directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From akaras...@apache.org
Subject svn commit: r376623 [6/38] - in /directory/sandbox/akarasulu/rc1/apacheds: core-plugin/src/main/java/org/apache/directory/server/core/tools/schema/ core-plugin/src/test/java/org/apache/directory/server/core/tools/schema/ core-shared/src/main/java/org/a...
Date Fri, 10 Feb 2006 10:49:57 GMT
Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
  */
 package org.apache.directory.server.core.authn;
 
+
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.Collection;
@@ -40,6 +41,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+
 /**
  * A simple {@link Authenticator} that authenticates clear text passwords
  * contained within the <code>userPassword</code> attribute in DIT. If the
@@ -71,7 +73,7 @@
     /**
      * Creates a new instance.
      */
-    public SimpleAuthenticator( )
+    public SimpleAuthenticator()
     {
         super( "simple" );
     }
@@ -101,7 +103,7 @@
 
         String principal;
 
-        if ( ! ctx.getEnvironment().containsKey( Context.SECURITY_PRINCIPAL ) )
+        if ( !ctx.getEnvironment().containsKey( Context.SECURITY_PRINCIPAL ) )
         {
             throw new LdapAuthenticationException();
         }
@@ -124,14 +126,15 @@
 
         try
         {
-            userEntry = proxy.lookup( principalDn, new String[] { "userPassword" }, USERLOOKUP_BYPASS );
+            userEntry = proxy.lookup( principalDn, new String[]
+                { "userPassword" }, USERLOOKUP_BYPASS );
 
             if ( userEntry == null )
             {
                 throw new LdapAuthenticationException( "Failed to lookup user for authentication: " + principal );
             }
         }
-        catch( Exception cause )
+        catch ( Exception cause )
         {
             log.error( "Authentication error : " + cause.getMessage() );
             LdapAuthenticationException e = new LdapAuthenticationException();
@@ -139,7 +142,6 @@
             throw e;
         }
 
-
         Object userPassword;
 
         Attribute userPasswordAttr = userEntry.get( "userPassword" );
@@ -148,42 +150,58 @@
 
         boolean credentialsMatch = false;
 
-        if (userPasswordAttr == null) {
+        if ( userPasswordAttr == null )
+        {
             userPassword = ArrayUtils.EMPTY_BYTE_ARRAY;
-        } else {
+        }
+        else
+        {
             userPassword = userPasswordAttr.get();
 
-            if (userPassword instanceof String) {
-                userPassword = ((String) userPassword).getBytes();
+            if ( userPassword instanceof String )
+            {
+                userPassword = ( ( String ) userPassword ).getBytes();
             }
         }
 
         // Check if password is stored as a message digest, i.e. one-way
         // encrypted
-        if (this.isPasswordOneWayEncrypted(userPassword)) {
-            try {
+        if ( this.isPasswordOneWayEncrypted( userPassword ) )
+        {
+            try
+            {
                 // create a corresponding digested password from creds
-                String algorithm = this.getAlgorithmForHashedPassword(userPassword);
-                String digestedCredits = this.createDigestedPassword(algorithm, creds);
+                String algorithm = this.getAlgorithmForHashedPassword( userPassword );
+                String digestedCredits = this.createDigestedPassword( algorithm, creds );
 
-                credentialsMatch = ArrayUtils.isEquals(digestedCredits.getBytes(), userPassword);
-            } catch (NoSuchAlgorithmException nsae) {
-                log.warn("Password stored with unknown algorithm.", nsae);
-            } catch (IllegalArgumentException e) {
-                log.warn("Exception during authentication", e);
+                credentialsMatch = ArrayUtils.isEquals( digestedCredits.getBytes(), userPassword );
+            }
+            catch ( NoSuchAlgorithmException nsae )
+            {
+                log.warn( "Password stored with unknown algorithm.", nsae );
             }
-        } else {
+            catch ( IllegalArgumentException e )
+            {
+                log.warn( "Exception during authentication", e );
+            }
+        }
+        else
+        {
             // password is not stored one-way encrypted
-            credentialsMatch = ArrayUtils.isEquals(creds, userPassword);
+            credentialsMatch = ArrayUtils.isEquals( creds, userPassword );
         }
 
-        if (credentialsMatch) {
-            return new LdapPrincipal(principalDn, AuthenticationLevel.SIMPLE);
-        } else {
+        if ( credentialsMatch )
+        {
+            return new LdapPrincipal( principalDn, AuthenticationLevel.SIMPLE );
+        }
+        else
+        {
             throw new LdapAuthenticationException();
         }
     }
 
+
     /**
      * Checks if the argument is one-way encryped. If it is a string or a
      * byte-array which looks like "{XYZ}...", and XYZ is a known lessage
@@ -194,17 +212,21 @@
      *            agument, either a string or a byte-array
      * @return true, if the value is a digested password with algorithm included
      */
-    protected boolean isPasswordOneWayEncrypted(Object password)
+    protected boolean isPasswordOneWayEncrypted( Object password )
     {
         boolean result = false;
-        try {
-            String algorithm = getAlgorithmForHashedPassword(password);
-            result = (algorithm != null);
-        } catch (IllegalArgumentException ignored) {
+        try
+        {
+            String algorithm = getAlgorithmForHashedPassword( password );
+            result = ( algorithm != null );
+        }
+        catch ( IllegalArgumentException ignored )
+        {
         }
         return result;
     }
 
+
     /**
      * Get the algorithm of a password, which is stored in the form "{XYZ}...".
      * The method returns null, if the argument is not in this form. It returns
@@ -215,34 +237,45 @@
      *            either a String or a byte[]
      * @return included message digest alorithm, if any
      */
-    protected String getAlgorithmForHashedPassword(Object password) throws IllegalArgumentException
+    protected String getAlgorithmForHashedPassword( Object password ) throws IllegalArgumentException
     {
         String result = null;
 
         // Check if password arg is string or byte[]
         String sPassword = null;
-        if (password instanceof byte[]) {
-            sPassword = new String((byte[]) password);
-        } else if (password instanceof String) {
-            sPassword = (String) password;
-        } else {
-            throw new IllegalArgumentException("password is neither a String nor a byte-Array.");
+        if ( password instanceof byte[] )
+        {
+            sPassword = new String( ( byte[] ) password );
+        }
+        else if ( password instanceof String )
+        {
+            sPassword = ( String ) password;
+        }
+        else
+        {
+            throw new IllegalArgumentException( "password is neither a String nor a byte-Array." );
         }
 
-        if (sPassword != null && sPassword.length() > 2 && sPassword.charAt(0) == '{' && sPassword.indexOf('}') > -1) {
-            int algPosEnd = sPassword.indexOf('}');
-            String algorithm = sPassword.substring(1, algPosEnd);
-            try {
-                MessageDigest.getInstance(algorithm);
+        if ( sPassword != null && sPassword.length() > 2 && sPassword.charAt( 0 ) == '{'
+            && sPassword.indexOf( '}' ) > -1 )
+        {
+            int algPosEnd = sPassword.indexOf( '}' );
+            String algorithm = sPassword.substring( 1, algPosEnd );
+            try
+            {
+                MessageDigest.getInstance( algorithm );
                 result = algorithm;
-            } catch (NoSuchAlgorithmException e) {
-                log.warn("Unknown message digest algorithm in password: " + algorithm, e);
+            }
+            catch ( NoSuchAlgorithmException e )
+            {
+                log.warn( "Unknown message digest algorithm in password: " + algorithm, e );
             }
         }
 
         return result;
     }
 
+
     /**
      * Creates a digested password. For a given hash algorithm and a password
      * value, the algorithm is applied to the password, and the result is Base64
@@ -263,37 +296,45 @@
      *             if password is neither a String nor a byte[], or algorithm is
      *             not known to java.security.MessageDigest class
      */
-    protected String createDigestedPassword(String algorithm, Object password) throws NoSuchAlgorithmException,
-            IllegalArgumentException
+    protected String createDigestedPassword( String algorithm, Object password ) throws NoSuchAlgorithmException,
+        IllegalArgumentException
     {
         // Check if password arg is string or byte[]
         byte[] data = null;
-        if (password instanceof byte[]) {
-            data = (byte[]) password;
-        } else if (password instanceof String) {
-            data = ((String) password).getBytes();
-        } else {
-            throw new IllegalArgumentException("password is neither a String nor a byte-Array.");
+        if ( password instanceof byte[] )
+        {
+            data = ( byte[] ) password;
+        }
+        else if ( password instanceof String )
+        {
+            data = ( ( String ) password ).getBytes();
+        }
+        else
+        {
+            throw new IllegalArgumentException( "password is neither a String nor a byte-Array." );
         }
 
