You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by cp...@apache.org on 2017/07/07 12:23:56 UTC
directory-fortress-core git commit: FC-119 remove role constraint
when deassigning role
Repository: directory-fortress-core
Updated Branches:
refs/heads/master 4bb32a9be -> f1448abf0
FC-119 remove role constraint when deassigning role
Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/f1448abf
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/f1448abf
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/f1448abf
Branch: refs/heads/master
Commit: f1448abf0e2c0dfea183d2e9d24a13eaf2c50edd
Parents: 4bb32a9
Author: clp207 <cl...@psu.edu>
Authored: Fri Jul 7 08:23:44 2017 -0400
Committer: clp207 <cl...@psu.edu>
Committed: Fri Jul 7 08:23:44 2017 -0400
----------------------------------------------------------------------
.../apache/directory/fortress/core/impl/UserDAO.java | 14 ++++++++++----
.../fortress/core/impl/FortressJUnitTest.java | 1 +
.../fortress/core/impl/ReviewMgrImplTest.java | 9 +++++++++
3 files changed, 20 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/f1448abf/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java b/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
index 1f20196..cb047b3 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
@@ -1825,13 +1825,19 @@ final class UserDAO extends LdapDataProvider
// delete the name assignment attribute using the raw name data:
List<Modification> mods = new ArrayList<Modification>();
+ // Remove user role constraints
+ for( RoleConstraint rc : fRole.getRoleConstraints() ){
+ this.deassign( fRole, rc );
+ }
+
mods.add( new DefaultModification( ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds
- .USER_ROLE_DATA, fRole.getRawData() ) );
-
+ .USER_ROLE_DATA, fRole.getRawData() ) );
+
mods.add( new DefaultModification( ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds
.USER_ROLE_ASSIGN, fRole.getName() ) );
- ld = getAdminConnection();
- modify( ld, userDn, mods, uRole );
+ ld = getAdminConnection();
+
+ modify( ld, userDn, mods, uRole );
}
}
// target name not found:
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/f1448abf/src/test/java/org/apache/directory/fortress/core/impl/FortressJUnitTest.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/directory/fortress/core/impl/FortressJUnitTest.java b/src/test/java/org/apache/directory/fortress/core/impl/FortressJUnitTest.java
index 2419782..f6c6c60 100755
--- a/src/test/java/org/apache/directory/fortress/core/impl/FortressJUnitTest.java
+++ b/src/test/java/org/apache/directory/fortress/core/impl/FortressJUnitTest.java
@@ -267,6 +267,7 @@ public class FortressJUnitTest extends TestCase
suite.addTest( new ReviewMgrImplTest( "testReadUserRoleConstraint" ) );
suite.addTest( new ReviewMgrImplTest( "testFindRoleConstraints" ) );
+ suite.addTest( new ReviewMgrImplTest( "testDeassignRoleWithRoleConstraint" ) );
/***********************************************************/
/* 4. Security Checks */
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/f1448abf/src/test/java/org/apache/directory/fortress/core/impl/ReviewMgrImplTest.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/directory/fortress/core/impl/ReviewMgrImplTest.java b/src/test/java/org/apache/directory/fortress/core/impl/ReviewMgrImplTest.java
index fa701a5..db4d86a 100755
--- a/src/test/java/org/apache/directory/fortress/core/impl/ReviewMgrImplTest.java
+++ b/src/test/java/org/apache/directory/fortress/core/impl/ReviewMgrImplTest.java
@@ -25,6 +25,7 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
+import org.apache.directory.fortress.core.AdminMgr;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.ReviewMgr;
import org.apache.directory.fortress.core.ReviewMgrFactory;
@@ -1681,6 +1682,14 @@ public class ReviewMgrImplTest extends TestCase
+ "] caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex );
fail( ex.getMessage() );
}
+ }
+
+ public void testDeassignRoleWithRoleConstraint() throws SecurityException{
+ AdminMgr adminMgr = AdminMgrImplTest.getManagedAdminMgr();
+ adminMgr.deassignUser( new UserRole( UserTestData.USERS_TU1[0][0], RoleTestData.ROLES_TR1[1][0] ) );
+
+ ReviewMgr reviewMgr = getManagedReviewMgr();
+ reviewMgr.assignedRoles( new User( UserTestData.USERS_TU1[0][0] ) );
}
/**