You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by dl...@apache.org on 2006/01/18 01:36:07 UTC
svn commit: r369983 -
/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/
Author: dlestrat
Date: Tue Jan 17 16:36:04 2006
New Revision: 369983
URL: http://svn.apache.org/viewcvs?rev=369983&view=rev
Log:
http://issues.apache.org/jira/browse/JS2-470
Contributions from Davy De Waele.
Added:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapRoleSecurityHandler.java
Modified:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultRoleSecurityHandler.java
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapGroupSecurityHandler.java
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java
Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java?rev=369983&r1=369982&r2=369983&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java Tue Jan 17 16:36:04 2006
@@ -51,7 +51,7 @@
/**
* @see org.apache.jetspeed.security.spi.GroupSecurityHandler#getGroupPrincipal(java.lang.String)
*/
- public Principal getGroupPrincipal(String groupFullPathName)
+ public GroupPrincipal getGroupPrincipal(String groupFullPathName)
{
GroupPrincipal groupPrincipal = null;
InternalGroupPrincipal internalGroup = commonQueries
Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultRoleSecurityHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultRoleSecurityHandler.java?rev=369983&r1=369982&r2=369983&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultRoleSecurityHandler.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultRoleSecurityHandler.java Tue Jan 17 16:36:04 2006
@@ -51,7 +51,7 @@
/**
* @see org.apache.jetspeed.security.spi.RoleSecurityHandler#getRolePrincipal(java.lang.String)
*/
- public Principal getRolePrincipal(String roleFullPathName)
+ public RolePrincipal getRolePrincipal(String roleFullPathName)
{
RolePrincipal rolePrincipal = null;
InternalRolePrincipal internalRole = commonQueries
Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java?rev=369983&r1=369982&r2=369983&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java Tue Jan 17 16:36:04 2006
@@ -146,10 +146,10 @@
}
/**
- * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRolePrincipal(java.lang.String,
+ * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setUserPrincipalInRole(java.lang.String,
* java.lang.String)
*/
- public void setRolePrincipal(String username, String roleFullPathName) throws SecurityException
+ public void setUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException
{
InternalUserPrincipal internalUser = commonQueries.getInternalUserPrincipal(username);
boolean isMappingOnly = false;
@@ -174,10 +174,10 @@
}
/**
- * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeRolePrincipal(java.lang.String,
+ * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeUserPrincipalInRole(java.lang.String,
* java.lang.String)
*/
- public void removeRolePrincipal(String username, String roleFullPathName) throws SecurityException
+ public void removeUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException
{
boolean isMappingOnly = false;
// Check is the record is used for mapping only.
Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapGroupSecurityHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapGroupSecurityHandler.java?rev=369983&r1=369982&r2=369983&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapGroupSecurityHandler.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapGroupSecurityHandler.java Tue Jan 17 16:36:04 2006
@@ -68,7 +68,7 @@
/**
* @see org.apache.jetspeed.security.spi.GroupSecurityHandler#getGroupPrincipal(java.lang.String)
*/
- public Principal getGroupPrincipal(String groupPrincipalUid)
+ public GroupPrincipal getGroupPrincipal(String groupPrincipalUid)
{
String groupUidWithoutSlashes = ldap.convertUidToLdapAcceptableName(groupPrincipalUid);
verifyGroupId(groupUidWithoutSlashes);
Added: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapRoleSecurityHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapRoleSecurityHandler.java?rev=369983&view=auto
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapRoleSecurityHandler.java (added)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapRoleSecurityHandler.java Tue Jan 17 16:36:04 2006
@@ -0,0 +1,147 @@
+package org.apache.jetspeed.security.spi.impl;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.naming.NamingException;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.jetspeed.security.GroupPrincipal;
+import org.apache.jetspeed.security.RolePrincipal;
+import org.apache.jetspeed.security.SecurityException;
+import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
+import org.apache.jetspeed.security.impl.RolePrincipalImpl;
+import org.apache.jetspeed.security.spi.RoleSecurityHandler;
+import org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl;
+import org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao;
+
+public class LdapRoleSecurityHandler implements RoleSecurityHandler {
+
+ /** The logger. */
+ private static final Log logger = LogFactory.getLog(LdapRoleSecurityHandler.class);
+
+ /** The {@link LdapPrincipalDao}. */
+ private LdapPrincipalDao ldap;
+
+ /**
+ * @param ldap The {@link LdapPrincipalDao}.
