You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by vt...@apache.org on 2004/03/27 03:37:18 UTC
svn commit: rev 9769 - in incubator/directory/janus/trunk: core/api/src/java/org/apache/janus/authorization/role core/impl/src/java/org/apache/janus/authorization core/impl/src/java/org/apache/janus/authorization/role core/impl/src/test/org/apache/janus/authorization core/impl/src/test/org/apache/janus/authorization/policy core/impl/src/test/org/apache/janus/authorization/role sandbox/src/java/org/apache/janus/script/xml sandbox/src/test/org/apache/janus/script/xml
Author: vtence
Date: Fri Mar 26 18:37:17 2004
New Revision: 9769
Added:
incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMembership.java
- copied, changed from rev 9768, incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java
Removed:
incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java
Modified:
incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java
incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/RoleManager.java
incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/DefaultAuthorizer.java
incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java
incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/DefaultAuthorizerTest.java
incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/policy/DefaultPolicyContextTest.java
incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java
incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java
Log:
o Implemented DIR-78
Modified: incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java
==============================================================================
--- incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java (original)
+++ incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java Fri Mar 26 18:37:17 2004
@@ -23,9 +23,5 @@
*/
public interface MutableRoleManager extends RoleManager
{
- boolean addPrincipalToRole( String roleName, Principal p );
-
- boolean addRole( String roleName );
-
- boolean addSubRole( String roleName, String subRoleName );
+ boolean grantMembership( String roleName, Principal p );
}
Modified: incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/RoleManager.java
==============================================================================
--- incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/RoleManager.java (original)
+++ incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/RoleManager.java Fri Mar 26 18:37:17 2004
@@ -23,5 +23,5 @@
*/
public interface RoleManager
{
- boolean isPrincipalInRole( Principal p, Grant grant );
+ boolean isPrincipalGranted( Principal p, Grant grant );
}
Modified: incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/DefaultAuthorizer.java
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/DefaultAuthorizer.java (original)
+++ incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/DefaultAuthorizer.java Fri Mar 26 18:37:17 2004
@@ -20,9 +20,9 @@
import org.apache.janus.authorization.role.RoleManager;
import javax.security.auth.Subject;
-import java.util.Set;
-import java.util.Iterator;
import java.security.Principal;
+import java.util.Iterator;
+import java.util.Set;
/**
* @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
@@ -47,7 +47,7 @@
for ( Iterator it = principals.iterator(); it.hasNext(); )
{
final Principal p = (Principal) it.next();
- if ( m_roleManager.isPrincipalInRole( p,
+ if ( m_roleManager.isPrincipalGranted( p,
new PermissionGrant( m_policyContext, permission ) ) )
{
return true;
Modified: incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java (original)
+++ incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java Fri Mar 26 18:37:17 2004
@@ -17,83 +17,43 @@
package org.apache.janus.authorization.role;
import java.security.Principal;
+import java.util.Collection;
import java.util.Collections;
-import java.util.HashMap;
+import java.util.HashSet;
import java.util.Iterator;
-import java.util.Map;
+import java.util.Set;
/**
* @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
