You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by vt...@apache.org on 2004/03/10 00:39:24 UTC
svn commit: rev 9317 - in incubator/directory/janus/trunk: core/api/src/java/org/apache/janus/authorization/role core/impl/src/java/org/apache/janus/authorization/role core/impl/src/test/org/apache/janus/authorization/role sandbox/src/java/org/apache/janus/authentication sandbox/src/java/org/apache/janus/script sandbox/src/java/org/apache/janus/script/xml sandbox/src/test/org/apache/janus/authentication sandbox/src/test/org/apache/janus/script/xml script/src/java/org/apache/janus/script/xml script/src/test/org/apache/janus/script/xml
Author: vtence
Date: Tue Mar 9 15:39:22 2004
New Revision: 9317
Added:
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java
incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java
Removed:
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/NullRealmBuilderMonitor.java
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/RealmBuilder.java
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/RealmBuilderMonitor.java
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRealmBuilder.java
incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authentication/
incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRealmBuilderTest.java
incubator/directory/janus/trunk/script/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java
incubator/directory/janus/trunk/script/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java
Modified:
incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java
incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java
incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java
incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java
Log:
o Work in progress (DIR-45)
Modified: incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java
==============================================================================
--- incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java (original)
+++ incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java Tue Mar 9 15:39:22 2004
@@ -23,5 +23,7 @@
*/
public interface MutableRoleManager extends RoleManager
{
- void addPrincipalToRole( String roleName, Principal p );
+ boolean addPrincipalToRole( String roleName, Principal p );
+
+ boolean addRole( String roleName );
}
Modified: incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java (original)
+++ incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java Tue Mar 9 15:39:22 2004
@@ -17,31 +17,31 @@
package org.apache.janus.authorization.role;
import java.security.Principal;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Iterator;
import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
/**
* @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
*/
public class DefaultRoleManager implements MutableRoleManager
{
- private final Collection m_roles;
+ private final Map m_roles;
public DefaultRoleManager()
{
- this( Collections.EMPTY_SET );
+ this( Collections.EMPTY_MAP );
}
- protected DefaultRoleManager( Collection roles )
+ protected DefaultRoleManager( Map roles )
{
- m_roles = new ArrayList( roles );
+ m_roles = new HashMap( roles );
}
public boolean isPrincipalInRole( Principal p, Grant grant )
{
- for ( Iterator it = m_roles.iterator(); it.hasNext(); )
+ for ( Iterator it = m_roles.values().iterator(); it.hasNext(); )
{
RoleMapping mapping = (RoleMapping) it.next();
if ( mapping.inRole( p ) && mapping.given( grant ) ) return true;
@@ -50,16 +50,39 @@
return false;
}
- public void addRole( String roleName )
+ public boolean addRole( String roleName )
{
+ if ( roleExists( roleName ) ) return false;
+
RoleMapping mapping = new RoleMapping( roleName );
- m_roles.add( mapping );
+ m_roles.put( roleName, mapping );
+
+ return true;
}
- public void addPrincipalToRole( String roleName, Principal p )
+ private boolean roleExists( String roleName )
{
- RoleMapping mapping = new RoleMapping( roleName );
- mapping.addPrincipal( p );
- m_roles.add( mapping );
+ return m_roles.containsKey( roleName );
+ }
+
+ public boolean addPrincipalToRole( String roleName, Principal p )
+ {
+ RoleMapping mapping = getRole( roleName );
+ if ( mapping == null ) throw new IllegalArgumentException( "Role is undefined: " + roleName );
+
+ return mapping.addPrincipal( p );
+ }
+
+ private RoleMapping getRole( String roleName )
+ {
+ return (RoleMapping) m_roles.get( roleName );
+ }
+
+ public void addSubRole( String roleName, String subRoleName )
+ {
+ RoleMapping superRole = getRole( roleName );
+ RoleMapping subRole = getRole( subRoleName );
+
+ superRole.addRole( subRole );
}
}
Modified: incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java (original)
+++ incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java Tue Mar 9 15:39:22 2004
@@ -17,9 +17,11 @@
package org.apache.janus.authorization.role;
import java.security.Principal;
+import java.util.ArrayList;
import java.util.Collection;
-import java.util.HashSet;
import java.util.Collections;
+import java.util.HashSet;
+import java.util.Iterator;
/**
* @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
@@ -28,6 +30,7 @@
{
private final String m_roleName;
private final Collection m_principals;
+ private final Collection m_subRoles;
public RoleMapping( String roleName )
{
@@ -38,11 +41,20 @@
{
m_roleName = roleName;
m_principals = new HashSet( principals );
+ m_subRoles = new ArrayList();
}
public boolean inRole( Principal p )
{
- return m_principals.contains( p );
+ if ( m_principals.contains( p ) ) return true;
+
+ for ( Iterator it = m_subRoles.iterator(); it.hasNext(); )
+ {
+ RoleMapping subRoleMapping = (RoleMapping) it.next();
+ if ( subRoleMapping.inRole( p ) ) return true;
+ }
+
+ return false;
}
public boolean given( Grant g )
@@ -50,8 +62,13 @@
return g.given( m_roleName );
}
- public void addPrincipal( Principal p )
+ public boolean addPrincipal( Principal p )
+ {
+ return m_principals.add( p );
+ }
+
+ public void addRole( RoleMapping mapping )
{
- m_principals.add( p );
+ m_subRoles.add( mapping );
}
}
Modified: incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java (original)
+++ incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java Tue Mar 9 15:39:22 2004
@@ -17,17 +17,14 @@
package org.apache.janus.authorization.role;
import junit.framework.TestCase;
+import org.apache.janus.authentication.realm.UsernamePrincipal;
-import java.util.ArrayList;
-import java.util.Collection;
import java.util.Collections;
-
-import org.apache.janus.authentication.realm.UsernamePrincipal;
+import java.util.HashMap;
+import java.util.Map;
/**
- * test: Role added twice is ignored
- * test: Can't add principal to unknow role - what should be thrown?
