupRolePeer;
import org.apache.turbine.om.security.peer.UserPeer;
-import org.apache.turbine.services.security.BaseSecurityService;
-import org.apache.turbine.services.security.TurbineSecurity;
-import org.apache.turbine.util.security.AccessControlList;
-import org.apache.turbine.util.security.DataBackendException;
-import org.apache.turbine.util.security.EntityExistsException;
-import org.apache.turbine.util.security.GroupSet;
-import org.apache.turbine.util.security.PermissionSet;
-import org.apache.turbine.util.security.RoleSet;
+import org.apache.turbine.services.security.torque.TorqueSecurityService;
import org.apache.turbine.util.security.UnknownEntityException;
/**
@@ -61,11 +34,8 @@
* @version $Id$
*/
public class DBSecurityService
- extends BaseSecurityService
+ extends TorqueSecurityService
{
- /** Logging */
- private static Log log = LogFactory.getLog(DBSecurityService.class);
-
/**
* The key within services's properties for user implementation
* classname (user.class) - Leandro
@@ -79,1007 +49,6 @@
public static final String USER_PEER_CLASS_DEFAULT =
"org.apache.turbine.om.security.peer.TurbineUserPeer";
- /*-----------------------------------------------------------------------
- Creation of AccessControlLists
- -----------------------------------------------------------------------*/
-
- /**
- * Constructs an AccessControlList for a specific user.
- *
- * This method creates a snapshot of the state of security information
- * concerning this user, at the moment of invocation and stores it
- * into an AccessControlList object.
- *
- * @param user the user for whom the AccessControlList are to be retrieved
- * @return A new AccessControlList object.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if user account is not present.
- */
- public AccessControlList getACL(User user)
- throws DataBackendException, UnknownEntityException
- {
- if (!TurbineSecurity.accountExists(user))
- {
- throw new UnknownEntityException("The account '"
- + user.getName() + "' does not exist");
- }
- try
- {
- Hashtable roles = new Hashtable();
- Hashtable permissions = new Hashtable();
- // notify the state modifiers (writers) that we want to create
- // the snapshot.
- lockShared();
-
- // construct the snapshot:
-
- // foreach group in the system
- for (Iterator groupsIterator = getAllGroups().iterator();
- groupsIterator.hasNext();)
- {
- Group group = (Group) groupsIterator.next();
- // get roles of user in the group
- RoleSet groupRoles = RolePeer.retrieveSet(user, group);
- // put the Set into roles(group)
- roles.put(group, groupRoles);
- // collect all permissions in this group
- PermissionSet groupPermissions = new PermissionSet();
- // foreach role in Set
- for (Iterator rolesIterator = groupRoles.iterator();
- rolesIterator.hasNext();)
- {
- Role role = (Role) rolesIterator.next();
- // get permissions of the role
- PermissionSet rolePermissions
- = PermissionPeer.retrieveSet(role);
- groupPermissions.add(rolePermissions);
- }
- // put the Set into permissions(group)
- permissions.put(group, groupPermissions);
- }
- return getAclInstance(roles, permissions);
- }
- catch (Exception e)
- {
- throw new DataBackendException("Failed to build ACL for user '"
- + user.getName() + "'", e);
- }
- finally
- {
- // notify the state modifiers that we are done creating the snapshot
- unlockShared();
- }
- }
-
- /*-----------------------------------------------------------------------
- Security management
- -----------------------------------------------------------------------*/
-
- /**
- * Grant an User a Role in a Group.
- *
- * @param user the user.
- * @param group the group.
- * @param role the role.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if user account, group or role is not
- * present.
- */
- public synchronized void grant(User user, Group group, Role role)
- throws DataBackendException, UnknownEntityException
- {
- boolean userExists = false;
- boolean groupExists = false;
- boolean roleExists = false;
- try
- {
- lockExclusive();
- userExists = TurbineSecurity.accountExists(user);
- groupExists = checkExists(group);
- roleExists = checkExists(role);
- if (userExists && groupExists && roleExists)
- {
- Criteria criteria = new Criteria();
- criteria.add(UserGroupRolePeer.USER_ID,
- ((BaseObject) user).getPrimaryKey());
- criteria.add(UserGroupRolePeer.GROUP_ID,
- ((BaseObject) group).getPrimaryKey());
- criteria.add(UserGroupRolePeer.ROLE_ID,
- ((BaseObject) role).getPrimaryKey());
- UserGroupRolePeer.doInsert(criteria);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("grant(User,Group,Role) failed", e);
- }
- finally
- {
- unlockExclusive();
- }
- if (!userExists)
- {
- throw new UnknownEntityException("Unknown user '"
- + user.getName() + "'");
- }
- if (!groupExists)
- {
- throw new UnknownEntityException("Unknown group '"
- + group.getName() + "'");
- }
- if (!roleExists)
- {
- throw new UnknownEntityException("Unknown role '"
- + role.getName() + "'");
- }
- }
-
- /**
- * Revoke a Role in a Group from an User.
- *
- * @param user the user.
- * @param group the group.
- * @param role the role.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if user account, group or role is not
- * present.
- */
- public synchronized void revoke(User user, Group group, Role role)
- throws DataBackendException, UnknownEntityException
- {
- boolean userExists = false;
- boolean groupExists = false;
- boolean roleExists = false;
- try
- {
- lockExclusive();
- userExists = TurbineSecurity.accountExists(user);
- groupExists = checkExists(group);
- roleExists = checkExists(role);
- if (userExists && groupExists && roleExists)
- {
- Criteria criteria = new Criteria();
- criteria.add(UserGroupRolePeer.USER_ID,
- ((BaseObject) user).getPrimaryKey());
- criteria.add(UserGroupRolePeer.GROUP_ID,
- ((BaseObject) group).getPrimaryKey());
- criteria.add(UserGroupRolePeer.ROLE_ID,
- ((BaseObject) role).getPrimaryKey());
- UserGroupRolePeer.doDelete(criteria);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("revoke(User,Role,Group) failed", e);
- }
- finally
- {
- unlockExclusive();
- }
- if (!userExists)
- {
- throw new UnknownEntityException("Unknown user '"
- + user.getName() + "'");
- }
- if (!groupExists)
- {
- throw new UnknownEntityException("Unknown group '"
- + group.getName() + "'");
- }
- if (!roleExists)
- {
- throw new UnknownEntityException("Unknown role '"
- + role.getName() + "'");
- }
- }
-
- /**
- * Revokes all roles from an User.
- *
- * This method is used when deleting an account.
- *
- * @param user the User.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the account is not present.
