Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 44416 invoked from network); 8 Jan 2007 05:41:17 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 8 Jan 2007 05:41:17 -0000 Received: (qmail 83533 invoked by uid 500); 8 Jan 2007 05:41:24 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 83442 invoked by uid 500); 8 Jan 2007 05:41:24 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 83431 invoked by uid 99); 8 Jan 2007 05:41:23 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 07 Jan 2007 21:41:23 -0800 X-ASF-Spam-Status: No, hits=-9.4 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 07 Jan 2007 21:41:13 -0800 Received: by eris.apache.org (Postfix, from userid 65534) id DE6E81A981A; Sun, 7 Jan 2007 21:40:14 -0800 (PST) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r493959 [1/2] - in /directory/sandbox/triplesec-jacc2: admin-api/src/main/java/org/safehaus/triplesec/admin/ admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/ admin-api/src/test/java/org/safehaus/triplesec/admin/ guardian-api/s... Date: Mon, 08 Jan 2007 05:40:13 -0000 To: commits@directory.apache.org From: djencks@apache.org X-Mailer: svnmailer-1.1.0 Message-Id: <20070108054014.DE6E81A981A@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: djencks Date: Sun Jan 7 21:40:11 2007 New Revision: 493959 URL: http://svn.apache.org/viewvc?view=rev&rev=493959 Log: Allow application hierarchies, e.g. appName=mockContext,appName=mockApp,ou=applications... Modified: directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/Application.java directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/ApplicationModifier.java directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/DataAccessException.java directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/Permission.java directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/PermissionModifier.java directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/TriplesecAdmin.java directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapApplicationDao.java directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapPermissionDao.java directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapProfileDao.java directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapRoleDao.java directory/sandbox/triplesec-jacc2/admin-api/src/test/java/org/safehaus/triplesec/admin/IntegrationTest.java directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/ApplicationPolicy.java directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/EntryApplicationPolicy.java directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Profile.java directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Role.java directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Roles.java directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/StringPermission.java directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/ApplicationPolicyFactoryTest.java directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/ProfileTest.java directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/RoleTest.java directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/RolesTest.java directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockApplicationPolicy.java directory/sandbox/triplesec-jacc2/guardian-ldap/src/main/java/org/safehaus/triplesec/guardian/ldap/LdapApplicationPolicy.java directory/sandbox/triplesec-jacc2/guardian-ldap/src/main/java/org/safehaus/triplesec/guardian/ldap/LdapConnectionDriver.java directory/sandbox/triplesec-jacc2/guardian-ldap/src/test/java/org/safehaus/triplesec/guardian/ldap/GuardianClient.java directory/sandbox/triplesec-jacc2/guardian-ldap/src/test/java/org/safehaus/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java directory/sandbox/triplesec-jacc2/guardian-ldif/src/main/java/org/safehaus/triplesec/guardian/ldif/LdifApplicationPolicy.java directory/sandbox/triplesec-jacc2/guardian-ldif/src/main/java/org/safehaus/triplesec/guardian/ldif/LdifConnectionDriver.java directory/sandbox/triplesec-jacc2/guardian-ldif/src/test/java/org/safehaus/triplesec/guardian/ldif/LdifApplicationPolicyTest.java directory/sandbox/triplesec-jacc2/itest-data/src/main/resources/server.ldif directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/SafehausLoginModule.java directory/sandbox/triplesec-jacc2/store/src/main/java/org/safehaus/triplesec/store/interceptor/ApplicationAciManager.java directory/sandbox/triplesec-jacc2/store/src/main/java/org/safehaus/triplesec/store/interceptor/PolicyProtectionInterceptor.java directory/sandbox/triplesec-jacc2/store/src/test/java/org/safehaus/triplesec/store/interceptor/PolicyProtectionInterceptorITest.java directory/sandbox/triplesec-jacc2/swing-admin/src/main/java/org/safehaus/triplesec/admin/swing/ApplicationPanel.java directory/sandbox/triplesec-jacc2/swing-admin/src/main/java/org/safehaus/triplesec/admin/swing/NewApplicationPanel.java directory/sandbox/triplesec-jacc2/swing-admin/src/main/java/org/safehaus/triplesec/admin/swing/NewPermissionPanel.java directory/sandbox/triplesec-jacc2/swing-admin/src/main/java/org/safehaus/triplesec/admin/swing/NewProfilePanel.java directory/sandbox/triplesec-jacc2/swing-admin/src/main/java/org/safehaus/triplesec/admin/swing/NewRolePanel.java directory/sandbox/triplesec-jacc2/swing-admin/src/main/java/org/safehaus/triplesec/admin/swing/PermissionPanel.java Modified: directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/Application.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/Application.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/Application.java (original) +++ directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/Application.java Sun Jan 7 21:40:11 2007 @@ -34,7 +34,7 @@ private final RoleDao roleDao; private final ProfileDao profileDao; private final PermissionDao permissionDao; - private final String name; + private final String appRdn; private final String description; private final String password; private final ApplicationDao dao; @@ -53,7 +53,7 @@ RoleDao roleDao, ProfileDao profileDao ) { super( creatorsName, creationTimestamp, modifiersName, modifyTimestamp ); - this.name = name; + this.appRdn = name; this.dao = dao; this.description = description; this.permissionDao = permissionDao; @@ -91,9 +91,9 @@ // ----------------------------------------------------------------------- - public String getName() + public String getAppRdn() { - return name; + return appRdn; } @@ -116,19 +116,19 @@ public Permission getPermission( String permName ) throws DataAccessException { - return permissionDao.load( name, permName ); + return permissionDao.load( appRdn, permName ); } public Role getRole( String roleName ) throws DataAccessException { - return roleDao.load( name, roleName ); + return roleDao.load( appRdn, roleName ); } public Profile getProfile( String profileId ) throws DataAccessException { - return profileDao.load( name, profileId ); + return profileDao.load( appRdn, profileId ); } @@ -139,25 +139,25 @@ public Iterator permissionIterator() throws DataAccessException { - return new ReadOnlyIterator( permissionDao.permissionIterator( name ) ); + return new ReadOnlyIterator( permissionDao.permissionIterator( appRdn ) ); } public Iterator roleIterator() throws DataAccessException { - return new ReadOnlyIterator( roleDao.roleIterator( name ) ); + return new ReadOnlyIterator( roleDao.roleIterator( appRdn ) ); } public Iterator profileIterator() throws DataAccessException { - return new ReadOnlyIterator( profileDao.profileIterator( name ) ); + return new ReadOnlyIterator( profileDao.profileIterator( appRdn ) ); } public Iterator profileIterator( String user) throws DataAccessException { - return new ReadOnlyIterator( profileDao.profileIterator( name, user ) ); + return new ReadOnlyIterator( profileDao.profileIterator( appRdn, user ) ); } @@ -174,6 +174,6 @@ public String toString() { - return name; + return appRdn; } } Modified: directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/ApplicationModifier.