directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r586761 - in /directory/sandbox/djencks/triplesec-jacc2: admin-api2/src/main/java/org/apache/directory/triplesec/admin/ admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/ admin-api2/src/test/java/org/apache/directory...
Date Sat, 20 Oct 2007 17:10:18 GMT
Author: djencks
Date: Sat Oct 20 10:10:15 2007
New Revision: 586761

URL: http://svn.apache.org/viewvc?rev=586761&view=rev
Log:
switch to unique roleId rather than context dependent rolename to identify role references

Modified:
    directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Constants.java
    directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Group.java
    directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Role.java
    directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/StateManager.java
    directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/test/java/org/apache/directory/triplesec/admin/IntegrationTest.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ApplicationPolicy.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryApplicationPolicy.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/Role.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactoryTest.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/RoleTest.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockApplicationPolicy.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockApplicationPolicyTest.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicy.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicy.java
    directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicyTest.java
    directory/sandbox/djencks/triplesec-jacc2/itest-data/src/main/resources/server.ldif
    directory/sandbox/djencks/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/DataPolicyConfiguration.java
    directory/sandbox/djencks/triplesec-jacc2/store/src/main/schema/triplesec.schema

Modified: directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Constants.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Constants.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Constants.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Constants.java
Sat Oct 20 10:10:15 2007
@@ -92,7 +92,7 @@
     String APP_NAME_ID = "appName";
     String PERM_NAME_ID = "permName";
     String ROLE_NAME_ID = "roleName";
-    String PROFILEID_ID = "profileId";
+    String ROLEID_ID = "roleId";
     String TRIPLESEC_ID = "triplesecUid";
     String CREATORS_NAME_ID = "creatorsName";
 

Modified: directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Group.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Group.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Group.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Group.java
Sat Oct 20 10:10:15 2007
@@ -72,7 +72,7 @@
 
     public Collection<User> getMembers()
     {
-        return stateManager.getReferenceMapField( MEMBERS_INDEX ).getCurrentValues();
+        return stateManager.<User>getReferenceMapField( MEMBERS_INDEX ).getCurrentValues();
     }
 
     public void addMember( User member )

Modified: directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Role.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Role.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Role.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/Role.java
Sat Oct 20 10:10:15 2007
@@ -42,11 +42,12 @@
             Constants.DENIALS_ID};
 
     private static final int ROLENAME_INDEX = 0;
-    private static final int DESCRIPTION_INDEX = 1;
-    private static final int GRANTS_INDEX = 2;
-    private static final int DENIALS_INDEX = 3;
-    private static final int GRANTED_ROLES_INDEX = 4;
-    private static final int DENIED_ROLES_INDEX = 5;
+    private static final int ROLEID_INDEX = 1;
+    private static final int DESCRIPTION_INDEX = 2;
+    private static final int GRANTS_INDEX = 3;
+    private static final int DENIALS_INDEX = 4;
+    private static final int GRANTED_ROLES_INDEX = 5;
+    private static final int DENIED_ROLES_INDEX = 6;
 
     private final StateManager<Role> stateManager;
 
@@ -55,6 +56,7 @@
         stateManager = new StateManager<Role>( this );
 
         stateManager.setRdn( new SimpleRdn( Constants.ROLE_NAME_ID, null, "ou=roles" ) );
+        stateManager.addField( new SingleValuedField<String>( Constants.ROLEID_ID,
null ) );
         stateManager.addField( new SingleValuedField<String>( Constants.DESCRIPTION_ID,
null ) );
         stateManager.addField( new ReferenceMapField<Permission>( Constants.GRANTS_ID,
stateManager ) );
         stateManager.addField( new ReferenceMapField<Permission>( Constants.DENIALS_ID,
stateManager ) );
@@ -65,10 +67,11 @@
     }
 
 
-    public Role( String roleName, String description )
+    public Role( String roleName, String roleId, String description )
     {
         this();
         stateManager.setStringValue( ROLENAME_INDEX, roleName );
+        stateManager.setStringValue( ROLEID_INDEX, roleId );
         stateManager.setStringValue( DESCRIPTION_INDEX, description );
     }
 
