directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ersi...@apache.org
Subject svn commit: r416478 - /directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/
Date Thu, 22 Jun 2006 21:37:49 GMT
Author: ersiner
Date: Thu Jun 22 14:37:49 2006
New Revision: 416478

URL: http://svn.apache.org/viewvc?rev=416478&view=rev
Log:
Added more abstraction to the Trigger service.
Implemented ADD and DELETE triggers.
Added a dummy security check where only admin is allowed to fire triggers.

Added:
    directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/AddStoredProcedureParameterInjector.java
      - copied, changed from r415540, directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/AddDeleteStoredProcedureParameterInjector.java
    directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/SimpleTriggerExecutionAuthorizer.java
    directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/TriggerExecutionAuthorizer.java
Removed:
    directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/AddDeleteStoredProcedureParameterInjector.java
Modified:
    directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/DeleteStoredProcedureParameterInjector.java
    directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/TriggerService.java

Copied: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/AddStoredProcedureParameterInjector.java
(from r415540, directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/AddDeleteStoredProcedureParameterInjector.java)
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/AddStoredProcedureParameterInjector.java?p2=directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/AddStoredProcedureParameterInjector.java&p1=directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/AddDeleteStoredProcedureParameterInjector.java&r1=415540&r2=416478&rev=416478&view=diff
==============================================================================
--- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/AddDeleteStoredProcedureParameterInjector.java
(original)
+++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/AddStoredProcedureParameterInjector.java
Thu Jun 22 14:37:49 2006
@@ -26,39 +26,20 @@
 import org.apache.directory.server.core.invocation.Invocation;
 import org.apache.directory.shared.ldap.trigger.StoredProcedureParameter.AddStoredProcedureParameter;
 
-public class AddDeleteStoredProcedureParameterInjector extends AbstractStoredProcedureParameterInjector
+public class AddStoredProcedureParameterInjector extends AbstractStoredProcedureParameterInjector
 {
     private Name addedEntryName;
     private Attributes addedEntry;
     
     private Map injectors;
     
-    public AddDeleteStoredProcedureParameterInjector( Invocation invocation ) throws NamingException
+    public AddStoredProcedureParameterInjector( Invocation invocation, Name addedEntryName,
Attributes addedEntry ) throws NamingException
     {
-        super( invocation );        
+        super( invocation );
+        this.addedEntryName = addedEntryName;
         injectors = super.getInjectors();
         injectors.put( AddStoredProcedureParameter.ENTRY, $entryInjector );
         injectors.put( AddStoredProcedureParameter.ATTRIBUTES, $attributesInjector );
-    }
-    
-    public void setAddedEntryName( Name addedEntryName )
-    {
-        this.addedEntryName = addedEntryName;
-    }
-    
-    public Name getAddedEntryName()
-    {
-        return addedEntryName;
-    }
-    
-    public Attributes getAddedEntry()
-    {
-        return addedEntry;
-    }
-
-    public void setAddedEntry( Attributes addedEntry )
-    {
-        this.addedEntry = addedEntry;
     }
     
     MicroInjector $entryInjector = new MicroInjector()

Modified: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/DeleteStoredProcedureParameterInjector.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/DeleteStoredProcedureParameterInjector.java?rev=416478&r1=416477&r2=416478&view=diff
==============================================================================
--- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/DeleteStoredProcedureParameterInjector.java
(original)
+++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/DeleteStoredProcedureParameterInjector.java
Thu Jun 22 14:37:49 2006
@@ -48,7 +48,8 @@
     {
         public Object inject() throws NamingException
         {
-            return deletedEntryName; // LdapDN is still a Name
+            // Return a safe copy constructed with user providd name.
+            return new LdapDN( deletedEntryName.toUpName() );
         };
     };
     