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/ApplicationModifier.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/ApplicationModifier.java (original) +++ directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/ApplicationModifier.java Sun Jan 7 21:40:11 2007 @@ -34,7 +34,7 @@ public class ApplicationModifier implements Constants { - private final String name; + private final String appRdn; private final SingleValuedField description; private final SingleValuedField password; private final PermissionDao permissionDao; @@ -51,10 +51,10 @@ // ----------------------------------------------------------------------- - ApplicationModifier( ApplicationDao dao, String name, PermissionDao permissionDao, + ApplicationModifier( ApplicationDao dao, String appRdn, PermissionDao permissionDao, RoleDao roleDao, ProfileDao profileDao ) { - this.name = name; + this.appRdn = appRdn; this.dao = dao; this.archetype = null; this.permissionDao = permissionDao; @@ -67,7 +67,7 @@ ApplicationModifier( ApplicationDao dao, Application archetype ) { - this.name = archetype.getName(); + this.appRdn = archetype.getAppRdn(); this.dao = dao; this.archetype = archetype; this.permissionDao = archetype.getPermissionDao(); @@ -111,7 +111,7 @@ { throw new IllegalStateException( "This modifier has persisted changes and is no longer valid." ); } - return new PermissionModifier( permissionDao, name, permName ); + return new PermissionModifier( permissionDao, appRdn, permName ); } @@ -121,7 +121,7 @@ { throw new IllegalStateException( "This modifier has persisted changes and is no longer valid." ); } - return new RoleModifier( roleDao, name, roleName ); + return new RoleModifier( roleDao, appRdn, roleName ); } @@ -131,7 +131,7 @@ { throw new IllegalStateException( "This modifier has persisted changes and is no longer valid." ); } - return new ProfileModifier( profileDao, name, profileId, user ); + return new ProfileModifier( profileDao, appRdn, profileId, user ); } @@ -142,19 +142,19 @@ public Iterator permissionIterator() throws DataAccessException { - return permissionDao.permissionIterator( name ); + return permissionDao.permissionIterator( appRdn ); } public Iterator roleIterator() throws DataAccessException { - return roleDao.roleIterator( name ); + return roleDao.roleIterator( appRdn ); } public Iterator profileIterator() throws DataAccessException { - return profileDao.profileIterator( name ); + return profileDao.profileIterator( appRdn ); } @@ -225,7 +225,7 @@ throw new IllegalStateException( "This modifier cannot be used to modify an Application" ); } - Application app = dao.modify( archetype.getName(), getModificationItems() ); + Application app = dao.modify( archetype.getAppRdn(), getModificationItems() ); persisted = true; return app; } @@ -260,7 +260,7 @@ throw new IllegalStateException( "This modifier cannot create/add a new Application" ); } - Application app = dao.add( name, description.getCurrentValue(), password.getCurrentValue() ); + Application app = dao.add( appRdn, description.getCurrentValue(), password.getCurrentValue() ); persisted = true; return app; } @@ -281,7 +281,7 @@ if ( isUpdateNeeded() ) { - throw new ModificationLossException( name + " has been modified. " + + throw new ModificationLossException( appRdn + " has been modified. " + "A rename operation will result in the loss of these modifications." ); } Modified: directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/DataAccessException.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/DataAccessException.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/DataAccessException.java (original) +++ directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/DataAccessException.java Sun Jan 7 21:40:11 2007 @@ -35,4 +35,13 @@ { super( msg ); } + + public DataAccessException(String message, Throwable cause) { + super(message, cause); + } + + public DataAccessException(Throwable cause) { + super(cause); + } + } Modified: directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/Permission.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/Permission.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/Permission.java (original) +++ directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/Permission.java Sun Jan 7 21:40:11 2007 @@ -29,7 +29,7 @@ { private final String description; private final String name; - private final String applicationName; + private final String applicationRdn; private final PermissionDao dao; @@ -44,7 +44,7 @@ { super( creatorsName, createTimestamp, modifiersName, modifyTimestamp ); this.dao = dao; - this.applicationName = applicationName; + this.applicationRdn = applicationName; this.name = name; this.description = description; } @@ -62,9 +62,9 @@ } - public String getApplicationName() + public String getApplicationRdn() { - return applicationName; + return applicationRdn; } Modified: directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/PermissionModifier.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/PermissionModifier.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/PermissionModifier.java (original) +++ directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/PermissionModifier.java Sun Jan 7 21:40:11 2007 @@ -52,7 +52,7 @@ this.description = new SingleValuedField( DESCRIPTION_ID, archetype.getDescription() ); this.archetype = archetype; name = archetype.getName(); - applicationName = archetype.getApplicationName(); + applicationName = archetype.getApplicationRdn(); } Modified: directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/TriplesecAdmin.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/TriplesecAdmin.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/TriplesecAdmin.java (original) +++ directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/TriplesecAdmin.java Sun Jan 7 21:40:11 2007 @@ -112,9 +112,9 @@ // ----------------------------------------------------------------------- - public ApplicationModifier newApplication( String name ) + public ApplicationModifier newApplication( String appRdn ) { - return new ApplicationModifier( applicationDao, name, + return new ApplicationModifier( applicationDao, appRdn, permissionDao, roleDao, profileDao ); } Modified: directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapApplicationDao.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapApplicationDao.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapApplicationDao.java (original) +++ directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapApplicationDao.java Sun Jan 7 21:40:11 2007 @@ -21,6 +21,7 @@ import org.apache.directory.shared.ldap.name.LdapDN; +import org.apache.directory.shared.ldap.name.Rdn; import org.safehaus.triplesec.admin.Application; import org.safehaus.triplesec.admin.Constants; import org.safehaus.triplesec.admin.ConstraintViolationException; @@ -39,6 +40,7 @@ import javax.naming.NameAlreadyBoundException; import javax.naming.NameNotFoundException; import javax.naming.NamingException; +import javax.naming.InvalidNameException; import javax.naming.directory.Attributes; import javax.naming.directory.BasicAttributes; import javax.naming.directory.DirContext; @@ -102,8 +104,9 @@ } - public Application add( String appName, String description, String userPassword ) throws DataAccessException + public Application add( String appRdn, String description, String userPassword ) throws DataAccessException { + String appName = getAppName(appRdn); BasicAttributes attrs = new BasicAttributes( "objectClass", "policyApplication", true ); attrs.put( APP_NAME_ID, appName ); if ( description != null ) @@ -115,10 +118,9 @@ attrs.put( "userPassword", userPassword ); } - String rdn = getRelativeDn( appName ); try { - DirContext appCtx = ctx.createSubcontext( rdn, attrs ); + DirContext appCtx = ctx.createSubcontext( appRdn, attrs ); attrs = new