You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by dl...@apache.org on 2004/09/30 06:01:42 UTC
cvs commit: jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi SecurityMappingHandler.java
dlestrat 2004/09/29 21:01:42
Modified: components/security/src/java/org/apache/jetspeed/security/impl
AggregationHierarchyResolver.java
GeneralizationHierarchyResolver.java
RoleManagerImpl.java
components/security/src/java/org/apache/jetspeed/security/spi/impl
DefaultSecurityMappingHandler.java
components/security/src/test/org/apache/jetspeed/security
TestRoleManager.java
components/security/src/java/org/apache/jetspeed/security
HierarchyResolver.java
components/security/src/java/org/apache/jetspeed/security/spi
SecurityMappingHandler.java
Added: components/security/src/java/org/apache/jetspeed/security/impl
BaseHierarchyResolver.java
Log:
Some progress on
http://nagoya.apache.org/jira/browse/JS2-114
Revision Changes Path
1.4 +3 -35 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/AggregationHierarchyResolver.java
Index: AggregationHierarchyResolver.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/AggregationHierarchyResolver.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- AggregationHierarchyResolver.java 19 Sep 2004 19:04:11 -0000 1.3
+++ AggregationHierarchyResolver.java 30 Sep 2004 04:01:41 -0000 1.4
@@ -14,9 +14,6 @@
*/
package org.apache.jetspeed.security.impl;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.prefs.BackingStoreException;
import java.util.prefs.Preferences;
import org.apache.commons.logging.Log;
@@ -40,12 +37,13 @@
* <li>/role/roleA/roleB</li>
* <li>/role/roleA/roleB/roleC</li>
* </ul>
+ * </p>
*
* @author <a href="mailto:Artem.Grinshtein@t-systems.com">Artem Grinshtein </a>
* @version $Id: AggregationHierarchyResolver.java,v 1.2 2004/09/18 19:33:58
* dlestrat Exp $
*/
-public class AggregationHierarchyResolver implements HierarchyResolver
+public class AggregationHierarchyResolver extends BaseHierarchyResolver implements HierarchyResolver
{
private static final Log log = LogFactory.getLog(AggregationHierarchyResolver.class);
@@ -56,37 +54,7 @@
{
ArgUtil.notNull(new Object[] { prefs }, new String[] { "preferences" }, "resolve(java.util.prefs.Preferences)");
- List list = new ArrayList();
- processPreferences(prefs, list);
- return (String[]) list.toArray(new String[0]);
- }
-
- /**
- * <p>
- * Recursively processes the preferences.
- * </p>
- *
- * @param prefs The preferences.
- * @param list The list to add the preferences to.
- */
- protected void processPreferences(Preferences prefs, List list)
- {
- if (!list.contains(prefs.absolutePath()))
- {
- list.add(prefs.absolutePath());
- }
- try
- {
- String[] names = prefs.childrenNames();
- for (int i = 0; i < names.length; i++)
- {
- processPreferences(prefs.node(names[i]), list);
- }
- }
- catch (BackingStoreException bse)
- {
- log.warn("can't find children of " + prefs.absolutePath(), bse);
- }
+ return resolveChildren(prefs);
}
}
1.4 +2 -1 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/GeneralizationHierarchyResolver.java
Index: GeneralizationHierarchyResolver.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/GeneralizationHierarchyResolver.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- GeneralizationHierarchyResolver.java 19 Sep 2004 19:04:11 -0000 1.3
+++ GeneralizationHierarchyResolver.java 30 Sep 2004 04:01:41 -0000 1.4
@@ -32,12 +32,13 @@
* <li>/role/roleA/roleB</li>
* <li>/role/roleA/roleB/roleC</li>
* </ul>
+ * </p>
*
* @author <a href="mailto:Artem.Grinshtein@t-systems.com">Artem Grinshtein </a>
* @version $Id: GeneralizationHierarchyResolver.java,v 1.2 2004/09/18 19:33:58
* dlestrat Exp $
*/
-public class GeneralizationHierarchyResolver implements HierarchyResolver
+public class GeneralizationHierarchyResolver extends BaseHierarchyResolver implements HierarchyResolver
{
/**
1.9 +33 -80 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/RoleManagerImpl.java
Index: RoleManagerImpl.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/RoleManagerImpl.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- RoleManagerImpl.java 28 Sep 2004 04:23:52 -0000 1.8
+++ RoleManagerImpl.java 30 Sep 2004 04:01:41 -0000 1.9
@@ -25,7 +25,6 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.jetspeed.components.persistence.store.Filter;
import org.apache.jetspeed.components.persistence.store.PersistenceStore;
import org.apache.jetspeed.security.Role;
import org.apache.jetspeed.security.RoleManager;
@@ -35,7 +34,6 @@
import org.apache.jetspeed.security.om.InternalGroupPrincipal;
import org.apache.jetspeed.security.om.InternalRolePrincipal;
import org.apache.jetspeed.security.om.InternalUserPrincipal;
-import org.apache.jetspeed.security.om.impl.InternalRolePrincipalImpl;
import org.apache.jetspeed.security.spi.RoleSecurityHandler;
import org.apache.jetspeed.security.spi.SecurityMappingHandler;
import org.apache.jetspeed.util.ArgUtil;
@@ -146,73 +144,35 @@
ArgUtil.notNull(new Object[] { roleFullPathName }, new String[] { "roleFullPathName" },
"removeRole(java.lang.String)");
- InternalRolePrincipal omParentRole = super.getJetspeedRolePrincipal(roleFullPathName);
- if (null != omParentRole)
+ // Resolve the role hierarchy.