@@ -83,6 +86,16 @@
         stateManager.setId( roleName );
     }
 
+    public String getRoleId()
+    {
+        return stateManager.getStringValue( ROLEID_INDEX );
+    }
+
+    public void setRoleId( String roleId )
+    {
+        stateManager.setStringValue( ROLEID_INDEX, roleId );
+    }
+
     public String getDescription()
     {
         return stateManager.getStringValue( DESCRIPTION_INDEX );
@@ -95,7 +108,7 @@
 
     public Collection<Permission> getGrants()
     {
-        return stateManager.getReferenceMapField( GRANTS_INDEX ).getCurrentValues();
+        return stateManager.<Permission>getReferenceMapField( GRANTS_INDEX ).getCurrentValues();
     }
 
     public void addGrant( Permission permission )
@@ -110,7 +123,7 @@
 
     public Collection<Permission> getDenials()
     {
-        return stateManager.getReferenceMapField( DENIALS_INDEX ).getCurrentValues();
+        return stateManager.<Permission>getReferenceMapField( DENIALS_INDEX ).getCurrentValues();
     }
 
     public void addDenial( Permission permission )
@@ -125,7 +138,7 @@
 
     public Collection<Role> getGrantedRoles()
     {
-        return stateManager.getReferenceMapField( GRANTED_ROLES_INDEX ).getCurrentValues();
+        return stateManager.<Role>getReferenceMapField( GRANTED_ROLES_INDEX ).getCurrentValues();
     }
 
     public void addGrantedRole( Role role )
@@ -140,7 +153,7 @@
 
     public Collection<Role> getDeniedRoles()
     {
-        return stateManager.getReferenceMapField( DENIED_ROLES_INDEX ).getCurrentValues();
+        return stateManager.<Role>getReferenceMapField( DENIED_ROLES_INDEX ).getCurrentValues();
     }
 
     public void addDeniedRole( Role role )

Modified: directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/StateManager.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/StateManager.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/StateManager.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/main/java/org/apache/directory/triplesec/admin/persistence/StateManager.java
Sat Oct 20 10:10:15 2007
@@ -208,9 +208,9 @@
         return fields.get( pos );
     }
 
-    public ReferenceMapField getReferenceMapField( int pos)
+    public <S extends PersistenceCapable> ReferenceMapField<S> getReferenceMapField(
int pos)
     {
-        return ((ReferenceMapField)getField( pos));
+        return ((ReferenceMapField<S>)getField( pos));
     }
 
     public String getStringValue( int pos )

Modified: directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/test/java/org/apache/directory/triplesec/admin/IntegrationTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/test/java/org/apache/directory/triplesec/admin/IntegrationTest.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/test/java/org/apache/directory/triplesec/admin/IntegrationTest.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/admin-api2/src/test/java/org/apache/directory/triplesec/admin/IntegrationTest.java
Sat Oct 20 10:10:15 2007
@@ -272,7 +272,7 @@
 
         assertEquals( 11, app.getRoles().size() );
         // create a new role after changing modifier's description and grants
-        Role role = new Role( "testRole", "test role" );
+        Role role = new Role( "testRole", "testRole", "test role" );
         role.addGrant( app.getPermission( "mockPerm0" ) );
         role.addGrant( app.getPermission( "mockPerm1" ) );
         role.addDenial( app.getPermission( "mockPerm8" ) );

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ApplicationPolicy.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ApplicationPolicy.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ApplicationPolicy.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/ApplicationPolicy.java
Sat Oct 20 10:10:15 2007
@@ -64,7 +64,7 @@
      * 
      * @return a set of {@link Role}s defined for this store.
      */
-    Map<String, Role> getRolesByName();
+    Map<String, Role> getRolesById();
 
     /**
      * Gets a set of {@link StringPermission}s defined for this store.

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryApplicationPolicy.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryApplicationPolicy.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryApplicationPolicy.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/EntryApplicationPolicy.java
Sat Oct 20 10:10:15 2007
@@ -54,7 +54,7 @@
      */
     protected final Map<String, Permission> permissions = new HashMap<String, Permission>();
 
-    protected final Map<String, Role> rolesByName = new HashMap<String, Role>();
+    protected final Map<String, Role> rolesById = new HashMap<String, Role>();
 
     protected Permissions getAllPermissions()
     {
@@ -148,9 +148,9 @@
         return this.description;
     }
 
-    public Map<String, Role> getRolesByName()
+    public Map<String, Role> getRolesById()
     {
-        return rolesByName;
+        return rolesById;
     }
 
     public Map<String, Permission> getPermissions()
@@ -158,24 +158,27 @@
         return permissions;
     }
 