- * test: Adding role to role
+ * test: adding sub role twice should be ignored
* test: Can't add role unknown role
* test: Cant't add unknown role to role
* test: Prevents role circular dependencies
@@ -45,7 +42,7 @@
public void testPrincipalWithNoRoleIsNeverInRole()
{
- m_roleManager = new DefaultRoleManager( Collections.EMPTY_SET );
+ m_roleManager = new DefaultRoleManager();
assertFalse( "Principal with no role was in role",
m_roleManager.isPrincipalInRole( john(), new Right() ) );
}
@@ -53,7 +50,7 @@
public void testSingleRole()
{
RoleMapping role = new RoleMapping( "member", Collections.singleton( john() ) );
- m_roleManager = new DefaultRoleManager( Collections.singletonList( role ) );
+ m_roleManager = new DefaultRoleManager( Collections.singletonMap( "member", role ) );
assertTrue( "Principal did not get right",
m_roleManager.isPrincipalInRole( john(), new Right() ) );
@@ -63,9 +60,9 @@
public void testMultipleRole()
{
- Collection roles = new ArrayList();
- roles.add( new RoleMapping( "guest", Collections.singleton( john() ) ) );
- roles.add( new RoleMapping( "member", Collections.singleton( john() ) ) );
+ Map roles = new HashMap();
+ roles.put( "guest", new RoleMapping( "guest", Collections.singleton( john() ) ) );
+ roles.put( "member", new RoleMapping( "member", Collections.singleton( john() ) ) );
m_roleManager = new DefaultRoleManager( roles );
assertTrue( "Role was not matched",
@@ -77,6 +74,19 @@
return new UsernamePrincipal( "johnDoe" );
}
+ public void testRoleAddition()
+ {
+ m_roleManager = new DefaultRoleManager();
+ assertTrue( "Role reported as not added", m_roleManager.addRole( "member" ) );
+ }
+
+ public void testRoleAddedTwiceIsIgnored()
+ {
+ m_roleManager = new DefaultRoleManager();
+ m_roleManager.addRole( "member" );
+ assertFalse( "Role reported as added twice", m_roleManager.addRole( "member" ) );
+ }
+
public void testRoleHasNoPrincipalByDefault()
{
m_roleManager = new DefaultRoleManager();
@@ -87,6 +97,7 @@
public void testAddingPrincipalToRoleMakesItInRole()
{
m_roleManager = new DefaultRoleManager();
+ m_roleManager.addRole( "member" );
m_roleManager.addPrincipalToRole( "member", john() );
assertTrue( m_roleManager.isPrincipalInRole( john(), new RoleGrant( "member" ) ) );
}
@@ -94,13 +105,45 @@
public void testAddingPrincipalToExistingRolePreservesPreviousPrincipals()
{
m_roleManager = new DefaultRoleManager();
+ m_roleManager.addRole( "member" );
m_roleManager.addPrincipalToRole( "member", john() );
m_roleManager.addPrincipalToRole( "member", jane() );
assertTrue( m_roleManager.isPrincipalInRole( john(), new RoleGrant( "member" ) ) );
}
+ public void testAddingPrincipalToRoleTwiceIsANoOp()
+ {
+ m_roleManager = new DefaultRoleManager();
+ m_roleManager.addRole( "member" );
+ assertTrue( m_roleManager.addPrincipalToRole( "member", john() ) );
+ assertFalse( m_roleManager.addPrincipalToRole( "member", john() ) );
+ }
+
private UsernamePrincipal jane()
{
return new UsernamePrincipal( "janeDoe" );
+ }
+
+ public void testRoleMustBeDefinedToMapPrincipals()
+ {
+ m_roleManager = new DefaultRoleManager();
+ try
+ {
+ m_roleManager.addPrincipalToRole( "undefined", john() );
+ }
+ catch ( IllegalArgumentException expected )
+ {
+ assertTrue( true );
+ }
+ }
+
+ public void testPrincipalGrantedASubRoleIsGrantedParentRole()
+ {
+ m_roleManager = new DefaultRoleManager();
+ m_roleManager.addRole( "member" );
+ m_roleManager.addRole( "vip" );
+ m_roleManager.addPrincipalToRole( "vip", john() );
+ m_roleManager.addSubRole( "member", "vip" );
+ assertTrue( m_roleManager.isPrincipalInRole( john(), new RoleGrant( "member" ) ) );
}
}
Added: incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java
==============================================================================
--- (empty file)
+++ incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java Tue Mar 9 15:39:22 2004
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.janus.script.xml;
+
+import org.apache.janus.authorization.role.MutableRoleManager;
+import org.dom4j.Document;
+import org.dom4j.DocumentException;
+import org.dom4j.Element;
+import org.dom4j.io.SAXReader;
+
+import java.io.IOException;
+import java.io.Reader;
+
+/**
+ * <strong>Warning:</strong> Document is assumed to be valid.
