directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ersi...@apache.org
Subject svn commit: r553486 - in /directory/apacheds/trunk: core-unit/src/test/java/org/apache/directory/server/core/authz/ModifyAuthorizationITest.java core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java
Date Thu, 05 Jul 2007 12:55:06 GMT
Author: ersiner
Date: Thu Jul  5 05:55:05 2007
New Revision: 553486

URL: http://svn.apache.org/viewvc?view=rev&rev=553486
Log:
One more attempt for DIRSERVER-988. Fixed a badly wrong implementation which determines whether
a prescriptiveACI is being modified. Added a test case for DIRSERVER-988.

Modified:
    directory/apacheds/trunk/core-unit/src/test/java/org/apache/directory/server/core/authz/ModifyAuthorizationITest.java
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java

Modified: directory/apacheds/trunk/core-unit/src/test/java/org/apache/directory/server/core/authz/ModifyAuthorizationITest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core-unit/src/test/java/org/apache/directory/server/core/authz/ModifyAuthorizationITest.java?view=diff&rev=553486&r1=553485&r2=553486
==============================================================================
--- directory/apacheds/trunk/core-unit/src/test/java/org/apache/directory/server/core/authz/ModifyAuthorizationITest.java
(original)
+++ directory/apacheds/trunk/core-unit/src/test/java/org/apache/directory/server/core/authz/ModifyAuthorizationITest.java
Thu Jul  5 05:55:05 2007
@@ -516,4 +516,33 @@
     //    }
     
     
+    public void testPresciptiveACIModification() throws NamingException
+    {
+        
+        ModificationItemImpl[] mods = toItems( DirContext.ADD_ATTRIBUTE,
+            new AttributesImpl( "registeredAddress", "100 Park Ave.", true ) );
+
+        createUser( "billyd", "billyd" );
+
+        createAccessControlSubentry( "modifyACI", "{ " + "identificationTag \"modifyAci\",
"
+            + "precedence 14, " + "authenticationLevel none, " + "itemOrUserFirst userFirst:
{ "
+            + "userClasses { allUsers }, " + "userPermissions { "
+            + "{ protectedItems {entry, allUserAttributeTypesAndValues}, grantsAndDenials
{ grantModify, grantBrowse, grantAdd, grantRemove } } } } }" );
+
+        assertTrue( checkCanModifyAs( "billyd", "billyd", "ou=testou", mods ) );
+        
+        mods = toItems( DirContext.REPLACE_ATTRIBUTE,
+            new AttributesImpl( "registeredAddress", "200 Park Ave.", true ) );
+        
+        changePresciptiveACI( "modifyACI", "{ " + "identificationTag \"modifyAci\", "
+            + "precedence 14, " + "authenticationLevel none, " + "itemOrUserFirst userFirst:
{ "
+            + "userClasses { allUsers }, " + "userPermissions { "
+            + "{ protectedItems {entry, allUserAttributeTypesAndValues}, grantsAndDenials
{ denyModify } } } } }" );
+
+        assertFalse( checkCanModifyAs( "billyd", "billyd", "ou=testou", mods ) );
+        
+        deleteAccessControlSubentry( "modifyACI" );
+        
+    }
+    
 }

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java?view=diff&rev=553486&r1=553485&r2=553486
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java
Thu Jul  5 05:55:05 2007
@@ -245,20 +245,17 @@
         {
             return;
         }
-
-        boolean isAciModified = false;
         
         for ( int ii = 0; ii < mods.length; ii++ )
         {
-            // Check for the name and for the OID
-            isAciModified |= AttributeUtils.containsValueCaseIgnore( mods[ii].getAttribute(),
SchemaConstants.PRESCRIPTIVE_ACI_AT );
-            isAciModified |= AttributeUtils.containsValueCaseIgnore( mods[ii].getAttribute(),
SchemaConstants.PRESCRIPTIVE_ACI_AT_OID );
-        }
-        
-        if ( isAciModified )
-        {
-            subentryDeleted( normName, entry );
-            subentryAdded( normName.getUpName(), normName, entry );
+            String attrID = mods[ii].getAttribute().getID();
+            if ( attrID.equalsIgnoreCase( SchemaConstants.PRESCRIPTIVE_ACI_AT ) ||
+                attrID.equalsIgnoreCase( SchemaConstants.PRESCRIPTIVE_ACI_AT_OID ) )
+            {
+                subentryDeleted( normName, entry );
+                subentryAdded( normName.getUpName(), normName, entry );
+                continue;
+            }
         }
     }
 



Mime
View raw message