You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2010/06/15 00:14:26 UTC
svn commit: r954660 - in
/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core:
authz/AciAuthorizationInterceptor.java event/EventInterceptor.java
Author: elecharny
Date: Mon Jun 14 22:14:26 2010
New Revision: 954660
URL: http://svn.apache.org/viewvc?rev=954660&view=rev
Log:
o Removed some useless DN clone
o One less lookup
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/event/EventInterceptor.java
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java?rev=954660&r1=954659&r2=954660&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java Mon Jun 14 22:14:26 2010
@@ -831,15 +831,13 @@ public class AciAuthorizationInterceptor
public void moveAndRename( NextInterceptor next, MoveAndRenameOperationContext moveAndRenameContext )
throws LdapException
{
- DN oriChildName = moveAndRenameContext.getDn();
- DN newParentName = moveAndRenameContext.getNewSuperiorDn();
+ DN oldDn = moveAndRenameContext.getDn();
+ DN newDn = moveAndRenameContext.getNewDn();
Entry entry = moveAndRenameContext.getOriginalEntry();
LdapPrincipal principal = moveAndRenameContext.getSession().getEffectivePrincipal();
DN principalDn = principal.getDN();
- DN newName = ( DN ) newParentName.clone();
- newName.add( moveAndRenameContext.getNewRdn().getName() );
// bypass authz code if we are disabled
if ( !moveAndRenameContext.getSession().getDirectoryService().isAccessControlEnabled() )
@@ -848,26 +846,25 @@ public class AciAuthorizationInterceptor
return;
}
- protectCriticalEntries( oriChildName );
+ protectCriticalEntries( oldDn );
// bypass authz code but manage caches if operation is performed by the admin
if ( isPrincipalAnAdministrator( principalDn ) )
{
next.moveAndRename( moveAndRenameContext );
- tupleCache.subentryRenamed( oriChildName, newName );
- groupCache.groupRenamed( oriChildName, newName );
+ tupleCache.subentryRenamed( oldDn, newDn );
+ groupCache.groupRenamed( oldDn, newDn );
return;
}
Set<DN> userGroups = groupCache.getGroups( principalDn.getNormName() );
Collection<ACITuple> tuples = new HashSet<ACITuple>();
- addPerscriptiveAciTuples( moveAndRenameContext, tuples, oriChildName, ( ( ClonedServerEntry ) entry )
- .getOriginalEntry() );
+ addPerscriptiveAciTuples( moveAndRenameContext, tuples, oldDn, entry );
addEntryAciTuples( tuples, entry );
- addSubentryAciTuples( moveAndRenameContext, tuples, oriChildName, entry );
+ addSubentryAciTuples( moveAndRenameContext, tuples, oldDn, entry );
engine.checkPermission( schemaManager, moveAndRenameContext, userGroups, principalDn, principal
- .getAuthenticationLevel(), oriChildName, null, null, MOVERENAME_PERMS, tuples, entry, null );
+ .getAuthenticationLevel(), oldDn, null, null, MOVERENAME_PERMS, tuples, entry, null );
// Get the entry again without operational attributes
// because access control subentry operational attributes
@@ -875,8 +872,7 @@ public class AciAuthorizationInterceptor
// This will certainly be fixed by the SubentryInterceptor,
// but after this service.
- Entry importedEntry = moveAndRenameContext.lookup( oriChildName,
- ByPassConstants.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
+ Entry importedEntry = moveAndRenameContext.lookup( oldDn, ByPassConstants.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
// As the target entry does not exist yet and so
// its subentry operational attributes are not there,
@@ -885,7 +881,7 @@ public class AciAuthorizationInterceptor
// and access control subentry operational attributes.
SubentryInterceptor subentryInterceptor = ( SubentryInterceptor ) chain.get( SubentryInterceptor.class
.getName() );
- Entry subentryAttrs = subentryInterceptor.getSubentryAttributes( newName, importedEntry );
+ Entry subentryAttrs = subentryInterceptor.getSubentryAttributes( newDn, importedEntry );
for ( EntryAttribute attribute : importedEntry )
{
@@ -894,15 +890,15 @@ public class AciAuthorizationInterceptor
Collection<ACITuple> destTuples = new HashSet<ACITuple>();
// Import permission is only valid for prescriptive ACIs
- addPerscriptiveAciTuples( moveAndRenameContext, destTuples, newName, subentryAttrs );
+ addPerscriptiveAciTuples( moveAndRenameContext, destTuples, newDn, subentryAttrs );
// Evaluate the target context to see whether it
// allows an entry named newName to be imported as a subordinate.
engine.checkPermission( schemaManager, moveAndRenameContext, userGroups, principalDn, principal
- .getAuthenticationLevel(), newName, null, null, IMPORT_PERMS, destTuples, subentryAttrs, null );
+ .getAuthenticationLevel(), newDn, null, null, IMPORT_PERMS, destTuples, subentryAttrs, null );
next.moveAndRename( moveAndRenameContext );
- tupleCache.subentryRenamed( oriChildName, newName );
- groupCache.groupRenamed( oriChildName, newName );
+ tupleCache.subentryRenamed( oldDn, newDn );
+ groupCache.groupRenamed( oldDn, newDn );
}
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/event/EventInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/event/EventInterceptor.java?rev=954660&r1=954659&r2=954660&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/event/EventInterceptor.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/event/EventInterceptor.java Mon Jun 14 22:14:26 2010
@@ -247,7 +247,7 @@ public class EventInterceptor extends Ba
return;
}
- moveAndRenameContext.setModifiedEntry( ( ClonedServerEntry ) moveAndRenameContext.lookup( moveAndRenameContext.getNewDn(),
+ moveAndRenameContext.setModifiedEntry( moveAndRenameContext.lookup( moveAndRenameContext.getNewDn(),
ByPassConstants.LOOKUP_BYPASS ) );
for ( final RegistrationEntry registration : selecting )