-    protected Role addRole( String roleName, Map<String, Attributes> roleAttributes
) throws NamingException
+    protected Role addRole( String roleId, Map<String, Attributes> roleAttributes )
throws NamingException
     {
-        Role role = rolesByName.get( roleName );
+        Role role = rolesById.get( roleId );
         if ( role != null )
         {
             return role;
         }
-        if ( rolesByName.containsKey( roleName ) )
+        if ( rolesById.containsKey( roleId ) )
         {
-            throw new GuardianException( "Circular reference to role " + roleName );
+            throw new GuardianException( "Circular reference to role " + roleId );
         }
-        Attributes attrs = roleAttributes.get( roleName );
+        Attributes attrs = roleAttributes.get( roleId );
         if ( attrs == null )
         {
-            throw new GuardianException( "no role named " + roleName + " found" );
+            return null;
+//            throw new GuardianException( "no role named " + roleId + " found" );
         }
         //mark that we have started looking at this role name
-        rolesByName.put( roleName, null );
+        rolesById.put( roleId, null );
+
+        String roleName = getStringAttribute( attrs, "roleName" );
 
         Permissions grants = new Permissions();
         Attribute attributes = attrs.get( "grants" );
@@ -209,8 +212,8 @@
         attributes = attrs.get( "deniedRoles" );
         Collection<Role> deniedRoles = getRoles( attributes, roleAttributes );
 
-        role = new Role( this, roleName, grants, denials, grantedRoles, deniedRoles, getStringAttribute(
attrs, "description" ) );
-        rolesByName.put( roleName, role );
+        role = new Role( this, roleName, roleId, grants, denials, grantedRoles, deniedRoles,
getStringAttribute( attrs, "description" ) );
+        rolesById.put( roleId, role );
         return role;
     }
 
@@ -225,7 +228,11 @@
             {
                 String roleName = ( String ) rolesEnumeration.next();
 
-                roles.add( addRole( roleName, roleAttributes ) );
+                Role role = addRole( roleName, roleAttributes );
+                if ( role != null )
+                {
+                    roles.add( role );
+                }
             }
         }
         return roles;
@@ -279,15 +286,16 @@
             NamingEnumeration<?> grantsEnumeration = defaultRolesAttribute.getAll();
             while ( grantsEnumeration.hasMore() )
             {
-                String roleName = ( String ) grantsEnumeration.next();
-                Role role = rolesByName.get( roleName );
+                String roleId = ( String ) grantsEnumeration.next();
+                Role role = rolesById.get( roleId );
                 if ( role != null )
                 {
                     roles.add( role );
                 }
                 else
                 {
-                    throw new NamingException("No role named " + roleName + " found: known
names: " + rolesByName.keySet());
+// this is OK, role could be present only in another application
+//                    throw new NamingException("No role named " + roleId + " found: known
names: " + rolesById.keySet());
                 }
             }
         }

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/Role.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/Role.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/Role.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/main/java/org/apache/directory/triplesec/guardian/Role.java
Sat Oct 20 10:10:15 2007
@@ -44,6 +44,7 @@
      * the name of this Role
      */
     private final String name;
+    private final String id;
     /**
      * the store the Role is defined for
      */
@@ -67,14 +68,16 @@
      *
      * @param store              the parent store this role is defined for
      * @param name               the name of this role
+     * @param id
      * @param grantedPermissions
      * @param deniedPermissions
-     * @param description        a breif description of the role
      * @param grantedRoles
      * @param deniedRoles
+     * @param description        a breif description of the role
      */
     public Role( ApplicationPolicy store,
             String name,
+            String id,
             Permissions grantedPermissions,
             Permissions deniedPermissions,
             Collection<Role> grantedRoles,
@@ -93,6 +96,10 @@
         {
             throw new IllegalArgumentException( "name is empty." );
         }
+        if (id == null)
+        {
+            throw new NullPointerException("roleId");
+        }
 
         if ( grantedPermissions == null )
         {
@@ -113,6 +120,7 @@
         }
         this.store = store;
         this.name = name;
+        this.id = id;
         this.grantedPermissions = grantedPermissions;
         this.deniedPermissions = deniedPermissions;
         this.grantedRoles = grantedRoles;
@@ -126,12 +134,13 @@
      *
      * @param store              the parent store this role is defined for
      * @param name               the name of this role
+     * @param id
      * @param grantedPermissions
      * @param deniedPermissions
      */
-    public Role( ApplicationPolicy store, String name, Permissions grantedPermissions, Permissions
deniedPermissions )
+    public Role( ApplicationPolicy store, String name, String id, Permissions grantedPermissions,
Permissions deniedPermissions )
     {
-        this( store, name, grantedPermissions, deniedPermissions, null, null, null );
+        this( store, name, id, grantedPermissions, deniedPermissions, null, null, null );
     }
 
 
@@ -145,6 +154,11 @@
         return name;
     }
 
+
+    public String getId()
+    {
+        return id;
+    }
 
     /**
      * Gets a brief description for this Role if one exists.