+ */
+ public LdapRoleSecurityHandler(LdapPrincipalDao ldap)
+ {
+ this.ldap = ldap;
+ }
+
+ /**
+ * <p>
+ * Default constructor.
+ * </p>
+ *
+ * @throws NamingException A {@link NamingException}.
+ * @throws SecurityException A {@link SecurityException}.
+ */
+ public LdapRoleSecurityHandler() throws NamingException, SecurityException
+ {
+ this(new LdapRoleDaoImpl());
+ }
+
+ public RolePrincipal getRolePrincipal(String roleFullPathName) {
+ String roleUidWithoutSlashes = ldap.convertUidToLdapAcceptableName(roleFullPathName);
+ verifyRoleId(roleUidWithoutSlashes);
+ try
+ {
+ String dn = ldap.lookupByUid(roleUidWithoutSlashes);
+
+ if (!StringUtils.isEmpty(dn))
+ {
+ return new RolePrincipalImpl(roleFullPathName);
+ }
+ }
+ catch (SecurityException e)
+ {
+ logSecurityException(e, roleFullPathName);
+ }
+ return null;
+ }
+
+ public void setRolePrincipal(RolePrincipal rolePrincipal) throws SecurityException {
+ verifyRolePrincipal(rolePrincipal);
+
+ String fullPath = rolePrincipal.getFullPath();
+ String groupUidWithoutSlashes = ldap.convertUidToLdapAcceptableName(fullPath);
+ if (getRolePrincipal(groupUidWithoutSlashes) == null)
+ {
+ ldap.create(groupUidWithoutSlashes);
+ }
+ }
+
+ public void removeRolePrincipal(RolePrincipal rolePrincipal) throws SecurityException {
+ verifyRolePrincipal(rolePrincipal);
+
+ String fullPath = rolePrincipal.getFullPath();
+ String roleUidWithoutSlashes = ldap.convertUidToLdapAcceptableName(fullPath);
+
+ ldap.delete(roleUidWithoutSlashes);
+ }
+
+ public List getRolePrincipals(String filter) {
+ try
+ {
+ return Arrays.asList(ldap.find(filter, RolePrincipal.PREFS_ROLE_ROOT));
+ }
+ catch (SecurityException e)
+ {
+ logSecurityException(e, filter);
+ }
+ return new ArrayList();
+ }
+
+ /**
+ * <p>
+ * Verify that the group uid is valid.
+ * </p>
+ *
+ * @param groupPrincipalUid The group uid.
+ */
+ private void verifyRoleId(String rolePrincipalUid)
+ {
+ if (StringUtils.isEmpty(rolePrincipalUid))
+ {
+ throw new IllegalArgumentException("The roleId cannot be null or empty.");
+ }
+ }
+
+ /**
+ * <p>
+ * Log the security exception.
+ * </p>
+ *
+ * @param e The {@link SecurityException}.
+ * @param groupPrincipalUid The group principal uid.
+ */
+ private void logSecurityException(SecurityException e, String groupPrincipalUid)
+ {
+ if (logger.isErrorEnabled())
+ {
+ logger.error("An LDAP error has occurred for groupId:" + groupPrincipalUid, e);
+ }
+ }
+
+ /**
+ * <p>
+ * Verify that the group principal is valid.
+ * </p>
+ *
+ * @param groupPrincipal The group principal.
