directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vte...@apache.org
Subject svn commit: rev 9335 - in incubator/directory/janus/trunk: core/api/src/java/org/apache/janus/authorization/role core/impl/src/java/org/apache/janus/authorization/role core/impl/src/test/org/apache/janus/authorization/role sandbox/src/java/org/apache/janus/script/xml sandbox/src/test/org/apache/janus/script/xml
Date Wed, 10 Mar 2004 05:27:29 GMT
Author: vtence
Date: Tue Mar  9 21:27:28 2004
New Revision: 9335

Modified:
   incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java
   incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java
   incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java
   incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java
   incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java
   incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java
Log:
o Work in progress (DIR-45)

Modified: incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java
==============================================================================
--- incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java
(original)
+++ incubator/directory/janus/trunk/core/api/src/java/org/apache/janus/authorization/role/MutableRoleManager.java
Tue Mar  9 21:27:28 2004
@@ -26,4 +26,6 @@
     boolean addPrincipalToRole( String roleName, Principal p );
 
     boolean addRole( String roleName );
+
+    boolean addSubRole( String roleName, String subRoleName );
 }

Modified: incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java
(original)
+++ incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/DefaultRoleManager.java
Tue Mar  9 21:27:28 2004
@@ -67,22 +67,33 @@
 
     public boolean addPrincipalToRole( String roleName, Principal p )
     {
+        assertRoleExists( roleName );
         RoleMapping mapping = getRole( roleName );
-        if ( mapping == null ) throw new IllegalArgumentException( "Role is undefined: "
+ roleName );
 
         return mapping.addPrincipal( p );
     }
 
+    private void assertRoleExists( String roleName )
+    {
+        if ( !roleExists( roleName ) )
+        {
+            throw new IllegalArgumentException( "Role is undefined: " + roleName );
+        }
+    }
+
     private RoleMapping getRole( String roleName )
     {
         return (RoleMapping) m_roles.get( roleName );
     }
 
-    public void addSubRole( String roleName, String subRoleName )
+    public boolean addSubRole( String roleName, String subRoleName )
     {
+        assertRoleExists( roleName );
+        assertRoleExists( subRoleName );
         RoleMapping superRole = getRole( roleName );
         RoleMapping subRole = getRole( subRoleName );
+        if ( subRole.inRole( roleName ) ) throw new IllegalArgumentException( "Role circular
dependency detected" );
 
-        superRole.addRole( subRole );
+        return superRole.addRole( subRole );
     }
 }

Modified: incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java
(original)
+++ incubator/directory/janus/trunk/core/impl/src/java/org/apache/janus/authorization/role/RoleMapping.java
Tue Mar  9 21:27:28 2004
@@ -17,11 +17,12 @@
 package org.apache.janus.authorization.role;
 
 import java.security.Principal;
-import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
+import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
+import java.util.Map;
 
 /**
  * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
@@ -30,7 +31,7 @@
 {
     private final String m_roleName;
     private final Collection m_principals;
-    private final Collection m_subRoles;
+    private final Map m_subRoles;
 
     public RoleMapping( String roleName )
     {
@@ -41,14 +42,14 @@
     {
         m_roleName = roleName;
         m_principals = new HashSet( principals );
-        m_subRoles = new ArrayList();
+        m_subRoles = new HashMap();
     }
 
     public boolean inRole( Principal p )
     {
         if ( m_principals.contains( p ) ) return true;
 
-        for ( Iterator it = m_subRoles.iterator(); it.hasNext(); )
+        for ( Iterator it = m_subRoles.values().iterator(); it.hasNext(); )
         {
             RoleMapping subRoleMapping = (RoleMapping) it.next();
             if ( subRoleMapping.inRole( p ) ) return true;
@@ -57,6 +58,19 @@
         return false;
     }
 
+    public boolean inRole( String roleName )
+    {
+        if ( subRoleExists( roleName ) ) return true;
+
+        for ( Iterator it = m_subRoles.values().iterator(); it.hasNext(); )
+        {
+            final RoleMapping subRoleMapping = (RoleMapping) it.next();
+            if ( subRoleMapping.inRole( roleName ) ) return true;
+        }
+
+        return false;
+    }
+
     public boolean given( Grant g )
     {
         return g.given( m_roleName );
@@ -67,8 +81,17 @@
         return m_principals.add( p );
     }
 
-    public void addRole( RoleMapping mapping )
+    public boolean addRole( RoleMapping role )
+    {
+        if ( subRoleExists( role.m_roleName ) ) return false;
+
+        m_subRoles.put( role.m_roleName, role );
+
+        return true;
+    }
+
+    private boolean subRoleExists( String roleName )
     {
-        m_subRoles.add( mapping );
+        return m_subRoles.containsKey( roleName );
     }
 }

Modified: incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java
==============================================================================
--- incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java
(original)
+++ incubator/directory/janus/trunk/core/impl/src/test/org/apache/janus/authorization/role/DefaultRoleManagerTest.java
Tue Mar  9 21:27:28 2004
@@ -24,11 +24,6 @@
 import java.util.Map;
 