         // create message digest object
         MessageDigest digest = null;
-        try {
-            digest = MessageDigest.getInstance(algorithm);
-        } catch (NoSuchAlgorithmException nsae) {
-            throw new IllegalArgumentException(nsae.getMessage());
+        try
+        {
+            digest = MessageDigest.getInstance( algorithm );
+        }
+        catch ( NoSuchAlgorithmException nsae )
+        {
+            throw new IllegalArgumentException( nsae.getMessage() );
         }
 
         // calculate hashed value of password
-        byte[] fingerPrint = digest.digest(data);
-        char[] encoded = Base64.encode(fingerPrint);
+        byte[] fingerPrint = digest.digest( data );
+        char[] encoded = Base64.encode( fingerPrint );
 
         // create return result of form "{alg}bbbbbbb"
         StringBuffer result = new StringBuffer();
-        result.append('{');
-        result.append(algorithm);
-        result.append('}');
-        result.append(encoded);
+        result.append( '{' );
+        result.append( algorithm );
+        result.append( '}' );
+        result.append( encoded );
 
         return result.toString();
     }

Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java Fri Feb 10 02:48:07 2006
@@ -90,7 +90,6 @@
     private static final Collection IMPORT_PERMS;
     private static final Collection MOVERENAME_PERMS;
 
-
     static
     {
         HashSet set = new HashSet( 2 );
@@ -167,7 +166,8 @@
         enabled = factoryCfg.getStartupConfiguration().isAccessControlEnabled();
 
         // stuff for dealing with subentries (garbage for now)
-        String subschemaSubentry = ( String ) factoryCfg.getPartitionNexus().getRootDSE().get( "subschemaSubentry" ).get();
+        String subschemaSubentry = ( String ) factoryCfg.getPartitionNexus().getRootDSE().get( "subschemaSubentry" )
+            .get();
         subschemaSubentryDn = new LdapName( subschemaSubentry ).toString().toLowerCase();
     }
 
@@ -185,9 +185,8 @@
      * @param entry the target entry that access to is being controled
      * @throws NamingException if there are problems accessing attribute values
      */
-    private void addPerscriptiveAciTuples( DirectoryPartitionNexusProxy proxy, Collection tuples,
-                                           Name dn, Attributes entry )
-            throws NamingException
+    private void addPerscriptiveAciTuples( DirectoryPartitionNexusProxy proxy, Collection tuples, Name dn,
+        Attributes entry ) throws NamingException
     {
         /*
          * If the protected entry is a subentry, then the entry being evaluated
@@ -245,7 +244,7 @@
             }
             catch ( ParseException e )
             {
-                String msg = "failed to parse entryACI: " + aciString ;
+                String msg = "failed to parse entryACI: " + aciString;
                 log.error( msg, e );
                 throw new LdapNamingException( msg, ResultCodeEnum.OPERATIONSERROR );
             }
@@ -264,11 +263,11 @@
      * @param entry the target entry that access to is being regulated
      * @throws NamingException if there are problems accessing attribute values
      */
-    private void addSubentryAciTuples( DirectoryPartitionNexusProxy proxy, Collection tuples,
-                                       Name dn, Attributes entry ) throws NamingException
+    private void addSubentryAciTuples( DirectoryPartitionNexusProxy proxy, Collection tuples, Name dn, Attributes entry )
+        throws NamingException
     {
         // only perform this for subentries
-        if ( ! entry.get("objectClass").contains("subentry") )
+        if ( !entry.get( "objectClass" ).contains( "subentry" ) )
         {
             return;
         }
@@ -277,8 +276,8 @@
         // will contain the subentryACI attributes that effect subentries
         Name parentDn = ( Name ) dn.clone();
         parentDn.remove( dn.size() - 1 );
-        Attributes administrativeEntry = proxy.lookup( parentDn, new String[] { SUBENTRYACI_ATTR },
-                DirectoryPartitionNexusProxy.LOOKUP_BYPASS );
+        Attributes administrativeEntry = proxy.lookup( parentDn, new String[]
+            { SUBENTRYACI_ATTR }, DirectoryPartitionNexusProxy.LOOKUP_BYPASS );
         Attribute subentryAci = administrativeEntry.get( SUBENTRYACI_ATTR );
 
         if ( subentryAci == null )
@@ -297,7 +296,7 @@
             }
             catch ( ParseException e )
             {
-                String msg = "failed to parse subentryACI: " + aciString ;
+                String msg = "failed to parse subentryACI: " + aciString;
                 log.error( msg, e );
                 throw new LdapNamingException( msg, ResultCodeEnum.OPERATIONSERROR );
             }
@@ -336,7 +335,7 @@
         Name userName = dnParser.parse( principal.getName() );
 
         // bypass authz code if we are disabled
-        if ( ! enabled )
+        if ( !enabled )
         {
             next.add( upName, normName, entry );
             return;
@@ -355,7 +354,7 @@
         SubentryService subentryService = ( SubentryService ) chain.get( "subentryService" );
         Attributes subentryAttrs = subentryService.getSubentryAttributes( normName, entry );
         NamingEnumeration attrList = entry.getAll();
-        while( attrList.hasMore() )
+        while ( attrList.hasMore() )
         {
             subentryAttrs.put( ( Attribute ) attrList.next() );
         }
@@ -371,8 +370,8 @@
 
         // check if entry scope permission is granted
         DirectoryPartitionNexusProxy proxy = invocation.getProxy();
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(),
-                normName, null, null, ADD_PERMS, tuples, subentryAttrs );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), normName, null, null,
+            ADD_PERMS, tuples, subentryAttrs );
 
         // now we must check if attribute type and value scope permission is granted
         NamingEnumeration attributeList = entry.getAll();
@@ -381,9 +380,8 @@
             Attribute attr = ( Attribute ) attributeList.next();
             for ( int ii = 0; ii < attr.size(); ii++ )
             {
-                engine.checkPermission( proxy, userGroups, userName,
-                        principal.getAuthenticationLevel(), normName, attr.getID(),
-                        attr.get( ii ), ADD_PERMS, tuples, entry );
+                engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), normName, attr
+                    .getID(), attr.get( ii ), ADD_PERMS, tuples, entry );
             }
         }
 
@@ -407,7 +405,7 @@
         Name userName = dnParser.parse( principal.getName() );
 
         // bypass authz code if we are disabled
-        if ( ! enabled )
+        if ( !enabled )
         {
             next.delete( name );
             return;
@@ -428,8 +426,8 @@
         addEntryAciTuples( tuples, entry );
         addSubentryAciTuples( proxy, tuples, name, entry );
 
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null,
-                null, REMOVE_PERMS, tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null, null,
+            REMOVE_PERMS, tuples, entry );
 
         next.delete( name );
         tupleCache.subentryDeleted( name, entry );
@@ -447,7 +445,7 @@
         Name userName = dnParser.parse( principal.getName() );
 
         // bypass authz code if we are disabled
-        if ( ! enabled )
+        if ( !enabled )
         {
             next.modify( name, modOp, mods );
             return;
@@ -468,31 +466,31 @@
         addEntryAciTuples( tuples, entry );
         addSubentryAciTuples( proxy, tuples, name, entry );
 
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null,
-                null, Collections.singleton( MicroOperation.MODIFY ), tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null, null,
+            Collections.singleton( MicroOperation.MODIFY ), tuples, entry );
 
         NamingEnumeration attrList = mods.getAll();
         Collection perms = null;
-        switch( modOp )
+        switch ( modOp )
         {
-            case( DirContext.ADD_ATTRIBUTE ):
+            case ( DirContext.ADD_ATTRIBUTE  ):
                 perms = ADD_PERMS;
                 break;
-            case( DirContext.REMOVE_ATTRIBUTE ):
+            case ( DirContext.REMOVE_ATTRIBUTE  ):
                 perms = REMOVE_PERMS;
                 break;
-            case( DirContext.REPLACE_ATTRIBUTE ):
+            case ( DirContext.REPLACE_ATTRIBUTE  ):
                 perms = REPLACE_PERMS;
                 break;
         }
 
