You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2010/06/15 00:14:26 UTC
svn commit: r954660 - in /directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core: authz/AciAuthorizationInterceptor.java event/EventInterceptor.java

Author: elecharny
Date: Mon Jun 14 22:14:26 2010
New Revision: 954660

URL: http://svn.apache.org/viewvc?rev=954660&view=rev
Log:
o Removed some useless DN clone
o One less lookup

Modified:
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/event/EventInterceptor.java

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java?rev=954660&r1=954659&r2=954660&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java Mon Jun 14 22:14:26 2010
@@ -831,15 +831,13 @@ public class AciAuthorizationInterceptor
     public void moveAndRename( NextInterceptor next, MoveAndRenameOperationContext moveAndRenameContext )
         throws LdapException
     {
-        DN oriChildName = moveAndRenameContext.getDn();
-        DN newParentName = moveAndRenameContext.getNewSuperiorDn();
+        DN oldDn = moveAndRenameContext.getDn();
+        DN newDn = moveAndRenameContext.getNewDn();
 
         Entry entry = moveAndRenameContext.getOriginalEntry();
 
         LdapPrincipal principal = moveAndRenameContext.getSession().getEffectivePrincipal();
         DN principalDn = principal.getDN();
-        DN newName = ( DN ) newParentName.clone();
-        newName.add( moveAndRenameContext.getNewRdn().getName() );
 
         // bypass authz code if we are disabled
         if ( !moveAndRenameContext.getSession().getDirectoryService().isAccessControlEnabled() )
@@ -848,26 +846,25 @@ public class AciAuthorizationInterceptor
             return;
         }
 
-        protectCriticalEntries( oriChildName );
+        protectCriticalEntries( oldDn );
 
         // bypass authz code but manage caches if operation is performed by the admin
         if ( isPrincipalAnAdministrator( principalDn ) )
         {
             next.moveAndRename( moveAndRenameContext );
-            tupleCache.subentryRenamed( oriChildName, newName );
-            groupCache.groupRenamed( oriChildName, newName );
+            tupleCache.subentryRenamed( oldDn, newDn );
+            groupCache.groupRenamed( oldDn, newDn );
             return;
         }
 
         Set<DN> userGroups = groupCache.getGroups( principalDn.getNormName() );
         Collection<ACITuple> tuples = new HashSet<ACITuple>();
-        addPerscriptiveAciTuples( moveAndRenameContext, tuples, oriChildName, ( ( ClonedServerEntry ) entry )
-            .getOriginalEntry() );
+        addPerscriptiveAciTuples( moveAndRenameContext, tuples, oldDn, entry );
         addEntryAciTuples( tuples, entry );
-        addSubentryAciTuples( moveAndRenameContext, tuples, oriChildName, entry );
+        addSubentryAciTuples( moveAndRenameContext, tuples, oldDn, entry );
 
         engine.checkPermission( schemaManager, moveAndRenameContext, userGroups, principalDn, principal
-            .getAuthenticationLevel(), oriChildName, null, null, MOVERENAME_PERMS, tuples, entry, null );
+            .getAuthenticationLevel(), oldDn, null, null, MOVERENAME_PERMS, tuples, entry, null );
 
         // Get the entry again without operational attributes
         // because access control subentry operational attributes
@@ -875,8 +872,7 @@ public class AciAuthorizationInterceptor
         // This will certainly be fixed by the SubentryInterceptor,
         // but after this service.
 
-        Entry importedEntry = moveAndRenameContext.lookup( oriChildName,
-            ByPassConstants.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
+        Entry importedEntry = moveAndRenameContext.lookup( oldDn, ByPassConstants.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
 
         // As the target entry does not exist yet and so
         // its subentry operational attributes are not there,
@@ -885,7 +881,7 @@ public class AciAuthorizationInterceptor
         // and access control subentry operational attributes.
         SubentryInterceptor subentryInterceptor = ( SubentryInterceptor ) chain.get( SubentryInterceptor.class
             .getName() );
-        Entry subentryAttrs = subentryInterceptor.getSubentryAttributes( newName, importedEntry );
+        Entry subentryAttrs = subentryInterceptor.getSubentryAttributes( newDn, importedEntry );
 
         for ( EntryAttribute attribute : importedEntry )
         {
@@ -894,15 +890,15 @@ public class AciAuthorizationInterceptor
 
         Collection<ACITuple> destTuples = new HashSet<ACITuple>();
         // Import permission is only valid for prescriptive ACIs
-        addPerscriptiveAciTuples( moveAndRenameContext, destTuples, newName, subentryAttrs );
+        addPerscriptiveAciTuples( moveAndRenameContext, destTuples, newDn, subentryAttrs );
         // Evaluate the target context to see whether it
         // allows an entry named newName to be imported as a subordinate.
         engine.checkPermission( schemaManager, moveAndRenameContext, userGroups, principalDn, principal
-            .getAuthenticationLevel(), newName, null, null, IMPORT_PERMS, destTuples, subentryAttrs, null );
+            .getAuthenticationLevel(), newDn, null, null, IMPORT_PERMS, destTuples, subentryAttrs, null );
 
         next.moveAndRename( moveAndRenameContext );
-        tupleCache.subentryRenamed( oriChildName, newName );
-        groupCache.groupRenamed( oriChildName, newName );
+        tupleCache.subentryRenamed( oldDn, newDn );
+        groupCache.groupRenamed( oldDn, newDn );
     }
 
 

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/event/EventInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/event/EventInterceptor.java?rev=954660&r1=954659&r2=954660&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/event/EventInterceptor.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/event/EventInterceptor.java Mon Jun 14 22:14:26 2010
@@ -247,7 +247,7 @@ public class EventInterceptor extends Ba
             return;
         }
 
-        moveAndRenameContext.setModifiedEntry( ( ClonedServerEntry ) moveAndRenameContext.lookup( moveAndRenameContext.getNewDn(),
+        moveAndRenameContext.setModifiedEntry( moveAndRenameContext.lookup( moveAndRenameContext.getNewDn(),
             ByPassConstants.LOOKUP_BYPASS ) );
 
         for ( final RegistrationEntry registration : selecting )