Added: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/SimpleTriggerExecutionAuthorizer.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/SimpleTriggerExecutionAuthorizer.java?rev=416478&view=auto
==============================================================================
--- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/SimpleTriggerExecutionAuthorizer.java
(added)
+++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/SimpleTriggerExecutionAuthorizer.java
Thu Jun 22 14:37:49 2006
@@ -0,0 +1,40 @@
+package org.apache.directory.server.core.trigger;
+
+import java.security.Principal;
+
+import javax.naming.InvalidNameException;
+import javax.naming.NamingException;
+
+import org.apache.directory.server.core.invocation.Invocation;
+import org.apache.directory.server.core.invocation.InvocationStack;
+import org.apache.directory.server.core.jndi.ServerContext;
+import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy;
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+public class SimpleTriggerExecutionAuthorizer implements TriggerExecutionAuthorizer
+{
+    private static LdapDN adminName;
+    
+    static
+    {
+        try
+        {
+            adminName = new LdapDN( DirectoryPartitionNexusProxy.ADMIN_PRINCIPAL );
+        }
+        catch ( InvalidNameException e )
+        {
+            // TODO Auto-generated catch block
+            e.printStackTrace();
+        }
+    }
+    
+    public boolean hasPermission() throws NamingException
+    {
+        Invocation invocation = InvocationStack.getInstance().peek();
+        Principal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
+        LdapDN principalName = new LdapDN( principal.getName() );
+        
+        return principalName.equals( adminName );
+    }
+
+}

Added: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/TriggerExecutionAuthorizer.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/TriggerExecutionAuthorizer.java?rev=416478&view=auto
==============================================================================
--- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/TriggerExecutionAuthorizer.java
(added)
+++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/TriggerExecutionAuthorizer.java
Thu Jun 22 14:37:49 2006
@@ -0,0 +1,8 @@
+package org.apache.directory.server.core.trigger;
+
+import javax.naming.NamingException;
+
+public interface TriggerExecutionAuthorizer
+{
+    boolean hasPermission() throws NamingException;
+}

Modified: directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/TriggerService.java
URL: http://svn.apache.org/viewvc/directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/TriggerService.java?rev=416478&r1=416477&r2=416478&view=diff
==============================================================================
--- directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/TriggerService.java
(original)
+++ directory/trunks/apacheds/core/src/main/java/org/apache/directory/server/core/trigger/TriggerService.java
Thu Jun 22 14:37:49 2006
@@ -32,13 +32,11 @@
 import javax.naming.directory.Attributes;
 
 import org.apache.directory.server.core.DirectoryServiceConfiguration;
-import org.apache.directory.server.core.authn.LdapPrincipal;
 import org.apache.directory.server.core.configuration.InterceptorConfiguration;
 import org.apache.directory.server.core.interceptor.BaseInterceptor;
 import org.apache.directory.server.core.interceptor.NextInterceptor;
 import org.apache.directory.server.core.invocation.Invocation;
 import org.apache.directory.server.core.invocation.InvocationStack;
-import org.apache.directory.server.core.jndi.ServerContext;
 import org.apache.directory.server.core.jndi.ServerLdapContext;
 import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy;
 import org.apache.directory.server.core.schema.AttributeTypeRegistry;
@@ -52,7 +50,6 @@
 import org.apache.directory.shared.ldap.trigger.TriggerSpecification;
 import org.apache.directory.shared.ldap.trigger.TriggerSpecificationParser;
 import org.apache.directory.shared.ldap.util.DirectoryClassUtils;
-
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -76,8 +73,7 @@
      * trigger subentries that apply to an entry
      */
     private static final String TRIGGER_SUBENTRIES_ATTR = "triggerSubentries";
-
-
+    
     /** a triggerSpecCache that responds to add, delete, and modify attempts */
     private TriggerSpecCache triggerSpecCache;
     /** a normalizing Trigger Specification parser */
@@ -87,10 +83,14 @@
     /** whether or not this interceptor is activated */
     private boolean enabled = true;
 