BasicAttributes( "objectClass", "organizationalUnit", true ); attrs.put( "ou", "Permissions" ); appCtx.createSubcontext( "ou=Permissions", attrs ); @@ -129,12 +131,12 @@ attrs.put( "ou", "Profiles" ); appCtx.createSubcontext( "ou=Profiles", attrs ); return new Application( principalName, new Date( System.currentTimeMillis() ), - this, appName, description, userPassword, + this, appRdn, description, userPassword, permissionDao, roleDao, profileDao ); } catch ( NameAlreadyBoundException e ) { - log.error( "Cannot create application " + rdn, e ); + log.error( "Cannot create application " + appRdn, e ); EntryAlreadyExistsException eaee = new EntryAlreadyExistsException(); eaee.initCause( e ); throw eaee; @@ -146,11 +148,21 @@ } } + private String getAppName(String appRdn) throws DataAccessException { + LdapDN name = null; + try { + name = new LdapDN(appRdn); + } catch (InvalidNameException e) { + throw new DataAccessException("Could not parse dn: " + appRdn, e); + } + Rdn rdn = name.getRdn(name.size() - 1 ); + return (String) rdn.getValue(); + } - public Application modify( String appName, ModificationItem[] mods ) throws DataAccessException + + public Application modify( String rdn, ModificationItem[] mods ) throws DataAccessException { - String rdn = getRelativeDn( appName ); - + try { ctx.modifyAttributes( rdn, mods ); @@ -174,12 +186,12 @@ log.error( msg, e ); throw new NoSuchEntryException( msg ); } - - return load( appName ); + + return load( rdn ); } - public Application load( String appName ) throws DataAccessException + public Application load( String rdn ) throws DataAccessException { String description = null; String userPassword = null; @@ -187,7 +199,6 @@ Date createTimestamp = null; String modifiersName = null; Date modifyTimestamp = null; - String rdn = getRelativeDn( appName ); Attributes attrs = null; try @@ -214,13 +225,12 @@ } return new Application( creatorsName, createTimestamp, modifiersName, modifyTimestamp, - this, appName, description, userPassword, permissionDao, roleDao, profileDao ); + this, rdn, description, userPassword, permissionDao, roleDao, profileDao ); } - public boolean has( String appName ) throws DataAccessException + public boolean has( String rdn ) throws DataAccessException { - String rdn = getRelativeDn( appName ); Attributes attrs = null; try @@ -263,7 +273,7 @@ public void delete( Application application ) throws DataAccessException { - String rdn = getRelativeDn( application.getName() ); + String rdn = application.getAppRdn(); try { @@ -276,7 +286,7 @@ catch ( ContextNotEmptyException e ) { String msg = "Could not delete " + rdn + " under " + baseUrl; - msg += ". Other entities exist below " + application.getName(); + msg += ". Other entities exist below " + application.getAppRdn(); msg += ". Delete all permissions, roles and profiles before deleting the app."; log.error( msg, e ); throw new ConstraintViolationException( msg ); @@ -284,7 +294,7 @@ catch ( SchemaViolationException e ) { String msg = "Could not delete " + rdn + " under " + baseUrl; - msg += ". Other entities depend on " + application.getName(); + msg += ". Other entities depend on " + application.getAppRdn(); log.error( msg, e ); throw new ConstraintViolationException( msg ); } @@ -303,11 +313,10 @@ } - public Application rename( Application app, String newName ) throws DataAccessException + public Application rename( Application app, String newRdn ) throws DataAccessException { - String oldRdn = getRelativeDn( app.getName() ); - String newRdn = getRelativeDn( newName ); - + String oldRdn = app.getAppRdn(); + try { ctx.rename( oldRdn, newRdn ); @@ -338,19 +347,9 @@ } return new Application( app.getCreatorsName(), app.getCreateTimestamp(), app.getModifiersName(), - app.getModifyTimestamp(), this, newName, app.getDescription(), app.getPassword(), + app.getModifyTimestamp(), this, newRdn, app.getDescription(), app.getPassword(), permissionDao, roleDao, profileDao ); } - - - private String getRelativeDn( String appName ) - { - StringBuffer buf = new StringBuffer(); - buf.append( "appName=" ).append( appName ); - buf.append( ",ou=Applications" ); - return buf.toString(); - } - public Object getEntryObject( Object extra, Attributes attrs ) { Modified: directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapPermissionDao.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapPermissionDao.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapPermissionDao.java (original) +++ directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapPermissionDao.java Sun Jan 7 21:40:11 2007 @@ -97,7 +97,7 @@ // ----------------------------------------------------------------------- - public Permission add( String appName, String permName, String description ) + public Permission add( String appRdn, String permName, String description ) throws DataAccessException { BasicAttributes attrs = new BasicAttributes( OBJECT_CLASS_ID, POLICY_PERMISSION_OC, true ); @@ -106,17 +106,17 @@ { attrs.put( DESCRIPTION_ID, description ); } - - String rdn = getRelativeDn( appName, permName ); + + String permRdn = getPermRdn(appRdn, permName); try { - ctx.createSubcontext( rdn, attrs ); + ctx.createSubcontext( permRdn, attrs ); return new Permission( principalName, new Date( System.currentTimeMillis() ), - this, appName, permName, description ); + this, appRdn, permName, description ); } catch ( NameAlreadyBoundException e ) { - log.error( "Cannot create permission " + rdn, e ); + log.error( "Cannot create permission " + appRdn, e ); EntryAlreadyExistsException eaee = new EntryAlreadyExistsException(); eaee.initCause( e ); throw eaee; @@ -132,7 +132,7 @@ public void delete( String appName, String permName ) throws DataAccessException { - String rdn = getRelativeDn( appName, permName ); + String rdn = getPermRdn( appName, permName ); try { @@ -157,7 +157,7 @@ public Permission modify( String creatorsName, Date createTimestamp, String appName, String permName, String description, ModificationItem[] mods ) throws DataAccessException { - String rdn = getRelativeDn( appName, permName ); + String rdn = getPermRdn( appName, permName ); try { @@ -191,8 +191,8 @@ public Permission rename( String newPermName, Permission perm ) throws DataAccessException { - String oldRdn = getRelativeDn( perm.getApplicationName(), perm.getName() ); - String newRdn = getRelativeDn( perm.getApplicationName(), newPermName ); + String oldRdn = getPermRdn( perm.getApplicationRdn(), perm.getName() ); + String newRdn = getPermRdn( perm.getApplicationRdn(), newPermName ); try { @@ -225,7 +225,7 @@ return new Permission( perm.getCreatorsName(), perm.getCreateTimestamp(), principalName, new Date( System.currentTimeMillis() ), - this, perm.getApplicationName(), newPermName, perm.getDescription() ); + this, perm.getApplicationRdn(), newPermName, perm.getDescription() ); } @@ -237,7 +237,7 @@ Date createTimestamp = null; String modifiersName = null; Date modifyTimestamp = null; - String rdn = getRelativeDn( appName, permName ); + String rdn = getPermRdn( appName, permName ); Attributes attrs = null; try @@ -270,7 +270,7 @@ public boolean has( String appName, String permName ) throws DataAccessException { - String rdn = getRelativeDn( appName, permName ); + String rdn = getPermRdn( appName, permName ); try { @@ -288,15 +288,15 @@ } - public Iterator permissionNameIterator( String appName ) throws DataAccessException + public Iterator permissionNameIterator( String appRdn ) throws DataAccessException { - String base = getRelativeDn( appName ); + String base = getPermsRdn( appRdn ); SearchControls controls = new SearchControls(); controls.setSearchScope( SearchControls.ONELEVEL_SCOPE ); try { return new JndiIterator( this, PERM_NAME_ID, ctx.search( base, - "(& (permName=*) (objectClass=policyPermission) )", controls ), appName ); + "(& (permName=*) (objectClass=policyPermission) )", controls ), appRdn ); } catch ( NamingException e ) { @@ -307,16 +307,16 @@ } - public