*/
public class DefaultRoleManager implements MutableRoleManager
{
- private final Map m_roles;
+ private final Set m_memberships;
public DefaultRoleManager()
{
- this( Collections.EMPTY_MAP );
+ this( Collections.EMPTY_LIST );
}
- protected DefaultRoleManager( Map roles )
+ protected DefaultRoleManager( Collection memberships )
{
- m_roles = new HashMap( roles );
+ m_memberships = new HashSet( memberships );
}
- public boolean isPrincipalInRole( Principal p, Grant grant )
+ public boolean isPrincipalGranted( Principal p, Grant grant )
{
- for ( Iterator it = m_roles.values().iterator(); it.hasNext(); )
+ for ( Iterator it = m_memberships.iterator(); it.hasNext(); )
{
- RoleMapping mapping = (RoleMapping) it.next();
- if ( mapping.inRole( p ) && mapping.given( grant ) ) return true;
+ RoleMembership m = (RoleMembership) it.next();
+ if ( m.inRole( p ) && m.given( grant ) ) return true;
}
return false;
}
- public boolean addRole( String roleName )
+ public boolean grantMembership( String roleName, Principal p )
{
- if ( roleExists( roleName ) ) return false;
-
- RoleMapping mapping = new RoleMapping( roleName );
- m_roles.put( roleName, mapping );
-
- return true;
- }
-
- private boolean roleExists( String roleName )
- {
- return m_roles.containsKey( roleName );
- }
-
- public boolean addPrincipalToRole( String roleName, Principal p )
- {
- assertRoleExists( roleName );
- RoleMapping mapping = getRole( roleName );
-
- return mapping.addPrincipal( p );
- }
-
- private void assertRoleExists( String roleName )
- {
- if ( !roleExists( roleName ) )
- {
- throw new IllegalArgumentException( "Role is undefined: " + roleName );
- }
- }
-
- private RoleMapping getRole( String roleName )
- {
- return (RoleMapping) m_roles.get( roleName );
- }
-
- public boolean addSubRole( String roleName, String subRoleName )
- {
- assertRoleExists( roleName );
- assertRoleExists( subRoleName );
- RoleMapping superRole = getRole( roleName );
- RoleMapping subRole = getRole( subRoleName );
- if ( subRole.inRole( roleName ) ) throw new IllegalArgumentException( "Role circular dependency detected" );
-
- return superRole.addRole( subRole );
+ RoleMembership membership = new RoleMembership( roleName, p );
+ return m_memberships.add( membership );
}
}
Copied: incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMembership.java (from rev 9768, incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java)
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java (original)
+++ incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMembership.java Fri Mar 26 18:37:17 2004
@@ -17,58 +17,24 @@
package org.apache.janus.authorization.role;
import java.security.Principal;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Map;
/**
* @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
*/
-public class RoleMapping
+public class RoleMembership
{
private final String m_roleName;
- private final Collection m_principals;
- private final Map m_subRoles;
+ private final Principal m_principal;
- public RoleMapping( String roleName )
- {
- this( roleName, Collections.EMPTY_SET );
- }
-
- protected RoleMapping( String roleName, Collection principals )
+ public RoleMembership( String roleName, Principal p )
{
m_roleName = roleName;
- m_principals = new HashSet( principals );
- m_subRoles = new HashMap();
+ m_principal = p;
}
public boolean inRole( Principal p )
{
- if ( m_principals.contains( p ) ) return true;
-
- for ( Iterator it = m_subRoles.values().iterator(); it.hasNext(); )
- {
- RoleMapping subRoleMapping = (RoleMapping) it.next();
- if ( subRoleMapping.inRole( p ) ) return true;
- }
-
- return false;
- }
-
- public boolean inRole( String roleName )
- {
- if ( subRoleExists( roleName ) ) return true;
-
- for ( Iterator it = m_subRoles.values().iterator(); it.hasNext(); )
- {
- final RoleMapping subRoleMapping = (RoleMapping) it.next();
- if ( subRoleMapping.inRole( roleName ) ) return true;
- }
-
- return false;
+ return m_principal.equals( p );
}
public boolean given( Grant g )