+ *
+ * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
+ */
+public class Dom4JRoleManagerBuilder
+{
+ private org.dom4j.Document m_doc;
+
+ public Dom4JRoleManagerBuilder( Reader reader ) throws org.dom4j.DocumentException
+ {
+ m_doc = readDocument( reader );
+ }
+
+ public void buildRoleManager( org.apache.janus.authorization.role.MutableRoleManager roleManager ) throws IOException
+ {
+ org.dom4j.Element root = m_doc.getRootElement();
+ org.dom4j.Element roles = root.element( "roles" );
+ addRoles( roleManager, roles );
+ }
+
+ private void addRoles( org.apache.janus.authorization.role.MutableRoleManager roleManager, org.dom4j.Element roles )
+ {
+ }
+
+ private org.dom4j.Document readDocument( Reader reader ) throws org.dom4j.DocumentException
+ {
+ org.dom4j.io.SAXReader xmlReader = new org.dom4j.io.SAXReader();
+ org.dom4j.Document doc = xmlReader.read( reader );
+
+ return doc;
+ }
+}
Added: incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java
==============================================================================
--- (empty file)
+++ incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java Tue Mar 9 15:39:22 2004
@@ -0,0 +1,72 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.janus.script.xml;
+
+import com.mockobjects.dynamic.C;
+import com.mockobjects.dynamic.Mock;
+import junit.framework.TestCase;
+import org.apache.janus.authentication.realm.UsernamePrincipal;
+import org.apache.janus.authorization.role.MutableRoleManager;
+
+import java.io.StringReader;
+
+/**
+ * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
+ */
+public class Dom4JRoleManagerBuilderTest extends junit.framework.TestCase
+{
+ public static void main( String[] args )
+ {
+ junit.textui.TestRunner.run( Dom4JRoleManagerBuilderTest.class );
+ }
+
+ public void testSimpleBuild() throws Exception
+ {
+ org.apache.janus.script.xml.Dom4JRoleManagerBuilder builder = new org.apache.janus.script.xml.Dom4JRoleManagerBuilder( new StringReader( simpleRoles() ) );
+
+ com.mockobjects.dynamic.Mock mockRoleManager = new com.mockobjects.dynamic.Mock( org.apache.janus.authorization.role.MutableRoleManager.class );
+ mockRoleManager.expectAndReturn( "addPrincipalToRole", com.mockobjects.dynamic.C.args( com.mockobjects.dynamic.C.eq( "member"), com.mockobjects.dynamic.C.eq( john()) ), true );
+ mockRoleManager.expectAndReturn( "addPrincipalToRole", com.mockobjects.dynamic.C.args( com.mockobjects.dynamic.C.eq( "member"), com.mockobjects.dynamic.C.eq( jane()) ), true );
+
+ builder.buildRoleManager( (MutableRoleManager) mockRoleManager.proxy() );
+
+ mockRoleManager.verify();
+ }
+
+ private String simpleRoles()
+ {
+ String content = "<?xml version=\"1.0\"?>\n"
+ + "<roles>\n"
+ + " <role name=\"member\">\n"
+ + " <user username=\"john\"/>\n"
+ + " <user username=\"jane\"/>\n"
+ + " </role>\n"
+ + "</roles>";
+ return content;
+ }
+
+ private UsernamePrincipal john()
+ {
+ return new UsernamePrincipal( "john" );
+ }
+
+
+ private UsernamePrincipal jane()
+ {
+ return new UsernamePrincipal( "jane" );
+ }
+}