 /**
- * test: adding sub role twice should be ignored
- * test: Can't add role unknown role
- * test: Cant't add unknown role to role
- * test: Prevents role circular dependencies
- *
  * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
  */
 public class DefaultRoleManagerTest extends TestCase
@@ -130,6 +125,7 @@
         try
         {
             m_roleManager.addPrincipalToRole( "undefined", john() );
+            fail( "Added principal to undefined role" );
         }
         catch ( IllegalArgumentException expected )
         {
@@ -146,4 +142,82 @@
         m_roleManager.addSubRole( "member", "vip" );
         assertTrue( m_roleManager.isPrincipalInRole( john(), new RoleGrant( "member" ) )
);
     }
+
+    public void testAddingSubRoleTwiceIsANoOp()
+    {
+        m_roleManager = new DefaultRoleManager();
+        m_roleManager.addRole( "member" );
+        m_roleManager.addRole( "vip" );
+        assertTrue( m_roleManager.addSubRole( "member", "vip" ) );
+        assertFalse( m_roleManager.addSubRole( "member", "vip" ) );
+    }
+
+    public void testEnforcesSubRoleDefinition()
+    {
+        m_roleManager = new DefaultRoleManager();
+        m_roleManager.addRole( "member" );
+        try
+        {
+            m_roleManager.addSubRole( "member", "vip" );
+            fail( "Added undefined sub role" );
+        }
+        catch ( IllegalArgumentException expected )
+        {
+            assertTrue( true );
+        }
+    }
+
+    public void testParentRoleMustBeDefinedToAddSubRoles()
+    {
+        m_roleManager = new DefaultRoleManager();
+        m_roleManager.addRole( "vip" );
+        try
+        {
+            m_roleManager.addSubRole( "member", "vip" );
+            fail( "Added sub role to undefined role" );
+        }
+        catch ( IllegalArgumentException expected )
+        {
+            assertTrue( true );
+        }
+    }
+
+    public void testPreventsCircularDependenciesBetweenRoles()
+    {
+        m_roleManager = new DefaultRoleManager();
+        m_roleManager.addRole( "member" );
+        m_roleManager.addRole( "vip" );
+        m_roleManager.addSubRole( "member", "vip" );
+
+        try
+        {
+            m_roleManager.addSubRole( "vip", "member" );
+            fail( "Role circular dependency not detected" );
+        }
+        catch ( IllegalArgumentException expected )
+        {
+            assertTrue( true );
+        }
+    }
+
+    public void testPreventsDeepCircularDependenciesBetweenRoles()
+    {
+        m_roleManager = new DefaultRoleManager();
+        m_roleManager.addRole( "member" );
+        m_roleManager.addRole( "vip" );
+        m_roleManager.addRole( "executive" );
+        m_roleManager.addSubRole( "member", "vip" );
+        m_roleManager.addSubRole( "vip", "executive" );
+
+        try
+        {
+            m_roleManager.addSubRole( "executive", "member" );
+            fail( "Role circular dependency not detected" );
+        }
+        catch ( IllegalArgumentException expected )
+        {
+            assertTrue( true );
+        }
+    }
+
 }

Modified: incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java
==============================================================================
--- incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java
(original)
+++ incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JRoleManagerBuilder.java
Tue Mar  9 21:27:28 2004
@@ -17,6 +17,7 @@
 package org.apache.janus.script.xml;
 
 import org.apache.janus.authorization.role.MutableRoleManager;
+import org.apache.janus.authentication.realm.UsernamePrincipal;
 import org.dom4j.Document;
 import org.dom4j.DocumentException;
 import org.dom4j.Element;
@@ -24,6 +25,9 @@
 
 import java.io.IOException;
 import java.io.Reader;
+import java.util.List;
+import java.util.Iterator;
+import java.security.Principal;
 
 /**
  * <strong>Warning:</strong> Document is assumed to be valid.
@@ -32,28 +36,52 @@
  */
 public class Dom4JRoleManagerBuilder
 {
-    private org.dom4j.Document m_doc;
+    private Document m_doc;
 
-    public Dom4JRoleManagerBuilder( Reader reader ) throws org.dom4j.DocumentException
+    public Dom4JRoleManagerBuilder( Reader reader ) throws DocumentException
     {
         m_doc = readDocument( reader );
     }
 
-    public void buildRoleManager( org.apache.janus.authorization.role.MutableRoleManager
roleManager ) throws IOException
+    public void buildRoleManager( MutableRoleManager roleManager ) throws IOException
     {
-        org.dom4j.Element root = m_doc.getRootElement();
-        org.dom4j.Element roles = root.element( "roles" );
-        addRoles( roleManager, roles );
+        Element root = m_doc.getRootElement();
+        addRoles( roleManager, root );
     }
 