@@ -76,22 +42,24 @@
return g.given( m_roleName );
}
- public boolean addPrincipal( Principal p )
+ public boolean equals( Object o )
{
- return m_principals.add( p );
- }
+ if ( this == o ) return true;
+ if ( !(o instanceof RoleMembership) ) return false;
- public boolean addRole( RoleMapping role )
- {
- if ( subRoleExists( role.m_roleName ) ) return false;
+ final RoleMembership m = (RoleMembership) o;
- m_subRoles.put( role.m_roleName, role );
+ if ( !m_principal.equals( m.m_principal ) ) return false;
+ if ( !m_roleName.equals( m.m_roleName ) ) return false;
return true;
}
- private boolean subRoleExists( String roleName )
+ public int hashCode()
{
- return m_subRoles.containsKey( roleName );
+ int result;
+ result = m_roleName.hashCode();
+ result = 29 * result + m_principal.hashCode();
+ return result;
}
-}
+}
\ No newline at end of file
Modified: incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/DefaultAuthorizerTest.java
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/DefaultAuthorizerTest.java (original)
+++ incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/DefaultAuthorizerTest.java Fri Mar 26 18:37:17 2004
@@ -71,10 +71,10 @@
{
m_mockPolicyContext.matchAndReturn( "requiresPriviledges",
new CheckedPermission(), true );
- m_mockRoleManager.matchAndReturn( "isPrincipalInRole",
+ m_mockRoleManager.matchAndReturn( "isPrincipalGranted",
C.args( C.eq( new UsernamePrincipal( "johnDoe" ) ), C.isA( PermissionGrant.class ) ),
true );
- m_mockRoleManager.matchAndReturn( "isPrincipalInRole",
+ m_mockRoleManager.matchAndReturn( "isPrincipalGranted",
C.args( C.eq( new UsernamePrincipal( "janeDoe" ) ), C.isA( PermissionGrant.class ) ),
false );
@@ -90,10 +90,10 @@
{
m_mockPolicyContext.matchAndReturn( "requiresPriviledges",
new CheckedPermission(), true );
- m_mockRoleManager.matchAndReturn( "isPrincipalInRole",
+ m_mockRoleManager.matchAndReturn( "isPrincipalGranted",
C.args( C.eq( new SSNPrincipal( "123-456-789" ) ), C.isA( PermissionGrant.class ) ),
false );
- m_mockRoleManager.matchAndReturn( "isPrincipalInRole",
+ m_mockRoleManager.matchAndReturn( "isPrincipalGranted",
C.args( C.eq( new UsernamePrincipal( "janeDoe" ) ), C.isA( PermissionGrant.class ) ),
true );
Modified: incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/policy/DefaultPolicyContextTest.java
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/policy/DefaultPolicyContextTest.java (original)
+++ incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/policy/DefaultPolicyContextTest.java Fri Mar 26 18:37:17 2004
@@ -17,15 +17,15 @@
package org.apache.janus.authorization.policy;
import junit.framework.TestCase;
+import org.apache.janus.authorization.AccessPermission;
import org.apache.janus.authorization.CheckedPermission;
import org.apache.janus.authorization.ExcludedPermission;
import org.apache.janus.authorization.UncheckedPermission;
-import org.apache.janus.authorization.AccessPermission;
+import java.util.HashMap;
import java.util.HashSet;
-import java.util.Set;
import java.util.Map;
-import java.util.HashMap;
+import java.util.Set;
/*
* @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
Modified: incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java (original)
+++ incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java Fri Mar 26 18:37:17 2004
@@ -19,9 +19,9 @@
import junit.framework.TestCase;
import org.apache.janus.authentication.realm.UsernamePrincipal;
+import java.util.ArrayList;
+import java.util.Collection;
import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
/**
* @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
@@ -38,30 +38,29 @@
public void testPrincipalWithNoRoleIsNeverInRole()
{
m_roleManager = new DefaultRoleManager();
- assertFalse( "Principal with no role was in role",
- m_roleManager.isPrincipalInRole( john(), new Right() ) );
+ assertFalse( m_roleManager.isPrincipalGranted( john(), new Right() ) );
}
public void testSingleRole()
{
- RoleMapping role = new RoleMapping( "member", Collections.singleton( john() ) );
