You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by ga...@apache.org on 2009/09/26 18:51:55 UTC

svn commit: r819171 - /roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java

Author: gangolli
Date: Sat Sep 26 16:51:55 2009
New Revision: 819171

URL: http://svn.apache.org/viewvc?rev=819171&view=rev
Log:
Fix for ROL-1724.  Fixed type issue / class cast exception.  Fixed incorrect check for user not being found.  Fixed references to deprecated Spring exception types.

Modified:
    roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java

Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java?rev=819171&r1=819170&r2=819171&view=diff
==============================================================================
--- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java (original)
+++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator.java Sat Sep 26 16:51:55 2009
@@ -17,23 +17,21 @@
  */
 package org.apache.roller.weblogger.ui.core.security;
 
-import java.util.Iterator;
-import java.util.List;
-import org.springframework.security.GrantedAuthority;
-import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.ldap.core.DirContextOperations;
-import org.springframework.security.ldap.LdapDataAccessException;
-import org.springframework.security.ldap.LdapAuthoritiesPopulator;
-import org.springframework.security.userdetails.UsernameNotFoundException;
-import org.springframework.security.userdetails.ldap.LdapUserDetails;
 import org.apache.roller.weblogger.WebloggerException;
 import org.apache.roller.weblogger.business.UserManager;
 import org.apache.roller.weblogger.business.Weblogger;
 import org.apache.roller.weblogger.business.WebloggerFactory;
 import org.apache.roller.weblogger.pojos.User;
-import org.apache.roller.weblogger.pojos.UserRole;
+import org.springframework.dao.DataRetrievalFailureException;
+import org.springframework.ldap.core.DirContextOperations;
+import org.springframework.security.GrantedAuthority;
+import org.springframework.security.GrantedAuthorityImpl;
+import org.springframework.security.ldap.LdapAuthoritiesPopulator;
+import org.springframework.security.userdetails.UsernameNotFoundException;
 import org.springframework.util.Assert;
 
+import java.util.List;
+
 
 /**
  * @author Elias Torres (<a href="mailto:eliast@us.ibm.com">eliast@us.ibm.com</a>)
@@ -47,32 +45,33 @@
     /* (non-Javadoc)
      * @see org.springframework.security.ldap.LdapAuthoritiesPopulator#getGrantedAuthorities(org.springframework.ldap.core.DirContextOperations, String)
      */
-    public GrantedAuthority[] getGrantedAuthorities(DirContextOperations userData, String username) throws LdapDataAccessException {
+    public GrantedAuthority[] getGrantedAuthorities(DirContextOperations userData, String username) {
+
+        // This check is probably unnecessary.
+        if (userData == null) {
+            throw new IllegalArgumentException("The userData argument should not be null at this point.");
+        }
 
         User user = null;
-        List roles = null;
+        List<String> roles = null;
         try {
             Weblogger roller = WebloggerFactory.getWeblogger();
             UserManager umgr = roller.getUserManager();
             user = umgr.getUserByUserName(username, Boolean.TRUE);
             roles = umgr.getRoles(user);
-            
         } catch (WebloggerException ex) {
-            throw new LdapDataAccessException("ERROR in user lookup", ex);
+            throw new DataRetrievalFailureException("ERROR in user lookup", ex);
         }
 
-        if (userData == null) {
-            throw new LdapDataAccessException("ERROR no user: " + username);
+        if (user == null) {
+            throw new UsernameNotFoundException("ERROR user: " + username + " not found while granting authorities");
         }
 
-        
-        int roleCount = roles.size();
-        if (defaultRole != null) roleCount++;
+        int roleCount = roles.size() + (defaultRole != null ? 1 : 0);
         GrantedAuthority[] authorities = new GrantedAuthorityImpl[roleCount];
         int i = 0;
-        for (Iterator it = roles.iterator(); it.hasNext();) {
-            UserRole role = (UserRole) it.next();
-            authorities[i++] = new GrantedAuthorityImpl(role.getRole());
+        for(String role : roles) {
+            authorities[i++] = new GrantedAuthorityImpl(role);
         }
         
         if (defaultRole != null) {
@@ -80,7 +79,8 @@
         }
 
         if (authorities.length == 0) {
-            throw new UsernameNotFoundException("User has no GrantedAuthority");
+            // TODO: This doesn't seem like the right type of exception to throw here, but retained it, fixed the message
+            throw new UsernameNotFoundException("User " + username + " has no roles granted and there is no default role set.");
         }
 
         return authorities;