Iterator permissionIterator( String appName ) throws DataAccessException + public Iterator permissionIterator( String appRdn ) throws DataAccessException { - String base = getRelativeDn( appName ); + String base = getPermsRdn( appRdn ); SearchControls controls = new SearchControls(); controls.setReturningAttributes( ATTRIBUTES ); controls.setSearchScope( SearchControls.ONELEVEL_SCOPE ); try { return new JndiIterator( this, ctx.search( base, - "(& (permName=*) (objectClass=policyPermission) )", controls ), appName ); + "(& (permName=*) (objectClass=policyPermission) )", controls ), appRdn ); } catch ( NamingException e ) { @@ -332,21 +332,19 @@ // ----------------------------------------------------------------------- - private String getRelativeDn( String appName, String permName ) + private String getPermRdn( String appRdn, String permName ) { StringBuffer buf = new StringBuffer(); buf.append( "permName=" ).append( permName ); - buf.append( ",ou=Permissions,appName=" ).append( appName ); - buf.append( ",ou=Applications" ); + buf.append( ",ou=Permissions,").append( appRdn ); return buf.toString(); } - private String getRelativeDn( String appName ) + private String getPermsRdn( String appRdn ) { StringBuffer buf = new StringBuffer(); - buf.append( "ou=Permissions,appName=" ).append( appName ); - buf.append( ",ou=Applications" ); + buf.append( "ou=Permissions," ).append( appRdn ); return buf.toString(); } Modified: directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapProfileDao.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapProfileDao.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapProfileDao.java (original) +++ directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapProfileDao.java Sun Jan 7 21:40:11 2007 @@ -99,7 +99,7 @@ public Iterator profileIterator( String applicationName, String user ) throws DataAccessException { - String base = getRelativeDn( applicationName ); + String base = getProfilesRdn( applicationName ); SearchControls controls = new SearchControls(); controls.setReturningAttributes( ATTRIBUTES ); controls.setSearchScope( SearchControls.ONELEVEL_SCOPE ); @@ -119,7 +119,7 @@ public Iterator profileIterator( String appName ) throws DataAccessException { - String base = getRelativeDn( appName ); + String base = getProfilesRdn( appName ); SearchControls controls = new SearchControls(); controls.setReturningAttributes( ATTRIBUTES ); controls.setSearchScope( SearchControls.ONELEVEL_SCOPE ); @@ -144,7 +144,7 @@ Set roles; Set grants; Set denials; - String rdn = getRelativeDn( appName, profileId ); + String rdn = getProfileRdn( appName, profileId ); Attributes attrs = null; String creatorsName; @@ -200,7 +200,7 @@ addMultiValued( GRANTS_ID, attrs, grants ); addMultiValued( DENIALS_ID, attrs, denials ); - String rdn = getRelativeDn( appName, profileId ); + String rdn = getProfileRdn( appName, profileId ); try { ctx.createSubcontext( rdn, attrs ); @@ -224,8 +224,8 @@ public Profile rename( String newProfileId, Profile profile ) throws DataAccessException { - String oldRdn = getRelativeDn( profile.getApplicationName(), profile.getId() ); - String newRdn = getRelativeDn( profile.getApplicationName(), newProfileId ); + String oldRdn = getProfileRdn( profile.getApplicationName(), profile.getId() ); + String newRdn = getProfileRdn( profile.getApplicationName(), newProfileId ); try { @@ -267,7 +267,7 @@ String user, String description, Set grants, Set denials, Set roles, boolean disabled, ModificationItem[] mods ) throws DataAccessException { - String rdn = getRelativeDn( appName, profileId ); + String rdn = getProfileRdn( appName, profileId ); try { @@ -300,7 +300,7 @@ public void delete( String appName, String profileId ) throws DataAccessException { - String rdn = getRelativeDn( appName, profileId ); + String rdn = getProfileRdn( appName, profileId ); try { @@ -327,21 +327,19 @@ // ----------------------------------------------------------------------- - private String getRelativeDn( String appName, String profileId ) + private String getProfileRdn( String appName, String profileId ) { StringBuffer buf = new StringBuffer(); buf.append( "profileId=" ).append( profileId ); - buf.append( ",ou=Profiles,appName=" ).append( appName ); - buf.append( ",ou=Applications" ); + buf.append( ",ou=Profiles," ).append( appName ); return buf.toString(); } - private String getRelativeDn( String appName ) + private String getProfilesRdn( String appName ) { StringBuffer buf = new StringBuffer(); - buf.append( "ou=Profiles,appName=" ).append( appName ); - buf.append( ",ou=Applications" ); + buf.append( "ou=Profiles," ).append( appName ); return buf.toString(); } Modified: directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapRoleDao.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapRoleDao.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapRoleDao.java (original) +++ directory/sandbox/triplesec-jacc2/admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapRoleDao.java Sun Jan 7 21:40:11 2007 @@ -100,7 +100,7 @@ public Iterator roleIterator( String appName ) throws DataAccessException { - String base = getRelativeDn( appName ); + String base = getRolesRdn( appName ); SearchControls controls = new SearchControls(); controls.setReturningAttributes( ATTRIBUTES ); controls.setSearchScope( SearchControls.ONELEVEL_SCOPE ); @@ -122,7 +122,7 @@ { String description = null; Set grants = Collections.EMPTY_SET; - String rdn = getRelativeDn( appName, roleName ); + String rdn = getRoleRdn( appName, roleName ); Attributes attrs = null; String creatorsName = null; @@ -166,7 +166,7 @@ } - public Role add( String appName, String roleName, String description, Set grants ) + public Role add( String appRdn, String roleName, String description, Set grants ) throws DataAccessException { BasicAttributes attrs = new BasicAttributes( OBJECT_CLASS_ID, POLICY_ROLE_OC, true ); @@ -178,19 +178,18 @@ if ( ! grants.isEmpty() ) { BasicAttribute attr = new BasicAttribute( GRANTS_ID ); - for ( Iterator ii = grants.iterator(); ii.hasNext(); /**/ ) - { - attr.add( ii.next() ); + for (Object grant : grants) { + attr.add(grant); } attrs.put( attr ); } - String rdn = getRelativeDn( appName, roleName ); + String rdn = getRoleRdn( appRdn, roleName ); try { ctx.createSubcontext( rdn, attrs ); return new Role( principalName, new Date( System.currentTimeMillis() ), this, - appName, roleName, description, grants ); + appRdn, roleName, description, grants ); } catch ( NameAlreadyBoundException e ) { @@ -209,8 +208,8 @@ public Role rename( String newRoleName, Role role ) throws DataAccessException { - String oldRdn = getRelativeDn( role.getApplicationName(), role.getName() ); - String newRdn = getRelativeDn( role.getApplicationName(), newRoleName ); + String oldRdn = getRoleRdn( role.getApplicationName(), role.getName() ); + String newRdn = getRoleRdn( role.getApplicationName(), newRoleName ); try { @@ -251,7 +250,7 @@ String description, Set grants, ModificationItem[] mods ) throws DataAccessException { - String rdn = getRelativeDn( appName, roleName ); + String rdn = getRoleRdn( appName, roleName ); try { @@ -284,7 +283,7 @@ public void delete( String appName, String roleName ) throws DataAccessException { - String rdn = getRelativeDn( appName, roleName ); + String rdn = getRoleRdn( appName, roleName ); try { @@ -311,21 +310,19 @@ // ----------------------------------------------------------------------- - private String getRelativeDn( String appName, String roleName ) + private String getRoleRdn( String appName, String roleName ) { StringBuffer buf = new StringBuffer(); buf.append( "roleName=" ).append( roleName ); - buf.append( ",ou=Roles,appName=" ).append( appName ); - buf.append( ",ou=Applications" ); + buf.append( ",ou=Roles," ).append( appName ); return buf.toString(); } - private String getRelativeDn( String appName ) + private String getRolesRdn( String appName ) { StringBuffer buf = new StringBuffer(); - buf.append( "ou=Roles,appName=" ).append( appName ); - buf.append( ",ou=Applications" ); + buf.append( "ou=Roles," ).append( appName ); return buf.toString(); } Modified: directory/sandbox/triplesec-jacc2/admin-api/src/test/java/org/safehaus/triplesec/admin/IntegrationTest.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/admin-api/src/test/java/org/safehaus/triplesec/admin/IntegrationTest.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/admin-api/src/test/java/org/safehaus/triplesec/admin/IntegrationTest.java (original) +++ directory/sandbox/triplesec-jacc2/admin-api/src/test/java/org/safehaus/triplesec/admin/IntegrationTest.java Sun Jan 7 21:40:11 2007 @@ -48,6 +48,10 @@ */ public class IntegrationTest extends TriplesecIntegration { + private static final String APP_RDN = "appName=mockContext,appName=mockApplication,ou=applications"; + private static final String TEST_APP_RDN = "appName=test,appName=mockApplication,ou=applications"; + private static final String NEW_APP_RDN = "appName=newName,appName=mockApplication,ou=applications"; + private Properties props; private DaoFactory factory; private DirContext ctx; @@ -87,7 +91,7 @@ *
