Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 41684 invoked from network); 25 Apr 2006 17:30:20 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 25 Apr 2006 17:30:20 -0000 Received: (qmail 38666 invoked by uid 500); 25 Apr 2006 17:30:19 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 38623 invoked by uid 500); 25 Apr 2006 17:30:19 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 38612 invoked by uid 99); 25 Apr 2006 17:30:19 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Apr 2006 10:30:19 -0700 X-ASF-Spam-Status: No, hits=-9.4 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [209.237.227.194] (HELO minotaur.apache.org) (209.237.227.194) by apache.org (qpsmtpd/0.29) with SMTP; Tue, 25 Apr 2006 10:30:18 -0700 Received: (qmail 41435 invoked by uid 65534); 25 Apr 2006 17:29:49 -0000 Message-ID: <20060425172949.41434.qmail@minotaur.apache.org> Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r396931 - in /directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz: DefaultAuthorizationService.java OldAuthorizationService.java support/ACDFEngine.java support/MaxImmSubFilter.java Date: Tue, 25 Apr 2006 17:29:38 -0000 To: commits@directory.apache.org From: elecharny@apache.org X-Mailer: svnmailer-1.0.8 X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Author: elecharny Date: Tue Apr 25 10:29:36 2006 New Revision: 396931 URL: http://svn.apache.org/viewcvs?rev=396931&view=rev Log: Renammed OldAutz to DefaultAuthz, fixed bug DIRSERVER-606 Added: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java - copied, changed from r396891, directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/OldAuthorizationService.java Removed: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/OldAuthorizationService.java Modified: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java Copied: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java (from r396891, directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/OldAuthorizationService.java) URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java?p2=directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java&p1=directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/OldAuthorizationService.java&r1=396891&r2=396931&rev=396931&view=diff ============================================================================== --- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/OldAuthorizationService.java (original) +++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java Tue Apr 25 10:29:36 2006 @@ -56,7 +56,7 @@ * @author Apache Directory Project * @version $Rev$, $Date$ */ -public class OldAuthorizationService extends BaseInterceptor +public class DefaultAuthorizationService extends BaseInterceptor { /** * the administrator's distinguished {@link Name} @@ -83,7 +83,7 @@ /** * Creates a new instance. */ - public OldAuthorizationService() + public DefaultAuthorizationService() { } @@ -413,7 +413,7 @@ public boolean accept( Invocation invocation, SearchResult result, SearchControls controls ) throws NamingException { - return OldAuthorizationService.this.isSearchable( invocation, result ); + return DefaultAuthorizationService.this.isSearchable( invocation, result ); } } ); } @@ -433,27 +433,28 @@ public boolean accept( Invocation invocation, SearchResult result, SearchControls controls ) throws NamingException { - return OldAuthorizationService.this.isSearchable( invocation, result ); + return DefaultAuthorizationService.this.isSearchable( invocation, result ); } } ); } - private boolean isSearchable( Invocation invocataion, SearchResult result ) throws NamingException + private boolean isSearchable( Invocation invocation, SearchResult result ) throws NamingException { Name dn; + Name principalDn = ( ( ServerContext ) invocation.getCaller() ).getPrincipal().getJndiName(); synchronized ( dnParser ) { dn = dnParser.parse( result.getName() ); + principalDn = dnParser.parse( principalDn.toString() ); } - Name principalDn = ( ( ServerContext ) invocataion.getCaller() ).getPrincipal().getJndiName(); if ( !principalDn.equals( ADMIN_DN ) ) { if ( dn.size() > 2 ) { - if ( dn.startsWith( USER_BASE_DN ) || dn.startsWith( GROUP_BASE_DN ) ) + if ( ( dn.startsWith( USER_BASE_DN ) && ( !dn.equals( principalDn ) )) || dn.startsWith( GROUP_BASE_DN ) ) { return false; } Modified: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java?rev=396931&r1=396930&r2=396931&view=diff ============================================================================== --- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java (original) +++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java Tue Apr 25 10:29:36 2006 @@ -126,7 +126,7 @@ c.add( "normalizationService" ); c.add( "authenticationService" ); c.add( "authorizationService" ); - c.add( "oldAuthorizationService" ); + c.add( "defaultAuthorizationService" ); c.add( "schemaService" ); c.add( "subentryService" ); c.add( "operationalAttributeService" ); Modified: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java URL: http://svn.apache.org/viewcvs/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java?rev=396931&r1=396930&r2=396931&view=diff ============================================================================== --- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java (original) +++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java Tue Apr 25 10:29:36 2006 @@ -116,7 +116,7 @@ c.add( "normalizationService" ); c.add( "authenticationService" ); c.add( "authorizationService" ); - c.add( "oldAuthorizationService" ); + c.add( "defaultAuthorizationService" ); c.add( "schemaService" ); c.add( "subentryService" ); c.add( "operationalAttributeService" );