- */
- public synchronized void revokeAll(User user)
- throws DataBackendException, UnknownEntityException
- {
- boolean userExists = false;
- try
- {
- lockExclusive();
- userExists = TurbineSecurity.accountExists(user);
- if (userExists)
- {
- Criteria criteria = new Criteria();
- criteria.add(UserGroupRolePeer.USER_ID,
- ((BaseObject) user).getPrimaryKey());
- UserGroupRolePeer.doDelete(criteria);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("revokeAll(User) failed", e);
- }
- finally
- {
- unlockExclusive();
- }
- throw new UnknownEntityException("Unknown user '"
- + user.getName() + "'");
- }
-
- /**
- * Grants a Role a Permission
- *
- * @param role the Role.
- * @param permission the Permission.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if role or permission is not present.
- */
- public synchronized void grant(Role role, Permission permission)
- throws DataBackendException, UnknownEntityException
- {
- boolean roleExists = false;
- boolean permissionExists = false;
- try
- {
- lockExclusive();
- roleExists = checkExists(role);
- permissionExists = checkExists(permission);
- if (roleExists && permissionExists)
- {
- Criteria criteria = new Criteria();
- criteria.add(RolePermissionPeer.ROLE_ID,
- ((BaseObject) role).getPrimaryKey());
- criteria.add(RolePermissionPeer.PERMISSION_ID,
- ((BaseObject) permission).getPrimaryKey());
- UserGroupRolePeer.doInsert(criteria);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("grant(Role,Permission) failed", e);
- }
- finally
- {
- unlockExclusive();
- }
- if (!roleExists)
- {
- throw new UnknownEntityException("Unknown role '"
- + role.getName() + "'");
- }
- if (!permissionExists)
- {
- throw new UnknownEntityException("Unknown permission '"
- + permission.getName() + "'");
- }
- }
-
- /**
- * Revokes a Permission from a Role.
- *
- * @param role the Role.
- * @param permission the Permission.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if role or permission is not present.
- */
- public synchronized void revoke(Role role, Permission permission)
- throws DataBackendException, UnknownEntityException
- {
- boolean roleExists = false;
- boolean permissionExists = false;
- try
- {
- lockExclusive();
- roleExists = checkExists(role);
- permissionExists = checkExists(permission);
- if (roleExists && permissionExists)
- {
- Criteria criteria = new Criteria();
- criteria.add(RolePermissionPeer.ROLE_ID,
- ((BaseObject) role).getPrimaryKey());
- criteria.add(RolePermissionPeer.PERMISSION_ID,
- ((BaseObject) permission).getPrimaryKey());
- RolePermissionPeer.doDelete(criteria);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("revoke(Role,Permission) failed", e);
- }
- finally
- {
- unlockExclusive();
- }
- if (!roleExists)
- {
- throw new UnknownEntityException("Unknown role '"
- + role.getName() + "'");
- }
- if (!permissionExists)
- {
- throw new UnknownEntityException("Unknown permission '"
- + permission.getName() + "'");
- }
- }
-
- /**
- * Revokes all permissions from a Role.
- *
- * This method is user when deleting a Role.
- *
- * @param role the Role
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the Role is not present.
- */
- public synchronized void revokeAll(Role role)
- throws DataBackendException, UnknownEntityException
- {
- boolean roleExists = false;
- try
- {
- lockExclusive();
- roleExists = checkExists(role);
- if (roleExists)
- {
- Criteria criteria = new Criteria();
- criteria.add(RolePermissionPeer.ROLE_ID,
- ((BaseObject) role).getPrimaryKey());
- RolePermissionPeer.doDelete(criteria);
-
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("revokeAll(Role) failed", e);
- }
- finally
- {
- unlockExclusive();
- }
- throw new UnknownEntityException("Unknown role '"
- + role.getName() + "'");
- }
-
- /*-----------------------------------------------------------------------
- Group/Role/Permission management
- -----------------------------------------------------------------------*/
-
- /**
- * Retrieve a set of Groups that meet the specified Criteria.
- *
- * @param criteria A Criteria of Group selection.
- * @return a set of Groups that meet the specified Criteria.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- */
- public GroupSet getGroups(Criteria criteria)
- throws DataBackendException
- {
- Criteria dbCriteria = new Criteria();
- Iterator keys = criteria.keySet().iterator();
- while (keys.hasNext())
- {
- String key = (String) keys.next();
- dbCriteria.put(GroupPeer.getColumnName(key), criteria.get(key));
- }
- List groups = new ArrayList(0);
- try
- {
- groups = GroupPeer.doSelect(criteria);
- }
- catch (Exception e)
- {
- throw new DataBackendException("getGroups(Criteria) failed", e);
- }
- return new GroupSet(groups);
- }
-
- /**
- * Retrieve a set of Roles that meet the specified Criteria.
- *
- * @param criteria A Criteria of Roles selection.
- * @return a set of Roles that meet the specified Criteria.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- */
- public RoleSet getRoles(Criteria criteria)
- throws DataBackendException
- {
- Criteria dbCriteria = new Criteria();
- Iterator keys = criteria.keySet().iterator();
- while (keys.hasNext())
- {
- String key = (String) keys.next();
- dbCriteria.put(RolePeer.getColumnName(key), criteria.get(key));
- }
- List roles = new ArrayList(0);
- try
- {
- roles = RolePeer.doSelect(criteria);
- }
- catch (Exception e)
- {
- throw new DataBackendException("getRoles(Criteria) failed", e);
- }
- return new RoleSet(roles);
- }
-
- /**
- * Retrieve a set of Permissions that meet the specified Criteria.
- *
- * @param criteria A Criteria of Permissions selection.
- * @return a set of Permissions that meet the specified Criteria.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- */
- public PermissionSet getPermissions(Criteria criteria)
- throws DataBackendException
- {
- Criteria dbCriteria = new Criteria();
- Iterator keys = criteria.keySet().iterator();
- while (keys.hasNext())
- {
- String key = (String) keys.next();
- dbCriteria.put(PermissionPeer.getColumnName(key),
- criteria.get(key));
- }
- List permissions = new Vector(0);
- try
- {
- permissions = PermissionPeer.doSelect(criteria);
- }
- catch (Exception e)
- {
- throw new DataBackendException(
- "getPermissions(Criteria) failed", e);
- }
- return new PermissionSet(permissions);
- }
-
- /**
- * Retrieves all permissions associated with a role.
- *
- * @param role the role name, for which the permissions are to be retrieved.
- * @return A Permission set for the Role.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the role is not present.
- */
- public PermissionSet getPermissions(Role role)
- throws DataBackendException, UnknownEntityException
- {
- boolean roleExists = false;
- try
- {
- lockShared();
- roleExists = checkExists(role);
- if (roleExists)
- {
- return PermissionPeer.retrieveSet(role);
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("getPermissions(Role) failed", e);
- }
- finally
- {
- unlockShared();
- }
- throw new UnknownEntityException("Unknown role '"
- + role.getName() + "'");
- }
-
- /**
- * Stores Group's attributes. The Groups is required to exist in the system.
- *
- * @param group The Group to be stored.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the group does not exist.