-        while( attrList.hasMore() )
+        while ( attrList.hasMore() )
         {
             Attribute attr = ( Attribute ) attrList.next();
             for ( int ii = 0; ii < attr.size(); ii++ )
             {
-                engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(),
-                        name, attr.getID(), attr.get( ii ), perms, tuples, entry );
+                engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, attr
+                    .getID(), attr.get( ii ), perms, tuples, entry );
             }
         }
 
@@ -512,7 +510,7 @@
         Name userName = dnParser.parse( principal.getName() );
 
         // bypass authz code if we are disabled
-        if ( ! enabled )
+        if ( !enabled )
         {
             next.modify( name, mods );
             return;
@@ -533,21 +531,21 @@
         addEntryAciTuples( tuples, entry );
         addSubentryAciTuples( proxy, tuples, name, entry );
 
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null,
-                null, Collections.singleton( MicroOperation.MODIFY ), tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null, null,
+            Collections.singleton( MicroOperation.MODIFY ), tuples, entry );
 
         Collection perms = null;
         for ( int ii = 0; ii < mods.length; ii++ )
         {
-            switch( mods[ii].getModificationOp() )
+            switch ( mods[ii].getModificationOp() )
             {
-                case( DirContext.ADD_ATTRIBUTE ):
+                case ( DirContext.ADD_ATTRIBUTE  ):
                     perms = ADD_PERMS;
                     break;
-                case( DirContext.REMOVE_ATTRIBUTE ):
+                case ( DirContext.REMOVE_ATTRIBUTE  ):
                     perms = REMOVE_PERMS;
                     break;
-                case( DirContext.REPLACE_ATTRIBUTE ):
+                case ( DirContext.REPLACE_ATTRIBUTE  ):
                     perms = REPLACE_PERMS;
                     break;
             }
@@ -555,8 +553,8 @@
             Attribute attr = mods[ii].getAttribute();
             for ( int jj = 0; jj < attr.size(); jj++ )
             {
-                engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(),
-                        name, attr.getID(), attr.get( jj ), perms, tuples, entry );
+                engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, attr
+                    .getID(), attr.get( jj ), perms, tuples, entry );
             }
         }
 
@@ -574,8 +572,8 @@
         LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
         Name userName = dnParser.parse( principal.getName() );
 
-        if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || ! enabled
-                || name.toString().trim().equals( "" ) ) // no checks on the rootdse
+        if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || !enabled
+            || name.toString().trim().equals( "" ) ) // no checks on the rootdse
         {
             return next.hasEntry( name );
         }
@@ -587,8 +585,8 @@
         addSubentryAciTuples( proxy, tuples, name, entry );
 
         // check that we have browse access to the entry
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null,
-                null, BROWSE_PERMS, tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null, null,
+            BROWSE_PERMS, tuples, entry );
 
         return next.hasEntry( name );
     }
@@ -609,8 +607,7 @@
      * @param entry the raw entry pulled from the nexus
      * @throws NamingException
      */
-    private void checkLookupAccess( LdapPrincipal principal, Name dn, Attributes entry )
-            throws NamingException
+    private void checkLookupAccess( LdapPrincipal principal, Name dn, Attributes entry ) throws NamingException
     {
         // no permissions checks on the RootDSE
         if ( dn.toString().trim().equals( "" ) )
@@ -627,8 +624,8 @@
         addSubentryAciTuples( proxy, tuples, dn, entry );
 
         // check that we have read access to the entry
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), dn, null,
-                null, LOOKUP_PERMS, tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), dn, null, null,
+            LOOKUP_PERMS, tuples, entry );
 
         // check that we have read access to every attribute type and value
         NamingEnumeration attributeList = entry.getAll();
@@ -637,8 +634,8 @@
             Attribute attr = ( Attribute ) attributeList.next();
             for ( int ii = 0; ii < attr.size(); ii++ )
             {
-                engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), dn,
-                        attr.getID(), attr.get( ii ), READ_PERMS, tuples, entry );
+                engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), dn, attr
+                    .getID(), attr.get( ii ), READ_PERMS, tuples, entry );
             }
         }
     }
@@ -651,7 +648,7 @@
         Attributes entry = proxy.lookup( dn, DirectoryPartitionNexusProxy.LOOKUP_BYPASS );
         LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
 
-        if ( principal.getName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || ! enabled )
+        if ( principal.getName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || !enabled )
         {
             return next.lookup( dn, attrIds );
         }
@@ -668,7 +665,7 @@
         Attributes entry = proxy.lookup( name, DirectoryPartitionNexusProxy.LOOKUP_BYPASS );
         LdapPrincipal user = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
 
-        if ( user.getName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || ! enabled )
+        if ( user.getName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || !enabled )
         {
             return next.lookup( name );
         }
@@ -690,9 +687,8 @@
         newName.remove( name.size() - 1 );
         newName.add( dnParser.parse( newRn ).get( 0 ) );
 
-
         // bypass authz code if we are disabled
-        if ( ! enabled )
+        if ( !enabled )
         {
             next.modifyRn( name, newRn, deleteOldRn );
             return;
@@ -715,35 +711,35 @@
         addEntryAciTuples( tuples, entry );
         addSubentryAciTuples( proxy, tuples, name, entry );
 
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null,
-                null, RENAME_PERMS, tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null, null,
+            RENAME_PERMS, tuples, entry );
 
-//        if ( deleteOldRn )
-//        {
-//            String oldRn = name.get( name.size() - 1 );
-//            if ( NamespaceTools.hasCompositeComponents( oldRn ) )
-//            {
-//                String[] comps = NamespaceTools.getCompositeComponents( oldRn );
-//                for ( int ii = 0; ii < comps.length; ii++ )
-//                {
-//                    String id = NamespaceTools.getRdnAttribute( comps[ii] );
-//                    String value = NamespaceTools.getRdnValue( comps[ii] );
-//                    engine.checkPermission( next, userGroups, user.getJndiName(),
-//                            user.getAuthenticationLevel(), name, id,
-//                            value, Collections.singleton( MicroOperation.REMOVE ),
-//                            tuples, entry );
-//                }
-//            }
-//            else
-//            {
-//                String id = NamespaceTools.getRdnAttribute( oldRn );
-//                String value = NamespaceTools.getRdnValue( oldRn );
-//                engine.checkPermission( next, userGroups, user.getJndiName(),
-//                        user.getAuthenticationLevel(), name, id,
-//                        value, Collections.singleton( MicroOperation.REMOVE ),
-//                        tuples, entry );
-//            }
-//        }
+        //        if ( deleteOldRn )
+        //        {
+        //            String oldRn = name.get( name.size() - 1 );
+        //            if ( NamespaceTools.hasCompositeComponents( oldRn ) )
+        //            {
+        //                String[] comps = NamespaceTools.getCompositeComponents( oldRn );
+        //                for ( int ii = 0; ii < comps.length; ii++ )
+        //                {
+        //                    String id = NamespaceTools.getRdnAttribute( comps[ii] );
+        //                    String value = NamespaceTools.getRdnValue( comps[ii] );
+        //                    engine.checkPermission( next, userGroups, user.getJndiName(),
+        //                            user.getAuthenticationLevel(), name, id,
+        //                            value, Collections.singleton( MicroOperation.REMOVE ),
+        //                            tuples, entry );
+        //                }
+        //            }
+        //            else
+        //            {
+        //                String id = NamespaceTools.getRdnAttribute( oldRn );
+        //                String value = NamespaceTools.getRdnValue( oldRn );
+        //                engine.checkPermission( next, userGroups, user.getJndiName(),
+        //                        user.getAuthenticationLevel(), name, id,
+        //                        value, Collections.singleton( MicroOperation.REMOVE ),
+        //                        tuples, entry );
+        //            }
+        //        }
 
         next.modifyRn( name, newRn, deleteOldRn );
         tupleCache.subentryRenamed( name, newName );
@@ -752,7 +748,7 @@
 
 
     public void move( NextInterceptor next, Name oriChildName, Name newParentName, String newRn, boolean deleteOldRn )
-            throws NamingException
+        throws NamingException
     {
         // Access the principal requesting the operation, and bypass checks if it is the admin
         Invocation invocation = InvocationStack.getInstance().peek();
@@ -764,7 +760,7 @@
         newName.add( newRn );
 