+ Preferences prefs = Preferences.userRoot().node(
+ RolePrincipalImpl.getFullPathFromPrincipalName(roleFullPathName));
+ String[] roles = securityMappingHandler.getRoleHierarchyResolver().resolveChildren(prefs);
+ for (int i = 0; i < roles.length; i++)
{
- PersistenceStore store = getPersistenceStore();
- Filter filter = store.newFilter();
- filter.addLike((Object) new String("fullPath"), (Object) (omParentRole.getFullPath() + "/*"));
- Object query = store.newQuery(InternalRolePrincipalImpl.class, filter);
- Collection omRoles = store.getCollectionByQuery(query);
- if (null == omRoles)
- {
- omRoles = new ArrayList();
- }
- omRoles.add(omParentRole);
- // Remove each role in the collection.
- Iterator omRolesIterator = omRoles.iterator();
- while (omRolesIterator.hasNext())
- {
- InternalRolePrincipal omRole = (InternalRolePrincipal) omRolesIterator.next();
- // TODO This should be managed in a transaction.
- Collection omUsers = omRole.getUserPrincipals();
- if (null != omUsers)
- {
- omUsers.clear();
- }
- Collection omGroups = omRole.getGroupPrincipals();
- if (null != omGroups)
- {
- omGroups.clear();
- }
- Collection omPermissions = omRole.getPermissions();
- if (null != omPermissions)
- {
- omPermissions.clear();
- }
-
- try
- {
- // TODO Can this be done in one shot?
- // Remove dependencies.
- store.lockForWrite(omRole);
- omRole.setModifiedDate(new Timestamp(System.currentTimeMillis()));
- omRole.setUserPrincipals(omUsers);
- omRole.setGroupPrincipals(omGroups);
- omRole.setPermissions(omPermissions);
- store.getTransaction().checkpoint();
-
- // Remove role.
- store.deletePersistent(omRole);
- store.getTransaction().checkpoint();
- }
- catch (Exception e)
- {
- String msg = "Unable to lock Role for update.";
- log.error(msg, e);
- store.getTransaction().rollback();
- throw new SecurityException(msg, e);
- }
- // Remove preferences
- Preferences preferences = Preferences.userRoot().node(omRole.getFullPath());
- try
- {
- preferences.removeNode();
- }
- catch (BackingStoreException bse)
- {
- bse.printStackTrace();
- }
+ try
+ {
+ roleSecurityHandler.removeRolePrincipal(new RolePrincipalImpl(RolePrincipalImpl
+ .getPrincipalNameFromFullPath((String) roles[i])));
+ }
+ catch (Exception e)
+ {
+ String msg = "Unable to remove role: "
+ + RolePrincipalImpl.getPrincipalNameFromFullPath((String) roles[i]);
+ log.error(msg, e);
+ throw new SecurityException(msg, e);
+ }
+ // Remove preferences
+ Preferences rolePref = Preferences.userRoot().node((String) roles[i]);
+ try
+ {
+ rolePref.removeNode();
+ }
+ catch (BackingStoreException bse)
+ {
+ String msg = "Unable to remove role preferences: " + roles[i];
+ log.error(msg, bse);
+ throw new SecurityException(msg, bse);
}
}
}
@@ -500,20 +460,13 @@
boolean isGroupInRole = false;
- InternalGroupPrincipal omGroup = super.getJetspeedGroupPrincipal(groupFullPathName);
- if (null == omGroup)
- {
- throw new SecurityException(SecurityException.GROUP_DOES_NOT_EXIST + " " + groupFullPathName);
- }
- InternalRolePrincipal omRole = super.getJetspeedRolePrincipal(roleFullPathName);
- if (null != omRole)
+ Set rolePrincipals = securityMappingHandler.getRolePrincipalsInGroup(groupFullPathName);
+ Principal rolePrincipal = new RolePrincipalImpl(roleFullPathName);
+ if (rolePrincipals.contains(rolePrincipal))
{
- Collection omRoles = omGroup.getRolePrincipals();
- if ((null != omRoles) && (omRoles.contains(omRole)))
- {
- isGroupInRole = true;
- }
+ isGroupInRole = true;
}
+
return isGroupInRole;
}
1.1 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/BaseHierarchyResolver.java
Index: BaseHierarchyResolver.java
===================================================================
/* Copyright 2004 Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.jetspeed.security.impl;
import java.util.ArrayList;
import java.util.List;
import java.util.prefs.BackingStoreException;
import java.util.prefs.Preferences;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.util.ArgUtil;
/**
* <p>
* Base implementation for the hierarchy resolver.