- */
- public void saveGroup(Group group)
- throws DataBackendException, UnknownEntityException
- {
- boolean groupExists = false;
- try
- {
- groupExists = checkExists(group);
- if (groupExists)
- {
- Criteria criteria = GroupPeer.buildCriteria(group);
- GroupPeer.doUpdate(criteria);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("saveGroup(Group) failed", e);
- }
- throw new UnknownEntityException("Unknown group '" + group + "'");
- }
-
- /**
- * Stores Role's attributes. The Roles is required to exist in the system.
- *
- * @param role The Role to be stored.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the role does not exist.
- */
- public void saveRole(Role role)
- throws DataBackendException, UnknownEntityException
- {
- boolean roleExists = false;
- try
- {
- roleExists = checkExists(role);
- if (roleExists)
- {
- Criteria criteria = RolePeer.buildCriteria(role);
- RolePeer.doUpdate(criteria);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("saveRole(Role) failed", e);
- }
- throw new UnknownEntityException("Unknown role '" + role + "'");
- }
-
- /**
- * Stores Permission's attributes. The Permissions is required to exist in
- * the system.
- *
- * @param permission The Permission to be stored.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the permission does not exist.
- */
- public void savePermission(Permission permission)
- throws DataBackendException, UnknownEntityException
- {
- boolean permissionExists = false;
- try
- {
- permissionExists = checkExists(permission);
- if (permissionExists)
- {
- Criteria criteria = PermissionPeer.buildCriteria(permission);
- PermissionPeer.doUpdate(criteria);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException(
- "savePermission(Permission) failed", e);
- }
- throw new UnknownEntityException("Unknown permission '"
- + permission + "'");
- }
-
- /**
- * Creates a new group with specified attributes.
- *
- * @param group the object describing the group to be created.
- * @return a new Group object that has id set up properly.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws EntityExistsException if the group already exists.
- */
- public synchronized Group addGroup(Group group)
- throws DataBackendException,
- EntityExistsException
- {
- boolean groupExists = false;
-
- if (StringUtils.isEmpty(group.getName()))
- {
- throw new DataBackendException("Could not create "
- + "a group with empty name!");
- }
-
- try
- {
- lockExclusive();
- groupExists = checkExists(group);
- if (!groupExists)
- {
- // add a row to the table
- Criteria criteria = GroupPeer.buildCriteria(group);
- GroupPeer.doInsert(criteria);
- // try to get the object back using the name as key.
- criteria = new Criteria();
- criteria.add(GroupPeer.NAME,
- group.getName());
- List results = GroupPeer.doSelect(criteria);
- if (results.size() != 1)
- {
- throw new DataBackendException(
- "Internal error - query returned "
- + results.size() + " rows");
- }
- Group newGroup = (Group) results.get(0);
- // add the group to system-wide cache
- getAllGroups().add(newGroup);
- // return the object with correct id
- return newGroup;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("addGroup(Group) failed", e);
- }
- finally
- {
- unlockExclusive();
- }
- // the only way we could get here without return/throw tirggered
- // is that the groupExists was true.
- throw new EntityExistsException("Group '" + group + "' already exists");
- }
-
- /**
- * Creates a new role with specified attributes.
- *
- * @param role the object describing the role to be created.
- * @return a new Role object that has id set up properly.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws EntityExistsException if the role already exists.
- */
- public synchronized Role addRole(Role role)
- throws DataBackendException, EntityExistsException
- {
- boolean roleExists = false;
-
- if (StringUtils.isEmpty(role.getName()))
- {
- throw new DataBackendException("Could not create "
- + "a role with empty name!");
- }
-
- try
- {
- lockExclusive();
- roleExists = checkExists(role);
- if (!roleExists)
- {
- // add a row to the table
- Criteria criteria = RolePeer.buildCriteria(role);
- RolePeer.doInsert(criteria);
- // try to get the object back using the name as key.
- criteria = new Criteria();
- criteria.add(RolePeer.NAME, role.getName());
- List results = RolePeer.doSelect(criteria);
- if (results.size() != 1)
- {
- throw new DataBackendException(
- "Internal error - query returned "
- + results.size() + " rows");
- }
- Role newRole = (Role) results.get(0);
- // add the role to system-wide cache
- getAllRoles().add(newRole);
- // return the object with correct id
- return newRole;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("addRole(Role) failed", e);
- }
- finally
- {
- unlockExclusive();
- }
- // the only way we could get here without return/throw tirggered
- // is that the roleExists was true.
- throw new EntityExistsException("Role '" + role + "' already exists");
- }
-
- /**
- * Creates a new permission with specified attributes.
- *
- * @param permission the object describing the permission to be created.
- * @return a new Permission object that has id set up properly.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws EntityExistsException if the permission already exists.
- */
- public synchronized Permission addPermission(Permission permission)
- throws DataBackendException, EntityExistsException
- {
- boolean permissionExists = false;
-
- if (StringUtils.isEmpty(permission.getName()))
- {
- throw new DataBackendException("Could not create "
- + "a permission with empty name!");
- }
-
- try
- {
- lockExclusive();
- permissionExists = checkExists(permission);
- if (!permissionExists)
- {
- // add a row to the table
- Criteria criteria = PermissionPeer.buildCriteria(permission);
- PermissionPeer.doInsert(criteria);
- // try to get the object back using the name as key.
- criteria = new Criteria();
- criteria.add(PermissionPeer.NAME,
- permission.getName());
- List results = PermissionPeer.doSelect(criteria);
- if (results.size() != 1)
- {
- throw new DataBackendException(
- "Internal error - query returned "
- + results.size() + " rows");
- }
- Permission newPermission = (Permission) results.get(0);
- // add the permission to system-wide cache
- getAllPermissions().add(newPermission);
- // return the object with correct id
- return newPermission;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException(
- "addPermission(Permission) failed", e);
- }
- finally
- {
- unlockExclusive();
- }
- // the only way we could get here without return/throw tirggered
- // is that the permissionExists was true.
- throw new EntityExistsException("Permission '" + permission
- + "' already exists");
- }
-
- /**
- * Removes a Group from the system.
- *
- * @param group The object describing the group to be removed.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the group does not exist.
- */
- public synchronized void removeGroup(Group group)
- throws DataBackendException, UnknownEntityException
- {
- boolean groupExists = false;
- try
- {
- lockExclusive();
- groupExists = checkExists(group);
- if (groupExists)
- {
- Criteria criteria = GroupPeer.buildCriteria(group);
- GroupPeer.doDelete(criteria);
- getAllGroups().remove(group);
- return;
- }
- }
- catch (Exception e)
- {
- log.error("Failed to delete a Group");
- log.error(e);
- throw new DataBackendException("removeGroup(Group) failed", e);
- }
- finally
- {
- unlockExclusive();
- }
- throw new UnknownEntityException("Unknown group '" + group + "'");
- }
-
- /**
- * Removes a Role from the system.
- *
- * @param role The object describing the role to be removed.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the role does not exist.