  • {@link PermissionDao#add(String, String, String)}
    • *
  • {@link PermissionDao#delete(String, String)}
    • *
  • {@link PermissionDao#load(String, String)}
    • - *
  • {@link PermissionDao#modify(String, String, String, ModificationItem[])}
    • + *
  • {@link PermissionDao#modify(String, java.util.Date, String, String, String, javax.naming.directory.ModificationItem[])}
    • *
  • {@link PermissionDao#rename(String, Permission)}
    • *
  • {@link PermissionDao#permissionIterator(String)}
    • *
  • {@link PermissionDao#permissionNameIterator(String)}
    • @@ -98,24 +102,24 @@ PermissionDao dao = factory.getPermissionDao(); // add a permission via add( String, String ) - dao.add( "mockApplication", getName() + "0", null ); + dao.add( APP_RDN, getName() + "0", null ); Attributes attrs = ctx.getAttributes( "permName=" + getName() - + "0, ou=permissions, appName=mockApplication, ou=applications" ); + + "0, ou=permissions," + APP_RDN ); assertEquals( getName() + "0", ( String ) attrs.get( "permName" ).get() ); assertNull( attrs.get( "description" ) ); // add a permission via add( String, Permission ) - PermissionModifier modifier = new PermissionModifier( dao, "mockApplication", getName() + "1" ); + PermissionModifier modifier = new PermissionModifier( dao, APP_RDN, getName() + "1" ); modifier.setDescription( "a non-null description" ).add(); attrs = ctx.getAttributes( "permName=" + getName() - + "1, ou=permissions, appName=mockApplication, ou=applications" ); + + "1, ou=permissions," + APP_RDN ); assertEquals( getName() + "1", ( String ) attrs.get( "permName" ).get() ); assertNotNull( attrs.get( "description" ) ); assertEquals( "a non-null description", ( String ) attrs.get( "description" ).get() ); - dao.delete( "mockApplication", getName() + "1" ); + dao.delete( APP_RDN, getName() + "1" ); // test the lookup of the newly added permission - Permission permission = dao.load( "mockApplication", getName() + "0" ); + Permission permission = dao.load( APP_RDN, getName() + "0" ); assertNotNull( permission ); assertEquals( getName() + "0", permission.getName() ); assertEquals( null, permission.getDescription() ); @@ -123,7 +127,7 @@ // test the modification of the newly added permission modifier = permission.modifier().setDescription( "updated description" ); modifier.modify(); - permission = dao.load( "mockApplication", getName() + "0" ); + permission = dao.load( APP_RDN, getName() + "0" ); assertNotNull( permission ); assertEquals( getName() + "0", permission.getName() ); assertEquals( "updated description", permission.getDescription() ); @@ -133,16 +137,16 @@ assertNotNull( permission ); assertEquals( getName() + "0renamed", permission.getName() ); assertEquals( "updated description", permission.getDescription() ); - permission = dao.load( "mockApplication", getName()+ "0renamed" ); + permission = dao.load( APP_RDN, getName()+ "0renamed" ); assertNotNull( permission ); assertEquals( getName() + "0renamed", permission.getName() ); assertEquals( "updated description", permission.getDescription() ); // test the delete of the newly added permission - dao.delete( "mockApplication", getName() + "0renamed" ); + dao.delete( APP_RDN, getName() + "0renamed" ); try { - permission = dao.load( "mockApplication", getName() + "0renamed" ); + permission = dao.load( APP_RDN, getName() + "0renamed" ); fail( "should never get here" ); } catch ( NoSuchEntryException e ) @@ -150,7 +154,7 @@ } // test the permissionNameIterator() method - Iterator iterator = dao.permissionNameIterator( "mockApplication" ); + Iterator iterator = dao.permissionNameIterator( APP_RDN ); Set permNames = new HashSet(); while( iterator.hasNext() ) { @@ -170,7 +174,7 @@ assertTrue( permNames.contains( "mockPerm9" ) ); // test the permissionIterator() method - iterator = dao.permissionIterator( "mockApplication" ); + iterator = dao.permissionIterator( APP_RDN ); Set perms = new HashSet(); while( iterator.hasNext() ) { @@ -185,43 +189,44 @@ public void testApplicationDao() throws Exception { // get and modify the application - Application app = admin.getApplication( "mockApplication" ); + Application app = admin.getApplication( APP_RDN ); assertNotNull( app ); - assertEquals( "mockApplication", app.getName() ); + assertEquals( APP_RDN, app.getAppRdn() ); assertEquals( null, app.getDescription() ); - assertEquals( "testing", app.getPassword() ); + //password is now at one higher level +// assertEquals( "testing", app.getPassword() ); app = app.modifier().setDescription( "test" ).modify(); assertEquals( "test", app.getDescription() ); // create a new application - app = admin.newApplication( "test" ).add(); + app = admin.newApplication( TEST_APP_RDN ).add(); app = app.modifier().setDescription( "test" ).setPassword( "secret" ).modify(); assertNotNull( app ); - assertEquals( "test", app.getName() ); + assertEquals( TEST_APP_RDN, app.getAppRdn() ); assertEquals( "test", app.getDescription() ); assertEquals( "secret", app.getPassword() ); - app = admin.getApplication( "test" ); + app = admin.getApplication( TEST_APP_RDN ); assertNotNull( app ); - assertEquals( "test", app.getName() ); + assertEquals( TEST_APP_RDN, app.getAppRdn() ); assertEquals( "test", app.getDescription() ); assertEquals( "secret", app.getPassword() ); // rename the new application - app = app.modifier().rename( "newName" ); - app = admin.getApplication( "newName" ); + app = app.modifier().rename( NEW_APP_RDN ); + app = admin.getApplication( NEW_APP_RDN ); assertNotNull( app ); - assertEquals( "newName", app.getName() ); + assertEquals( NEW_APP_RDN, app.getAppRdn() ); assertEquals( "test", app.getDescription() ); assertEquals( "secret", app.getPassword() ); // create a permission for the new application Permission perm = app.modifier().newPermission( "testPerm" ). setDescription( "test description" ).add(); - assertEquals( "newName", perm.getApplicationName() ); + assertEquals( NEW_APP_RDN, perm.getApplicationRdn() ); assertEquals( "testPerm", perm.getName() ); assertEquals( "test description", perm.getDescription() ); perm = app.getPermission( perm.getName() ); - assertEquals( "newName", perm.getApplicationName() ); + assertEquals( NEW_APP_RDN, perm.getApplicationRdn() ); assertEquals( "testPerm", perm.getName() ); assertEquals( "test description", perm.getDescription() ); @@ -230,7 +235,7 @@ try { app.getPermission( perm.getName() ); - fail( "should never get here" ); + fail( "perm should be removed" ); } catch( DataAccessException e ) { @@ -240,7 +245,8 @@ app.modifier().delete(); try { - admin.getApplication( "test" ); + admin.getApplication( NEW_APP_RDN ); + fail("app " + NEW_APP_RDN + " should be removed"); } catch( DataAccessException e ) { @@ -250,7 +256,7 @@ public void testProfileIteration() throws