* <p>
*
* @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
*/
public class BaseHierarchyResolver
{
/** The logger. */
private static final Log log = LogFactory.getLog(BaseHierarchyResolver.class);
/**
* @see org.apache.jetspeed.security.HierarchyResolver#resolveChildren(java.util.prefs.Preferences)
*/
public String[] resolveChildren(Preferences prefs)
{
ArgUtil.notNull(new Object[] { prefs }, new String[] { "preferences" }, "resolveChildren(java.util.prefs.Preferences)");
List children = new ArrayList();
processPreferences(prefs, children);
return (String[]) children.toArray(new String[0]);
}
/**
* <p>
* Recursively processes the preferences.
* </p>
*
* @param prefs The preferences.
* @param list The list to add the preferences to.
*/
protected void processPreferences(Preferences prefs, List list)
{
if (!list.contains(prefs.absolutePath()))
{
list.add(prefs.absolutePath());
}
try
{
String[] names = prefs.childrenNames();
for (int i = 0; i < names.length; i++)
{
processPreferences(prefs.node(names[i]), list);
}
}
catch (BackingStoreException bse)
{
log.warn("can't find children of " + prefs.absolutePath(), bse);
}
}
}
1.2 +27 -2 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java
Index: DefaultSecurityMappingHandler.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- DefaultSecurityMappingHandler.java 19 Sep 2004 19:04:11 -0000 1.1
+++ DefaultSecurityMappingHandler.java 30 Sep 2004 04:01:41 -0000 1.2
@@ -76,15 +76,31 @@
this.groupHierarchyResolver = groupHierarchyResolver;
}
}
-
+
+ /**
+ * @return Returns the roleHierarchyResolver.
+ */
+ public HierarchyResolver getRoleHierarchyResolver()
+ {
+ return roleHierarchyResolver;
+ }
+
/**
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRoleHierarchyResolver(org.apache.jetspeed.security.HierarchyResolver)
*/
public void setRoleHierarchyResolver(HierarchyResolver roleHierarchyResolver)
{
this.roleHierarchyResolver = roleHierarchyResolver;
+ }
+
+ /**
+ * @return Returns the groupHierarchyResolver.
+ */
+ public HierarchyResolver getGroupHierarchyResolver()
+ {
+ return groupHierarchyResolver;
}
-
+
/**
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setGroupHierarchyResolver(org.apache.jetspeed.security.HierarchyResolver)
*/
@@ -126,6 +142,15 @@
return rolePrincipals;
}
+ /**
+ * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRolePrincipals(java.lang.String, java.util.Set)
+ */
+ public void setRolePrincipals(String username, Set rolePrincipals)
+ {
+ // TODO Auto-generated method stub
+
+ }
+
/**
* @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getRolePrincipalsInGroup(java.lang.String)
*/
1.10 +296 -299 jakarta-jetspeed-2/components/security/src/test/org/apache/jetspeed/security/TestRoleManager.java
Index: TestRoleManager.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/test/org/apache/jetspeed/security/TestRoleManager.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- TestRoleManager.java 25 Sep 2004 23:03:17 -0000 1.9
+++ TestRoleManager.java 30 Sep 2004 04:01:41 -0000 1.10
@@ -24,16 +24,21 @@
import org.apache.jetspeed.security.impl.RolePrincipalImpl;
/**
- * <p>Unit testing for {@link RoleManager}.</p>
- *
- * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
+ * <p>
+ * Unit testing for {@link RoleManager}.
+ * </p>
+ *
+ * @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>
* @version $Id$
*/
public class TestRoleManager extends AbstractSecurityTestcase
{
/**
- * <p>Defines the test case name for junit.</p>
+ * <p>
+ * Defines the test case name for junit.
