directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r895847 - in /directory/apacheds/branches/apacheds-schema/core/src/main/java/org/apache/directory/server/core/authz: AciAuthorizationInterceptor.java DefaultAuthorizationInterceptor.java
Date Tue, 05 Jan 2010 02:08:37 GMT
Author: elecharny
Date: Tue Jan  5 02:08:36 2010
New Revision: 895847

URL: http://svn.apache.org/viewvc?rev=895847&view=rev
Log:
Removed the enabled global variable : it's already present in the DS, so use this value instead

Modified:
    directory/apacheds/branches/apacheds-schema/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
    directory/apacheds/branches/apacheds-schema/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationInterceptor.java

Modified: directory/apacheds/branches/apacheds-schema/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-schema/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java?rev=895847&r1=895846&r2=895847&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-schema/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
(original)
+++ directory/apacheds/branches/apacheds-schema/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
Tue Jan  5 02:08:36 2010
@@ -167,12 +167,6 @@
     /** Global registries */
     private SchemaManager schemaManager;
     
-    /** ObjectClass registry */
-    //private ObjectClassRegistry ocRegistry;
-    
-    /** whether or not this interceptor is activated */
-    private boolean enabled;
-    
     /** the system wide subschemaSubentryDn */
     private String subschemaSubentryDn;
 
@@ -222,7 +216,6 @@
         aciParser = new ACIItemParser( new ConcreteNameComponentNormalizer( schemaManager
), schemaManager.getNormalizerMapping() );
         engine = new ACDFEngine( schemaManager.getGlobalOidRegistry(), schemaManager );
         chain = directoryService.getInterceptorChain();
-        enabled = directoryService.isAccessControlEnabled();
 
         // stuff for dealing with subentries (garbage for now)
         Value<?> subschemaSubentry = 
@@ -440,7 +433,7 @@
         LdapDN name = addContext.getDn();
 
         // bypass authz code if we are disabled
-        if ( !enabled )
+        if ( !addContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             next.add( addContext );
             return;
@@ -512,7 +505,7 @@
         LdapDN principalDn = principal.getJndiName();
 
         // bypass authz code if we are disabled
-        if ( ! enabled )
+        if ( ! deleteContext.getSession().getDirectoryService().isAccessControlEnabled()
)
         {
             next.delete( deleteContext );
             return;
@@ -557,7 +550,7 @@
         LdapDN principalDn = principal.getJndiName();
 
         // bypass authz code if we are disabled
-        if ( !enabled )
+        if ( !opContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             next.modify( opContext );
             return;
@@ -671,7 +664,8 @@
     public boolean hasEntry( NextInterceptor next, EntryOperationContext entryContext ) throws
Exception
     {
         LdapDN name = entryContext.getDn();
-        if ( ! enabled )
+        
+        if ( ! entryContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             return name.size() == 0 || next.hasEntry( entryContext );
         }
@@ -780,7 +774,7 @@
             principalDn.normalize( schemaManager.getNormalizerMapping() );
         }
         
-        if ( isPrincipalAnAdministrator( principalDn ) || !enabled )
+        if ( isPrincipalAnAdministrator( principalDn ) || !lookupContext.getSession().getDirectoryService().isAccessControlEnabled()
)
         {
             return next.lookup( lookupContext );
         }
@@ -809,7 +803,7 @@
         LdapDN newName = renameContext.getNewDn();
 
         // bypass authz code if we are disabled
-        if ( !enabled )
+        if ( !renameContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             next.rename( renameContext );
             return;
@@ -859,7 +853,7 @@
         newName.add( moveAndRenameContext.getNewRdn().getUpName() );
 
         // bypass authz code if we are disabled
-        if ( !enabled )
+        if ( !moveAndRenameContext.getSession().getDirectoryService().isAccessControlEnabled()
)
         {
             next.moveAndRename( moveAndRenameContext );
             return;
@@ -938,7 +932,7 @@
         LdapDN principalDn = principal.getJndiName();
 
         // bypass authz code if we are disabled
-        if ( !enabled )
+        if ( !moveContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             next.move( moveContext );
             return;
@@ -1007,7 +1001,7 @@
         LdapPrincipal user = opContext.getSession().getEffectivePrincipal();
         EntryFilteringCursor cursor = next.list( opContext );
         
-        if ( isPrincipalAnAdministrator( user.getJndiName() ) || !enabled )
+        if ( isPrincipalAnAdministrator( user.getJndiName() ) || !opContext.getSession().getDirectoryService().isAccessControlEnabled()
)
         {
             return cursor;
         }
@@ -1028,7 +1022,7 @@
         SearchControls searchCtls = opContext.getSearchControls();
         boolean isRootDSELookup = opContext.getDn().size() == 0 && searchCtls.getSearchScope()
== SearchControls.OBJECT_SCOPE;
 