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactoryTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactoryTest.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactoryTest.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/ApplicationPolicyFactoryTest.java
Sat Oct 20 10:10:15 2007
@@ -141,7 +141,7 @@
                     return "appName=Test,ou=applications";
                 }
 
-                public Map<String, Role> getRolesByName()
+                public Map<String, Role> getRolesById()
                 {
                     return null;
                 }

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/RoleTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/RoleTest.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/RoleTest.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/RoleTest.java
Sat Oct 20 10:10:15 2007
@@ -44,22 +44,22 @@
 
     protected Object newInstanceA1()
     {
-        return new Role( STORE1, "role1", null, null );
+        return new Role( STORE1, "role1", "role1", null, null );
     }
 
     protected Object newInstanceA2()
     {
-        return new Role( STORE1, "role1", null, null );
+        return new Role( STORE1, "role1", "role1", null, null );
     }
 
     protected Object newInstanceB1()
     {
-        return new Role( STORE1, "role2", null, null );
+        return new Role( STORE1, "role2", "role2", null, null );
     }
 
     protected Object newInstanceB2()
     {
-        return new Role( STORE2, "role1", null, null );
+        return new Role( STORE2, "role1", "role1", null, null );
     }
 
     public void testInstantiation()
@@ -69,7 +69,7 @@
         // Test null parameters
         try
         {
-            new Role( null, "role1", perms, null );
+            new Role( null, "role1", "role1", perms, null );
             fail( "Execption is not thrown." );
         }
         catch ( NullPointerException e )
@@ -78,7 +78,7 @@
         }
         try
         {
-            new Role( STORE1, null, perms, null );
+            new Role( STORE1, null, null, perms, null );
             fail( "Execption is not thrown." );
         }
         catch ( NullPointerException e )
@@ -89,7 +89,7 @@
         // Test empty fields
         try
         {
-            new Role( STORE2, "", perms, null );
+            new Role( STORE2, "", "", perms, null );
             fail( "Execption is not thrown." );
         }
         catch ( IllegalArgumentException e )
@@ -133,7 +133,7 @@
 //            // OK
 //        }
 
-        Role r = new Role( STORE1, "role1", null, null );
+        Role r = new Role( STORE1, "role1", "role1", null, null );
         assertEquals( 0, PermissionsUtil.size( r.getGrantedPermissions() ) );
         assertEquals( 0, PermissionsUtil.size( r.getDeniedPermissions() ) );
     }
@@ -146,7 +146,7 @@
         perms.add( new StringPermission( "perm2" ) );
         perms.add( new StringPermission( "perm3" ) );
 
-        Role r = new Role( STORE1, "role1", perms, null, null, null, "test description" );
+        Role r = new Role( STORE1, "role1", "role1", perms, null, null, null, "test description"
);
         assertEquals( "app1", r.getApplicationRelativeDistinguishedName() );
         assertEquals( "role1", r.getName() );
         assertEquals( perms, r.getGrantedPermissions() );
@@ -161,7 +161,7 @@
         Permissions perms = new Permissions();
         perms.add( perm );
 
-        Role r = new Role( STORE1, "role1", perms, null );
+        Role r = new Role( STORE1, "role1", "role1", perms, null );
 
         // Check existing permissions
         assertTrue( r.implies( perm ) );
@@ -211,7 +211,7 @@
             return appName;
         }
 
-        public Map<String, Role> getRolesByName()
+        public Map<String, Role> getRolesById()
         {
             return null;
         }

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockApplicationPolicy.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockApplicationPolicy.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockApplicationPolicy.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockApplicationPolicy.java
Sat Oct 20 10:10:15 2007
@@ -87,26 +87,26 @@
 
         // role without any permissions toggled
         Permissions grants = new Permissions();
-        Role role0 = new Role( this, "mockRole0", grants, null );
+        Role role0 = new Role( this, "mockRole0", "mockRole0", grants, null );
         roleByName.put( role0.getName(), role0 );
 
         // role with permission mockPerm0
         grants = new Permissions();
         grants.add( perm0 );
-        Role role1 = new Role( this, "mockRole1", grants, null );
+        Role role1 = new Role( this, "mockRole1", "mockRole1", grants, null );
         roleByName.put( role1.getName(), role1 );
 
