You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@turbine.apache.org by tv...@apache.org on 2016/07/29 16:08:48 UTC
svn commit: r1754546 - in
/turbine/fulcrum/trunk/security/api/src/java/org/apache/fulcrum/security/model/turbine:
TurbineACLFactory.java TurbineAccessControlListImpl.java
Author: tv
Date: Fri Jul 29 16:08:47 2016
New Revision: 1754546
URL: http://svn.apache.org/viewvc?rev=1754546&view=rev
Log:
Make sure that TurbinePermissions are populated when creating an ACL
Modified:
turbine/fulcrum/trunk/security/api/src/java/org/apache/fulcrum/security/model/turbine/TurbineACLFactory.java
turbine/fulcrum/trunk/security/api/src/java/org/apache/fulcrum/security/model/turbine/TurbineAccessControlListImpl.java
Modified: turbine/fulcrum/trunk/security/api/src/java/org/apache/fulcrum/security/model/turbine/TurbineACLFactory.java
URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/security/api/src/java/org/apache/fulcrum/security/model/turbine/TurbineACLFactory.java?rev=1754546&r1=1754545&r2=1754546&view=diff
==============================================================================
--- turbine/fulcrum/trunk/security/api/src/java/org/apache/fulcrum/security/model/turbine/TurbineACLFactory.java (original)
+++ turbine/fulcrum/trunk/security/api/src/java/org/apache/fulcrum/security/model/turbine/TurbineACLFactory.java Fri Jul 29 16:08:47 2016
@@ -21,6 +21,7 @@ package org.apache.fulcrum.security.mode
import java.util.Set;
import org.apache.fulcrum.security.GroupManager;
+import org.apache.fulcrum.security.RoleManager;
import org.apache.fulcrum.security.acl.AccessControlList;
import org.apache.fulcrum.security.entity.Group;
import org.apache.fulcrum.security.entity.User;
@@ -30,6 +31,7 @@ import org.apache.fulcrum.security.model
import org.apache.fulcrum.security.spi.AbstractManager;
import org.apache.fulcrum.security.util.DataBackendException;
import org.apache.fulcrum.security.util.EntityExistsException;
+import org.apache.fulcrum.security.util.FulcrumSecurityException;
import org.apache.fulcrum.security.util.UnknownEntityException;
/**
@@ -44,6 +46,7 @@ public class TurbineACLFactory extends A
/**
* @see org.apache.fulcrum.security.model.ACLFactory#getAccessControlList(org.apache.fulcrum.security.entity.User)
*/
+ @Override
public <T extends AccessControlList> T getAccessControlList(User user)
{
TurbineUser tu = (TurbineUser)user;
@@ -77,9 +80,11 @@ public class TurbineACLFactory extends A
private TurbineAccessControlList getAclInstance(Set<? extends TurbineUserGroupRole> turbineUserGroupRoleSet) throws UnknownEntityException
{
GroupManager groupManager = null;
+ RoleManager roleManager = null;
try
{
+ roleManager = getRoleManager();
groupManager = getGroupManager();
// make sure the global group exists
@@ -114,9 +119,9 @@ public class TurbineACLFactory extends A
{
accessControlList =
new TurbineAccessControlListImpl(turbineUserGroupRoleSet,
- groupManager);
+ groupManager, roleManager);
}
- catch (Exception e)
+ catch (FulcrumSecurityException e)
{
throw new UnknownEntityException("Failed to instantiate an ACL implementation object", e);
}
Modified: turbine/fulcrum/trunk/security/api/src/java/org/apache/fulcrum/security/model/turbine/TurbineAccessControlListImpl.java
URL: http://svn.apache.org/viewvc/turbine/fulcrum/trunk/security/api/src/java/org/apache/fulcrum/security/model/turbine/TurbineAccessControlListImpl.java?rev=1754546&r1=1754545&r2=1754546&view=diff
==============================================================================
--- turbine/fulcrum/trunk/security/api/src/java/org/apache/fulcrum/security/model/turbine/TurbineAccessControlListImpl.java (original)
+++ turbine/fulcrum/trunk/security/api/src/java/org/apache/fulcrum/security/model/turbine/TurbineAccessControlListImpl.java Fri Jul 29 16:08:47 2016
@@ -26,6 +26,7 @@ import java.util.Map;
import java.util.Set;
import org.apache.fulcrum.security.GroupManager;
+import org.apache.fulcrum.security.RoleManager;
import org.apache.fulcrum.security.entity.Group;
import org.apache.fulcrum.security.entity.Permission;
import org.apache.fulcrum.security.entity.Role;
@@ -83,12 +84,13 @@ public class TurbineAccessControlListImp
* @param turbineUserGroupRoleSet
* The set of user/group/role relations that this acl is built from
* @param groupManager the Group manager
+ * @param roleManager the Role manager
*
* @throws FulcrumSecurityException if the global group cannot be retrieved
*/
public TurbineAccessControlListImpl(
Set<? extends TurbineUserGroupRole> turbineUserGroupRoleSet,
- GroupManager groupManager) throws FulcrumSecurityException
+ GroupManager groupManager, RoleManager roleManager) throws FulcrumSecurityException
{
this.roleSets = new HashMap<Group, RoleSet>();
this.permissionSets = new HashMap<Group, PermissionSet>();
@@ -100,7 +102,20 @@ public class TurbineAccessControlListImp
groupSet.add(group);
TurbineRole role = (TurbineRole)ugr.getRole();
- roleSet.add(role);
+ if (!roleSet.containsId(role.getId()))
+ {
+ // get fresh reference from role manager to make sure the related
+ // permissions are populated
+ if (roleManager != null)
+ {
+ role = roleManager.getRoleById(role.getId());
+ }
+ roleSet.add(role);
+ }
+ else
+ {
+ role = (TurbineRole)roleSet.getById(role.getId());
+ }
if (roleSets.containsKey(group))
{
roleSets.get(group).add(role);
@@ -140,6 +155,7 @@ public class TurbineAccessControlListImp
* @param group the Group
* @return the set of Roles this user has within the Group.