+ * </p>
+ *
* @param testName The test case name.
*/
public TestRoleManager(String testName)
@@ -54,7 +59,7 @@
* @see junit.framework.TestCase#tearDown()
*/
public void tearDown() throws Exception
- {
+ {
destroyRoles();
super.tearDown();
}
@@ -64,9 +69,11 @@
// All methods starting with "test" will be executed in the test suite.
return new TestSuite(TestRoleManager.class);
}
-
+
/**
- * <p>Test add role.</p>
+ * <p>
+ * Test add role.
+ * </p>
*/
public void testAddRole()
{
@@ -107,7 +114,9 @@
}
/**
- * <p>Test add user to role.</p>
+ * <p>
+ * Test add user to role.
+ * </p>
*/
public void testAddRoleToUser()
{
@@ -127,11 +136,10 @@
try
{
rms.addRoleToUser("anonuser1", "testusertorole1.role1");
-
+
Collection principals = ums.getUser("anonuser1").getSubject().getPrincipals();
- assertTrue(
- "anonuser1 should contain testusertorole1.role1",
- principals.contains(new RolePrincipalImpl("testusertorole1.role1")));
+ assertTrue("anonuser1 should contain testusertorole1.role1", principals.contains(new RolePrincipalImpl(
+ "testusertorole1.role1")));
}
catch (SecurityException sex)
{
@@ -142,9 +150,8 @@
{
rms.addRoleToUser("anonuser1", "testusertorole1.role2");
Collection principals = ums.getUser("anonuser1").getSubject().getPrincipals();
- assertTrue(
- "anonuser1 should contain testusertorole1.role2",
- principals.contains(new RolePrincipalImpl("testusertorole1.role2")));
+ assertTrue("anonuser1 should contain testusertorole1.role2", principals.contains(new RolePrincipalImpl(
+ "testusertorole1.role2")));
}
catch (SecurityException sex)
{
@@ -182,7 +189,9 @@
}
/**
- * <p>Test remove role.</p>
+ * <p>
+ * Test remove role.
+ * </p>
*/
public void testRemoveRole()
{
@@ -210,13 +219,10 @@
rms.removeRole("testrole1.role1");
Collection principals = ums.getUser("anonuser2").getSubject().getPrincipals();
// because of hierarchical roles with generalization strategy.
- assertEquals(
- "principal size should be == 5 after removing testrole1.role1, for principals: " + principals.toString(),
- 5,
- principals.size());
- assertFalse(
- "anonuser2 should not contain testrole1.role1",
- principals.contains(new RolePrincipalImpl("testrole1.role1")));
+ assertEquals("principal size should be == 5 after removing testrole1.role1, for principals: "
+ + principals.toString(), 5, principals.size());
+ assertFalse("anonuser2 should not contain testrole1.role1", principals.contains(new RolePrincipalImpl(
+ "testrole1.role1")));
// Make sure that the children are removed as well.
rms.removeRole("testrole2");
boolean roleExists = rms.roleExists("testrole2.role1");
@@ -242,7 +248,9 @@
}
/**
- * <p>Test get role.</p>
+ * <p>
+ * Test get role.
+ * </p>
*/
public void testGetRole()
{
@@ -274,10 +282,8 @@
// Test the Role Preferences.
Preferences preferences = role.getPreferences();
- assertEquals(
- "expected role node == /role/testgetrole",
- SecurityHelper.getPreferencesFullPath(rolePrincipal),
- preferences.absolutePath());
+ assertEquals("expected role node == /role/testgetrole", SecurityHelper.getPreferencesFullPath(rolePrincipal),
+ preferences.absolutePath());
// Cleanup test.
try
@@ -290,268 +296,279 @@
}
}
- /**
- * <p>Test get roles for user.</p>
- */
- public void testGetRolesForUser()
+ /**
+ * <p>
+ * Test get roles for user.
+ * </p>
+ */
+ public void testGetRolesForUser()
+ {
+ // Init test.
+ try
{
- // Init test.
- try
- {
- ums.addUser("anonuser3", "password");
- rms.addRole("testuserrolemapping");
- rms.addRole("testuserrolemapping.role1");
- rms.addRole("testuserrolemapping2.role2");
- rms.addRoleToUser("anonuser3", "testuserrolemapping");
- rms.addRoleToUser("anonuser3", "testuserrolemapping.role1");
- rms.addRoleToUser("anonuser3", "testuserrolemapping2.role2");
- }
- catch (SecurityException sex)
- {
- assertTrue("failed to init testGetRolesForUser(), " + sex, false);
- }
-
- try
- {
- Collection roles = rms.getRolesForUser("anonuser3");
- assertEquals("roles size should be == 4", 4, roles.size());
- }
- catch (SecurityException sex)
- {
- assertTrue("user exists. should not have thrown an exception: " + sex, false);
- }
-
- // Cleanup test.