         // role with permission mockPerm1
         grants = new Permissions();
         grants.add( perm1 );
-        Role role2 = new Role( this, "mockRole2", grants, null );
+        Role role2 = new Role( this, "mockRole2", "mockRole2", grants, null );
         roleByName.put( role2.getName(), role2 );
 
         // role with permission mockPerm2 and mochPerm3
         grants = new Permissions();
         grants.add( perm2 );
         grants.add( perm3 );
-        Role role3 = new Role( this, "mockRole3", grants, null );
+        Role role3 = new Role( this, "mockRole3", "mockRole3", grants, null );
         roleByName.put( role3.getName(), role3 );
 
         // role with permission mockPerm4, mockPerm5, mockPerm6, mockPerm7, mockPerm9
@@ -116,7 +116,7 @@
         grants.add( perm6 );
         grants.add( perm7 );
         grants.add( perm9 );
-        Role role4 = new Role( this, "mockRole4", grants, null );
+        Role role4 = new Role( this, "mockRole4", "mockRole4", grants, null );
         roleByName.put( role4.getName(), role4 );
 
         // role with permission mockPerm4, mockPerm5, mockPerm6, mockPerm7, mockPerm9
@@ -128,7 +128,7 @@
         grants.add( perm9 );
         Permissions denials = new Permissions();
         denials.add( perm6 );
-        Role role5 = new Role( this, "mockRole5", grants, denials );
+        Role role5 = new Role( this, "mockRole5", "mockRole5", grants, denials );
         roleByName.put( role5.getName(), role5 );
 
         // --------------------------------------------------------------------------------
@@ -194,7 +194,7 @@
         return name;
     }
 
-    public Map<String, Role> getRolesByName()
+    public Map<String, Role> getRolesById()
     {
         return roleByName;
     }

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockApplicationPolicyTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockApplicationPolicyTest.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockApplicationPolicyTest.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-api/src/test/java/org/apache/directory/triplesec/guardian/mock/MockApplicationPolicyTest.java
Sat Oct 20 10:10:15 2007
@@ -55,7 +55,7 @@
 
     public void testProfile0()
     {
-        assertEquals( 6, store.getRolesByName().size() );
+        assertEquals( 6, store.getRolesById().size() );
         Session p = store.getSession( "mockProfile0" );
 //        assertTrue( PermissionsUtil.isEmpty(p.getEffectiveGrantedPermissions()) );
         assertTrue( p.getRoles().isEmpty() );

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicy.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicy.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicy.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/main/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicy.java
Sat Oct 20 10:10:15 2007
@@ -96,7 +96,7 @@
         loadRoles();
 
         // setup the administrator with all permissions and roles
-//        adminProfile = new Profile( this, "admin", "admin", new HashSet<Role>(rolesByName.values()),
getAllPermissions(),
+//        adminProfile = new Profile( this, "admin", "admin", new HashSet<Role>(rolesById.values()),
getAllPermissions(),
 //            new Permissions( ), false );
 
         try
@@ -148,27 +148,26 @@
      */
     private void loadRoles() throws GuardianException
     {
-        Set<Role> roleSet = new HashSet<Role>();
         SearchControls ctrls = new SearchControls();
-        ctrls.setReturningAttributes( new String[] { "roleName", "grants", "denials", "grantedRoles",
"deniedRoles" } );
-        ctrls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
+        ctrls.setReturningAttributes( new String[] { "roleName", "roleId", "grants", "denials",
"grantedRoles", "deniedRoles" } );
+        ctrls.setSearchScope( SearchControls.SUBTREE_SCOPE );
 
         try
         {
             Map<String, Attributes> roleAttributes = new HashMap<String, Attributes>();
-            NamingEnumeration<SearchResult> list = ctx.search( "ou=roles," + applicationRdn,
+            NamingEnumeration<SearchResult> list = ctx.search( applicationRdn,
                     "(objectClass=policyRole)", ctrls );
             while ( list.hasMore() )
             {
                 SearchResult result = list.next();
                 Attributes attributes = result.getAttributes();
-                String roleName = getStringAttribute(attributes, "roleName");
-                roleAttributes.put(roleName, attributes);
+                String roleId = getStringAttribute(attributes, "roleId");
+                roleAttributes.put(roleId, attributes);
             }
 
-            for (String roleName: roleAttributes.keySet())
+            for (String roleId: roleAttributes.keySet())
             {
-                addRole(roleName, roleAttributes);
+                addRole(roleId, roleAttributes);
             }
         }
         catch ( NamingException e )
@@ -609,7 +608,7 @@
                 }
 