+ */
+ private void verifyRolePrincipal(RolePrincipal rolePrincipal)
+ {
+ if (rolePrincipal == null)
+ {
+ throw new IllegalArgumentException("The RolePrincipal cannot be null or empty.");
+ }
+ }
+}
Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java?rev=369983&r1=369982&r2=369983&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java Tue Jan 17 16:36:04 2006
@@ -15,7 +15,9 @@
package org.apache.jetspeed.security.spi.impl;
import java.security.Principal;
+import java.util.Collection;
import java.util.HashSet;
+import java.util.Iterator;
import java.util.Set;
import java.util.prefs.Preferences;
@@ -25,14 +27,19 @@
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.security.GroupPrincipal;
import org.apache.jetspeed.security.HierarchyResolver;
+import org.apache.jetspeed.security.RolePrincipal;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.UserPrincipal;
import org.apache.jetspeed.security.impl.GeneralizationHierarchyResolver;
import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
+import org.apache.jetspeed.security.impl.RolePrincipalImpl;
import org.apache.jetspeed.security.impl.UserPrincipalImpl;
+import org.apache.jetspeed.security.om.InternalGroupPrincipal;
+import org.apache.jetspeed.security.om.InternalUserPrincipal;
import org.apache.jetspeed.security.spi.SecurityMappingHandler;
import org.apache.jetspeed.security.spi.impl.ldap.LdapGroupDaoImpl;
import org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao;
+import org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl;
import org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDao;
import org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDaoImpl;
@@ -47,6 +54,8 @@
private LdapUserPrincipalDao userDao;
private LdapPrincipalDao groupDao;
+
+ private LdapPrincipalDao roleDao;
/** The logger. */
private static final Log LOG = LogFactory.getLog(LdapSecurityMappingHandler.class);
@@ -61,10 +70,11 @@
* @param userDao
* @param groupDao
*/
- public LdapSecurityMappingHandler(LdapUserPrincipalDao userDao, LdapPrincipalDao groupDao)
+ public LdapSecurityMappingHandler(LdapUserPrincipalDao userDao, LdapPrincipalDao groupDao,LdapPrincipalDao roleDao)
{
this.userDao = userDao;
this.groupDao = groupDao;
+ this.roleDao = roleDao;
}
/**
@@ -75,6 +85,7 @@
{
this.userDao = new LdapUserPrincipalDaoImpl();
this.groupDao = new LdapGroupDaoImpl();
+ this.roleDao = new LdapRoleDaoImpl();
}
/**
@@ -115,23 +126,42 @@
public Set getRolePrincipals(String username)
{
Set rolePrincipals = new HashSet();
+ String[] roles;
+ try
+ {
+ roles = userDao.getRoleUidsForUser(username);
+ for (int i = 0; i < roles.length; i++)
+ {
+ createResolvedRolePrincipalSet(username, rolePrincipals, roles, i);
+ }
+ }
+ catch (SecurityException e)
+ {
+ LOG.error(e);
+ }
return rolePrincipals;
+
}
/**
- * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRolePrincipal(java.lang.String,
+ * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setUserPrincipalInRole(java.lang.String,
* java.lang.String)
*/
- public void setRolePrincipal(String username, String roleFullPathName) throws SecurityException
+ public void setUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException
{
+ verifyUserAndRoleExist(username, roleFullPathName);
+ addRoleToUser(username, roleFullPathName);
}
/**
- * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeRolePrincipal(java.lang.String,
+ * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeUserPrincipalInRole(java.lang.String,
* java.lang.String)
*/
- public void removeRolePrincipal(String username, String roleFullPathName) throws SecurityException
+ public void removeUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException
{
+ //TODO: check if this is ok
+ verifyUserAndRoleExist(username, roleFullPathName);
+ removeUserFromRole(username, roleFullPathName);
}
/**
@@ -139,8 +169,22 @@
*/
public Set getRolePrincipalsInGroup(String groupFullPathName)
{
- Set rolePrincipals = new HashSet();
- return rolePrincipals;
+ Set rolePrincipalsInGroup = new HashSet();
+ String[] roles;
+ try
+ {
+ //TODO: see if we can't use the groupDao here
+ roles = userDao.getRolesForGroup(groupFullPathName);
+ for (int i = 0; i < roles.length; i++)
+ {
+ createResolvedRolePrincipalSet(groupFullPathName, rolePrincipalsInGroup, roles, i);
+ }
+ }
+ catch (SecurityException e)
+ {
+ LOG.error(e);
+ }
+ return rolePrincipalsInGroup;
}
/**
@@ -149,6 +193,8 @@
*/
public void setRolePrincipalInGroup(String groupFullPathName, String roleFullPathName) throws SecurityException
{
+ verifyGroupAndRoleExist(groupFullPathName, roleFullPathName);
+ addRoleToGroup(groupFullPathName, roleFullPathName);
}
/**
@@ -157,9 +203,12 @@
*/
public void removeRolePrincipalInGroup(String groupFullPathName, String roleFullPathName) throws SecurityException
{
+ verifyGroupAndRoleExist(groupFullPathName, roleFullPathName);
+ removeRoleFromGroup(groupFullPathName, roleFullPathName);
}
- /**
+
+ /**
* This method returns the set of group principals associated with a user.