- */
- public synchronized void removeRole(Role role)
- throws DataBackendException, UnknownEntityException
- {
- boolean roleExists = false;
- try
- {
- lockExclusive();
- roleExists = checkExists(role);
- if (roleExists)
- {
- // revoke all permissions from the role to be deleted
- revokeAll(role);
- Criteria criteria = RolePeer.buildCriteria(role);
- RolePeer.doDelete(criteria);
- getAllRoles().remove(role);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("removeRole(Role)", e);
- }
- finally
- {
- unlockExclusive();
- }
- throw new UnknownEntityException("Unknown role '" + role + "'");
- }
-
- /**
- * Removes a Permission from the system.
- *
- * @param permission The object describing the permission to be removed.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the permission does not exist.
- */
- public synchronized void removePermission(Permission permission)
- throws DataBackendException, UnknownEntityException
- {
- boolean permissionExists = false;
- try
- {
- lockExclusive();
- permissionExists = checkExists(permission);
- if (permissionExists)
- {
- Criteria criteria = PermissionPeer.buildCriteria(permission);
- PermissionPeer.doDelete(criteria);
- getAllPermissions().remove(permission);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("removePermission(Permission)", e);
- }
- finally
- {
- unlockExclusive();
- }
- throw new UnknownEntityException("Unknown permission '"
- + permission + "'");
- }
-
- /**
- * Renames an existing Group.
- *
- * @param group The object describing the group to be renamed.
- * @param name the new name for the group.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the group does not exist.
- */
- public synchronized void renameGroup(Group group, String name)
- throws DataBackendException, UnknownEntityException
- {
- boolean groupExists = false;
- try
- {
- lockExclusive();
- groupExists = checkExists(group);
- if (groupExists)
- {
- group.setName(name);
- Criteria criteria = GroupPeer.buildCriteria(group);
- GroupPeer.doUpdate(criteria);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("renameGroup(Group,String)", e);
- }
- finally
- {
- unlockExclusive();
- }
- throw new UnknownEntityException("Unknown group '" + group + "'");
- }
-
- /**
- * Renames an existing Role.
- *
- * @param role The object describing the role to be renamed.
- * @param name the new name for the role.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the role does not exist.
- */
- public synchronized void renameRole(Role role, String name)
- throws DataBackendException, UnknownEntityException
- {
- boolean roleExists = false;
- try
- {
- lockExclusive();
- roleExists = checkExists(role);
- if (roleExists)
- {
- role.setName(name);
- Criteria criteria = RolePeer.buildCriteria(role);
- RolePeer.doUpdate(criteria);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException("renameRole(Role,String)", e);
- }
- finally
- {
- unlockExclusive();
- }
- throw new UnknownEntityException("Unknown role '" + role + "'");
- }
-
- /**
- * Renames an existing Permission.
- *
- * @param permission The object describing the permission to be renamed.
- * @param name the new name for the permission.
- * @throws DataBackendException if there was an error accessing the data
- * backend.
- * @throws UnknownEntityException if the permission does not exist.
- */
- public synchronized void renamePermission(Permission permission,
- String name)
- throws DataBackendException, UnknownEntityException
- {
- boolean permissionExists = false;
- try
- {
- lockExclusive();
- permissionExists = checkExists(permission);
- if (permissionExists)
- {
- permission.setName(name);
- Criteria criteria = PermissionPeer.buildCriteria(permission);
- PermissionPeer.doUpdate(criteria);
- return;
- }
- }
- catch (Exception e)
- {
- throw new DataBackendException(
- "renamePermission(Permission,name)", e);
- }
- finally
- {
- unlockExclusive();
- }
- throw new UnknownEntityException("Unknown permission '"
- + permission + "'");
- }
-
/* Service specific implementation methods */
/**
@@ -1089,6 +58,9 @@
* @return the implementation of UserPeer interface used by the system.
* @throws UnknownEntityException if the system's implementation of UserPeer
* interface could not be determined.
+ * @deprecated No replacement. Use
+ * {@link org.apache.turbine.services.security.torque.TorqueSecurityService}
+ * instead.
*/
public Class getUserPeerClass() throws UnknownEntityException
{
@@ -1113,6 +85,9 @@
*
* @return an object implementing UserPeer interface.
* @throws UnknownEntityException if the object could not be instantiated.
+ * @deprecated No replacement. Use
+ * {@link org.apache.turbine.services.security.torque.TorqueSecurityService}
+ * instead.
*/
public UserPeer getUserPeerInstance() throws UnknownEntityException
{
@@ -1128,50 +103,4 @@
}
return up;
}
-
- /**
- * Determines if the <code>Group</code> exists in the security system.
- *
- * @param group a <code>Group</code> value
- * @return true if the group exists in the system, false otherwise
- * @throws DataBackendException when more than one Group with
- * the same name exists.
- * @throws Exception A generic exception.
- */
- protected boolean checkExists(Group group)
- throws DataBackendException, Exception
- {
- return GroupPeer.checkExists(group);
- }
-
- /**
- * Determines if the <code>Role</code> exists in the security system.
- *
- * @param role a <code>Role</code> value
- * @return true if the role exists in the system, false otherwise
- * @throws DataBackendException when more than one Role with
- * the same name exists.
- * @throws Exception A generic exception.
- */
- protected boolean checkExists(Role role)
- throws DataBackendException, Exception
- {
- return RolePeer.checkExists(role);
- }
-
- /**
- * Determines if the <code>Permission</code> exists in the security system.
- *
- * @param permission a <code>Permission</code> value
- * @return true if the permission exists in the system, false otherwise
- * @throws DataBackendException when more than one Permission with
- * the same name exists.
- * @throws Exception A generic exception.
- */
- protected boolean checkExists(Permission permission)
- throws DataBackendException, Exception
- {
- return PermissionPeer.checkExists(permission);
- }
-
}
Modified: turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/db/DBUserManager.java
URL: http://svn.apache.org/viewvc/turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/db/DBUserManager.java?rev=571795&r1=571794&r2=571795&view=diff
==============================================================================
--- turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/db/DBUserManager.java (original)
+++ turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/db/DBUserManager.java Sat Sep 1 06:09:35 2007
@@ -19,25 +19,7 @@
* under the License.