- m_roleManager = new DefaultRoleManager( Collections.singletonMap( "member", role ) );
+ RoleMembership m = new RoleMembership( "member", john() );
+ m_roleManager = new DefaultRoleManager( Collections.singleton( m ) );
assertTrue( "Principal did not get right",
- m_roleManager.isPrincipalInRole( john(), new Right() ) );
+ m_roleManager.isPrincipalGranted( john(), new Right() ) );
assertFalse( "Principal did not get interdiction",
- m_roleManager.isPrincipalInRole( john(), new Interdiction() ) );
+ m_roleManager.isPrincipalGranted( john(), new Interdiction() ) );
}
public void testMultipleRole()
{
- Map roles = new HashMap();
- roles.put( "guest", new RoleMapping( "guest", Collections.singleton( john() ) ) );
- roles.put( "member", new RoleMapping( "member", Collections.singleton( john() ) ) );
+ Collection roles = new ArrayList();
+ roles.add( new RoleMembership( "guest", john() ) );
+ roles.add( new RoleMembership( "member", john() ) );
m_roleManager = new DefaultRoleManager( roles );
assertTrue( "Role was not matched",
- m_roleManager.isPrincipalInRole( john(), new RoleGrant( "member" ) ) );
+ m_roleManager.isPrincipalGranted( john(), new RoleGrant( "member" ) ) );
}
private UsernamePrincipal john()
@@ -69,155 +68,30 @@
return new UsernamePrincipal( "johnDoe" );
}
- public void testRoleAddition()
+ public void testGrantingMembershipMakesPrincipalInRole()
{
m_roleManager = new DefaultRoleManager();
- assertTrue( "Role reported as not added", m_roleManager.addRole( "member" ) );
+ m_roleManager.grantMembership( "member", john() );
+ assertTrue( m_roleManager.isPrincipalGranted( john(), new RoleGrant( "member" ) ) );
}
- public void testRoleAddedTwiceIsIgnored()
+ public void testExistingMembershipsArePreserved()
{
m_roleManager = new DefaultRoleManager();
- m_roleManager.addRole( "member" );
- assertFalse( "Role reported as added twice", m_roleManager.addRole( "member" ) );
+ m_roleManager.grantMembership( "member", john() );
+ m_roleManager.grantMembership( "member", jane() );
+ assertTrue( m_roleManager.isPrincipalGranted( john(), new RoleGrant( "member" ) ) );
}
- public void testRoleHasNoPrincipalByDefault()
+ public void testGrantingMembershipTwiceIsIgnored()
{
m_roleManager = new DefaultRoleManager();
- m_roleManager.addRole( "member" );
- assertFalse( m_roleManager.isPrincipalInRole( john(), new RoleGrant( "member" ) ) );
- }
-
- public void testAddingPrincipalToRoleMakesItInRole()
- {
- m_roleManager = new DefaultRoleManager();
- m_roleManager.addRole( "member" );
- m_roleManager.addPrincipalToRole( "member", john() );
- assertTrue( m_roleManager.isPrincipalInRole( john(), new RoleGrant( "member" ) ) );
- }
-
- public void testAddingPrincipalToExistingRolePreservesPreviousPrincipals()
- {
- m_roleManager = new DefaultRoleManager();
- m_roleManager.addRole( "member" );
- m_roleManager.addPrincipalToRole( "member", john() );
- m_roleManager.addPrincipalToRole( "member", jane() );
- assertTrue( m_roleManager.isPrincipalInRole( john(), new RoleGrant( "member" ) ) );
- }
-
- public void testAddingPrincipalToRoleTwiceIsANoOp()
- {
- m_roleManager = new DefaultRoleManager();
- m_roleManager.addRole( "member" );
- assertTrue( m_roleManager.addPrincipalToRole( "member", john() ) );
- assertFalse( m_roleManager.addPrincipalToRole( "member", john() ) );
+ assertTrue( m_roleManager.grantMembership( "member", john() ) );
+ assertFalse( m_roleManager.grantMembership( "member", john() ) );
}
private UsernamePrincipal jane()
{
return new UsernamePrincipal( "janeDoe" );
}
-
- public void testRoleMustBeDefinedToMapPrincipals()
- {
- m_roleManager = new DefaultRoleManager();
- try
- {
- m_roleManager.addPrincipalToRole( "undefined", john() );
- fail( "Added principal to undefined role" );
- }
- catch ( IllegalArgumentException expected )
- {
- assertTrue( true );
- }
- }
-
- public void testPrincipalGrantedASubRoleIsGrantedParentRole()
- {
- m_roleManager = new DefaultRoleManager();
- m_roleManager.addRole( "member" );
- m_roleManager.addRole( "vip" );