+    /** a Trigger Execution Authorizer */
+    private TriggerExecutionAuthorizer triggerExecutionAuthorizer = new SimpleTriggerExecutionAuthorizer();
+
     /**
      * Adds prescriptiveTrigger TriggerSpecificaitons to a collection of
-     * TriggerSpeficaitions by accessing the tupleCache.  The trigger specification
-     * cache is accessed for each trigger subentry associated with the entry.
+     * TriggerSpeficaitions by accessing the triggerSpecCache.  The trigger
+     * specification cache is accessed for each trigger subentry associated
+     * with the entry.
      * Note that subentries are handled differently: their parent, the administrative
      * entry is accessed to determine the perscriptiveTriggers effecting the AP
      * and hence the subentry which is considered to be in the same context.
@@ -206,126 +206,171 @@
         triggerSpecMap.put( ActionTime.AFTER, afterTriggerSpecs );
         
         return triggerSpecMap;
-    }    
-
-    /**
-     * Initializes this interceptor based service by getting a handle on the nexus.
-     *
-     * @param dirServCfg the ContextFactory configuration for the server
-     * @param intCfg the interceptor configuration
-     * @throws NamingException if there are problems during initialization
-     */
+    }
+    
+    ////////////////////////////////////////////////////////////////////////////
+    // Interceptor Overrides
+    ////////////////////////////////////////////////////////////////////////////
+    
     public void init( DirectoryServiceConfiguration dirServCfg, InterceptorConfiguration
intCfg ) throws NamingException
     {
         super.init( dirServCfg, intCfg );
         triggerSpecCache = new TriggerSpecCache( dirServCfg );
         attrRegistry = dirServCfg.getGlobalRegistries().getAttributeTypeRegistry();
-        triggerParser = new TriggerSpecificationParser( new NormalizerMappingResolver()
-            {
-                public Map getNormalizerMapping() throws NamingException
+        triggerParser = new TriggerSpecificationParser
+            ( new NormalizerMappingResolver()
                 {
-                    return attrRegistry.getNormalizerMapping();
+                    public Map getNormalizerMapping() throws NamingException
+                    {
+                        return attrRegistry.getNormalizerMapping();
+                    }
                 }
-            });
-        this.enabled = true; // TODO: get this from the configuration if needed
+            );
+        this.enabled = true; // TODO: Get this from the configuration if needed.
     }
 
-
-    public void add( NextInterceptor next, LdapDN normName, Attributes entry ) throws NamingException
+    public void add( NextInterceptor next, LdapDN normName, Attributes addedEntry ) throws
NamingException
     {
-        // Access the principal requesting the operation
-        Invocation invocation = InvocationStack.getInstance().peek();
-        LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
-        LdapDN userName = new LdapDN( principal.getName() );
-        userName.normalize();
-
-        // Bypass trigger code if we are disabled
+        // Bypass trigger handling if the service is disabled.
         if ( !enabled )
         {
-            next.add( normName, entry );
+            next.add( normName, addedEntry );
             return;
         }
         
+        // Gather supplementary data.
+        Invocation invocation = InvocationStack.getInstance().peek();
+        DirectoryPartitionNexusProxy proxy = invocation.getProxy();
+        ServerLdapContext callerRootCtx = ( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller()
).getRootContext();
+        StoredProcedureParameterInjector injector = new AddStoredProcedureParameterInjector(
invocation, normName, addedEntry );
+
+        // Gather Trigger Specifications which apply to the entry being deleted.
+        List triggerSpecs = new ArrayList();
+        addPrescriptiveTriggerSpecs( triggerSpecs, proxy, normName, addedEntry );
         /**
-         * 
+         *  NOTE: We do not handle entryTriggers for ADD operation.
          */
-        next.add( normName, entry );
         
