You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2015/02/11 19:43:06 UTC

directory-fortress-core git commit: FC-64 - assign/deassign not checking for null attrs

Repository: directory-fortress-core
Updated Branches:
  refs/heads/master f397ef2eb -> 1318ad7c2


FC-64 - assign/deassign not checking for null attrs


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/1318ad7c
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/1318ad7c
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/1318ad7c

Branch: refs/heads/master
Commit: 1318ad7c26cded619d1d43554109113e1b8c9e6f
Parents: f397ef2
Author: Shawn McKinney <sm...@apache.org>
Authored: Wed Feb 11 12:42:55 2015 -0600
Committer: Shawn McKinney <sm...@apache.org>
Committed: Wed Feb 11 12:42:55 2015 -0600

----------------------------------------------------------------------
 .../fortress/core/rbac/AdminRoleDAO.java        |  8 ++-----
 .../fortress/core/rbac/DelAdminMgrImpl.java     |  1 +
 .../directory/fortress/core/rbac/UserP.java     | 24 +++++++++++++++++++-
 3 files changed, 26 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/1318ad7c/src/main/java/org/apache/directory/fortress/core/rbac/AdminRoleDAO.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rbac/AdminRoleDAO.java b/src/main/java/org/apache/directory/fortress/core/rbac/AdminRoleDAO.java
index b9b97d8..396cfc7 100755
--- a/src/main/java/org/apache/directory/fortress/core/rbac/AdminRoleDAO.java
+++ b/src/main/java/org/apache/directory/fortress/core/rbac/AdminRoleDAO.java
@@ -681,16 +681,12 @@ final class AdminRoleDAO extends ApacheDsDataProvider
         entity.setOccupants( getAttributes( le, ROLE_OCCUPANT ) );
         entity.setOsP( getAttributeSet( le, ROLE_OSP ) );
         entity.setOsU( getAttributeSet( le, ROLE_OSU ) );
-        unloadTemporal( le, entity );
         entity.setName( getAttribute( le, SchemaConstants.CN_AT ) );
+        unloadTemporal( le, entity );
         entity.setRoleRangeRaw( getAttribute( le, ROLE_RANGE ) );
         //entity.setParents(AdminRoleUtil.getParents(entity.getName().toUpperCase(), contextId));
         entity.setParents( getAttributeSet( le, GlobalIds.PARENT_NODES ) );
-        Set<String> children = AdminRoleUtil.getChildren( entity.getName().toUpperCase(), contextId );
-        if(VUtil.isNotNullOrEmpty( children ))
-        {
-            entity.setChildren( children );
-        }
+        entity.setChildren( AdminRoleUtil.getChildren( entity.getName().toUpperCase(), contextId ) );
         return entity;
     }
 

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/1318ad7c/src/main/java/org/apache/directory/fortress/core/rbac/DelAdminMgrImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rbac/DelAdminMgrImpl.java b/src/main/java/org/apache/directory/fortress/core/rbac/DelAdminMgrImpl.java
index 94d5cb0..aa4d5f5 100755
--- a/src/main/java/org/apache/directory/fortress/core/rbac/DelAdminMgrImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/rbac/DelAdminMgrImpl.java
@@ -260,6 +260,7 @@ public final class DelAdminMgrImpl extends Manageable implements DelAdminMgr
     {
         String methodName = "assignUser";
         assertContext(CLS_NM, methodName, uAdminRole, GlobalErrIds.ARLE_NULL);
+
         setEntitySession(CLS_NM, methodName, uAdminRole);
 
         AdminRole adminRole = new AdminRole(uAdminRole.getName());

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/1318ad7c/src/main/java/org/apache/directory/fortress/core/rbac/UserP.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rbac/UserP.java b/src/main/java/org/apache/directory/fortress/core/rbac/UserP.java
index be306bb..1ed79dd 100755
--- a/src/main/java/org/apache/directory/fortress/core/rbac/UserP.java
+++ b/src/main/java/org/apache/directory/fortress/core/rbac/UserP.java
@@ -625,11 +625,11 @@ public final class UserP
      */
     final String assign( UserRole uRole ) throws SecurityException
     {
+        validate( uRole );
         // "assign" custom Fortress role data, i.e. temporal constraints, onto the user node:
         return uDao.assign( uRole );
     }
 
-
     /**
      * This command deletes the assignment of the User from the Role entities. The command is
      * valid if and only if the user is a member of the USERS data set, the role is a member of
@@ -646,6 +646,7 @@ public final class UserP
      */
     final String deassign( UserRole uRole ) throws SecurityException
     {
+        validate( uRole );
         // "deassign" custom Fortress role data from the user's node:
         return uDao.deassign( uRole );
     }
@@ -677,6 +678,7 @@ public final class UserP
      */
     final String assign( UserAdminRole uRole ) throws SecurityException
     {
+        validate( uRole );
         // Assign custom Fortress role data, i.e. temporal constraints, onto the user node:
         return uDao.assign( uRole );
     }
@@ -696,12 +698,32 @@ public final class UserP
      */
     final String deassign( UserAdminRole uRole ) throws SecurityException
     {
+        validate( uRole );
         // Deassign custom Fortress role data from the user's node:
         return uDao.deassign( uRole );
     }
 
 
     /**
+     * Ensure that the passed in variable has the correct fields set.
+     *
+     * @param uRole - name and userId must be checked.
+     * @throws ValidationException - if either are null or empty.
+     */
+    private void validate( UserRole uRole ) throws ValidationException
+    {
+        if(!VUtil.isNotNullOrEmpty( uRole.getUserId() ) )
+        {
+            throw new ValidationException( GlobalErrIds.USER_ID_NULL, CLS_NM + ".validate userId is NULL" );
+        }
+        if(!VUtil.isNotNullOrEmpty( uRole.getName() ) )
+        {
+            throw new ValidationException( GlobalErrIds.ROLE_NM_NULL, CLS_NM + ".validate name is NULL" );
+        }
+    }
+
+
+    /**
      * Method will perform various validations to ensure the integrity of the User entity targeted for insertion
      * or updating in directory.  For example the ou attribute will be "read" from the OrgUnit dataset to ensure
      * that it is valid.  Data reasonability checks will be performed on all non-null attributes.