- m_roleManager.addPrincipalToRole( "vip", john() );
- m_roleManager.addSubRole( "member", "vip" );
- assertTrue( m_roleManager.isPrincipalInRole( john(), new RoleGrant( "member" ) ) );
- }
-
- public void testAddingSubRoleTwiceIsANoOp()
- {
- m_roleManager = new DefaultRoleManager();
- m_roleManager.addRole( "member" );
- m_roleManager.addRole( "vip" );
- assertTrue( m_roleManager.addSubRole( "member", "vip" ) );
- assertFalse( m_roleManager.addSubRole( "member", "vip" ) );
- }
-
- public void testEnforcesSubRoleDefinition()
- {
- m_roleManager = new DefaultRoleManager();
- m_roleManager.addRole( "member" );
- try
- {
- m_roleManager.addSubRole( "member", "vip" );
- fail( "Added undefined sub role" );
- }
- catch ( IllegalArgumentException expected )
- {
- assertTrue( true );
- }
- }
-
- public void testParentRoleMustBeDefinedToAddSubRoles()
- {
- m_roleManager = new DefaultRoleManager();
- m_roleManager.addRole( "vip" );
- try
- {
- m_roleManager.addSubRole( "member", "vip" );
- fail( "Added sub role to undefined role" );
- }
- catch ( IllegalArgumentException expected )
- {
- assertTrue( true );
- }
- }
-
- public void testPreventsCircularDependenciesBetweenRoles()
- {
- m_roleManager = new DefaultRoleManager();
- m_roleManager.addRole( "member" );
- m_roleManager.addRole( "vip" );
- m_roleManager.addSubRole( "member", "vip" );
-
- try
- {
- m_roleManager.addSubRole( "vip", "member" );
- fail( "Role circular dependency not detected" );
- }
- catch ( IllegalArgumentException expected )
- {
- assertTrue( true );
- }
- }
-
- public void testPreventsDeepCircularDependenciesBetweenRoles()
- {
- m_roleManager = new DefaultRoleManager();
- m_roleManager.addRole( "member" );
- m_roleManager.addRole( "vip" );
- m_roleManager.addRole( "executive" );
- m_roleManager.addSubRole( "member", "vip" );
- m_roleManager.addSubRole( "vip", "executive" );
-
- try
- {
- m_roleManager.addSubRole( "executive", "member" );
- fail( "Role circular dependency not detected" );
- }
- catch ( IllegalArgumentException expected )
- {
- assertTrue( true );
- }
- }
-
}
Modified: incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java
==============================================================================
--- incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java (original)
+++ incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java Fri Mar 26 18:37:17 2004
@@ -16,12 +16,6 @@
*/
package org.apache.janus.script.xml;
-import java.io.IOException;
-import java.io.Reader;
-import java.security.Principal;
-import java.util.Iterator;
-import java.util.List;
-
import org.apache.janus.authentication.realm.UsernamePrincipal;
import org.apache.janus.authorization.role.MutableRoleManager;
import org.dom4j.Document;
@@ -29,6 +23,12 @@
import org.dom4j.Element;
import org.dom4j.io.SAXReader;
+import java.io.IOException;
+import java.io.Reader;
+import java.security.Principal;
+import java.util.Iterator;
+import java.util.List;
+
/**
* <strong>Warning:</strong> Document is assumed to be valid.
*
@@ -46,8 +46,7 @@
public void buildRoleManager( MutableRoleManager roleManager ) throws IOException
{
Element root = m_doc.getRootElement();
- addRoles( roleManager, root );
- populateRoles( roleManager, root );
+ addMemberships( roleManager, root );
}
private Document readDocument( Reader reader ) throws DocumentException
@@ -58,57 +57,28 @@
return doc;
}
- private void addRoles( MutableRoleManager roleManager, Element roles )
+ private void addMemberships( MutableRoleManager roleManager, Element roles )
{
List roleList = roles.elements( "role" );
for ( Iterator it = roleList.iterator(); it.hasNext(); )
{
final Element element = (Element) it.next();
- String roleName = element.attributeValue( "name" );
- roleManager.addRole( roleName );
+ addMembers( roleManager, element );
}
}
- private void populateRoles( MutableRoleManager roleManager, Element roles )
+ private void addMembers( MutableRoleManager roleManager, final Element element )
{
- List roleList = roles.elements( "role" );