*
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getGroupPrincipals(java.lang.String)
@@ -198,7 +247,17 @@
*/
public Set getUserPrincipalsInRole(String roleFullPathName)
{
- Set userPrincipals = new HashSet();
+ //TODO: Check that this is correct
+ Set userPrincipals = new HashSet();
+ String[] fullPaths = {roleFullPathName};
+ try
+ {
+ getUserPrincipalsInRole(userPrincipals, fullPaths);
+ }
+ catch (SecurityException e)
+ {
+ LOG.error(e);
+ }
return userPrincipals;
}
@@ -212,9 +271,15 @@
*/
public Set getUserPrincipalsInGroup(String groupFullPathName)
{
- Set userPrincipals = new HashSet();
- Preferences preferences = Preferences.userRoot().node(groupFullPathName);
- String[] fullPaths = groupHierarchyResolver.resolve(preferences);
+ Set userPrincipals = new HashSet();
+
+ //TODO: Check that this is correct
+ String[] fullPaths = {groupFullPathName};
+
+// Preferences preferences = Preferences.userRoot().node(
+// GroupPrincipalImpl.getFullPathFromPrincipalName(groupFullPathName));
+// String[] fullPaths = groupHierarchyResolver.resolve(preferences);
+//
try
{
getUserPrincipalsInGroup(userPrincipals, fullPaths);
@@ -247,6 +312,28 @@
}
}
}
+
+ /**
+ * <p>
+ * Gets the user principals in groups.
+ * </p>
+ *
+ * @param userPrincipals
+ * @param fullPaths
+ * @throws SecurityException A {@link SecurityException}.
+ */
+ private void getUserPrincipalsInRole(Set userPrincipals, String[] fullPaths) throws SecurityException
+ {
+ for (int i = 0; i < fullPaths.length; i++)
+ {
+ String[] usersInRole = userDao.getUserUidsForRole(fullPaths[i]);
+ for (int y = 0; y < usersInRole.length; y++)
+ {
+ Principal userPrincipal = new UserPrincipalImpl(usersInRole[y]);
+ userPrincipals.add(userPrincipal);
+ }
+ }
+ }
/**
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setUserPrincipalInGroup(java.lang.String,
@@ -267,7 +354,21 @@
verifyUserAndGroupExist(username, groupFullPathName);
removeUserFromGroup(username, groupFullPathName);
}
-
+ /**
+ * @param username
+ * @param groupFullPathName
+ * @throws SecurityException
+ */
+ private void verifyGroupAndRoleExist(String groupFullPathName, String roleFullPathName) throws SecurityException
+ {
+ GroupPrincipal group = getGroup(groupFullPathName);
+ RolePrincipal role = getRole(roleFullPathName);
+ if ((null == group) && (null == role))
+ {
+ throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST);
+ }
+ }
+
/**
* @param username
* @param groupFullPathName
@@ -281,6 +382,21 @@
{
throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST);
}
+ }
+
+ /**
+ * @param username
+ * @param groupFullPathName
+ * @throws SecurityException
+ */
+ private void verifyUserAndRoleExist(String username, String roleFullPathName) throws SecurityException
+ {
+ UserPrincipal user = getUser(username);
+ RolePrincipal role = getRole(roleFullPathName);
+ if ((null == user) && (null == role))
+ {
+ throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST);
+ }
}
/**
@@ -294,7 +410,7 @@
LOG.debug("Group [" + i + "] for user[" + username + "] is [" + groups[i] + "]");