         // bypass authz code if we are disabled
-        if ( ! enabled )
+        if ( !enabled )
         {
             next.move( oriChildName, newParentName, newRn, deleteOldRn );
             return;
@@ -785,42 +781,42 @@
         addEntryAciTuples( tuples, entry );
         addSubentryAciTuples( proxy, tuples, oriChildName, entry );
 
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(),
-                oriChildName, null, null, MOVERENAME_PERMS, tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), oriChildName, null,
+            null, MOVERENAME_PERMS, tuples, entry );
 
         Collection destTuples = new HashSet();
         addPerscriptiveAciTuples( proxy, destTuples, oriChildName, entry );
         addEntryAciTuples( destTuples, entry );
         addSubentryAciTuples( proxy, destTuples, oriChildName, entry );
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(),
-                oriChildName, null, null, IMPORT_PERMS, tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), oriChildName, null,
+            null, IMPORT_PERMS, tuples, entry );
 
-//        if ( deleteOldRn )
-//        {
-//            String oldRn = oriChildName.get( oriChildName.size() - 1 );
-//            if ( NamespaceTools.hasCompositeComponents( oldRn ) )
-//            {
-//                String[] comps = NamespaceTools.getCompositeComponents( oldRn );
-//                for ( int ii = 0; ii < comps.length; ii++ )
-//                {
-//                    String id = NamespaceTools.getRdnAttribute( comps[ii] );
-//                    String value = NamespaceTools.getRdnValue( comps[ii] );
-//                    engine.checkPermission( next, userGroups, user.getJndiName(),
-//                            user.getAuthenticationLevel(), oriChildName, id,
-//                            value, Collections.singleton( MicroOperation.REMOVE ),
-//                            tuples, entry );
-//                }
-//            }
-//            else
-//            {
-//                String id = NamespaceTools.getRdnAttribute( oldRn );
-//                String value = NamespaceTools.getRdnValue( oldRn );
-//                engine.checkPermission( next, userGroups, user.getJndiName(),
-//                        user.getAuthenticationLevel(), oriChildName, id,
-//                        value, Collections.singleton( MicroOperation.REMOVE ),
-//                        tuples, entry );
-//            }
-//        }
+        //        if ( deleteOldRn )
+        //        {
+        //            String oldRn = oriChildName.get( oriChildName.size() - 1 );
+        //            if ( NamespaceTools.hasCompositeComponents( oldRn ) )
+        //            {
+        //                String[] comps = NamespaceTools.getCompositeComponents( oldRn );
+        //                for ( int ii = 0; ii < comps.length; ii++ )
+        //                {
+        //                    String id = NamespaceTools.getRdnAttribute( comps[ii] );
+        //                    String value = NamespaceTools.getRdnValue( comps[ii] );
+        //                    engine.checkPermission( next, userGroups, user.getJndiName(),
+        //                            user.getAuthenticationLevel(), oriChildName, id,
+        //                            value, Collections.singleton( MicroOperation.REMOVE ),
+        //                            tuples, entry );
+        //                }
+        //            }
+        //            else
+        //            {
+        //                String id = NamespaceTools.getRdnAttribute( oldRn );
+        //                String value = NamespaceTools.getRdnValue( oldRn );
+        //                engine.checkPermission( next, userGroups, user.getJndiName(),
+        //                        user.getAuthenticationLevel(), oriChildName, id,
+        //                        value, Collections.singleton( MicroOperation.REMOVE ),
+        //                        tuples, entry );
+        //            }
+        //        }
 
         next.move( oriChildName, newParentName, newRn, deleteOldRn );
         tupleCache.subentryRenamed( oriChildName, newName );
@@ -840,7 +836,7 @@
         Name userName = dnParser.parse( principal.getName() );
 
         // bypass authz code if we are disabled
-        if ( ! enabled )
+        if ( !enabled )
         {
             next.move( oriChildName, newParentName );
             return;
@@ -861,31 +857,31 @@
         addEntryAciTuples( tuples, entry );
         addSubentryAciTuples( proxy, tuples, oriChildName, entry );
 
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(),
-                oriChildName, null, null, EXPORT_PERMS, tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), oriChildName, null,
+            null, EXPORT_PERMS, tuples, entry );
 
         Collection destTuples = new HashSet();
         addPerscriptiveAciTuples( proxy, destTuples, oriChildName, entry );
         addEntryAciTuples( destTuples, entry );
         addSubentryAciTuples( proxy, destTuples, oriChildName, entry );
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(),
-                oriChildName, null, null, IMPORT_PERMS, tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), oriChildName, null,
+            null, IMPORT_PERMS, tuples, entry );
 
         next.move( oriChildName, newParentName );
         tupleCache.subentryRenamed( oriChildName, newName );
         groupCache.groupRenamed( oriChildName, newName );
     }
 
-
     public static final SearchControls DEFUALT_SEARCH_CONTROLS = new SearchControls();
 
+
     public NamingEnumeration list( NextInterceptor next, Name base ) throws NamingException
     {
         Invocation invocation = InvocationStack.getInstance().peek();
         ServerLdapContext ctx = ( ServerLdapContext ) invocation.getCaller();
         LdapPrincipal user = ctx.getPrincipal();
         NamingEnumeration e = next.list( base );
-        if ( user.getName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || ! enabled )
+        if ( user.getName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || !enabled )
         {
             return e;
         }
@@ -895,7 +891,7 @@
 
 
     public NamingEnumeration search( NextInterceptor next, Name base, Map env, ExprNode filter,
-                                     SearchControls searchCtls ) throws NamingException
+        SearchControls searchCtls ) throws NamingException
     {
         Invocation invocation = InvocationStack.getInstance().peek();
         ServerLdapContext ctx = ( ServerLdapContext ) invocation.getCaller();
@@ -904,8 +900,8 @@
 
         boolean isSubschemaSubentryLookup = subschemaSubentryDn.equals( base.toString() );
         boolean isRootDSELookup = base.size() == 0 && searchCtls.getSearchScope() == SearchControls.OBJECT_SCOPE;
-        if ( user.getName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL )
-                || ! enabled || isRootDSELookup || isSubschemaSubentryLookup )
+        if ( user.getName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || !enabled || isRootDSELookup
+            || isSubschemaSubentryLookup )
         {
             return e;
         }
@@ -923,7 +919,7 @@
         LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
         Name userName = dnParser.parse( principal.getName() );
 
-        if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || ! enabled )
+        if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || !enabled )
         {
             return next.compare( name, oid, value );
         }
@@ -934,10 +930,10 @@
         addEntryAciTuples( tuples, entry );
         addSubentryAciTuples( proxy, tuples, name, entry );
 
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null,
-                null, READ_PERMS, tuples, entry );
-        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, oid,
-                value, COMPARE_PERMS, tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, null, null,
+            READ_PERMS, tuples, entry );
+        engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), name, oid, value,
+            COMPARE_PERMS, tuples, entry );
 
         return next.compare( name, oid, value );
     }
@@ -950,7 +946,7 @@
         DirectoryPartitionNexusProxy proxy = invocation.getProxy();
         LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
         Name userName = dnParser.parse( principal.getName() );
-        if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || ! enabled )
+        if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL ) || !enabled )
         {
             return next.getMatchedName( dn, normalized );
         }
@@ -979,9 +975,8 @@
             addEntryAciTuples( tuples, entry );
             addSubentryAciTuples( proxy, tuples, matched, entry );
 
-            if ( engine.hasPermission( proxy, userGroups, userName,
-                    principal.getAuthenticationLevel(), matched, null, null,
-                    MATCHEDNAME_PERMS, tuples, entry ) )
+            if ( engine.hasPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), matched, null,
+                null, MATCHEDNAME_PERMS, tuples, entry ) )
             {
                 return matched;
             }
@@ -1001,11 +996,11 @@
 
     private boolean filter( Invocation invocation, Name normName, SearchResult result ) throws NamingException
     {
-       /*
-        * First call hasPermission() for entry level "Browse" and "ReturnDN" perm
-        * tests.  If we hasPermission() returns false we immediately short the
-        * process and return false.
-        */
+        /*
+         * First call hasPermission() for entry level "Browse" and "ReturnDN" perm
+         * tests.  If we hasPermission() returns false we immediately short the
+         * process and return false.
+         */
         Attributes entry = invocation.getProxy().lookup( normName, DirectoryPartitionNexusProxy.LOOKUP_BYPASS );
         ServerLdapContext ctx = ( ServerLdapContext ) invocation.getCaller();
         Name userDn = dnParser.parse( ctx.getPrincipal().getName() );
@@ -1015,9 +1010,8 @@
         addEntryAciTuples( tuples, entry );
         addSubentryAciTuples( invocation.getProxy(), tuples, normName, entry );
 