                 // setup the administrator with all permissions and roles
-//                adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin",
new HashSet<Role>(rolesByName.values()), getAllPermissions(),
+//                adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin",
new HashSet<Role>(rolesById.values()), getAllPermissions(),
 //                    new Permissions( ), false );
             }
             catch ( NamingException e )
@@ -698,7 +697,7 @@
                 }
 
                 // setup the administrator with all permissions and roles
-//                adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin",
new HashSet<Role>(rolesByName.values()), getAllPermissions(),
+//                adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin",
new HashSet<Role>(rolesById.values()), getAllPermissions(),
 //                    new Permissions( ), false );
             }
             catch ( NamingException e )
@@ -770,7 +769,7 @@
                 }
 
                 // setup the administrator with all permissions and roles
-//                adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin",
new HashSet<Role>(rolesByName.values()), getAllPermissions(),
+//                adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin",
new HashSet<Role>(rolesById.values()), getAllPermissions(),
 //                    new Permissions( ), false );
             }
             catch ( NamingException e )
@@ -847,7 +846,7 @@
                 }
 
                 // setup the administrator with all permissions and roles
-//                adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin",
new HashSet<Role>(rolesByName.values()), getAllPermissions(),
+//                adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin",
new HashSet<Role>(rolesById.values()), getAllPermissions(),
 //                    new Permissions( ), false );
             }
             catch ( NamingException e )

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-ldap/src/test/java/org/apache/directory/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java
Sat Oct 20 10:10:15 2007
@@ -121,7 +121,7 @@
 //
 //        }
 
-//        assertEquals( 12, store.getRolesByName().size() );
+//        assertEquals( 12, store.getRolesById().size() );
         Session p = store.getSession( "nonexistant" );
         assertEquals(0, p.getRoles().size() );
 
@@ -177,16 +177,16 @@
 
     public void XtestGetDependantProfilesRole() throws Exception
     {
-        Role role0 = store.getRolesByName().get( "mockRole0" );
+        Role role0 = store.getRolesById().get( "mockRole0" );
         Set dependents = store.getDependentProfileNames( role0 );
         assertEquals( 1, dependents.size() );
 
-        Role role1 = store.getRolesByName().get( "mockRole1" );
+        Role role1 = store.getRolesById().get( "mockRole1" );
         dependents = store.getDependentProfileNames( role1 );
         assertEquals( 2, dependents.size() );
         assertTrue( dependents.contains( "mockProfile1" ) );
 
-        Role role2 = store.getRolesByName().get( "mockRole2" );
+        Role role2 = store.getRolesById().get( "mockRole2" );
         dependents = store.getDependentProfileNames( role2 );
         assertEquals( 3, dependents.size() );
         assertTrue( dependents.contains( "mockProfile1" ) );
@@ -378,7 +378,7 @@
         assertFalse( role.getGrantedPermissions().implies(new StringPermission("mockPerm1"
)));
 
         // make sure that policy is updated with this new role
-        assertEquals( this.role, this.store.getRolesByName().get( "mockRole6" ) );
+        assertEquals( this.role, this.store.getRolesById().get( "mockRole6" ) );
         this.role = null;
         this.changeType = null;
 
@@ -419,7 +419,7 @@
         assertFalse( role.getGrantedPermissions().implies(new StringPermission("mockPerm1"
)));
 
         // make sure that policy is updated with this new role
-        assertNull( this.store.getRolesByName().get( "mockRole6" ) );
+        assertNull( this.store.getRolesById().get( "mockRole6" ) );
         this.role = null;
         this.changeType = null;
 
@@ -602,7 +602,7 @@
 //        assertFalse( role.getGrantedPermissions().implies( new StringPermission("mockPerm0"
)));
 
         // make sure that policy is updated with this changed role
-        assertEquals( role, store.getRolesByName().get( "mockRole1" ) );
+        assertEquals( role, store.getRolesById().get( "mockRole1" ) );
 
         // -------------------------------------------------------------------
         // Test Permission Alteration and Notification
@@ -700,8 +700,8 @@
         // -------------------------------------------------------------------
         reset();
 
-        assertNotNull( store.getRolesByName().get( "mockRole0" ) );
-        assertNull( store.getRolesByName().get( "renamed" ) );
+        assertNotNull( store.getRolesById().get( "mockRole0" ) );
+        assertNull( store.getRolesById().get( "renamed" ) );
         ctx.rename( "roleName=mockRole0,ou=roles", "roleName=renamed,ou=roles" );
 