Exception { - Application app = admin.getApplication( "mockApplication" ); + Application app = admin.getApplication( APP_RDN ); app.modifier().newProfile( "extra", "lockedout" ).add(); for ( Iterator ii = app.profileIterator( "akarasulu" ); ii.hasNext(); /**/ ) { @@ -267,13 +273,13 @@ public void testRoleDao() throws Exception { - Application app = admin.getApplication( "mockApplication" ); + Application app = admin.getApplication( APP_RDN ); // create a new role after changing modifier's description and grants Role role = app.modifier().newRole( "testRole" ).setDescription( "test role" ) .addGrant( "mockPerm0" ).addGrant( "mockPerm1" ).add(); assertNotNull( role ); - assertEquals( "mockApplication", role.getApplicationName() ); + assertEquals( APP_RDN, role.getApplicationName() ); assertEquals( "testRole", role.getName() ); assertEquals( "test role", role.getDescription() ); assertEquals( 2, role.getGrants().size() ); @@ -284,7 +290,7 @@ // lookup and confirm values again role = app.getRole( "testRole" ); assertNotNull( role ); - assertEquals( "mockApplication", role.getApplicationName() ); + assertEquals( APP_RDN, role.getApplicationName() ); assertEquals( "testRole", role.getName() ); assertEquals( "test role", role.getDescription() ); assertEquals( 2, role.getGrants().size() ); @@ -306,7 +312,7 @@ // rename the role, test values, look it up again and test values again role = role.modifier().rename( "renamedRole" ); assertNotNull( role ); - assertEquals( "mockApplication", role.getApplicationName() ); + assertEquals( APP_RDN, role.getApplicationName() ); assertEquals( "renamedRole", role.getName() ); assertEquals( "changed description", role.getDescription() ); assertEquals( 3, role.getGrants().size() ); @@ -317,7 +323,7 @@ role = app.getRole( "renamedRole" ); assertNotNull( role ); - assertEquals( "mockApplication", role.getApplicationName() ); + assertEquals( APP_RDN, role.getApplicationName() ); assertEquals( "renamedRole", role.getName() ); assertEquals( "changed description", role.getDescription() ); assertEquals( 3, role.getGrants().size() ); @@ -341,13 +347,13 @@ public void testProfileDao() throws Exception { - Application app = admin.getApplication( "mockApplication" ); + Application app = admin.getApplication( APP_RDN ); // create a new profile after changing modifier's description with permission and roles Profile profile = app.modifier().newProfile( "testProfile", "testUser" ).setDescription( "test profile" ) .addGrant( "mockPerm0" ).addGrant( "mockPerm1" ).addDenial( "mockPerm4" ).addRole( "mockRole2" ).add(); assertNotNull( profile ); - assertEquals( "mockApplication", profile.getApplicationName() ); + assertEquals( APP_RDN, profile.getApplicationName() ); assertEquals( "testProfile", profile.getId() ); assertEquals( "testUser", profile.getUser() ); assertEquals( "test profile", profile.getDescription() ); @@ -366,7 +372,7 @@ // lookup and confirm values again profile = app.getProfile( "testProfile" ); assertNotNull( profile ); - assertEquals( "mockApplication", profile.getApplicationName() ); + assertEquals( APP_RDN, profile.getApplicationName() ); assertEquals( "testProfile", profile.getId() ); assertEquals( "testUser", profile.getUser() ); assertEquals( "test profile", profile.getDescription() ); @@ -401,7 +407,7 @@ // rename the profile, test values, look it up again and test values again profile = profile.modifier().rename( "renamedProfile" ); assertNotNull( profile ); - assertEquals( "mockApplication", profile.getApplicationName() ); + assertEquals( APP_RDN, profile.getApplicationName() ); assertEquals( "renamedProfile", profile.getId() ); assertEquals( "testUser", profile.getUser() ); assertEquals( "changed description", profile.getDescription() ); @@ -418,7 +424,7 @@ profile = app.getProfile( "renamedProfile" ); assertNotNull( profile ); - assertEquals( "mockApplication", profile.getApplicationName() ); + assertEquals( APP_RDN, profile.getApplicationName() ); assertEquals( "renamedProfile", profile.getId() ); assertEquals( "testUser", profile.getUser() ); assertEquals( "changed description", profile.getDescription() ); Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/ApplicationPolicy.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/ApplicationPolicy.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/ApplicationPolicy.java (original) +++ directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/ApplicationPolicy.java Sun Jan 7 21:40:11 2007 @@ -52,12 +52,12 @@ boolean addPolicyListener( PolicyChangeListener listener ) throws GuardianException; /** - * Gets the name uniquely identifying the applicaiton associated + * Gets the relative distinguished name above the realm uniquely identifying the application associated * with this store. * * @return the name of this store */ - String getApplicationName(); + String getApplicationRelativeDistinguishedName(); /** * Gets a set of {@link Role}s defined for this store. Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/EntryApplicationPolicy.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/EntryApplicationPolicy.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/EntryApplicationPolicy.java (original) +++ directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/EntryApplicationPolicy.java Sun Jan 7 21:40:11 2007 @@ -39,7 +39,7 @@ */ public abstract class EntryApplicationPolicy implements ApplicationPolicy { /** the name of the application this store is associated with */ - protected String applicationName; + protected String applicationRdn; /** a breif description of this application */ protected String description; /** the {@link java.security.Permission}s defined for this store's application */ @@ -110,9 +110,9 @@ return ( String ) attr.get(); } - public String getApplicationName() + public String getApplicationRelativeDistinguishedName() { - return this.applicationName; + return this.applicationRdn; } public String getDescription() @@ -144,7 +144,7 @@ String permName = ( String ) grantsEnumeration.next(); grants.add( permissions.get( permName ) ); // log.debug( "granting permission '" + permName + "' to role '" + roleName -// + " in application '" + applicationName + "'" ); +// + " in application '" + applicationRdn + "'" ); } } @@ -159,7 +159,7 @@ String permName = ( String ) grantsEnumeration.next(); denials.add( permissions.get( permName ) ); // log.debug( "granting permission '" + permName + "' to role '" + roleName -// + " in application '" + applicationName + "'" ); +// + " in application '" + applicationRdn + "'" ); } } @@ -261,11 +261,11 @@ rolesSet.add( this.roles.get( assignedRoleName ) ); } Role[] rolesArray = new Role[rolesSet.size()]; - roles = new Roles( applicationName, rolesSet.toArray( rolesArray ) ); + roles = new Roles( applicationRdn, rolesSet.toArray( rolesArray ) ); } else { - roles = new Roles( applicationName, new Role[0] ); + roles = new Roles( applicationRdn, new Role[0] ); } Attribute description = attrs.get( "description" ); @@ -284,6 +284,7 @@ return profile; } +/* public static String getApplicationName( String principalDN ) { String rdn = principalDN.split( "," )[0].trim(); @@ -297,6 +298,7 @@ return rdnPair[1].trim(); } +*/ protected static class PermissionEntry { private final String permissionName; Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Profile.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Profile.