-        if ( ! engine.hasPermission( invocation.getProxy(), userGroups, userDn,
-                ctx.getPrincipal().getAuthenticationLevel(),
-                normName, null, null, SEARCH_ENTRY_PERMS, tuples, entry ) )
+        if ( !engine.hasPermission( invocation.getProxy(), userGroups, userDn, ctx.getPrincipal()
+            .getAuthenticationLevel(), normName, null, null, SEARCH_ENTRY_PERMS, tuples, entry ) )
         {
             return false;
         }
@@ -1035,9 +1029,8 @@
             // if attribute type scope access is not allowed then remove the attribute and continue
             String id = ( String ) idList.next();
             Attribute attr = result.getAttributes().get( id );
-            if ( ! engine.hasPermission( invocation.getProxy(), userGroups, userDn,
-                    ctx.getPrincipal().getAuthenticationLevel(),
-                    normName, attr.getID(), null, SEARCH_ATTRVAL_PERMS, tuples, entry ) )
+            if ( !engine.hasPermission( invocation.getProxy(), userGroups, userDn, ctx.getPrincipal()
+                .getAuthenticationLevel(), normName, attr.getID(), null, SEARCH_ATTRVAL_PERMS, tuples, entry ) )
             {
                 result.getAttributes().remove( attr.getID() );
 
@@ -1051,9 +1044,9 @@
             // attribute type scope is ok now let's determine value level scope
             for ( int ii = 0; ii < attr.size(); ii++ )
             {
-                if ( ! engine.hasPermission( invocation.getProxy(), userGroups, userDn,
-                        ctx.getPrincipal().getAuthenticationLevel(), normName,
-                        attr.getID(), attr.get( ii ), SEARCH_ATTRVAL_PERMS, tuples, entry ) )
+                if ( !engine.hasPermission( invocation.getProxy(), userGroups, userDn, ctx.getPrincipal()
+                    .getAuthenticationLevel(), normName, attr.getID(), attr.get( ii ), SEARCH_ATTRVAL_PERMS, tuples,
+                    entry ) )
                 {
                     attr.remove( ii );
 
@@ -1068,7 +1061,6 @@
         return true;
     }
 
-
     /**
      * WARNING: create one of these filters fresh every time for each new search.
      */
@@ -1077,6 +1069,7 @@
         /** dedicated normalizing parser for this search - cheaper than synchronization */
         final DnParser parser;
 
+
         public AuthorizationFilter() throws NamingException
         {
             parser = new DnParser( new ConcreteNameComponentNormalizer( attrRegistry ) );
@@ -1084,18 +1077,18 @@
 
 
         public boolean accept( Invocation invocation, SearchResult result, SearchControls controls )
-                throws NamingException
+            throws NamingException
         {
             Name normName = parser.parse( result.getName() );
 
-// looks like isRelative returns true even when the names for results are absolute!!!!
-// @todo this is a big bug in JNDI provider
+            // looks like isRelative returns true even when the names for results are absolute!!!!
+            // @todo this is a big bug in JNDI provider
 
-//            if ( result.isRelative() )
-//            {
-//                Name base = parser.parse( ctx.getNameInNamespace() );
-//                normName = base.addAll( normName );
-//            }
+            //            if ( result.isRelative() )
+            //            {
+            //                Name base = parser.parse( ctx.getNameInNamespace() );
+            //                normName = base.addAll( normName );
+            //            }
 
             return filter( invocation, normName, result );
         }

Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java Fri Feb 10 02:48:07 2006
@@ -70,12 +70,12 @@
      *
      * @param factoryCfg the context factory configuration for the server
      */
-    public GroupCache( DirectoryServiceConfiguration factoryCfg ) throws NamingException
+    public GroupCache(DirectoryServiceConfiguration factoryCfg) throws NamingException
     {
         this.nexus = factoryCfg.getPartitionNexus();
         this.env = ( Hashtable ) factoryCfg.getEnvironment().clone();
-        this.parser = new DnParser( new ConcreteNameComponentNormalizer(
-                factoryCfg.getGlobalRegistries().getAttributeTypeRegistry() ) );
+        this.parser = new DnParser( new ConcreteNameComponentNormalizer( factoryCfg.getGlobalRegistries()
+            .getAttributeTypeRegistry() ) );
         initialize();
     }
 
@@ -288,17 +288,17 @@
 
         switch ( modOp )
         {
-            case ( DirContext.ADD_ATTRIBUTE ):
+            case ( DirContext.ADD_ATTRIBUTE  ):
                 addMembers( memberSet, members );
                 break;
-            case ( DirContext.REPLACE_ATTRIBUTE ):
+            case ( DirContext.REPLACE_ATTRIBUTE  ):
                 if ( members.size() > 0 )
                 {
                     memberSet.clear();
                     addMembers( memberSet, members );
                 }
                 break;
-            case ( DirContext.REMOVE_ATTRIBUTE ):
+            case ( DirContext.REMOVE_ATTRIBUTE  ):
                 removeMembers( memberSet, members );
                 break;
             default:
@@ -405,7 +405,10 @@
         }
         catch ( NamingException e )
         {
-            log.warn( "Malformed member DN.  Could not find groups for member in GroupCache. Returning empty set for groups!", e );
+            log
+                .warn(
+                    "Malformed member DN.  Could not find groups for member in GroupCache. Returning empty set for groups!",
+                    e );
             return Collections.EMPTY_SET;
         }
 

Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/OldAuthorizationService.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/OldAuthorizationService.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/OldAuthorizationService.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/OldAuthorizationService.java Fri Feb 10 02:48:07 2006
@@ -80,7 +80,6 @@
     private boolean enabled = true;
 
 
-
     /**
      * Creates a new instance.
      */
@@ -95,7 +94,7 @@
         dnParser = new DnParser( new ConcreteNameComponentNormalizer( atr ) );
 
         // disable this static module if basic access control mechanisms are enabled
-        enabled = ! factoryCfg.getStartupConfiguration().isAccessControlEnabled();
+        enabled = !factoryCfg.getStartupConfiguration().isAccessControlEnabled();
     }
 
 
@@ -127,8 +126,7 @@
             throw new LdapNoPermissionException( msg );
         }
 
-        if ( name.size() > 2 && name.startsWith( USER_BASE_DN )
-                && !principalDn.equals( ADMIN_DN ) )
+        if ( name.size() > 2 && name.startsWith( USER_BASE_DN ) && !principalDn.equals( ADMIN_DN ) )
         {
             String msg = "User " + principalDn;
             msg += " does not have permission to delete the user account: ";
@@ -136,8 +134,7 @@
             throw new LdapNoPermissionException( msg );
         }
 
-        if ( name.size() > 2 && name.startsWith( GROUP_BASE_DN )
-                && !principalDn.equals( ADMIN_DN ) )
+        if ( name.size() > 2 && name.startsWith( GROUP_BASE_DN ) && !principalDn.equals( ADMIN_DN ) )
         {
             String msg = "User " + principalDn;
             msg += " does not have permission to delete the group entry: ";
@@ -165,14 +162,14 @@
     // Entry Modification Operations
     // ------------------------------------------------------------------------
 
-
     /**
      * This policy needs to be really tight too because some attributes may take
      * part in giving the user permissions to protected resources.  We do not want
      * users to self access these resources.  As far as we're concerned no one but
      * the admin needs access.
      */
-    public void modify( NextInterceptor nextInterceptor, Name name, int modOp, Attributes attrs ) throws NamingException
+    public void modify( NextInterceptor nextInterceptor, Name name, int modOp, Attributes attrs )
+        throws NamingException
     {
         if ( enabled )
         {
@@ -218,7 +215,7 @@
                 msg += " admin user.";
                 throw new LdapNoPermissionException( msg );
             }
-            
+
             if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN ) )
             {
                 String msg = "User " + principalDn;
@@ -249,8 +246,8 @@
     //  o The administrator entry cannot be moved or renamed by anyone
     // ------------------------------------------------------------------------
 