         // wait until the object is set or exit in 10 seconds
@@ -725,8 +725,8 @@
 
 //        assertNull( profile );
         assertNull( permission );
-        assertNull( store.getRolesByName().get( "mockRole0" ) );
-        assertNotNull( store.getRolesByName().get( "renamed" ) );
+        assertNull( store.getRolesById().get( "mockRole0" ) );
+        assertNotNull( store.getRolesById().get( "renamed" ) );
         assertNotNull( role );
         assertEquals( "renamed", role.getName() );
         assertNotNull( originalName );

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicy.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicy.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicy.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/main/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicy.java
Sat Oct 20 10:10:15 2007
@@ -92,7 +92,7 @@
         // loads the ldifs as a map of LdapNames to Attributes
         load( in );
         // create the admin profile with all permissions as grants and in all roles
-//        this.adminProfile = new Profile( this, "admin", "admin", new HashSet<Role>(
rolesByName.values() ), getAllPermissions(),
+//        this.adminProfile = new Profile( this, "admin", "admin", new HashSet<Role>(
rolesById.values() ), getAllPermissions(),
 //                new Permissions(), false );
     }
 

Modified: directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicyTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicyTest.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicyTest.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/guardian-ldif/src/test/java/org/apache/directory/triplesec/guardian/ldif/LdifApplicationPolicyTest.java
Sat Oct 20 10:10:15 2007
@@ -131,7 +131,7 @@
     {
         Session p = policy.getSession( "mockProfile0" );
 //        assertTrue( PermissionsUtil.isEmpty(p.getEffectiveGrantedPermissions()) );
-        assertEquals( 6, policy.getRolesByName().size() );
+        assertEquals( 6, policy.getRolesById().size() );
         assertEquals( p, policy.getSession( "mockProfile0" ) );
     }
 

Modified: directory/sandbox/djencks/triplesec-jacc2/itest-data/src/main/resources/server.ldif
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/itest-data/src/main/resources/server.ldif?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/itest-data/src/main/resources/server.ldif (original)
+++ directory/sandbox/djencks/triplesec-jacc2/itest-data/src/main/resources/server.ldif Sat
Oct 20 10:10:15 2007
@@ -465,6 +465,7 @@
 objectClass: policyRole
 objectClass: top
 roleName: mockRole
+roleId:mockRole
 
 dn: roleName=mockRolepg1,ou=roles,appName=mockContext,appName=mockApplication,ou=applications,dc=example,dc=com
 changetype: add
@@ -472,6 +473,7 @@
 objectClass: policyRole
 grants: mockPerm1
 roleName: mockRolepg1
+roleId: mockRolepg1
 
 dn: roleName=mockRolepg2,ou=roles,appName=mockContext,appName=mockApplication,ou=applications,dc=example,dc=com
 changetype: add
@@ -479,6 +481,7 @@
 objectClass: policyRole
 grants: mockPerm2
 roleName: mockRolepg2
+roleId: mockRolepg2
 
 dn: roleName=mockRolepg3,ou=roles,appName=mockContext,appName=mockApplication,ou=applications,dc=example,dc=com
 changetype: add
@@ -486,6 +489,7 @@
 objectClass: policyRole
 grants: mockPerm3
 roleName: mockRolepg3
+roleId: mockRolepg3
 
 dn: roleName=mockRole4,ou=roles,appName=mockContext,appName=mockApplication,ou=applications,dc=example,dc=com
 changetype: add
@@ -497,6 +501,7 @@
 grants: mockPerm5
 grants: mockPerm4
 roleName: mockRole4
+roleId: mockRole4
 
 dn: roleName=mockRole5,ou=roles,appName=mockContext,appName=mockApplication,ou=applications,dc=example,dc=com
 changetype: add
@@ -508,6 +513,7 @@
 grants: mockPerm4
 denials: mockPerm6
 roleName: mockRole5
+roleId: mockRole5
 
 dn: roleName=mockRolerg12,ou=roles,appName=mockContext,appName=mockApplication,ou=applications,dc=example,dc=com
 changetype: add
@@ -516,6 +522,7 @@
 grantedRoles: mockRolepg2
 grantedRoles: mockRolepg1
 roleName: mockRolerg12
+roleId: mockRolerg12
 
 dn: roleName=mockRolepg1rg2,ou=roles,appName=mockContext,appName=mockApplication,ou=applications,dc=example,dc=com
 changetype: add
@@ -524,6 +531,7 @@
 grants: mockPerm1
 grantedRoles: mockRolepg2
 roleName: mockRolepg1rg2
+roleId: mockRolepg1rg2
 