- try
- {
- ums.removeUser("anonuser3");
- rms.removeRole("testuserrolemapping");
- rms.removeRole("testuserrolemapping2");
- }
- catch (SecurityException sex)
- {
- assertTrue("could not remove user and role. exception caught: " + sex, false);
- }
+ ums.addUser("anonuser3", "password");
+ rms.addRole("testuserrolemapping");
+ rms.addRole("testuserrolemapping.role1");
+ rms.addRole("testuserrolemapping2.role2");
+ rms.addRoleToUser("anonuser3", "testuserrolemapping");
+ rms.addRoleToUser("anonuser3", "testuserrolemapping.role1");
+ rms.addRoleToUser("anonuser3", "testuserrolemapping2.role2");
}
-
- /**
- * <p>Test get roles in group.</p>
- */
- public void testGetRolesInGroup()
+ catch (SecurityException sex)
{
- // Init test.
- try
- {
- rms.addRole("testuserrolemapping");
- rms.addRole("testuserrolemapping.role1");
- rms.addRole("testuserrolemapping.role3");
- gms.addGroup("testrolegroupmapping");
- rms.addRoleToGroup("testuserrolemapping", "testrolegroupmapping");
- rms.addRoleToGroup("testuserrolemapping.role1", "testrolegroupmapping");
- rms.addRoleToGroup("testuserrolemapping.role3", "testrolegroupmapping");
- }
- catch (SecurityException sex)
- {
- assertTrue("failed to init testGetRolesForGroup(), " + sex, false);
- }
-
- try
- {
- Collection roles = rms.getRolesInGroup("testrolegroupmapping");
- assertEquals("roles size should be == 3", 3, roles.size());
- }
- catch (SecurityException sex)
- {
- assertTrue("group exists. should not have thrown an exception: " + sex, false);
- }
-
- // Cleanup test.
- try
- {
- rms.removeRole("testuserrolemapping");
- gms.removeGroup("testrolegroupmapping");
- }
- catch (SecurityException sex)
- {
- assertTrue("could not remove role and group. exception caught: " + sex, false);
- }
+ assertTrue("failed to init testGetRolesForUser(), " + sex, false);
}
-
- /**
- * <p>Test remove role from user.</p>
- */
- public void testRemoveRoleFromUser()
+
+ try
{
- // Init test.
- try
- {
- ums.addUser("anonuser5", "password");
- rms.addRole("testrole3");
- rms.addRoleToUser("anonuser5", "testrole3");
- }
- catch (SecurityException sex)
- {
- assertTrue("failed to init testRemoveRoleFromUser(), " + sex, false);
- }
-
- try
- {
- rms.removeRoleFromUser("anonuser5", "testrole3");
- Collection roles = rms.getRolesForUser("anonuser5");
- assertEquals("roles size should be == 0", 0, roles.size());
- }
- catch (SecurityException sex)
- {
- assertTrue("user exists. should not have thrown an exception: " + sex, false);
- }
-
- // Cleanup test.
- try
- {
- ums.removeUser("anonuser5");
- rms.removeRole("testrole3");
- }
- catch (SecurityException sex)
- {
- assertTrue("could not remove user and role. exception caught: " + sex, false);
- }
+ Collection roles = rms.getRolesForUser("anonuser3");
+ assertEquals("roles size should be == 4", 4, roles.size());
}
-
- /**
- * <p>Test is user in role.</p>
- */
- public void testIsUserInRole()
+ catch (SecurityException sex)
{
- // Init test.
- try
- {
- ums.addUser("anonuser4", "password");
- rms.addRole("testuserrolemapping");
- rms.addRoleToUser("anonuser4", "testuserrolemapping");
- }
- catch (SecurityException sex)
- {
- assertTrue("failed to init testIsUserInRole(), " + sex, false);
- }
-
- try
- {
- boolean isUserInRole = rms.isUserInRole("anonuser4", "testuserrolemapping");
- assertTrue("anonuser4 should be in role testuserrolemapping", isUserInRole);
- }
- catch (SecurityException sex)
- {
- assertTrue("user and role exist. should not have thrown an exception: " + sex, false);
- }
-
- // Cleanup test.
- try
- {
- ums.removeUser("anonuser4");
- rms.removeRole("testuserrolemapping");
- }
- catch (SecurityException sex)
- {
- assertTrue("could not remove user and role. exception caught: " + sex, false);
- }
+ assertTrue("user exists. should not have thrown an exception: " + sex, false);
}
-
- /**
- * <p>Test remove role from group.</p>
- */
- public void testRemoveRoleFromGroup()
+
+ // Cleanup test.