-    private void addRoles( org.apache.janus.authorization.role.MutableRoleManager roleManager,
org.dom4j.Element roles )
+    private void addRoles( MutableRoleManager roleManager, Element roles )
     {
+        List roleList = roles.elements( "role" );
+
+        for ( Iterator it = roleList.iterator(); it.hasNext(); )
+        {
+            final Element element = (Element) it.next();
+            String roleName = element.attributeValue( "name" );
+            roleManager.addRole( roleName );
+
+            addUsersToRole( roleManager, roleName, element);
+        }
+    }
+
+    private void addUsersToRole( MutableRoleManager roleManager,
+                                 String roleName,
+                                 Element role )
+    {
+        List userList = role.elements( "user" );
+
+        for ( Iterator it = userList.iterator(); it.hasNext(); )
+        {
+            final Element element = (Element) it.next();
+            String username = element.attributeValue( "username" );
+            Principal user = new UsernamePrincipal( username );
+            roleManager.addPrincipalToRole( roleName,  user );
+        }
     }
 
-    private org.dom4j.Document readDocument( Reader reader ) throws org.dom4j.DocumentException
+    private Document readDocument( Reader reader ) throws DocumentException
     {
-        org.dom4j.io.SAXReader xmlReader = new org.dom4j.io.SAXReader();
-        org.dom4j.Document doc = xmlReader.read( reader );
+        SAXReader xmlReader = new SAXReader();
+        Document doc = xmlReader.read( reader );
 
         return doc;
     }

Modified: incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java
==============================================================================
--- incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java
(original)
+++ incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JRoleManagerBuilderTest.java
Tue Mar  9 21:27:28 2004
@@ -18,7 +18,6 @@
 
 import com.mockobjects.dynamic.C;
 import com.mockobjects.dynamic.Mock;
-import junit.framework.TestCase;
 import org.apache.janus.authentication.realm.UsernamePrincipal;
 import org.apache.janus.authorization.role.MutableRoleManager;
 
@@ -34,26 +33,55 @@
         junit.textui.TestRunner.run( Dom4JRoleManagerBuilderTest.class );
     }
 
-    public void testSimpleBuild() throws Exception
+    public void testEmptyRolesBuild() throws Exception
     {
-        org.apache.janus.script.xml.Dom4JRoleManagerBuilder builder = new org.apache.janus.script.xml.Dom4JRoleManagerBuilder(
new StringReader( simpleRoles() ) );
+        Dom4JRoleManagerBuilder builder = new Dom4JRoleManagerBuilder(
+                new StringReader( emptyRolesDefinition() ) );
 
-        com.mockobjects.dynamic.Mock mockRoleManager = new com.mockobjects.dynamic.Mock(
org.apache.janus.authorization.role.MutableRoleManager.class );
-        mockRoleManager.expectAndReturn( "addPrincipalToRole", com.mockobjects.dynamic.C.args(
com.mockobjects.dynamic.C.eq( "member"), com.mockobjects.dynamic.C.eq( john()) ), true );
-        mockRoleManager.expectAndReturn( "addPrincipalToRole", com.mockobjects.dynamic.C.args(
com.mockobjects.dynamic.C.eq( "member"), com.mockobjects.dynamic.C.eq( jane()) ), true );
+        Mock mockRoleManager = new Mock( MutableRoleManager.class );
+        mockRoleManager.expectAndReturn( "addRole", "member", true );
+        mockRoleManager.expectAndReturn( "addRole", "vip", true );
 
         builder.buildRoleManager( (MutableRoleManager) mockRoleManager.proxy() );
 
         mockRoleManager.verify();
     }
 
-    private String simpleRoles()
+    private String emptyRolesDefinition()
+    {
+        String content = "<?xml version=\"1.0\"?>\n"
+                         + "<roles>\n"
+                         + "    <role name=\"member\"/>\n"
+                         + "    <role name=\"vip\"/>\n"
+                         + "</roles>";
+        return content;
+    }
+
+    public void testSimpleRolesBuild() throws Exception
+    {
+        Dom4JRoleManagerBuilder builder = new Dom4JRoleManagerBuilder(
+                new StringReader( simpleRolesDefinition() ) );
+
+        Mock mockRoleManager = new Mock( MutableRoleManager.class );
+        mockRoleManager.matchAndReturn( "addRole", C.ANY_ARGS, true );
+
+        mockRoleManager.expectAndReturn( "addPrincipalToRole",
+                C.args( C.eq( "member" ), C.eq( john() ) ), true );
+        mockRoleManager.expectAndReturn( "addPrincipalToRole",
+                C.args( C.eq( "member" ), C.eq( jane() ) ), true );
+
+        builder.buildRoleManager( (MutableRoleManager) mockRoleManager.proxy() );
+
+        mockRoleManager.verify();
+    }
+
+    private String simpleRolesDefinition()
     {
         String content = "<?xml version=\"1.0\"?>\n"
                          + "<roles>\n"
                          + "    <role name=\"member\">\n"
-                         + "        <user username=\"john\"/>\n"
-                         + "        <user username=\"jane\"/>\n"
+                         + "        <user username=\"john\"/>"
+                         + "        <user username=\"jane\"/>"
                          + "    </role>\n"
                          + "</roles>";
         return content;
@@ -63,7 +91,6 @@
     {
         return new UsernamePrincipal( "john" );
     }
-
 
     private UsernamePrincipal jane()
     {

Mime
View raw message