-
-    public void modifyRn( NextInterceptor nextInterceptor, Name name, String newRn, boolean deleteOldRn ) throws NamingException
+    public void modifyRn( NextInterceptor nextInterceptor, Name name, String newRn, boolean deleteOldRn )
+        throws NamingException
     {
         if ( enabled )
         {
@@ -270,9 +267,8 @@
     }
 
 
-    public void move( NextInterceptor nextInterceptor,
-            Name oriChildName, Name newParentName, String newRn,
-            boolean deleteOldRn ) throws NamingException
+    public void move( NextInterceptor nextInterceptor, Name oriChildName, Name newParentName, String newRn,
+        boolean deleteOldRn ) throws NamingException
     {
         if ( enabled )
         {
@@ -323,7 +319,7 @@
     public Attributes lookup( NextInterceptor nextInterceptor, Name name ) throws NamingException
     {
         Attributes attributes = nextInterceptor.lookup( name );
-        if ( ! enabled || attributes == null )
+        if ( !enabled || attributes == null )
         {
             return attributes;
         }
@@ -336,7 +332,7 @@
     public Attributes lookup( NextInterceptor nextInterceptor, Name name, String[] attrIds ) throws NamingException
     {
         Attributes attributes = nextInterceptor.lookup( name, attrIds );
-        if ( ! enabled || attributes == null )
+        if ( !enabled || attributes == null )
         {
             return attributes;
         }
@@ -348,8 +344,7 @@
 
     private void protectLookUp( Name dn ) throws NamingException
     {
-        LdapContext ctx =
-            ( LdapContext ) InvocationStack.getInstance().peek().getCaller();
+        LdapContext ctx = ( LdapContext ) InvocationStack.getInstance().peek().getCaller();
         Name principalDn = ( ( ServerContext ) ctx ).getPrincipal().getJndiName();
 
         if ( !principalDn.equals( ADMIN_DN ) )
@@ -399,9 +394,8 @@
     }
 
 
-    public NamingEnumeration search( NextInterceptor nextInterceptor,
-            Name base, Map env, ExprNode filter,
-            SearchControls searchCtls ) throws NamingException
+    public NamingEnumeration search( NextInterceptor nextInterceptor, Name base, Map env, ExprNode filter,
+        SearchControls searchCtls ) throws NamingException
     {
         NamingEnumeration e = nextInterceptor.search( base, env, filter, searchCtls );
         if ( !enabled )
@@ -412,17 +406,16 @@
         //{
         //    return null;
         //}
-        
+
         Invocation invocation = InvocationStack.getInstance().peek();
-        return new SearchResultFilteringEnumeration( e, searchCtls, invocation,
-            new SearchResultFilter()
+        return new SearchResultFilteringEnumeration( e, searchCtls, invocation, new SearchResultFilter()
+        {
+            public boolean accept( Invocation invocation, SearchResult result, SearchControls controls )
+                throws NamingException
             {
-                public boolean accept( Invocation invocation, SearchResult result, SearchControls controls )
-                        throws NamingException
-                {
-                    return OldAuthorizationService.this.isSearchable( invocation, result );
-                }
-            });
+                return OldAuthorizationService.this.isSearchable( invocation, result );
+            }
+        } );
     }
 
 
@@ -435,20 +428,18 @@
         }
 
         Invocation invocation = InvocationStack.getInstance().peek();
-        return new SearchResultFilteringEnumeration( e, null, invocation,
-            new SearchResultFilter()
+        return new SearchResultFilteringEnumeration( e, null, invocation, new SearchResultFilter()
+        {
+            public boolean accept( Invocation invocation, SearchResult result, SearchControls controls )
+                throws NamingException
             {
-                public boolean accept( Invocation invocation, SearchResult result, SearchControls controls )
-                        throws NamingException
-                {
-                    return OldAuthorizationService.this.isSearchable( invocation, result );
-                }
-            } );
+                return OldAuthorizationService.this.isSearchable( invocation, result );
+            }
+        } );
     }
 
 
-    private boolean isSearchable( Invocation invocataion, SearchResult result )
-            throws NamingException
+    private boolean isSearchable( Invocation invocataion, SearchResult result ) throws NamingException
     {
         Name dn;
 

Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java Fri Feb 10 02:48:07 2006
@@ -83,7 +83,7 @@
      *
      * @param factoryCfg the context factory configuration for the server
      */
-    public TupleCache( DirectoryServiceConfiguration factoryCfg ) throws NamingException
+    public TupleCache(DirectoryServiceConfiguration factoryCfg) throws NamingException
     {
         this.nexus = factoryCfg.getPartitionNexus();
         AttributeTypeRegistry registry = factoryCfg.getGlobalRegistries().getAttributeTypeRegistry();
@@ -151,7 +151,7 @@
     {
         // only do something if the entry contains prescriptiveACI
         Attribute aci = entry.get( ACI_ATTR );
-        if ( ! hasPrescriptiveACI( entry ) )
+        if ( !hasPrescriptiveACI( entry ) )
         {
             return;
         }
@@ -167,7 +167,7 @@
             }
             catch ( ParseException e )
             {
-                String msg = "ACIItem parser failure on '"+item+"'. Cannnot add ACITuples to TupleCache.";
+                String msg = "ACIItem parser failure on '" + item + "'. Cannnot add ACITuples to TupleCache.";
                 log.warn( msg, e );
             }
 
@@ -178,8 +178,8 @@
 
 
     public void subentryDeleted( Name normName, Attributes entry ) throws NamingException
-    {                                                                                      
-        if ( ! hasPrescriptiveACI( entry ) )
+    {
+        if ( !hasPrescriptiveACI( entry ) )
         {
             return;
         }
@@ -190,7 +190,7 @@
 
     public void subentryModified( Name normName, ModificationItem[] mods, Attributes entry ) throws NamingException
     {
-        if ( ! hasPrescriptiveACI( entry ) )
+        if ( !hasPrescriptiveACI( entry ) )
         {
             return;
         }
@@ -210,7 +210,7 @@
 
     public void subentryModified( Name normName, int modOp, Attributes mods, Attributes entry ) throws NamingException
     {
-        if ( ! hasPrescriptiveACI( entry ) )
+        if ( !hasPrescriptiveACI( entry ) )
         {
             return;
         }
@@ -220,7 +220,7 @@
             subentryDeleted( normName, entry );
             subentryAdded( normName.toString(), normName, entry );
         }
-    }                                                     
+    }
 
 
     public List getACITuples( String subentryDn )

Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java Fri Feb 10 02:48:07 2006
@@ -18,6 +18,7 @@
  */
 package org.apache.directory.server.core.authz.support;
 
+
 import java.util.*;
 
 import javax.naming.Name;
@@ -66,6 +67,7 @@
 {
     private final ACITupleFilter[] filters;
 
+
     /**
      * Creates a new instance.
      * 
@@ -74,26 +76,21 @@
      * 
      * @throws NamingException if failed to initialize internal components
      */
-    public ACDFEngine( OidRegistry oidRegistry, AttributeTypeRegistry attrTypeRegistry ) throws NamingException
+    public ACDFEngine(OidRegistry oidRegistry, AttributeTypeRegistry attrTypeRegistry) throws NamingException
     {
         Evaluator entryEvaluator = new ExpressionEvaluator( oidRegistry, attrTypeRegistry );
         SubtreeEvaluator subtreeEvaluator = new SubtreeEvaluator( oidRegistry );
-        RefinementEvaluator refinementEvaluator = new RefinementEvaluator(
-                new RefinementLeafEvaluator( oidRegistry ) );
+        RefinementEvaluator refinementEvaluator = new RefinementEvaluator( new RefinementLeafEvaluator( oidRegistry ) );
 
-        filters = new ACITupleFilter[] {
-                new RelatedUserClassFilter( subtreeEvaluator ),
-                new RelatedProtectedItemFilter( refinementEvaluator, entryEvaluator ),
-                new MaxValueCountFilter(),
-                new MaxImmSubFilter(),
-                new RestrictedByFilter(),
-                new MicroOperationFilter(),
-                new HighestPrecedenceFilter(),
-                new MostSpecificUserClassFilter(),
-                new MostSpecificProtectedItemFilter(),
-        };
+        filters = new ACITupleFilter[]
+            { new RelatedUserClassFilter( subtreeEvaluator ),
+                new RelatedProtectedItemFilter( refinementEvaluator, entryEvaluator ), new MaxValueCountFilter(),
+                new MaxImmSubFilter(), new RestrictedByFilter(), new MicroOperationFilter(),
+                new HighestPrecedenceFilter(), new MostSpecificUserClassFilter(),
+                new MostSpecificProtectedItemFilter(), };
     }
 