+ try
{
- // Init test.
- try
- {
- rms.addRole("testuserrolemapping");
- rms.addRole("testuserrolemapping.role1");
- rms.addRole("testuserrolemapping.role3");
- gms.addGroup("testrolegroupmapping");
- rms.addRoleToGroup("testuserrolemapping", "testrolegroupmapping");
- rms.addRoleToGroup("testuserrolemapping.role1", "testrolegroupmapping");
- rms.addRoleToGroup("testuserrolemapping.role3", "testrolegroupmapping");
- }
- catch (SecurityException sex)
- {
- assertTrue("failed to init testRemoveRoleFromGroup(), " + sex, false);
- }
-
- try
- {
- rms.removeRoleFromGroup("testuserrolemapping.role3", "testrolegroupmapping");
- Collection roles = rms.getRolesInGroup("testrolegroupmapping");
- assertEquals("roles size should be == 2", 2, roles.size());
- }
- catch (SecurityException sex)
- {
- assertTrue("group exists. should not have thrown an exception: " + sex, false);
- }
-
- // Cleanup test.
- try
- {
- rms.removeRole("testuserrolemapping");
- gms.removeGroup("testrolegroupmapping");
- }
- catch (SecurityException sex)
- {
- assertTrue("could not remove group and role. exception caught: " + sex, false);
- }
+ ums.removeUser("anonuser3");
+ rms.removeRole("testuserrolemapping");
+ rms.removeRole("testuserrolemapping2");
}
-
- /**
- * <p>Test is user in role.</p>
- */
- public void testIsGroupInRole()
+ catch (SecurityException sex)
{
- // Init test.
- try
- {
- rms.addRole("testuserrolemapping");
- gms.addGroup("testrolegroupmapping");
- rms.addRoleToGroup("testuserrolemapping", "testrolegroupmapping");
- }
- catch (SecurityException sex)
- {
- assertTrue("failed to init testIsGroupInRole(), " + sex, false);
- }
- try
- {
- boolean isGroupInRole = rms.isGroupInRole("testrolegroupmapping", "testuserrolemapping");
- assertTrue("testrolegroupmapping should be in role testuserrolemapping", isGroupInRole);
- }
- catch (SecurityException sex)
- {
- assertTrue("group and role exist. should not have thrown an exception: " + sex, false);
- }
-
- // Cleanup test.
- try
- {
- rms.removeRole("testuserrolemapping");
- gms.removeGroup("testrolegroupmapping");
- }
- catch (SecurityException sex)
- {
- assertTrue("could not remove role and group. exception caught: " + sex, false);
- }
+ assertTrue("could not remove user and role. exception caught: " + sex, false);
}
+ }
/**
- * <p>Destroy role test objects.</p>
+ * <p>
+ * Test get roles in group.
+ * </p>
+ */
+ public void testGetRolesInGroup()
+ {
+ // Init test.
+ try
+ {
+ rms.addRole("testuserrolemapping");
+ rms.addRole("testuserrolemapping.role1");
+ rms.addRole("testuserrolemapping.role3");
+ gms.addGroup("testrolegroupmapping");
+ rms.addRoleToGroup("testuserrolemapping", "testrolegroupmapping");
+ rms.addRoleToGroup("testuserrolemapping.role1", "testrolegroupmapping");
+ rms.addRoleToGroup("testuserrolemapping.role3", "testrolegroupmapping");
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("failed to init testGetRolesForGroup(), " + sex, false);
+ }
+
+ try
+ {
+ Collection roles = rms.getRolesInGroup("testrolegroupmapping");
+ assertEquals("roles size should be == 3", 3, roles.size());
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("group exists. should not have thrown an exception: " + sex, false);
+ }
+
+ // Cleanup test.
+ try
+ {
+ rms.removeRole("testuserrolemapping");
+ gms.removeGroup("testrolegroupmapping");
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("could not remove role and group. exception caught: " + sex, false);
+ }
+ }
+
+ /**
+ * <p>
+ * Test remove role from user.
+ * </p>
+ */
+ public void testRemoveRoleFromUser()
+ {
+ // Init test.
+ try
+ {
+ ums.addUser("anonuser5", "password");
+ rms.addRole("testrole3");
+ rms.addRoleToUser("anonuser5", "testrole3");
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("failed to init testRemoveRoleFromUser(), " + sex, false);
+ }
+
+ try
+ {
+ rms.removeRoleFromUser("anonuser5", "testrole3");
+ Collection roles = rms.getRolesForUser("anonuser5");
+ assertEquals("roles size should be == 0", 0, roles.size());
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("user exists. should not have thrown an exception: " + sex, false);
+ }
+
+ // Cleanup test.