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Profile.java (original) +++ directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Profile.java Sun Jan 7 21:40:11 2007 @@ -139,19 +139,19 @@ } if( roles == null ) { - roles = new Roles( store.getApplicationName(), null ); + roles = new Roles( store.getApplicationRelativeDistinguishedName(), null ); } - if( !store.getApplicationName().equals( roles.getApplicationName() ) ) + if( !store.getApplicationRelativeDistinguishedName().equals( roles.getApplicationRelativeDistinguishedName() ) ) { - throw new IllegalArgumentException( "Invalid applicationName in roles: " + roles.getApplicationName() ); + throw new IllegalArgumentException( "Invalid applicationRdn in roles: " + roles.getApplicationRelativeDistinguishedName() ); } if( grants == null ) { grants = new Permissions(); } -// if( !store.getApplicationName().equals( grants.getApplicationName() ) ) +// if( !store.getApplicationRdn().equals( grants.getApplicationRdn() ) ) // { -// throw new IllegalArgumentException( "Invalid applicationName in grants: " + grants.getApplicationName() ); +// throw new IllegalArgumentException( "Invalid applicationRdn in grants: " + grants.getApplicationRdn() ); // } //TODO figure out if this check can be resurrected // if( !store.getPermissions().containsAll( grants ) ) @@ -164,9 +164,9 @@ { denials = new Permissions(); } -// if( !store.getApplicationName().equals( denials.getApplicationName() ) ) +// if( !store.getApplicationRdn().equals( denials.getApplicationRdn() ) ) // { -// throw new IllegalArgumentException( "Invalid applicationName in denials: " + denials.getApplicationName() ); +// throw new IllegalArgumentException( "Invalid applicationRdn in denials: " + denials.getApplicationRdn() ); // } //TODO figure out if this check can be resurrected // if( !store.getPermissions().containsAll( denials ) ) @@ -252,9 +252,9 @@ * * @return the name of the application this Profile is associated with */ - public String getApplicationName() + public String getApplicationRelativeDistinguishedName() { - return store.getApplicationName(); + return store.getApplicationRelativeDistinguishedName(); } @@ -346,7 +346,7 @@ checkPermission( permission, "User '" + profileId + "' " + - "in application '" + getApplicationName() + '\'' + + "in application '" + getApplicationRelativeDistinguishedName() + '\'' + "does not posess the permission '" + permission.getName() + "'." ); } @@ -381,7 +381,7 @@ public int hashCode() { - return getApplicationName().hashCode() ^ profileId.hashCode(); + return getApplicationRelativeDistinguishedName().hashCode() ^ profileId.hashCode(); } @@ -395,7 +395,7 @@ if( that instanceof Profile ) { Profile thatP = ( Profile ) that; - return this.getApplicationName().equals( thatP.getApplicationName() ) && + return this.getApplicationRelativeDistinguishedName().equals( thatP.getApplicationRelativeDistinguishedName() ) && this.getProfileId().equals( thatP.getProfileId() ); } @@ -406,7 +406,7 @@ public int compareTo( Object that ) { Profile thatP = ( Profile ) that; - int ret = this.getApplicationName().compareTo( thatP.getApplicationName() ); + int ret = this.getApplicationRelativeDistinguishedName().compareTo( thatP.getApplicationRelativeDistinguishedName() ); if( ret != 0 ) { return ret; Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Role.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Role.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Role.java (original) +++ directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Role.java Sun Jan 7 21:40:11 2007 @@ -27,7 +27,7 @@ /** * An application role. Roles are application specific and contain a set - * of permission grants. Users assigned to these Roles inherit the set of + * of permission grants. Users assigned to these Roles inherit the set of * permission grants from their roles. * * @author Alex Karasulu @@ -51,7 +51,7 @@ /** * Creates a new Role instance with a description. - * + * * @param store the parent store this role is defined for * @param name the name of this role * @param grantedPermissions @@ -72,7 +72,7 @@ { throw new IllegalArgumentException( "name is empty." ); } - + if( grantedPermissions == null ) { grantedPermissions = new Permissions(); @@ -81,11 +81,11 @@ { deniedPermissions = new Permissions(); } -// if( !store.getApplicationName().equals( grantedPermissions.getApplicationName() ) ) +// if( !store.getApplicationRdn().equals( grantedPermissions.getApplicationRdn() ) ) // { // throw new IllegalArgumentException( -// "Invalid applicationName in grantedPermissions: " + -// grantedPermissions.getApplicationName() ); +// "Invalid applicationRdn in grantedPermissions: " + +// grantedPermissions.getApplicationRdn() ); // } //This is meaningless if grantedPermissions.implies is used rather than equality. @@ -95,7 +95,7 @@ // "store doesn't provide all grantedPermissions specified: " + // grantedPermissions ); // } - + this.store = store; this.name = name; this.grantedPermissions = grantedPermissions; @@ -120,7 +120,7 @@ /** * Gets the name of this Role. - * + * * @return the name of this Role */ public String getName() @@ -142,18 +142,18 @@ /** * Gets the application name this Role is defined for. - * + * * @return the name of the application this Role is defined for. */ - public String getApplicationName() + public String getApplicationRelativeDistinguishedName() { - return store.getApplicationName(); + return store.getApplicationRelativeDistinguishedName(); } /** * Gets a set of grantedPermissions granted to this role. - * + * * @return a set of grantedPermissions granted to this role. */ public Permissions getGrantedPermissions() @@ -184,12 +184,12 @@ if ( !grantedPermissions.implies( permission ) ) { throw new AccessControlException("Role '" + name + "' " + - "in application '" + getApplicationName() + '\'' + + "in application '" + getApplicationRelativeDistinguishedName() + '\'' + "does not posess the permission '" + permission.getName() + "'." ); } if (deniedPermissions.implies(permission)) { throw new AccessControlException("Role '" + name + "' " + - "in application '" + getApplicationName() + '\'' + + "in application '" + getApplicationRelativeDistinguishedName() + '\'' + "is denied the permission '" + permission.getName() + "'." ); } } @@ -204,7 +204,7 @@ public int hashCode() { - return getApplicationName().hashCode() ^ name.hashCode(); + return getApplicationRelativeDistinguishedName().hashCode() ^ name.hashCode(); } @@ -214,14 +214,14 @@ { return true; } - + if( that instanceof Role ) { Role thatR = ( Role ) that; - return this.getApplicationName().equals( thatR.getApplicationName() ) && + return this.getApplicationRelativeDistinguishedName().equals( thatR.getApplicationRelativeDistinguishedName() ) && this.getName().equals( thatR.getName() ); } - + return false; } @@ -229,7 +229,7 @@ public int compareTo( Object that ) { Role thatR = ( Role ) that; - int ret = this.getApplicationName().compareTo( thatR.getApplicationName() ); + int ret = this.getApplicationRelativeDistinguishedName().compareTo( thatR.getApplicationRelativeDistinguishedName() ); if( ret != 0 ) { return ret; Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Roles.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Roles.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Roles.java (original) +++ directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/Roles.java Sun Jan 7 21:40:11 2007 @@ -21,11 +21,9 @@ import java.io.Serializable; -import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; import java.util.Iterator; -import java.util.List; import java.util.Map; import java.util.Set; import java.util.TreeSet; @@ -44,7 +42,7 @@ private static final Role[] EMPTY_ROLE_ARRAY = new Role[0]; /** the name of the application this roles belong to */ - private final String applicationName; + private final String applicationRdn; /** Map<String roleName, Role role;> */ private final Map roles = new HashMap(); @@ -60,18 +58,18 @@ // Check nulls and emptiness if( applicationName == null ) { - throw new NullPointerException( "applicationName" ); + throw new NullPointerException( "applicationRdn" ); } if( applicationName.length() == 0 ) { - throw new IllegalArgumentException( "applicationName is empty." ); + throw new IllegalArgumentException( "applicationRdn is empty." ); } if( roles == null ) { roles = EMPTY_ROLE_ARRAY; } - this.applicationName = applicationName; + this.applicationRdn = applicationName; // Add all roles while