+
     /**
      * Checks the user with the specified name can access the specified resource
      * (entry, attribute type, or attribute value) and throws {@link LdapNoPermissionException}
@@ -111,23 +108,17 @@
      * @param aciTuples {@link ACITuple}s translated from {@link ACIItem}s in the subtree entries
      * @throws NamingException if failed to evaluate ACI items
      */
-    public void checkPermission(
-            DirectoryPartitionNexusProxy proxy,
-            Collection userGroupNames, Name username, AuthenticationLevel authenticationLevel,
-            Name entryName, String attrId, Object attrValue,
-            Collection microOperations, Collection aciTuples, Attributes entry ) throws NamingException
+    public void checkPermission( DirectoryPartitionNexusProxy proxy, Collection userGroupNames, Name username,
+        AuthenticationLevel authenticationLevel, Name entryName, String attrId, Object attrValue,
+        Collection microOperations, Collection aciTuples, Attributes entry ) throws NamingException
     {
-        if( !hasPermission(
-                proxy,
-                userGroupNames, username, authenticationLevel,
-                entryName, attrId, attrValue,
-                microOperations, aciTuples, entry ) )
+        if ( !hasPermission( proxy, userGroupNames, username, authenticationLevel, entryName, attrId, attrValue,
+            microOperations, aciTuples, entry ) )
         {
             throw new LdapNoPermissionException();
         }
     }
 
-
     public static final Collection USER_LOOKUP_BYPASS;
     static
     {
@@ -160,13 +151,11 @@
      * @param microOperations the {@link MicroOperation}s to perform
      * @param aciTuples {@link ACITuple}s translated from {@link ACIItem}s in the subtree entries
      */
-    public boolean hasPermission(
-            DirectoryPartitionNexusProxy proxy,
-            Collection userGroupNames, Name userName, AuthenticationLevel authenticationLevel,
-            Name entryName, String attrId, Object attrValue,
-            Collection microOperations, Collection aciTuples, Attributes entry ) throws NamingException
+    public boolean hasPermission( DirectoryPartitionNexusProxy proxy, Collection userGroupNames, Name userName,
+        AuthenticationLevel authenticationLevel, Name entryName, String attrId, Object attrValue,
+        Collection microOperations, Collection aciTuples, Attributes entry ) throws NamingException
     {
-        if( entryName == null )
+        if ( entryName == null )
         {
             throw new NullPointerException( "entryName" );
         }
@@ -175,11 +164,11 @@
 
         // Determine the scope of the requested operation.
         OperationScope scope;
-        if( attrId == null )
+        if ( attrId == null )
         {
             scope = OperationScope.ENTRY;
         }
-        else if( attrValue == null )
+        else if ( attrValue == null )
         {
             scope = OperationScope.ATTRIBUTE_TYPE;
         }
@@ -192,27 +181,25 @@
         aciTuples = new ArrayList( aciTuples );
 
         // Filter unrelated and invalid tuples
-        for( int i = 0; i < filters.length; i++ )
+        for ( int i = 0; i < filters.length; i++ )
         {
-            ACITupleFilter filter = filters[ i ];
-            aciTuples = filter.filter(
-                    aciTuples, scope, proxy,
-                    userGroupNames, userName, userEntry, authenticationLevel,
-                    entryName, attrId, attrValue, entry, microOperations );
+            ACITupleFilter filter = filters[i];
+            aciTuples = filter.filter( aciTuples, scope, proxy, userGroupNames, userName, userEntry,
+                authenticationLevel, entryName, attrId, attrValue, entry, microOperations );
         }
 
         // Deny access if no tuples left.
-        if( aciTuples.size() == 0 )
+        if ( aciTuples.size() == 0 )
         {
             return false;
         }
 
         // Grant access if and only if one or more tuples remain and
         // all grant access. Otherwise deny access.
-        for( Iterator i = aciTuples.iterator(); i.hasNext(); )
+        for ( Iterator i = aciTuples.iterator(); i.hasNext(); )
         {
             ACITuple tuple = ( ACITuple ) i.next();
-            if( !tuple.isGrant() )
+            if ( !tuple.isGrant() )
             {
                 return false;
             }

Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java Fri Feb 10 02:48:07 2006
@@ -18,6 +18,7 @@
  */
 package org.apache.directory.server.core.authz.support;
 
+
 import java.util.Collection;
 
 import javax.naming.Name;
@@ -59,10 +60,8 @@
      * @return the collection of filtered tuples
      * @throws NamingException if failed to filter the specifiec tuples
      */
-    Collection filter(
-            Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy,
-            Collection userGroupNames, Name userName, Attributes userEntry,
-            AuthenticationLevel authenticationLevel,
-            Name entryName, String attrId, Object attrValue, Attributes entry,
-            Collection microOperations ) throws NamingException;
+    Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy,
+        Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
+        Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+        throws NamingException;
 }

Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java Fri Feb 10 02:48:07 2006
@@ -18,6 +18,7 @@
  */
 package org.apache.directory.server.core.authz.support;
 
+
 import java.util.Collection;
 import java.util.Iterator;
 
@@ -39,9 +40,12 @@
  */
 public class HighestPrecedenceFilter implements ACITupleFilter
 {
-    public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel, Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException
+    public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy,
+        Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
+        Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+        throws NamingException
     {
-        if( tuples.size() <= 1 )
+        if ( tuples.size() <= 1 )
         {
             return tuples;
         }
@@ -49,20 +53,20 @@
         int maxPrecedence = -1;
 
         // Find the maximum precedence for all tuples.
-        for( Iterator i = tuples.iterator(); i.hasNext(); )
+        for ( Iterator i = tuples.iterator(); i.hasNext(); )
         {
             ACITuple tuple = ( ACITuple ) i.next();
-            if( tuple.getPrecedence() > maxPrecedence )
+            if ( tuple.getPrecedence() > maxPrecedence )
             {
                 maxPrecedence = tuple.getPrecedence();
             }
         }
 
         // Remove all tuples whose precedences are not the maximum one.
-        for( Iterator i = tuples.iterator(); i.hasNext(); )
+        for ( Iterator i = tuples.iterator(); i.hasNext(); )
         {
             ACITuple tuple = ( ACITuple ) i.next();
-            if( tuple.getPrecedence() != maxPrecedence )
+            if ( tuple.getPrecedence() != maxPrecedence )
             {
                 i.remove();
             }

Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java Fri Feb 10 02:48:07 2006
@@ -18,6 +18,7 @@
  */
 package org.apache.directory.server.core.authz.support;
 
+
 import java.util.*;
 
 import javax.naming.Name;
@@ -46,6 +47,7 @@
     private final ExprNode childrenFilter;
     private final SearchControls childrenSearchControls;
 
+
     public MaxImmSubFilter()
     {
         childrenFilter = new PresenceNode( "objectClass" );
@@ -53,45 +55,49 @@
         childrenSearchControls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
     }
 
-    public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel, Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException
+
+    public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy,
+        Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
+        Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+        throws NamingException
     {
-        if( entryName.size() == 0 )
+        if ( entryName.size() == 0 )
         {
             return tuples;
         }
 
-        if( tuples.size() == 0 )
+        if ( tuples.size() == 0 )
         {
             return tuples;
         }
 
-        if( scope != OperationScope.ENTRY )
+        if ( scope != OperationScope.ENTRY )
         {
             return tuples;
         }
 
         int immSubCount = -1;
 
-        for( Iterator i = tuples.iterator(); i.hasNext(); )
+        for ( Iterator i = tuples.iterator(); i.hasNext(); )
         {
             ACITuple tuple = ( ACITuple ) i.next();
-            if( !tuple.isGrant() )
+            if ( !tuple.isGrant() )
             {
                 continue;
             }
 
-            for( Iterator j = tuple.getProtectedItems().iterator(); j.hasNext(); )
+            for ( Iterator j = tuple.getProtectedItems().iterator(); j.hasNext(); )
             {
                 ProtectedItem item = ( ProtectedItem ) j.next();
-                if( item instanceof ProtectedItem.MaxImmSub )
+                if ( item instanceof ProtectedItem.MaxImmSub )
                 {
-                    if( immSubCount < 0 )
+                    if ( immSubCount < 0 )
                     {
                         immSubCount = getImmSubCount( proxy, entryName );
                     }
 
