You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2015/02/11 19:43:06 UTC
directory-fortress-core git commit: FC-64 - assign/deassign not
checking for null attrs
Repository: directory-fortress-core
Updated Branches:
refs/heads/master f397ef2eb -> 1318ad7c2
FC-64 - assign/deassign not checking for null attrs
Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/1318ad7c
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/1318ad7c
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/1318ad7c
Branch: refs/heads/master
Commit: 1318ad7c26cded619d1d43554109113e1b8c9e6f
Parents: f397ef2
Author: Shawn McKinney <sm...@apache.org>
Authored: Wed Feb 11 12:42:55 2015 -0600
Committer: Shawn McKinney <sm...@apache.org>
Committed: Wed Feb 11 12:42:55 2015 -0600
----------------------------------------------------------------------
.../fortress/core/rbac/AdminRoleDAO.java | 8 ++-----
.../fortress/core/rbac/DelAdminMgrImpl.java | 1 +
.../directory/fortress/core/rbac/UserP.java | 24 +++++++++++++++++++-
3 files changed, 26 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/1318ad7c/src/main/java/org/apache/directory/fortress/core/rbac/AdminRoleDAO.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rbac/AdminRoleDAO.java b/src/main/java/org/apache/directory/fortress/core/rbac/AdminRoleDAO.java
index b9b97d8..396cfc7 100755
--- a/src/main/java/org/apache/directory/fortress/core/rbac/AdminRoleDAO.java
+++ b/src/main/java/org/apache/directory/fortress/core/rbac/AdminRoleDAO.java
@@ -681,16 +681,12 @@ final class AdminRoleDAO extends ApacheDsDataProvider
entity.setOccupants( getAttributes( le, ROLE_OCCUPANT ) );
entity.setOsP( getAttributeSet( le, ROLE_OSP ) );
entity.setOsU( getAttributeSet( le, ROLE_OSU ) );
- unloadTemporal( le, entity );
entity.setName( getAttribute( le, SchemaConstants.CN_AT ) );
+ unloadTemporal( le, entity );
entity.setRoleRangeRaw( getAttribute( le, ROLE_RANGE ) );
//entity.setParents(AdminRoleUtil.getParents(entity.getName().toUpperCase(), contextId));
entity.setParents( getAttributeSet( le, GlobalIds.PARENT_NODES ) );
- Set<String> children = AdminRoleUtil.getChildren( entity.getName().toUpperCase(), contextId );
- if(VUtil.isNotNullOrEmpty( children ))
- {
- entity.setChildren( children );
- }
+ entity.setChildren( AdminRoleUtil.getChildren( entity.getName().toUpperCase(), contextId ) );
return entity;
}
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/1318ad7c/src/main/java/org/apache/directory/fortress/core/rbac/DelAdminMgrImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rbac/DelAdminMgrImpl.java b/src/main/java/org/apache/directory/fortress/core/rbac/DelAdminMgrImpl.java
index 94d5cb0..aa4d5f5 100755
--- a/src/main/java/org/apache/directory/fortress/core/rbac/DelAdminMgrImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/rbac/DelAdminMgrImpl.java
@@ -260,6 +260,7 @@ public final class DelAdminMgrImpl extends Manageable implements DelAdminMgr
{
String methodName = "assignUser";
assertContext(CLS_NM, methodName, uAdminRole, GlobalErrIds.ARLE_NULL);
+
setEntitySession(CLS_NM, methodName, uAdminRole);
AdminRole adminRole = new AdminRole(uAdminRole.getName());
http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/1318ad7c/src/main/java/org/apache/directory/fortress/core/rbac/UserP.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rbac/UserP.java b/src/main/java/org/apache/directory/fortress/core/rbac/UserP.java
index be306bb..1ed79dd 100755
--- a/src/main/java/org/apache/directory/fortress/core/rbac/UserP.java
+++ b/src/main/java/org/apache/directory/fortress/core/rbac/UserP.java
@@ -625,11 +625,11 @@ public final class UserP
*/
final String assign( UserRole uRole ) throws SecurityException
{
+ validate( uRole );
// "assign" custom Fortress role data, i.e. temporal constraints, onto the user node:
return uDao.assign( uRole );
}
-
/**
* This command deletes the assignment of the User from the Role entities. The command is
* valid if and only if the user is a member of the USERS data set, the role is a member of
@@ -646,6 +646,7 @@ public final class UserP
*/
final String deassign( UserRole uRole ) throws SecurityException
{
+ validate( uRole );
// "deassign" custom Fortress role data from the user's node:
return uDao.deassign( uRole );
}
@@ -677,6 +678,7 @@ public final class UserP
*/
final String assign( UserAdminRole uRole ) throws SecurityException
{
+ validate( uRole );
// Assign custom Fortress role data, i.e. temporal constraints, onto the user node:
return uDao.assign( uRole );
}
@@ -696,12 +698,32 @@ public final class UserP
*/
final String deassign( UserAdminRole uRole ) throws SecurityException
{
+ validate( uRole );
// Deassign custom Fortress role data from the user's node:
return uDao.deassign( uRole );
}
/**
+ * Ensure that the passed in variable has the correct fields set.
+ *
+ * @param uRole - name and userId must be checked.
+ * @throws ValidationException - if either are null or empty.
+ */
+ private void validate( UserRole uRole ) throws ValidationException
+ {
+ if(!VUtil.isNotNullOrEmpty( uRole.getUserId() ) )
+ {
+ throw new ValidationException( GlobalErrIds.USER_ID_NULL, CLS_NM + ".validate userId is NULL" );
+ }
+ if(!VUtil.isNotNullOrEmpty( uRole.getName() ) )
+ {
+ throw new ValidationException( GlobalErrIds.ROLE_NM_NULL, CLS_NM + ".validate name is NULL" );
+ }
+ }
+
+
+ /**
* Method will perform various validations to ensure the integrity of the User entity targeted for insertion
* or updating in directory. For example the ou attribute will be "read" from the OrgUnit dataset to ensure
* that it is valid. Data reasonability checks will be performed on all non-null attributes.