*/
-import java.util.Hashtable;
-import java.util.Iterator;
-import java.util.List;
-
-import org.apache.commons.configuration.Configuration;
-import org.apache.commons.lang.StringUtils;
-import org.apache.torque.om.BaseObject;
-import org.apache.torque.om.ObjectKey;
-import org.apache.torque.om.Persistent;
-import org.apache.torque.util.Criteria;
-import org.apache.turbine.om.security.User;
-import org.apache.turbine.om.security.peer.TurbineUserPeer;
-import org.apache.turbine.services.security.TurbineSecurity;
-import org.apache.turbine.services.security.UserManager;
-import org.apache.turbine.util.db.map.TurbineMapBuilder;
-import org.apache.turbine.util.security.DataBackendException;
-import org.apache.turbine.util.security.EntityExistsException;
-import org.apache.turbine.util.security.PasswordMismatchException;
-import org.apache.turbine.util.security.UnknownEntityException;
+import org.apache.turbine.services.security.torque.TorqueUserManager;
/**
* An UserManager performs {@link org.apache.turbine.om.security.User}
@@ -62,483 +44,6 @@
* @version $Id$
*/
public class DBUserManager
- implements UserManager
+ extends TorqueUserManager
{
- /**
- * Initializes the UserManager
- *
- * @param conf A Configuration object to init this Manager
- */
- public void init(Configuration conf)
- {
- // GNDN
- }
-
- /**
- * Check whether a specified user's account exists.
- *
- * The login name is used for looking up the account.
- *
- * @param user The user to be checked.
- * @return true if the specified account exists
- * @throws DataBackendException if there was an error accessing
- * the data backend.
- */
- public boolean accountExists(User user)
- throws DataBackendException
- {
- return accountExists(user.getName());
- }
-
- /**
- * Check whether a specified user's account exists.
- *
- * The login name is used for looking up the account.
- *
- * @param userName The name of the user to be checked.
- * @return true if the specified account exists
- * @throws DataBackendException if there was an error accessing
- * the data backend.
- */
- public boolean accountExists(String userName)
- throws DataBackendException
- {
- Criteria criteria = new Criteria();
- criteria.add(TurbineUserPeer.USERNAME, userName);
- List users;
- try
- {
- users = TurbineUserPeer.doSelect(criteria);
- }
- catch (Exception e)
- {
- throw new DataBackendException(
- "Failed to check account's presence", e);
- }
- if (users.size() > 1)
- {
- throw new DataBackendException(
- "Multiple Users with same username '" + userName + "'");
- }
- return (users.size() == 1);
- }
-
- /**
- * Retrieve a user from persistent storage using username as the
- * key.
- *
- * @param userName the name of the user.
- * @return an User object.
- * @exception UnknownEntityException if the user's account does not
- * exist in the database.
- * @exception DataBackendException if there is a problem accessing the
- * storage.
- */
- public User retrieve(String userName)
- throws UnknownEntityException, DataBackendException
- {
- Criteria criteria = new Criteria();
- criteria.add(TurbineUserPeer.USERNAME, userName);
-
- List users = retrieveList(criteria);
-
- if (users.size() > 1)
- {
- throw new DataBackendException(
- "Multiple Users with same username '" + userName + "'");
- }
- if (users.size() == 1)
- {
- return (User) users.get(0);
- }
- throw new UnknownEntityException("Unknown user '" + userName + "'");
- }
-
- /**
- * Retrieve a user from persistent storage using the primary key
- *
- * @param key The primary key object
- * @return an User object.
- * @throws UnknownEntityException if the user's record does not
- * exist in the database.
- * @throws DataBackendException if there is a problem accessing the
- * storage.
- */
- public User retrieveById(Object key)
- throws UnknownEntityException, DataBackendException
- {
- Criteria criteria = new Criteria();
- criteria.add(TurbineUserPeer.USER_ID, key);
-
- List users = retrieveList(criteria);
-
- if (users.size() > 1)
- {
- throw new DataBackendException(
- "Multiple Users with same unique Key '" + String.valueOf(key) + "'");
- }
- if (users.size() == 1)
- {
- return (User) users.get(0);
- }
- throw new UnknownEntityException("Unknown user with key '" + String.valueOf(key) + "'");
- }
-
- /**
- * Retrieve a list of users that meet the specified criteria.
- *
- * As the keys for the criteria, you should use the constants that
- * are defined in {@link User} interface, plus the names
- * of the custom attributes you added to your user representation
- * in the data storage. Use verbatim names of the attributes -
- * without table name prefix in case of Torque implementation.
- *
- * @param criteria The criteria of selection.
- * @return a List of users meeting the criteria.
- * @throws DataBackendException if there is a problem accessing the
- * storage.
- */
- public List retrieveList(Criteria criteria)
- throws DataBackendException
- {
- for (Iterator keys = criteria.keySet().iterator(); keys.hasNext(); )
- {
- String key = (String) keys.next();
-
- // set the table name for all attached criterion
- Criteria.Criterion[] criterion = criteria
- .getCriterion(key).getAttachedCriterion();
-
- for (int i = 0; i < criterion.length; i++)
- {
- if (StringUtils.isEmpty(criterion[i].getTable()))
- {
- criterion[i].setTable(TurbineUserPeer.getTableName());
- }
- }
- }
- List users = null;
- try
- {
- users = TurbineUserPeer.doSelect(criteria);
- }
- catch (Exception e)
- {
- throw new DataBackendException("Failed to retrieve users", e);
- }
- return users;
- }
-
- /**
- * Retrieve a set of users that meet the specified criteria.
- *
- * As the keys for the criteria, you should use the constants that
- * are defined in {@link User} interface, plus the names
- * of the custom attributes you added to your user representation
- * in the data storage. Use verbatim names of the attributes -
- * without table name prefix in case of DB implementation.
- *
- * @param criteria The criteria of selection.
- * @return a List of users meeting the criteria.
- * @throws DataBackendException if there is a problem accessing the
- * storage.
- * @deprecated Use <a href="#retrieveList">retrieveList</a> instead.
- */
- public User[] retrieve(Criteria criteria)
- throws DataBackendException
- {
- return (User []) retrieveList(criteria).toArray(new User[0]);
- }
-
- /**
- * Retrieve a user from persistent storage using username as the
- * key, and authenticate the user. The implementation may chose
- * to authenticate to the server as the user whose data is being
- * retrieved.
- *
- * @param userName the name of the user.
- * @param password the user supplied password.
- * @return an User object.
- * @exception PasswordMismatchException if the supplied password was
- * incorrect.
- * @exception UnknownEntityException if the user's account does not
- * exist in the database.
- * @exception DataBackendException if there is a problem accessing the
- * storage.
- */
- public User retrieve(String userName, String password)
- throws PasswordMismatchException, UnknownEntityException,
- DataBackendException
- {
- User user = retrieve(userName);
- authenticate(user, password);
- return user;
- }
-
- /**
- * Save an User object to persistent storage. User's account is
- * required to exist in the storage.
- *
- * @param user an User object to store.
- * @exception UnknownEntityException if the user's account does not
- * exist in the database.
- * @exception DataBackendException if there is a problem accessing the
- * storage.
- */
- public void store(User user)
- throws UnknownEntityException, DataBackendException
- {
- if (!accountExists(user))
- {
- throw new UnknownEntityException("The account '" +
- user.getName() + "' does not exist");
- }
-
- Criteria criteria = TurbineUserPeer.buildCriteria(user);
- try
- {
- TurbineUserPeer.doUpdate(criteria);
- }
- catch (Exception e)
- {
- throw new DataBackendException("Failed to save user object", e);
- }
- }
-
- /**
- * Saves User data when the session is unbound. The user account is required
- * to exist in the storage.