*/
+ @Override
public RoleSet getRoles(Group group)
{
if (group == null)
@@ -154,6 +170,7 @@ public class TurbineAccessControlListImp
*
* @return the set of Roles this user has within the global Group.
*/
+ @Override
public RoleSet getRoles()
{
return getRoles(globalGroup);
@@ -165,6 +182,7 @@ public class TurbineAccessControlListImp
* @param group the Group
* @return the set of Permissions this user has within the Group.
*/
+ @Override
public PermissionSet getPermissions(Group group)
{
if (group == null)
@@ -179,6 +197,7 @@ public class TurbineAccessControlListImp
*
* @return the set of Permissions this user has within the global Group.
*/
+ @Override
public PermissionSet getPermissions()
{
return getPermissions(globalGroup);
@@ -191,6 +210,7 @@ public class TurbineAccessControlListImp
* @param group the Group
* @return <code>true</code> if the user is assigned the Role in the Group.
*/
+ @Override
public boolean hasRole(Role role, Group group)
{
RoleSet set = getRoles(group);
@@ -210,6 +230,7 @@ public class TurbineAccessControlListImp
* @return <code>true</code> if the user is assigned the Role in any of
* the given Groups.
*/
+ @Override
public boolean hasRole(Role role, GroupSet groupset)
{
if (role == null)
@@ -236,6 +257,7 @@ public class TurbineAccessControlListImp
* @param groupName the Group name
* @return <code>true</code> if the user is assigned the Role in the Group.
*/
+ @Override
public boolean hasRole(String roleName, String groupName)
{
try
@@ -257,6 +279,7 @@ public class TurbineAccessControlListImp
* @return <code>true</code> if the user is assigned the Role in any of
* the given Groups.
*/
+ @Override
public boolean hasRole(String rolename, GroupSet groupset)
{
try
@@ -275,6 +298,7 @@ public class TurbineAccessControlListImp
* @param role the Role
* @return <code>true</code> if the user is assigned the Role in the global Group.
*/
+ @Override
public boolean hasRole(Role role)
{
return hasRole(role, globalGroup);
@@ -286,6 +310,7 @@ public class TurbineAccessControlListImp
* @param role the Role
* @return <code>true</code> if the user is assigned the Role in the global Group.
*/
+ @Override
public boolean hasRole(String role)
{
try
@@ -305,6 +330,7 @@ public class TurbineAccessControlListImp
* @param group the Group
* @return <code>true</code> if the user is assigned the Permission in the Group.
*/
+ @Override
public boolean hasPermission(Permission permission, Group group)
{
PermissionSet set = getPermissions(group);
@@ -324,6 +350,7 @@ public class TurbineAccessControlListImp
* @return <code>true</code> if the user is assigned the Permission in any
* of the given Groups.
*/
+ @Override
public boolean hasPermission(Permission permission, GroupSet groupset)
{
if (permission == null)
@@ -350,6 +377,7 @@ public class TurbineAccessControlListImp
* @param group the Group
* @return <code>true</code> if the user is assigned the Permission in the Group.
*/
+ @Override
public boolean hasPermission(String permission, String group)
{
try
@@ -369,6 +397,7 @@ public class TurbineAccessControlListImp
* @param group the Group
* @return <code>true</code> if the user is assigned the Permission in the Group.
*/
+ @Override
public boolean hasPermission(String permission, Group group)
{
try
@@ -390,6 +419,7 @@ public class TurbineAccessControlListImp
* @return <code>true</code> if the user is assigned the Permission in any
* of the given Groups.
*/
+ @Override
public boolean hasPermission(String permissionName, GroupSet groupset)
{
Permission permission;
@@ -425,6 +455,7 @@ public class TurbineAccessControlListImp
* @param permission the Permission
* @return <code>true</code> if the user is assigned the Permission in the global Group.
*/
+ @Override
public boolean hasPermission(Permission permission)
{
return hasPermission(permission, globalGroup);
@@ -436,6 +467,7 @@ public class TurbineAccessControlListImp
* @param permission the Permission
* @return <code>true</code> if the user is assigned the Permission in the global Group.
*/
+ @Override
public boolean hasPermission(String permission)
{
try
@@ -458,6 +490,7 @@ public class TurbineAccessControlListImp
*
* @return A Group [] of all groups in the system.
*/
+ @Override
public Group[] getAllGroups()
{
try