GroupPrincipal group = new GroupPrincipalImpl(groups[i]);
- Preferences preferences = Preferences.userRoot().node(group.getName());
+ Preferences preferences = Preferences.userRoot().node(group.getFullPath());
LOG.debug("Group name:" + group.getName());
String[] fullPaths = groupHierarchyResolver.resolve(preferences);
for (int n = 0; n < fullPaths.length; n++)
@@ -307,6 +423,29 @@
/**
* @param username
+ * @param groupPrincipals
+ * @param groups
+ * @param i
+ */
+ private void createResolvedRolePrincipalSet(String username, Set rolePrincipals, String[] roles, int i)
+ {
+ LOG.debug("Group [" + i + "] for user[" + username + "] is [" + roles[i] + "]");
+
+ RolePrincipal role = new RolePrincipalImpl(roles[i]);
+ Preferences preferences = Preferences.userRoot().node(role.getFullPath());
+ LOG.debug("Group name:" + role.getName());
+ String[] fullPaths = roleHierarchyResolver.resolve(preferences);
+ for (int n = 0; n < fullPaths.length; n++)
+ {
+ LOG.debug("Group [" + i + "] for user[" + username + "] is ["
+ + RolePrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n]) + "]");
+ rolePrincipals.add(new RolePrincipalImpl(RolePrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n])));
+ }
+ }
+
+
+ /**
+ * @param username
* @param groupFullPathName
* @throws SecurityException
*/
@@ -314,6 +453,22 @@
{
userDao.removeGroup(username, groupFullPathName);
}
+
+ /**
+ * @param username
+ * @param groupFullPathName
+ * @throws SecurityException
+ */
+ private void removeUserFromRole(String username, String roleFullPathName) throws SecurityException
+ {
+ userDao.removeRole(username, roleFullPathName);
+ }
+
+ private void removeRoleFromGroup(String groupFullPathName, String roleFullPathName)throws SecurityException
+ {
+ userDao.removeRoleFromGroup(groupFullPathName,roleFullPathName);
+ }
+
/**
* @param uid
@@ -352,6 +507,26 @@
}
/**
+ * @param uid
+ * @return
+ * @throws SecurityException A {@link SecurityException}.
+ */
+ private RolePrincipal getRole(String uid) throws SecurityException
+ {
+ Principal[] role = roleDao.find(uid, RolePrincipal.PREFS_ROLE_ROOT);
+
+ if (role.length == 1)
+
+ {
+ return (RolePrincipal) role[0];
+ }
+ else
+ {
+ throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(uid));
+ }
+ }
+
+ /**
* @param username
* @param groupFullPathName
* @throws SecurityException A {@link SecurityException}.
@@ -360,5 +535,26 @@
{
userDao.addGroup(username, groupFullPathName);
}
+
+ /**
+ * @param username
+ * @param groupFullPathName
+ * @throws SecurityException A {@link SecurityException}.
+ */
+ private void addRoleToUser(String username, String roleFullPathName) throws SecurityException
+ {
+ userDao.addRole(username, roleFullPathName);
+ }
+
+ /**
+ * @param username
+ * @param groupFullPathName
+ * @throws SecurityException A {@link SecurityException}.
+ */
+ private void addRoleToGroup(String groupFullPathName, String roleFullPathName) throws SecurityException
+ {
+ userDao.addRoleToGroup(groupFullPathName, roleFullPathName);
+ }
+
}
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org