                     ProtectedItem.MaxImmSub mis = ( ProtectedItem.MaxImmSub ) item;
-                    if( immSubCount >= mis.getValue() )
+                    if ( immSubCount >= mis.getValue() )
                     {
                         i.remove();
                         break;
@@ -103,7 +109,6 @@
         return tuples;
     }
 
-
     public static final Collection SEARCH_BYPASS;
     static
     {
@@ -126,20 +131,19 @@
         NamingEnumeration e = null;
         try
         {
-            e = proxy.search(
-                entryName.getPrefix( 1 ), new HashMap(),
-                childrenFilter, childrenSearchControls, SEARCH_BYPASS );
+            e = proxy.search( entryName.getPrefix( 1 ), new HashMap(), childrenFilter, childrenSearchControls,
+                SEARCH_BYPASS );
 
-            while( e.hasMore() )
+            while ( e.hasMore() )
             {
                 e.next();
-                cnt ++;
+                cnt++;
             }
 
         }
         finally
         {
-            if( e != null )
+            if ( e != null )
             {
                 e.close();
             }

Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java Fri Feb 10 02:48:07 2006
@@ -18,6 +18,7 @@
  */
 package org.apache.directory.server.core.authz.support;
 
+
 import java.util.Collection;
 import java.util.Iterator;
 
@@ -42,33 +43,36 @@
  */
 public class MaxValueCountFilter implements ACITupleFilter
 {
-    public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel, Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException
+    public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy,
+        Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
+        Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+        throws NamingException
     {
-        if( scope != OperationScope.ATTRIBUTE_TYPE_AND_VALUE )
+        if ( scope != OperationScope.ATTRIBUTE_TYPE_AND_VALUE )
         {
             return tuples;
         }
 
-        if( tuples.size() == 0 )
+        if ( tuples.size() == 0 )
         {
             return tuples;
         }
 
-        for( Iterator i = tuples.iterator(); i.hasNext(); )
+        for ( Iterator i = tuples.iterator(); i.hasNext(); )
         {
             ACITuple tuple = ( ACITuple ) i.next();
-            if( !tuple.isGrant() )
+            if ( !tuple.isGrant() )
             {
                 continue;
             }
 
-            for( Iterator j = tuple.getProtectedItems().iterator(); j.hasNext(); )
+            for ( Iterator j = tuple.getProtectedItems().iterator(); j.hasNext(); )
             {
                 ProtectedItem item = ( ProtectedItem ) j.next();
-                if( item instanceof ProtectedItem.MaxValueCount )
+                if ( item instanceof ProtectedItem.MaxValueCount )
                 {
                     ProtectedItem.MaxValueCount mvc = ( ProtectedItem.MaxValueCount ) item;
-                    if( isRemovable( mvc, attrId, entry ) )
+                    if ( isRemovable( mvc, attrId, entry ) )
                     {
                         i.remove();
                         break;
@@ -80,16 +84,17 @@
         return tuples;
     }
 
+
     private boolean isRemovable( ProtectedItem.MaxValueCount mvc, String attrId, Attributes entry )
     {
-        for( Iterator k = mvc.iterator(); k.hasNext(); )
+        for ( Iterator k = mvc.iterator(); k.hasNext(); )
         {
             MaxValueCountItem mvcItem = ( MaxValueCountItem ) k.next();
-            if( attrId.equalsIgnoreCase( mvcItem.getAttributeType() ) )
+            if ( attrId.equalsIgnoreCase( mvcItem.getAttributeType() ) )
             {
                 Attribute attr = entry.get( attrId );
-                int attrCount = attr == null? 0 : attr.size();
-                if( attrCount >= mvcItem.getMaxCount() )
+                int attrCount = attr == null ? 0 : attr.size();
+                if ( attrCount >= mvcItem.getMaxCount() )
                 {
                     return true;
                 }

Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java Fri Feb 10 02:48:07 2006
@@ -18,6 +18,7 @@
  */
 package org.apache.directory.server.core.authz.support;
 
+
 import java.util.Collection;
 import java.util.Iterator;
 
@@ -42,17 +43,16 @@
 public class MicroOperationFilter implements ACITupleFilter
 {
     public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy,
-                              Collection userGroupNames, Name userName, Attributes userEntry,
-                              AuthenticationLevel authenticationLevel, Name entryName, String attrId,
-                              Object attrValue, Attributes entry, Collection microOperations )
-            throws NamingException
+        Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
+        Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+        throws NamingException
     {
-        if( tuples.size() == 0 )
+        if ( tuples.size() == 0 )
         {
             return tuples;
         }
 
-        for( Iterator i = tuples.iterator(); i.hasNext(); )
+        for ( Iterator i = tuples.iterator(); i.hasNext(); )
         {
             ACITuple tuple = ( ACITuple ) i.next();
 
@@ -63,17 +63,17 @@
              */
 
             boolean retain = true;
-            for( Iterator j = microOperations.iterator(); j.hasNext(); )
+            for ( Iterator j = microOperations.iterator(); j.hasNext(); )
             {
                 MicroOperation microOp = ( MicroOperation ) j.next();
-                if( ! tuple.getMicroOperations().contains( microOp ) )
+                if ( !tuple.getMicroOperations().contains( microOp ) )
                 {
                     retain = false;
                     break;
                 }
             }
 
-            if( !retain )
+            if ( !retain )
             {
                 i.remove();
             }

Modified: directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java Fri Feb 10 02:48:07 2006
@@ -18,6 +18,7 @@
  */
 package org.apache.directory.server.core.authz.support;
 
+
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Iterator;
@@ -49,9 +50,12 @@
  */
 public class MostSpecificProtectedItemFilter implements ACITupleFilter
 {
-    public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel, Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException
+    public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy,
+        Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel,
+        Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations )
+        throws NamingException
     {
-        if( tuples.size() <= 1 )
+        if ( tuples.size() <= 1 )
         {
             return tuples;
         }
@@ -60,16 +64,14 @@
 
         // If the protected item is an attribute and there are tuples that
         // specify the attribute type explicitly, discard all other tuples.
-        for( Iterator i = tuples.iterator(); i.hasNext(); )
+        for ( Iterator i = tuples.iterator(); i.hasNext(); )
         {
             ACITuple tuple = ( ACITuple ) i.next();
-            for( Iterator j = tuple.getProtectedItems().iterator(); j.hasNext(); )
+            for ( Iterator j = tuple.getProtectedItems().iterator(); j.hasNext(); )
             {
                 ProtectedItem item = ( ProtectedItem ) j.next();
-                if( item instanceof ProtectedItem.AttributeType ||
-                    item instanceof ProtectedItem.AllAttributeValues ||
-                    item instanceof ProtectedItem.SelfValue ||
-                    item instanceof ProtectedItem.AttributeValue )
+                if ( item instanceof ProtectedItem.AttributeType || item instanceof ProtectedItem.AllAttributeValues
+                    || item instanceof ProtectedItem.SelfValue || item instanceof ProtectedItem.AttributeValue )
                 {
                     filteredTuples.add( tuple );
                     break;
@@ -77,7 +79,7 @@
             }
         }
 
-        if( filteredTuples.size() > 0 )
+        if ( filteredTuples.size() > 0 )
         {
             return filteredTuples;
         }
@@ -86,20 +88,20 @@
         // that specify the attribute value explicitly, discard all other tuples.
         // A protected item which is a rangeOfValues is to be treated as
         // specifying an attribute value explicitly. 
-        for( Iterator i = tuples.iterator(); i.hasNext(); )
+        for ( Iterator i = tuples.iterator(); i.hasNext(); )
         {
             ACITuple tuple = ( ACITuple ) i.next();
-            for( Iterator j = tuple.getProtectedItems().iterator(); j.hasNext(); )
+            for ( Iterator j = tuple.getProtectedItems().iterator(); j.hasNext(); )
             {
                 ProtectedItem item = ( ProtectedItem ) j.next();
-                if( item instanceof ProtectedItem.RangeOfValues )
+                if ( item instanceof ProtectedItem.RangeOfValues )
                 {
                     filteredTuples.add( tuple );
                 }
             }
         }
 
-        if( filteredTuples.size() > 0 )
+        if ( filteredTuples.size() > 0 )
         {
             return filteredTuples;
         }



Mime
View raw message