directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vte...@apache.org
Subject svn commit: rev 73655 - in incubator/directory/janus/trunk/sandbox/src: java/org/apache/janus/authentication/attribute test/org/apache/janus/authentication/attribute
Date Tue, 16 Nov 2004 00:25:38 GMT
Author: vtence
Date: Mon Nov 15 16:25:37 2004
New Revision: 73655

Added:
   incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/CyclicAssociationException.java
Modified:
   incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/AttributeProvider.java
   incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authentication/attribute/AttributeProviderTest.java
Log:
Attributes can now be inherited - this should be enough to be functional

Modified: incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/AttributeProvider.java
==============================================================================
--- incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/AttributeProvider.java
(original)
+++ incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/AttributeProvider.java
Mon Nov 15 16:25:37 2004
@@ -23,6 +23,7 @@
 import java.util.Collection;
 import java.util.HashMap;
 import java.util.HashSet;
+import java.util.Iterator;
 import java.util.Map;
 
 public class AttributeProvider implements InformationProvider
@@ -44,19 +45,52 @@
         Principal[] principals = ( Principal[] ) s.getPrincipals().toArray( new Principal[s.getPrincipals().size()]
);
         for ( int i = 0; i < principals.length; i++ )
         {
-            Principal p = principals[i];
-            s.getPrincipals().addAll( attributes( p ) );
+            final Principal p = principals[i];
+            fillWithAttributes( s.getPrincipals(), p );
         }
     }
 
     public boolean addAllAttributes( Principal principal, Collection attributes )
     {
-        return attributes( principal ).addAll( attributes );
+        boolean modified = false;
+        for ( Iterator it = attributes.iterator(); it.hasNext(); )
+        {
+            Principal attribute = ( Principal ) it.next();
+            modified |= addAttribute( principal, attribute );
+        }
+
+        return modified;
     }
 
     public boolean addAttribute( Principal principal, Principal attribute )
     {
+        detectCyclicAssociation( attribute, principal );
         return attributes( principal ).add( attribute );
+    }
+
+    private void detectCyclicAssociation( Principal attribute, Principal principal )
+    {
+        Collection attributes = getAllAttributes( attribute );
+        if ( attributes.contains( principal ) ) throw new CyclicAssociationException( principal,
attribute );
+    }
+
+    private Collection getAllAttributes( Principal principal )
+    {
+        final Collection attributes = new HashSet();
+        fillWithAttributes( attributes, principal );
+        return attributes;
+    }
+
+    private void fillWithAttributes( Collection principals, Principal p )
+    {
+        final Collection attributes = attributes( p );
+
+        for ( Iterator it = attributes.iterator(); it.hasNext(); )
+        {
+            Principal attribute = ( Principal ) it.next();
+            principals.add( attribute );
+            fillWithAttributes( principals, attribute );
+        }
     }
 
     private Collection attributes( Principal principal )

Added: incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/CyclicAssociationException.java
==============================================================================
--- (empty file)
+++ incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/authentication/attribute/CyclicAssociationException.java
Mon Nov 15 16:25:37 2004
@@ -0,0 +1,48 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.janus.authentication.attribute;
+
+import java.security.Principal;
+
+public class CyclicAssociationException extends RuntimeException
+{
+    private final Principal m_principal;
+    private final Principal m_attribute;
+
+    public CyclicAssociationException( Principal principal, Principal attribute )
+    {
+        m_principal = principal;
+        m_attribute = attribute;
+    }
+
+    public String getMessage()
+    {
+        final StringBuffer sb = new StringBuffer();
+        sb.append( "Cyclic association detected between [" ).append( m_principal ).append(
"] and [" ).append( m_attribute ).append( "]" );
+        return sb.toString();
+    }
+
+    public Principal getPrincipal()
+    {
+        return m_principal;
+    }
+
+    public Principal getAttribute()
+    {
+        return m_attribute;
+    }
+}

Modified: incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authentication/attribute/AttributeProviderTest.java
==============================================================================
--- incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authentication/attribute/AttributeProviderTest.java
(original)
+++ incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authentication/attribute/AttributeProviderTest.java
Mon Nov 15 16:25:37 2004
@@ -21,7 +21,6 @@
 import org.apache.janus.testmodel.Groups;
 import org.apache.janus.testmodel.Subjects;
 import org.apache.janus.testmodel.Usernames;
-import org.apache.janus.authentication.group.GroupPrincipal;
 
 import javax.security.auth.Subject;
 import java.security.Principal;
@@ -38,10 +37,6 @@
         m_provider = new AttributeProvider();
     }
 
-    /**
-     * o population traverses entire graph of associations
-     */
-
     public void testPopulatesSubjectWithAttributesOfSubjectPrincipal()
     {
         Collection groups = Arrays.asList( new Principal[] { Groups.geeks(), Groups.men()
});
@@ -54,7 +49,6 @@
 
     public void testLooksAtAllSubjectPrincipalsWhenPopulating()
     {
-        m_provider = new AttributeProvider();
         m_provider.addAttribute( Usernames.joe(), Groups.geeks() );
         m_provider.addAttribute( Groups.canadians(), Groups.men() );
 
@@ -67,7 +61,6 @@
 
     public void testPrincipalHasNoAttributeByDefault()
     {
-        m_provider = new AttributeProvider();
         Subject joe = Subjects.joe();
         m_provider.populate( joe );
 
@@ -78,7 +71,6 @@
 
     public void testDuplicateAttributesAreIgnored()
     {
-        m_provider = new AttributeProvider();
         assertTrue( m_provider.addAttribute( Usernames.joe(), Groups.geeks() ) );
         assertFalse( m_provider.addAttribute( Usernames.joe(), Groups.geeks() ) );
 
@@ -88,5 +80,33 @@
         Collection expectedPrincipals = Collections.singleton( Groups.geeks() );
         Collection actualPrincipals = joe.getPrincipals( GroupPrincipal.class );
         assertTrue( CollectionUtils.isEqualCollection( expectedPrincipals, actualPrincipals
) );
+    }
+
+    public void testAttributesAreInheritedFromOtherAttributes()
+    {
+        m_provider.addAttribute( Usernames.joe(), Groups.canadians() );
+        m_provider.addAttribute( Groups.canadians(), Groups.geeks() );
+        m_provider.addAttribute( Groups.geeks(), Groups.men() );
+
+        Subject joe = Subjects.joe();
+        m_provider.populate( joe );
+
+        Collection expectedPrincipals = Arrays.asList( new Principal[] { Groups.canadians(),
Groups.geeks(), Groups.men() } );
+        assertTrue( CollectionUtils.isSubCollection( expectedPrincipals, joe.getPrincipals()));
+    }
+
+    public void testForbidsCyclicAttributesAssociations()
+    {
+        m_provider.addAttribute( Groups.canadians(), Groups.men() );
+        m_provider.addAttribute( Groups.men(), Groups.geeks() );
+        try
+        {
+            m_provider.addAttribute( Groups.geeks(), Groups.canadians() );
+            fail("Cyclic associations are allowed");
+        }
+        catch ( CyclicAssociationException e )
+        {
+            assertTrue( true );
+        }
     }
 }

Mime
View raw message