 dn: roleName=mockRolepd1rg1,ou=roles,appName=mockContext,appName=mockApplication,ou=applications,dc=example,dc=com
 changetype: add
@@ -532,6 +540,7 @@
 denials: mockPerm1
 grantedRoles: mockRolepg1
 roleName: mockRolepd1rg1
+roleId: mockRolepd1rg1
 
 dn: roleName=mockRolerg(rg12)rd(pg1),ou=roles,appName=mockContext,appName=mockApplication,ou=applications,dc=example,dc=com
 changetype: add
@@ -540,6 +549,7 @@
 grantedRoles: mockRolerg12
 deniedRoles: mockRolepg1
 roleName: mockRolerg(rg12)rd(pg1)
+roleId: mockRolerg(rg12)rd(pg1)
 
 dn: roleName=mockRolerg1(rg(rg12)rd(pg1)),ou=roles,appName=mockContext,appName=mockApplication,ou=applications,dc=example,dc=com
 changetype: add
@@ -548,6 +558,7 @@
 grantedRoles: mockRolepg1
 grantedRoles: mockRolerg(rg12)rd(pg1)
 roleName: mockRolerg1(rg(rg12)rd(pg1))
+roleId: mockRolerg1(rg(rg12)rd(pg1))
 
 dn: uid=mockProfilemockRolerg12,ou=users,dc=example,dc=com
 changetype: add

Modified: directory/sandbox/djencks/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/DataPolicyConfiguration.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/DataPolicyConfiguration.java?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/DataPolicyConfiguration.java
(original)
+++ directory/sandbox/djencks/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/DataPolicyConfiguration.java
Sat Oct 20 10:10:15 2007
@@ -42,13 +42,13 @@
     public static final String UNIVERSAL_ROLE_NAME = "org.apache.directory.triplesec.jacc.universal";
 
     private final Application context;
-    private final EntityManager entityManager;
 
     private int counter = 0;
+    private static int roleCount = 0;
 
     public DataPolicyConfiguration( String contextID, TripleSecPolicyConfigurationFactory
policyConfigurationFactory ) throws PolicyContextException
     {
-        entityManager = policyConfigurationFactory.getEntityManager();
+        EntityManager entityManager = policyConfigurationFactory.getEntityManager();
         Application context;
         try
         {
@@ -57,7 +57,7 @@
         {
             context = new Application();
             context.setAppName( contextID );
-            context.addRole( new Role( UNIVERSAL_ROLE_NAME, "universal role" ) );
+            context.addRole( new Role( UNIVERSAL_ROLE_NAME, getRoleId(), "universal role"
) );
             entityManager.persist( context, null );
         }
         this.context = context;
@@ -176,15 +176,20 @@
         return false;
     }
 
-    private Role getRole( String roleId )
+    private Role getRole( String roleName )
     {
-        Role role = context.getRole( roleId );
+        Role role = context.getRole( roleName );
         if ( role == null )
         {
-            role = new Role( roleId, null );
+            role = new Role( roleName, getRoleId(), null );
             context.addRole( role );
         }
         return role;
+    }
+
+    private String getRoleId()
+    {
+        return "roleId" + roleCount++;
     }
 
     private synchronized String nextPermissionId()

Modified: directory/sandbox/djencks/triplesec-jacc2/store/src/main/schema/triplesec.schema
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/store/src/main/schema/triplesec.schema?rev=586761&r1=586760&r2=586761&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/store/src/main/schema/triplesec.schema (original)
+++ directory/sandbox/djencks/triplesec-jacc2/store/src/main/schema/triplesec.schema Sat Oct
20 10:10:15 2007
@@ -190,8 +190,8 @@
         SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
 
 attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.207
-        NAME 'profileId'
-        DESC 'a profile identifier'
+        NAME 'roleId'
+        DESC 'a role identifier'
         EQUALITY caseExactMatch
         SUBSTR caseExactSubstringsMatch
         SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
@@ -220,7 +220,7 @@
 objectclass ( 1.3.6.1.4.1.18060.0.4.6.3.203 NAME 'policyRole'
     SUP top
     STRUCTURAL
-    MUST ( roleName )
+    MUST ( roleName $ roleId )
     MAY  ( grants $ denials $ grantedRoles $ deniedRoles $ description ) )
 
 objectclass ( 1.3.6.1.4.1.18060.0.4.6.3.204 NAME 'policyUser'



Mime
View raw message