+ try
+ {
+ ums.removeUser("anonuser5");
+ rms.removeRole("testrole3");
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("could not remove user and role. exception caught: " + sex, false);
+ }
+ }
+
+ /**
+ * <p>
+ * Test is user in role.
+ * </p>
+ */
+ public void testIsUserInRole()
+ {
+ // Init test.
+ try
+ {
+ ums.addUser("anonuser4", "password");
+ rms.addRole("testuserrolemapping");
+ rms.addRoleToUser("anonuser4", "testuserrolemapping");
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("failed to init testIsUserInRole(), " + sex, false);
+ }
+
+ try
+ {
+ boolean isUserInRole = rms.isUserInRole("anonuser4", "testuserrolemapping");
+ assertTrue("anonuser4 should be in role testuserrolemapping", isUserInRole);
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("user and role exist. should not have thrown an exception: " + sex, false);
+ }
+
+ // Cleanup test.
+ try
+ {
+ ums.removeUser("anonuser4");
+ rms.removeRole("testuserrolemapping");
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("could not remove user and role. exception caught: " + sex, false);
+ }
+ }
+
+ /**
+ * <p>
+ * Test remove role from group.
+ * </p>
+ */
+ public void testRemoveRoleFromGroup()
+ {
+ // Init test.
+ try
+ {
+ rms.addRole("testuserrolemapping");
+ rms.addRole("testuserrolemapping.role1");
+ rms.addRole("testuserrolemapping.role3");
+ gms.addGroup("testrolegroupmapping");
+ rms.addRoleToGroup("testuserrolemapping", "testrolegroupmapping");
+ rms.addRoleToGroup("testuserrolemapping.role1", "testrolegroupmapping");
+ rms.addRoleToGroup("testuserrolemapping.role3", "testrolegroupmapping");
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("failed to init testRemoveRoleFromGroup(), " + sex, false);
+ }
+
+ try
+ {
+ rms.removeRoleFromGroup("testuserrolemapping.role3", "testrolegroupmapping");
+ Collection roles = rms.getRolesInGroup("testrolegroupmapping");
+ assertEquals("roles size should be == 2", 2, roles.size());
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("group exists. should not have thrown an exception: " + sex, false);
+ }
+
+ // Cleanup test.
+ try
+ {
+ rms.removeRole("testuserrolemapping");
+ gms.removeGroup("testrolegroupmapping");
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("could not remove group and role. exception caught: " + sex, false);
+ }
+ }
+
+ /**
+ * <p>
+ * Test is user in role.
+ * </p>
+ */
+ public void testIsGroupInRole()
+ {
+ // Init test.
+ try
+ {
+ rms.addRole("testuserrolemapping");
+ gms.addGroup("testrolegroupmapping");
+ rms.addRoleToGroup("testuserrolemapping", "testrolegroupmapping");
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("failed to init testIsGroupInRole(), " + sex, false);
+ }
+ try
+ {
+ boolean isGroupInRole = rms.isGroupInRole("testrolegroupmapping", "testuserrolemapping");
+ assertTrue("testrolegroupmapping should be in role testuserrolemapping", isGroupInRole);
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("group and role exist. should not have thrown an exception: " + sex, false);
+ }
+
+ // Cleanup test.
+ try
+ {
+ rms.removeRole("testuserrolemapping");
+ gms.removeGroup("testrolegroupmapping");
+ }
+ catch (SecurityException sex)
+ {
+ assertTrue("could not remove role and group. exception caught: " + sex, false);
+ }
+ }
+
+ /**
+ * <p>
+ * Destroy role test objects.