-        triggerSpecCache.subentryAdded( normName, entry );
+        // Gather a Map<ActionTime,TriggerSpecification> where TriggerSpecification.ldapOperation
= LdapOperation.ADD.
+        Map triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.ADD
);
+        
+        // Fire BEFORE Triggers.
+        List beforeTriggerSpecs = ( List ) triggerMap.get( ActionTime.BEFORE );
+        executeTriggers( beforeTriggerSpecs, injector, callerRootCtx );
+        
+        List insteadofTriggerSpecs = ( List ) triggerMap.get( ActionTime.INSTEADOF );
+        if ( insteadofTriggerSpecs.size() == 0 )
+        {
+            // Really add only when there is no INSTEADOF Trigger that applies to the entry.
+            next.add( normName, addedEntry );
+            triggerSpecCache.subentryAdded( normName, addedEntry );
+        }
+        else
+        {
+            // Fire INSTEADOF Triggers.
+            executeTriggers( insteadofTriggerSpecs, injector, callerRootCtx );
+        }
         
+        // Fire AFTER Triggers.
+        List afterTriggerSpecs = ( List ) triggerMap.get( ActionTime.AFTER );
+        executeTriggers( afterTriggerSpecs, injector, callerRootCtx );
     }
 
-    public void delete( NextInterceptor next, LdapDN name ) throws NamingException
+    public void delete( NextInterceptor next, LdapDN normName ) throws NamingException
     {
-        // Access the principal requesting the operation
-        Invocation invocation = InvocationStack.getInstance().peek();
-        DirectoryPartitionNexusProxy proxy = invocation.getProxy();
-        Attributes entry = proxy.lookup( name, DirectoryPartitionNexusProxy.LOOKUP_BYPASS
);
-        LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
-        LdapDN userName = new LdapDN( principal.getName() );
-        userName.normalize();
-        
-        ServerLdapContext ctx = ( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller()
).getRootContext();
-
-        // Bypass trigger code if we are disabled
+        // Bypass trigger handling if the service is disabled.
         if ( !enabled )
         {
-            next.delete( name );
+            next.delete( normName );
             return;
         }
+        
+        // Gather supplementary data.
+        Invocation invocation = InvocationStack.getInstance().peek();
+        DirectoryPartitionNexusProxy proxy = invocation.getProxy();
+        Attributes deletedEntry = proxy.lookup( normName, DirectoryPartitionNexusProxy.LOOKUP_BYPASS
);
+        ServerLdapContext callerRootCtx = ( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller()
).getRootContext();
+        StoredProcedureParameterInjector injector = new DeleteStoredProcedureParameterInjector(
invocation, normName );
 
+        // Gather Trigger Specifications which apply to the entry being deleted.
         List triggerSpecs = new ArrayList();
-        addPrescriptiveTriggerSpecs( triggerSpecs, proxy, name, entry );
-        addEntryTriggerSpecs( triggerSpecs, entry );
-        Map triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.DELETE
);
+        addPrescriptiveTriggerSpecs( triggerSpecs, proxy, normName, deletedEntry );
+        addEntryTriggerSpecs( triggerSpecs, deletedEntry );
         
-        DeleteStoredProcedureParameterInjector injector = new DeleteStoredProcedureParameterInjector(
invocation, name );
+        // Gather a Map<ActionTime,TriggerSpecification> where TriggerSpecification.ldapOperation
= LdapOperation.DELETE.
+        Map triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.DELETE
);
         
-        List beforeTriggerSpecs = (List) triggerMap.get( ActionTime.BEFORE );
-        log.debug( "There are " + beforeTriggerSpecs.size() + " \"BEFORE delete\" triggers
associated with this entry [" + name + "] being deleted:" );
-        log.debug( ">>> " + beforeTriggerSpecs );
-        
-        List insteadofTriggerSpecs = (List) triggerMap.get( ActionTime.INSTEADOF );
-        log.debug( "There are " + insteadofTriggerSpecs.size() + " \"INSTEADOF delete\" triggers
associated with this entry [" + name + "] being deleted:" );
-        log.debug( ">>> " + insteadofTriggerSpecs );
+        // Fire BEFORE Triggers.
+        List beforeTriggerSpecs = ( List ) triggerMap.get( ActionTime.BEFORE );
+        executeTriggers( beforeTriggerSpecs, injector, callerRootCtx );
         