-        if ( isPrincipalAnAdministrator( principalDn ) || !enabled || isRootDSELookup ||
isSubschemaSubentryLookup )
+        if ( isPrincipalAnAdministrator( principalDn ) || !opContext.getSession().getDirectoryService().isAccessControlEnabled()
|| isRootDSELookup || isSubschemaSubentryLookup )
         {
             return cursor;
         }
@@ -1055,7 +1049,7 @@
         LdapPrincipal principal = opContext.getSession().getEffectivePrincipal();
         LdapDN principalDn = principal.getJndiName();
 
-        if ( isPrincipalAnAdministrator( principalDn ) || !enabled )
+        if ( isPrincipalAnAdministrator( principalDn ) || !opContext.getSession().getDirectoryService().isAccessControlEnabled()
)
         {
             return next.compare( opContext );
         }
@@ -1083,7 +1077,7 @@
         LdapPrincipal principal = opContext.getSession().getEffectivePrincipal();
         LdapDN principalDn = principal.getJndiName();
         
-        if ( isPrincipalAnAdministrator( principalDn ) || !enabled )
+        if ( isPrincipalAnAdministrator( principalDn ) || !opContext.getSession().getDirectoryService().isAccessControlEnabled()
)
         {
             return next.getMatchedName( opContext );
         }

Modified: directory/apacheds/branches/apacheds-schema/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-schema/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationInterceptor.java?rev=895847&r1=895846&r2=895847&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-schema/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationInterceptor.java
(original)
+++ directory/apacheds/branches/apacheds-schema/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationInterceptor.java
Tue Jan  5 02:08:36 2010
@@ -92,11 +92,6 @@
      */
     private static LdapDN ADMIN_GROUP_DN;
 
-    /**
-     * the name parser used by this service
-     */
-    private boolean enabled = true;
-    
     private Set<String> administrators = new HashSet<String>(2);
     
     private PartitionNexus nexus;
@@ -119,9 +114,6 @@
         nexus = directoryService.getPartitionNexus();
         SchemaManager schemaManager = directoryService.getSchemaManager();
 
-        // disable this static module if basic access control mechanisms are enabled
-        enabled = ! directoryService.isAccessControlEnabled();
-        
         USER_BASE_DN = new LdapDN( ServerDNConstants.ADMIN_SYSTEM_DN );
         USER_BASE_DN.normalize( schemaManager.getNormalizerMapping() );
         
@@ -174,7 +166,7 @@
     {
         LdapDN name = opContext.getDn();
         
-        if ( !enabled )
+        if ( opContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             nextInterceptor.delete( opContext );
             return;
@@ -259,7 +251,7 @@
     public void modify( NextInterceptor nextInterceptor, ModifyOperationContext opContext
)
         throws Exception
     {
-        if ( enabled )
+        if ( !opContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             LdapDN dn = opContext.getDn();
             
@@ -345,7 +337,7 @@
     public void rename( NextInterceptor nextInterceptor, RenameOperationContext opContext
)
         throws Exception
     {
-        if ( enabled )
+        if ( !opContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             protectDnAlterations( opContext.getDn() );
         }
@@ -356,7 +348,7 @@
 
     public void move( NextInterceptor nextInterceptor, MoveOperationContext opContext ) throws
Exception
     {
-        if ( enabled )
+        if ( !opContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             protectDnAlterations( opContext.getDn() );
         }
@@ -367,7 +359,7 @@
 
     public void moveAndRename( NextInterceptor nextInterceptor, MoveAndRenameOperationContext
opContext ) throws Exception
     {
-        if ( enabled )
+        if ( !opContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             protectDnAlterations( opContext.getDn() );
         }
@@ -428,7 +420,7 @@
     {
         ClonedServerEntry serverEntry = nextInterceptor.lookup( opContext );
         
-        if ( !enabled || ( serverEntry == null ) )
+        if ( opContext.getSession().getDirectoryService().isAccessControlEnabled() || ( serverEntry
== null ) )
         {
             return serverEntry;
         }
@@ -497,7 +489,7 @@
     {
         EntryFilteringCursor cursor = nextInterceptor.search( opContext );
 
-        if ( !enabled )
+        if ( opContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             return cursor;
         }
@@ -516,7 +508,7 @@
     {
         EntryFilteringCursor cursor = nextInterceptor.list( opContext );
         
-        if ( !enabled )
+        if ( opContext.getSession().getDirectoryService().isAccessControlEnabled() )
         {
             return cursor;
         }



Mime
View raw message