checking if application names are all // same with what user specified. @@ -83,9 +81,9 @@ continue; } - if( !applicationName.equals( r.getApplicationName() ) ) + if( !applicationName.equals( r.getApplicationRelativeDistinguishedName() ) ) { - throw new IllegalArgumentException( "Invalid applicationName: " + r.getApplicationName() ); + throw new IllegalArgumentException( "Invalid applicationRdn: " + r.getApplicationRelativeDistinguishedName() ); } this.roles.put( r.getName(), r ); @@ -98,9 +96,9 @@ * * @return the name of the application this roles belong to */ - public String getApplicationName() + public String getApplicationRelativeDistinguishedName() { - return applicationName; + return applicationRdn; } @@ -114,7 +112,7 @@ */ public boolean contains( Role role ) { - return applicationName.equals( role.getApplicationName() ) && + return applicationRdn.equals( role.getApplicationRelativeDistinguishedName() ) && roles.containsKey( role.getName() ); } @@ -248,10 +246,10 @@ // public Roles getDependentRoles( StringPermission perm ) // { -// if ( ! perm.getApplicationName().equals( getApplicationName() ) ) +// if ( ! perm.getApplicationRdn().equals( getApplicationRdn() ) ) // { // throw new IllegalArgumentException( "The permission '" + perm.getName() + "' is not " + -// "\nassociated with this application. It is associated with " + perm.getApplicationName() ); +// "\nassociated with this application. It is associated with " + perm.getApplicationRdn() ); // } // // List dependents = new ArrayList(); @@ -266,12 +264,12 @@ // // if ( dependents.size() == 0 ) // { -// return new Roles( getApplicationName(), EMPTY_ROLE_ARRAY ); +// return new Roles( getApplicationRdn(), EMPTY_ROLE_ARRAY ); // } // // Role[] roleArray = new Role[dependents.size()]; // dependents.toArray( roleArray ); -// return new Roles( getApplicationName(), roleArray ); +// return new Roles( getApplicationRdn(), roleArray ); // } @@ -284,13 +282,13 @@ { Role[] roleArray = new Role[ size() ]; roleArray = ( Role[] ) roles.values().toArray( roleArray ); - return new Roles( applicationName, roleArray ); + return new Roles( applicationRdn, roleArray ); } public int hashCode() { - return applicationName.hashCode() ^ roles.hashCode(); + return applicationRdn.hashCode() ^ roles.hashCode(); } @@ -317,7 +315,7 @@ { StringBuffer buf = new StringBuffer(); buf.append( "Roles(" ); - buf.append( applicationName ); + buf.append( applicationRdn ); buf.append( ": " ); // Sort roles by name @@ -351,9 +349,9 @@ private void checkApplicationName( Roles roles ) { - if( !applicationName.equals( roles.getApplicationName() ) ) + if( !applicationRdn.equals( roles.getApplicationRelativeDistinguishedName() ) ) { - throw new IllegalArgumentException( "Wrong application name: " + roles.getApplicationName() ); + throw new IllegalArgumentException( "Wrong application name: " + roles.getApplicationRelativeDistinguishedName() ); } } } Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/StringPermission.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/StringPermission.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/StringPermission.java (original) +++ directory/sandbox/triplesec-jacc2/guardian-api/src/main/java/org/safehaus/triplesec/guardian/StringPermission.java Sun Jan 7 21:40:11 2007 @@ -43,7 +43,7 @@ /** * the name of the application this permission is associated with */ -// private final String applicationName; +// private final String applicationRdn; /** * a short description of the permission */ Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/ApplicationPolicyFactoryTest.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/ApplicationPolicyFactoryTest.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/ApplicationPolicyFactoryTest.java (original) +++ directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/ApplicationPolicyFactoryTest.java Sun Jan 7 21:40:11 2007 @@ -56,7 +56,7 @@ Assert.assertTrue( ApplicationPolicyFactory.registerDriver( testDriver2 ) ); Assert.assertFalse( ApplicationPolicyFactory.registerDriver( testDriver1 ) ); ApplicationPolicy testStore = ApplicationPolicyFactory.newInstance( "test2:dummy", new Properties() ); - Assert.assertEquals( "Test", testStore.getApplicationName() ); + Assert.assertEquals( "appName=Test,ou=applications", testStore.getApplicationRelativeDistinguishedName() ); // Deregister driver and make sure it doesn't work. Assert.assertTrue( ApplicationPolicyFactory.deregisterDriver( testDriver1.getClass() ) ); @@ -139,8 +139,8 @@ public ApplicationPolicy newStore(String url, Properties info) throws GuardianException { return new ApplicationPolicy() { - public String getApplicationName() { - return "Test"; + public String getApplicationRelativeDistinguishedName() { + return "appName=Test,ou=applications"; } public Roles getRoles() { Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/ProfileTest.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/ProfileTest.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/ProfileTest.java (original) +++ directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/ProfileTest.java Sun Jan 7 21:40:11 2007 @@ -205,7 +205,7 @@ ); Profile p = new Profile( STORE1, "trustin", "trustin", roles, grants, denials, "test description", false ); - assertEquals( "app1", p.getApplicationName() ); + assertEquals( "app1", p.getApplicationRelativeDistinguishedName() ); assertEquals( "trustin", p.getProfileId() ); assertEquals( roles, p.getRoles() ); assertEquals( grants, p.getGrants() ); @@ -301,7 +301,7 @@ this.appName = appName; } - public String getApplicationName() + public String getApplicationRelativeDistinguishedName() { return appName; } Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/RoleTest.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/RoleTest.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/RoleTest.java (original) +++ directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/RoleTest.java Sun Jan 7 21:40:11 2007 @@ -148,7 +148,7 @@ perms.add(new StringPermission("perm3" )); Role r = new Role( STORE1, "role1", perms, null, "test description" ); - assertEquals( "app1", r.getApplicationName() ); + assertEquals( "app1", r.getApplicationRelativeDistinguishedName() ); assertEquals( "role1", r.getName() ); assertEquals( perms, r.getGrantedPermissions() ); assertEquals( "test description", r.getDescription() ); @@ -209,7 +209,7 @@ this.appName = appName; } - public String getApplicationName() + public String getApplicationRelativeDistinguishedName() { return appName; } Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/RolesTest.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/RolesTest.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/RolesTest.java (original) +++ directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/RolesTest.java Sun Jan 7 21:40:11 2007 @@ -129,7 +129,7 @@ r1, r2, r3, }); - Assert.assertEquals( "app1", roles.getApplicationName() ); + Assert.assertEquals( "app1", roles.getApplicationRelativeDistinguishedName() ); Assert.assertEquals( 3, roles.size() ); Assert.assertTrue( roles.contains( r1 ) ); Assert.assertTrue( roles.contains( r2 ) ); @@ -271,7 +271,7 @@ this.appName = appName; } - public String getApplicationName() + public String getApplicationRelativeDistinguishedName() { return appName; } Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockApplicationPolicy.java URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockApplicationPolicy.java?view=diff&rev=493959&r1=493958&r2=493959 ============================================================================== --- directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockApplicationPolicy.java (original) +++ directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockApplicationPolicy.java Sun Jan 7 21:40:11 2007 @@ -184,7 +184,7 @@ } - public String getApplicationName() + public String getApplicationRelativeDistinguishedName() { return name; }