- *
- * LastLogin, AccessCounter, persistent pull tools, and any data stored
- * in the permData hashtable that is not mapped to a column will be saved.
- *
- * @exception UnknownEntityException if the user's account does not
- * exist in the database.
- * @exception DataBackendException if there is a problem accessing the
- * storage.
- */
- public void saveOnSessionUnbind(User user)
- throws UnknownEntityException, DataBackendException
- {
- if (!user.hasLoggedIn())
- {
- return;
- }
-
- if (!accountExists(user))
- {
- throw new UnknownEntityException("The account '" +
- user.getName() + "' does not exist");
- }
- Criteria crit = new Criteria();
- if (!((Persistent) user).isNew())
- {
- crit.add(TurbineUserPeer.USER_ID, ((Persistent) user).getPrimaryKey());
- }
-
- Hashtable permStorage = (Hashtable) user.getPermStorage().clone();
- crit.add(TurbineUserPeer.LAST_LOGIN, permStorage.remove(TurbineUserPeer.LAST_LOGIN));
-
- // The OBJECT_DATA column only stores data not mapped to a column. We must
- // remove all of the extra data and serialize the rest. Access Counter
- // is not mapped to a column so it will be serialized into OBJECT_DATA.
- for (int i = 1; i < TurbineUserPeer.columnNames.length; i++)
- {
- if (permStorage.containsKey(TurbineUserPeer.columnNames[i]))
- {
- permStorage.remove(TurbineUserPeer.columnNames[i]);
- }
- }
- crit.add(TurbineUserPeer.OBJECT_DATA, permStorage);
-
- try
- {
- TurbineUserPeer.doUpdate(crit);
- }
- catch (Exception e)
- {
- throw new DataBackendException("Failed to save user object", e);
- }
-
- }
-
- /**
- * Authenticate an User with the specified password. If authentication
- * is successful the method returns nothing. If there are any problems,
- * exception was thrown.
- *
- * @param user an User object to authenticate.
- * @param password the user supplied password.
- * @exception PasswordMismatchException if the supplied password was
- * incorrect.
- * @exception UnknownEntityException if the user's account does not
- * exist in the database.
- * @exception DataBackendException if there is a problem accessing the
- * storage.
- */
- public void authenticate(User user, String password)
- throws PasswordMismatchException, UnknownEntityException,
- DataBackendException
- {
- if (!accountExists(user))
- {
- throw new UnknownEntityException("The account '" +
- user.getName() + "' does not exist");
- }
-
- // log.debug("Supplied Pass: " + password);
- // log.debug("User Pass: " + user.getPassword());
-
- /*
- * Unix crypt needs the existing, encrypted password text as
- * salt for checking the supplied password. So we supply it
- * into the checkPassword routine
- */
-
- if (!TurbineSecurity.checkPassword(password, user.getPassword()))
- {
- throw new PasswordMismatchException("The passwords do not match");
- }
- }
-
- /**
- * Change the password for an User. The user must have supplied the
- * old password to allow the change.
- *
- * @param user an User to change password for.
- * @param oldPassword The old password to verify
- * @param newPassword The new password to set
- * @exception PasswordMismatchException if the supplied password was
- * incorrect.
- * @exception UnknownEntityException if the user's account does not
- * exist in the database.
- * @exception DataBackendException if there is a problem accessing the
- * storage.
- */
- public void changePassword(User user, String oldPassword,
- String newPassword)
- throws PasswordMismatchException, UnknownEntityException,
- DataBackendException
- {
- if (!accountExists(user))
- {
- throw new UnknownEntityException("The account '" +
- user.getName() + "' does not exist");
- }
-
- if (!TurbineSecurity.checkPassword(oldPassword, user.getPassword()))
- {
- throw new PasswordMismatchException(
- "The supplied old password for '" + user.getName() +
- "' was incorrect");
- }
- user.setPassword(TurbineSecurity.encryptPassword(newPassword));
- // save the changes in the database imediately, to prevent the password
- // being 'reverted' to the old value if the user data is lost somehow
- // before it is saved at session's expiry.
- store(user);
- }
-
- /**
- * Forcibly sets new password for an User.
- *
- * This is supposed by the administrator to change the forgotten or
- * compromised passwords. Certain implementatations of this feature
- * would require administrative level access to the authenticating
- * server / program.
- *
- * @param user an User to change password for.
- * @param password the new password.
- * @exception UnknownEntityException if the user's record does not
- * exist in the database.
- * @exception DataBackendException if there is a problem accessing the
- * storage.
- */
- public void forcePassword(User user, String password)
- throws UnknownEntityException, DataBackendException
- {
- if (!accountExists(user))
- {
- throw new UnknownEntityException("The account '" +
- user.getName() + "' does not exist");
- }
- user.setPassword(TurbineSecurity.encryptPassword(password));
- // save the changes in the database immediately, to prevent the
- // password being 'reverted' to the old value if the user data
- // is lost somehow before it is saved at session's expiry.
- store(user);
- }
-
- /**
- * Creates new user account with specified attributes.
- *
- * @param user The object describing account to be created.
- * @param initialPassword the password for the new account
- * @throws DataBackendException if there was an error accessing
- the data backend.
- * @throws EntityExistsException if the user account already exists.
- */
- public void createAccount(User user, String initialPassword)
- throws EntityExistsException, DataBackendException
- {
- if (StringUtils.isEmpty(user.getName()))
- {
- throw new DataBackendException("Could not create "
- + "an user with empty name!");
- }
-
- if (accountExists(user))
- {
- throw new EntityExistsException("The account '" +
- user.getName() + "' already exists");
- }
- user.setPassword(TurbineSecurity.encryptPassword(initialPassword));
-
- Criteria criteria = TurbineUserPeer.buildCriteria(user);
- try
- {
- // perform the insert to the database
- ObjectKey pk = TurbineUserPeer.doInsert(criteria);
-
- // update the user object with the primary key
- TurbineMapBuilder mapbuilder = (TurbineMapBuilder)
- TurbineUserPeer.getMapBuilder("org.apache.turbine.util.db.map.TurbineMapBuilder");
- user.setPerm(mapbuilder.getUserId(), pk);
- ((BaseObject) user).setPrimaryKey(pk);
- }
- catch (Exception e)
- {
- throw new DataBackendException("Failed to create account '" +
- user.getName() + "'", e);
- }
- }
-
- /**
- * Removes an user account from the system.
- *
- * @param user the object describing the account to be removed.
- * @throws DataBackendException if there was an error accessing
- the data backend.
- * @throws UnknownEntityException if the user account is not present.