+ String roleName = element.attributeValue( "name" );
+ List userList = element.elements( "user" );
- for ( Iterator it = roleList.iterator(); it.hasNext(); )
+ for ( Iterator itr = userList.iterator(); itr.hasNext(); )
{
- final Element element = (Element) it.next();
- String roleName = element.attributeValue( "name" );
-
- addUsersToRole( roleManager, roleName, element );
- addSubRolesToRole( roleManager, roleName, element );
- }
- }
-
- private void addUsersToRole( MutableRoleManager roleManager,
- String roleName,
- Element role )
- {
- List userList = role.elements( "user" );
-
- for ( Iterator it = userList.iterator(); it.hasNext(); )
- {
- final Element element = (Element) it.next();
- String username = element.attributeValue( "username" );
+ final Element e = (Element) itr.next();
+ String username = e.attributeValue( "username" );
Principal user = new UsernamePrincipal( username );
- roleManager.addPrincipalToRole( roleName, user );
- }
- }
-
- private void addSubRolesToRole( MutableRoleManager roleManager, String roleName, Element role )
- {
- List roleList = role.elements( "role-ref" );
-
- for ( Iterator it = roleList.iterator(); it.hasNext(); )
- {
- Element subRole = (Element) it.next();
- String subRoleName = subRole.attributeValue( "name" );
-
- roleManager.addSubRole( roleName, subRoleName );
+ roleManager.grantMembership( roleName, user );
}
}
}
Modified: incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java
==============================================================================
--- incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java (original)
+++ incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java Fri Mar 26 18:37:17 2004
@@ -18,20 +18,13 @@
import com.mockobjects.dynamic.C;
import com.mockobjects.dynamic.Mock;
+import junit.framework.TestCase;
import org.apache.janus.authentication.realm.UsernamePrincipal;
import org.apache.janus.authorization.role.MutableRoleManager;
import java.io.StringReader;
-import junit.framework.TestCase;
-
/**
- * test: duplicate role
- * test: duplicate principal in role
- * test: unknown role
- * test: unkwnow sub-role
- * test: role circular dependency
- *
* @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
*/
public class Dom4JRoleManagerBuilderTest extends TestCase
@@ -53,12 +46,9 @@
Dom4JRoleManagerBuilder builder = new Dom4JRoleManagerBuilder(
new StringReader( simpleRolesDefinition() ) );
- m_mockRoleManager.expectAndReturn( "addRole", "member", true );
- m_mockRoleManager.expectAndReturn( "addRole", "vip", true );
-
- m_mockRoleManager.expectAndReturn( "addPrincipalToRole",
+ m_mockRoleManager.expectAndReturn( "grantMembership",
C.args( C.eq( "member" ), C.eq( john() ) ), true );
- m_mockRoleManager.expectAndReturn( "addPrincipalToRole",
+ m_mockRoleManager.expectAndReturn( "grantMembership",
C.args( C.eq( "member" ), C.eq( jane() ) ), true );
builder.buildRoleManager( (MutableRoleManager) m_mockRoleManager.proxy() );
@@ -87,37 +77,5 @@
private UsernamePrincipal jane()
{
return new UsernamePrincipal( "jane" );
- }
-
- public void testSubRolesBuild() throws Exception
- {
- Dom4JRoleManagerBuilder builder = new Dom4JRoleManagerBuilder(
- new StringReader( subRolesDefinition() ) );
-
- m_mockRoleManager = new Mock( MutableRoleManager.class );
- m_mockRoleManager.matchAndReturn( "addRole", C.ANY_ARGS, true);
-
- m_mockRoleManager.expectAndReturn( "addSubRole",
- C.args( C.eq( "member" ), C.eq( "vip" ) ), true );
- m_mockRoleManager.expectAndReturn( "addSubRole",
- C.args( C.eq( "member" ), C.eq( "guest" ) ), true );
-
- builder.buildRoleManager( (MutableRoleManager) m_mockRoleManager.proxy() );
-
- m_mockRoleManager.verify();
- }
-
- private String subRolesDefinition()
- {
- String content = "<?xml version=\"1.0\"?>\n"
- + "<roles>\n"
- + " <role name=\"member\">\n"
- + " <role-ref name=\"vip\"/>"
- + " <role-ref name=\"guest\"/>"
- + " </role>\n"
- + " <role name=\"vip\"/>\n"
- + " <role name=\"guest\"/>\n"
- + "</roles>";
- return content;
}
}