+        List insteadofTriggerSpecs = ( List ) triggerMap.get( ActionTime.INSTEADOF );
         if ( insteadofTriggerSpecs.size() == 0 )
         {
-            next.delete( name );
-            // we call subentryDeleted when there is really no INSTEADOF triggers for this
method
-            triggerSpecCache.subentryDeleted( name, entry );
+            // Really delete only when there is no INSTEADOF Trigger that applies to the
entry.
+            next.delete( normName );
+            triggerSpecCache.subentryDeleted( normName, deletedEntry );
         }
         else
         {
-            log.debug("Delete operation has not been performed due to the INSTEADOF trigger(s).");
+            // Fire INSTEADOF Triggers.
+            executeTriggers( insteadofTriggerSpecs, injector, callerRootCtx );
         }
         
-        List afterTriggerSpecs = (List) triggerMap.get( ActionTime.AFTER );
-        log.debug( "There are " + afterTriggerSpecs.size() + " \"AFTER delete\" triggers
associated with this entry [" + name + "] being deleted:" );
-        log.debug( ">>> " + afterTriggerSpecs );
+        // Fire AFTER Triggers.
+        List afterTriggerSpecs = ( List ) triggerMap.get( ActionTime.AFTER );
+        executeTriggers( afterTriggerSpecs, injector, callerRootCtx );
+    }
+    
+    ////////////////////////////////////////////////////////////////////////////
+    // Utility Methods
+    ////////////////////////////////////////////////////////////////////////////
+    
+    private Object executeTriggers( List triggerSpecs, StoredProcedureParameterInjector injector,
ServerLdapContext callerRootCtx ) throws NamingException
+    {
+        Object result = null;
         
-        Iterator it = afterTriggerSpecs.iterator();
+        Iterator it = triggerSpecs.iterator();
         
         while( it.hasNext() )
         {
             TriggerSpecification tsec = ( TriggerSpecification ) it.next();
             
-            List arguments = new ArrayList();
-            arguments.add( ctx );
-            arguments.addAll( injector.getArgumentsToInject( tsec.getStoredProcedureParameters()
) );
-            
-            List typeList = new ArrayList();
-            typeList.add( ctx.getClass() );
-            typeList.addAll( getTypesFromValues( arguments ) );
-            
-            Class[] types = ( Class[] ) ( getTypesFromValues( arguments ).toArray( EMPTY_CLASS_ARRAY
) );
-            Object[] values = arguments.toArray();
-            
-            executeProcedure( ctx, tsec.getStoredProcedureName(), types, values );
+            // TODO: Replace the Authorization Code with a REAL one.
+            if ( triggerExecutionAuthorizer.hasPermission() )
+            {
+                /**
+                 * If there is only one Trigger to be executed, this assignment
+                 * will make sense (as in INSTEADOF search Triggers).
+                 */
+                result = executeTrigger( tsec, injector, callerRootCtx );
+            }
         }
+        
+        /**
+         * If only one Trigger has been executed, returning its result
+         * will make sense (as in INSTEADOF search Triggers).
+         */
+        return result;
+    }
+
+    private Object executeTrigger( TriggerSpecification tsec, StoredProcedureParameterInjector
injector, ServerLdapContext callerRootCtx ) throws NamingException
+    {
+        List arguments = new ArrayList();
+        arguments.add( callerRootCtx );
+        arguments.addAll( injector.getArgumentsToInject( tsec.getStoredProcedureParameters()
) );
+        
+        List typeList = new ArrayList();
+        typeList.add( callerRootCtx.getClass() );
+        typeList.addAll( getTypesFromValues( arguments ) );
+        
+        Class[] types = ( Class[] ) ( getTypesFromValues( arguments ).toArray( EMPTY_CLASS_ARRAY
) );
+        Object[] values = arguments.toArray();
+        
+        return executeProcedure( callerRootCtx, tsec.getStoredProcedureName(), types, values
);
     }
     
-    private static Class[] EMPTY_CLASS_ARRAY = new Class[0];
+    private static Class[] EMPTY_CLASS_ARRAY = new Class[ 0 ];
     
     private List getTypesFromValues( List objects )
     {



Mime
View raw message