- */
- public void removeAccount(User user)
- throws UnknownEntityException, DataBackendException
- {
- if (!accountExists(user))
- {
- throw new UnknownEntityException("The account '" +
- user.getName() + "' does not exist");
- }
- Criteria criteria = new Criteria();
- criteria.add(TurbineUserPeer.USERNAME, user.getName());
- try
- {
- TurbineUserPeer.doDelete(criteria);
- }
- catch (Exception e)
- {
- throw new DataBackendException("Failed to remove account '" +
- user.getName() + "'", e);
- }
- }
}
Modified: turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/ldap/LDAPSecurityService.java
URL: http://svn.apache.org/viewvc/turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/ldap/LDAPSecurityService.java?rev=571795&r1=571794&r2=571795&view=diff
==============================================================================
--- turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/ldap/LDAPSecurityService.java (original)
+++ turbine/core/branches/TURBINE_2_3_BRANCH/src/java/org/apache/turbine/services/security/ldap/LDAPSecurityService.java Sat Sep 1 06:09:35 2007
@@ -22,6 +22,7 @@
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Vector;
+
import javax.naming.NameAlreadyBoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
@@ -39,9 +40,6 @@
import org.apache.turbine.om.security.Group;
import org.apache.turbine.om.security.Permission;
import org.apache.turbine.om.security.Role;
-import org.apache.turbine.om.security.TurbineGroup;
-import org.apache.turbine.om.security.TurbinePermission;
-import org.apache.turbine.om.security.TurbineRole;
import org.apache.turbine.om.security.User;
import org.apache.turbine.services.security.BaseSecurityService;
import org.apache.turbine.services.security.TurbineSecurity;
@@ -421,49 +419,6 @@
*/
/**
- * Retrieves a new Group. It creates
- * a new Group based on the Services Group implementation. It does not
- * create a new Group in the system though. Use addGroup for that.
- * <strong>Not implemented</strong>
- *
- * @param groupName The name of the Group to be retrieved.
- * @return a Group.
- */
- public Group getNewGroup(String groupName)
- {
- return (Group) new TurbineGroup(groupName);
- }
-
- /**
- * Retrieves a new Role. It creates
- * a new Role based on the Services Role implementation. It does not
- * create a new Role in the system though. Use addRole for that.
- * <strong>Not implemented</strong>
- *
- * @param roleName The name of the Group to be retrieved.
- * @return a Role.
- */
- public Role getNewRole(String roleName)
- {
- return (Role) new TurbineRole(roleName);
- }
-
- /**
- * Retrieves a new Permission. It creates
- * a new Permission based on the Services Permission implementation. It
- * does not create a new Permission in the system though. Use create for
- * that.
- * <strong>Not implemented</strong>
- *
- * @param permissionName The name of the Permission to be retrieved.
- * @return a Permission
- */
- public Permission getNewPermission(String permissionName)
- {
- return (Permission) new TurbinePermission(permissionName);
- }
-
- /**
* Retrieve a set of Groups that meet the specified Criteria.
*
* @param criteria Criteria of Group selection.
@@ -497,7 +452,7 @@
if (attr != null && attr.get() != null)
{
- Group group = getNewGroup(attr.get().toString());
+ Group group = getGroupInstance(attr.get().toString());
groups.add(group);
}
@@ -507,6 +462,11 @@
{
throw new DataBackendException("NamingException caught", ex);
}
+ catch (UnknownEntityException ex)
+ {
+ throw new DataBackendException("Group instance could not be created.", ex);
+ }
+
return new GroupSet(groups);
}
@@ -555,7 +515,7 @@
while (values.hasMore())
{
- Role role = getNewRole(values.next().toString());
+ Role role = getRoleInstance(values.next().toString());
roles.add(role);
}
@@ -568,8 +528,11 @@
}
catch (NamingException ex)
{
- throw new DataBackendException(
- "NamingException caught:", ex);
+ throw new DataBackendException("NamingException caught:", ex);
+ }
+ catch (UnknownEntityException ex)
+ {
+ throw new DataBackendException("Role instance could not be created.", ex);
}
return new RoleSet(roles);
@@ -608,7 +571,7 @@
if (attr != null && attr.get() != null)
{
- Role role = getNewRole(attr.get().toString());
+ Role role = getRoleInstance(attr.get().toString());
roles.add(role);
}
@@ -622,6 +585,10 @@
{
throw new DataBackendException("NamingException caught", ex);
}
+ catch (UnknownEntityException ex)
+ {
+ throw new DataBackendException("Role instance could not be created.", ex);
+ }
return new RoleSet(roles);
}
@@ -660,7 +627,7 @@
if (attr != null && attr.get() != null)
{
- Permission perm = getNewPermission(attr.get().toString());
+ Permission perm = getPermissionInstance(attr.get().toString());
permissions.add(perm);
}
@@ -675,6 +642,11 @@
throw new DataBackendException(
"The LDAP server specified is unavailable", ex);
}
+ catch (UnknownEntityException ex)
+ {
+ throw new DataBackendException("Permission instance could not be created.", ex);
+ }
+
return new PermissionSet(permissions);
}
@@ -722,7 +694,7 @@
while (values.hasMore())
{
String permName = values.next().toString();
- Permission perm = getNewPermission(permName);
+ Permission perm = getPermissionInstance(permName);
permissions.put(perm.getName(), perm);
}
@@ -734,6 +706,11 @@
throw new DataBackendException(
"The LDAP server specified is unavailable", ex);
}
+ catch (UnknownEntityException ex)
+ {
+ throw new DataBackendException("Permission instance could not be created.", ex);
+ }
+
return new PermissionSet(permissions.values());
}
Modified: turbine/core/branches/TURBINE_2_3_BRANCH/xdocs/services/ldap-security-service.xml
URL: http://svn.apache.org/viewvc/turbine/core/branches/TURBINE_2_3_BRANCH/xdocs/services/ldap-security-service.xml?rev=571795&r1=571794&r2=571795&view=diff
==============================================================================
--- turbine/core/branches/TURBINE_2_3_BRANCH/xdocs/services/ldap-security-service.xml (original)
+++ turbine/core/branches/TURBINE_2_3_BRANCH/xdocs/services/ldap-security-service.xml Sat Sep 1 06:09:35 2007
@@ -66,13 +66,13 @@
services.SecurityService.user.class=org.apache.turbine.services.security.ldap.ActiveDirectoryUser
# Class for Group.
-services.SecurityService.group.class=org.apache.turbine.om.security.TurbineGroup
+services.SecurityService.group.class=org.apache.turbine.services.security.torque.TorqueGroup
# Class for Role.
-services.SecurityService.role.class=org.apache.turbine.om.security.TurbineRole
+services.SecurityService.role.class=org.apache.turbine.services.security.torque.TorqueRole