+ * </p>
*/
protected void destroyRoles()
{
- final String[] users = new String []{"anonuser1",
- "anonuser2", "anonuser3", "anonuser4",
- "anonuser5", };
- final String[] roles = new String []{"testrole1", "testrole2",
- "testrole3", "testgetrole", "testuserrolemapping",
- "testusertorole1", "testuserrolemapping.role1", "testuserrolemapping2.role2"};
- final String[] groups = new String[] {"testusertorole1"};
-
- for(int i=0; i<users.length; i++)
+ final String[] users = new String[] { "anonuser1", "anonuser2", "anonuser3", "anonuser4", "anonuser5", };
+ final String[] roles = new String[] { "testrole1", "testrole2", "testrole3", "testgetrole",
+ "testuserrolemapping", "testusertorole1", "testuserrolemapping.role1", "testuserrolemapping2.role2" };
+ final String[] groups = new String[] { "testusertorole1" };
+
+ for (int i = 0; i < users.length; i++)
{
try
{
@@ -562,8 +579,8 @@
System.err.println(e.toString());
}
}
-
- for(int i=0; i<roles.length; i++)
+
+ for (int i = 0; i < roles.length; i++)
{
try
{
@@ -574,8 +591,8 @@
System.err.println(e.toString());
}
}
-
- for(int i=0; i<groups.length; i++)
+
+ for (int i = 0; i < groups.length; i++)
{
try
{
@@ -586,26 +603,6 @@
System.err.println(e.toString());
}
}
-
-// try
-// {
-// ums.removeUser("anonuser1");
-// ums.removeUser("anonuser2");
-// ums.removeUser("anonuser3");
-// ums.removeUser("anonuser4");
-// ums.removeUser("anonuser5");
-// rms.removeRole("testrole1");
-// rms.removeRole("testrole2");
-// rms.removeRole("testrole3");
-// rms.removeRole("testgetrole");
-// rms.removeRole("testuserrolemapping");
-// gms.removeGroup("testrolegroupmapping");
-// rms.removeRole("testusertorole1");
-// }
-// catch (SecurityException sex)
-// {
-// assertTrue("could not remove user, group and role. exception caught: " + sex, false);
-// }
}
-}
+}
\ No newline at end of file
1.2 +22 -5 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/HierarchyResolver.java
Index: HierarchyResolver.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/HierarchyResolver.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- HierarchyResolver.java 18 Sep 2004 19:33:35 -0000 1.1
+++ HierarchyResolver.java 30 Sep 2004 04:01:42 -0000 1.2
@@ -17,18 +17,35 @@
import java.util.prefs.Preferences;
/**
- * <p>This class allows to implement different types of groups/roles hierarchy.</p>
- * @author <a href="mailto:Artem.Grinshtein@t-systems.com">Artem Grinshtein</a>
+ * <p>
+ * This class allows to implement different types of groups/roles hierarchy.
+ * </p>
+ *
+ * @author <a href="mailto:Artem.Grinshtein@t-systems.com">Artem Grinshtein </a>
* @version $Id$
*/
public interface HierarchyResolver
{
/**
- * <p>Returns absolute path names of the dependcy roles/groups.</p>
+ * <p>
+ * Returns absolute path names of the hierarchy roles/groups.
+ * </p>
+ *
* @param prefs Preferences for the role/group
* @return Returns absolute path names of the dependcy roles/groups.
*/
- public String[] resolve( Preferences prefs );
+ public String[] resolve(Preferences prefs);
+
+ /**
+ * <p>
+ * Returns the absolute path names of the children of the given hierarchy
+ * roles/groups node.
+ * </p>
+ *
+ * @param prefs Preferences for the role/group
+ * @return Returns absolute path names of the children roles/groups.
+ */
+ public String[] resolveChildren(Preferences prefs);
}
1.2 +29 -0 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/SecurityMappingHandler.java
Index: SecurityMappingHandler.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/SecurityMappingHandler.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- SecurityMappingHandler.java 19 Sep 2004 19:04:11 -0000 1.1
+++ SecurityMappingHandler.java 30 Sep 2004 04:01:42 -0000 1.2
@@ -34,6 +34,15 @@
/**
* <p>
+ * Gets the {@link HierarchyResolver} to be used for resolving role hierarchy.
+ * </p>
+ *
+ * @return The role {@link HierarchyResolver}.
+ */
+ HierarchyResolver getRoleHierarchyResolver();
+
+ /**
+ * <p>
* Sets the {@link HierarchyResolver} to be used for resolving role hierachy.
* </p>
*
@@ -43,6 +52,15 @@
/**
* <p>
+ * Gets the {@link HierarchyResolver} to be used for resolving group hierarchy.
+ * </p>
+ *
+ * @return The role {@link HierarchyResolver}.
+ */
+ HierarchyResolver getGroupHierarchyResolver();
+
+ /**
+ * <p>
* Sets the {@link HierarchyResolver} used for resolving group hierarchy.
* </p>
*
@@ -60,6 +78,17 @@
* @return A set of <code>Principal</p>
*/
Set getRolePrincipals(String username);
+
+ /**
+ * <p>
+ * Sets the roles principals on a given user. The provided set replaces
+ * any set that may already have been set on the user.
+ * </p>
+ *
+ * @param username The user to add the roles principals to.
+ * @param rolePrincipals The roles principals to add.
+ */
+ void setRolePrincipals(String username, Set rolePrincipals);
/**
* <p>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org