# Class for Permission.
-services.SecurityService.permission.class=org.apache.turbine.om.security.TurbinePermission
+services.SecurityService.permission.class=org.apache.turbine.services.security.torque.TorquePermission
]]></source>
<p>
Modified: turbine/core/branches/TURBINE_2_3_BRANCH/xdocs/services/security-service.xml
URL: http://svn.apache.org/viewvc/turbine/core/branches/TURBINE_2_3_BRANCH/xdocs/services/security-service.xml?rev=571795&r1=571794&r2=571795&view=diff
==============================================================================
--- turbine/core/branches/TURBINE_2_3_BRANCH/xdocs/services/security-service.xml (original)
+++ turbine/core/branches/TURBINE_2_3_BRANCH/xdocs/services/security-service.xml Sat Sep 1 06:09:35 2007
@@ -25,6 +25,7 @@
<title>Turbine Services - Security Service</title>
<author email="jvanzyl@apache.org">Jason van Zyl</author>
<author email="hps@intermeta.de">Henning P. Schmiedehausen</author>
+ <author email="tv@apache.org">Thomas Vandahl</author>
</properties>
<body>
@@ -72,9 +73,9 @@
#
# Here you specify, which Security Service is used. This example
-# uses the Database (DB) Security Service. There is no default.
+# uses the Torque Security Service. There is no default.
-services.SecurityService.classname=org.apache.turbine.services.security.db.DBSecurityService
+services.SecurityService.classname=org.apache.turbine.services.security.torque.TorqueSecurityService
.
.
.
@@ -94,8 +95,8 @@
#
# Adjust this setting if you change the Setting of the SecurityService class (see above).
-# Default: org.apache.turbine.services.security.db.DBUserManager
-services.SecurityService.user.manager = org.apache.turbine.services.security.db.DBUserManager
+# Default: org.apache.turbine.services.security.torque.TorqueUserManager
+services.SecurityService.user.manager = org.apache.turbine.services.security.torque.TorqueUserManager
#
# These are the default classes used by the Security Service to
@@ -107,17 +108,17 @@
# For LDAP use:
# services.SecurityService.user.class=org.apache.turbine.services.security.ldap.LDAPUser
# LDAP does not yet provide custom Group, User and Role objects so you
-# must use it with the default TurbineGroup, TurbineRole and
-# TurbinePermission objects.
+# must use it with the default TorqueGroup, TorqueRole and
+# TorquePermission objects.
#
-# Class for User. Default: org.apache.turbine.om.security.TurbineUser
-services.SecurityService.user.class=org.apache.turbine.om.security.TurbineUser
-# Class for Group. Default: org.apache.turbine.om.security.TurbineGroup
-services.SecurityService.group.class=org.apache.turbine.om.security.TurbineGroup
-# Class for Role. Default: org.apache.turbine.om.security.TurbineRole
-services.SecurityService.role.class=org.apache.turbine.om.security.TurbineRole
-# Class for Permission. Default: org.apache.turbine.om.security.TurbinePermission
-services.SecurityService.permission.class=org.apache.turbine.om.security.TurbinePermission
+# Class for User. Default: org.apache.turbine.services.security.torque.TorqueUser
+services.SecurityService.user.class=org.apache.turbine.services.security.torque.TorqueUser
+# Class for Group. Default: org.apache.turbine.services.security.torque.TorqueGroup
+services.SecurityService.group.class=org.apache.turbine.services.security.torque.TorqueGroup
+# Class for Role. Default: org.apache.turbine.services.security.torque.TorqueRole
+services.SecurityService.role.class=org.apache.turbine.services.security.torque.TorqueRole
+# Class for Permission. Default: org.apache.turbine.services.security.torque.TorquePermission
+services.SecurityService.permission.class=org.apache.turbine.services.security.torque.TorquePermission
#
# This is the class that implements the ACL interface.
@@ -130,17 +131,6 @@
services.SecurityService.acl.class = org.apache.turbine.util.security.TurbineAccessControlList
#
-# This setting is DBSecurityService specific - this class is consulted for the names
-# of the columns in the users' tables for the purpose of creating join queries.
-# If you use your own User implementation in conjunction with DBSecurityService,
-# it's peer class must implement org.apache.turbine.om.security.peer.UserPeer interface,
-# and you need to specify the name of the peer class here.
-#
-# Default: org.apache.turbine.om.security.peer.TurbineUserPeer
-#
-services.SecurityService.userPeer.class=org.apache.turbine.om.security.peer.TurbineUserPeer
-
-#
# This is used by the SecurityService to make the password checking
# secure. When enabled, passwords are transformed by a one-way
# function into a sequence of bytes that is base64 encoded.
@@ -307,7 +297,7 @@
interfaces. These objects are typically service specific, so you
should consult the documentation to the Security Service
implementation, which objects should be used. The default are the
-object classes from the DB Security Service:
+object classes from the Torque Security Service:
<table>
<tr>
@@ -318,22 +308,22 @@
<tr>
<td>User</td>
<td>service.SecurityService.user.class</td>
-<td>org.apache.turbine.om.security.TurbineUser</td>
+<td>org.apache.turbine.services.security.torque.TorqueUser</td>
</tr>
<tr>
<td>Group</td>
<td>service.SecurityService.group.class</td>
-<td>org.apache.turbine.om.security.TurbineGroup</td>
+<td>org.apache.turbine.services.security.torque.TorqueGroup</td>
</tr>
<tr>
<td>Role</td>
<td>service.SecurityService.role.class</td>
-<td>org.apache.turbine.om.security.TurbineRole</td>
+<td>org.apache.turbine.services.security.torque.TorqueRole</td>
</tr>
<tr>
<td>Permission</td>
<td>service.SecurityService.permission.class</td>
-<td>org.apache.turbine.om.security.TurbinePermission</td>
+<td>org.apache.turbine.services.security.torque.TorquePermission</td>
</tr>
</table>
</p>
@@ -341,20 +331,20 @@
<section name="Access Control List">
<p>
-The Fulcrum security system is built on Access Control Lists
+The Turbine security system is built on Access Control Lists
(ACL). There is a default implementation included with the security
service. If, for any reason, you need a different ACL implementation,
you can change it with the <i>services.SecurityService.acl.class</i>
-property in Fulcrum.properties. If you provide a different class here,
+property in TurbineResources.properties. If you provide a different class here,
it must implement the
-<i>org.apache.fulcrum.security.util.AccessControlList</i> interface.
+<i>org.apache.turbine.util.security.AccessControlList</i> interface.
</p>
<p>
Warning! In earlier versions of the Security Service,
-<i>org.apache.fulcrum.security.util.AccessControlList</i> was not an
+<i>org.apache.turbine.util.security.AccessControlList</i> was not an
interface but a class and the implementation wasn't configurable. If
-you upgrade to this version of Fulcrum from an earlier version and get
+you upgrade to this version of Turbine from an earlier version and get
"IncompatibleClassChange" exceptions regarding to the
AccessControlList class, then you need to recompile your application
(there is no need to <b>rewrite</b> it, but you must <b>recompile</b>