directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kayyag...@apache.org
Subject svn commit: r964355 - in /directory/apacheds/trunk: core-api/src/main/java/org/apache/directory/server/core/interceptor/ core/src/main/java/org/apache/directory/server/core/operational/ core/src/main/java/org/apache/directory/server/core/schema/
Date Thu, 15 Jul 2010 09:49:35 GMT
Author: kayyagari
Date: Thu Jul 15 09:49:34 2010
New Revision: 964355

URL: http://svn.apache.org/viewvc?rev=964355&view=rev
Log:
o added a set to hold the pwdpolicy state OP ATs to be accessible from the BaseInterceptor
o updated OperationalAttributeInterceptor and SchemaInterceptor to use this set to restrict
the modify operation on these attributes by users

Modified:
    directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeInterceptor.java
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java

Modified: directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java?rev=964355&r1=964354&r2=964355&view=diff
==============================================================================
--- directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java
(original)
+++ directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java
Thu Jul 15 09:49:34 2010
@@ -20,6 +20,9 @@
 package org.apache.directory.server.core.interceptor;
 
 
+import java.util.HashSet;
+import java.util.Set;
+
 import javax.naming.Context;
 
 import org.apache.directory.server.core.DirectoryService;
@@ -43,6 +46,7 @@ import org.apache.directory.server.core.
 import org.apache.directory.server.core.invocation.InvocationStack;
 import org.apache.directory.shared.ldap.entry.Entry;
 import org.apache.directory.shared.ldap.exception.LdapException;
+import org.apache.directory.shared.ldap.schema.AttributeType;
 
 
 /**
@@ -54,6 +58,10 @@ import org.apache.directory.shared.ldap.
  */
 public abstract class BaseInterceptor implements Interceptor
 {
+    
+    /** set of operational attribute types used for representing the password policy state
of a user entry */
+    protected static final Set<AttributeType> PWD_POLICY_STATE_ATTRIBUTE_TYPES = new
HashSet<AttributeType>();
+    
     /**
      * default interceptor name is its class, preventing accidental duplication of interceptors
by naming
      * instances differently

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeInterceptor.java?rev=964355&r1=964354&r2=964355&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeInterceptor.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeInterceptor.java
Thu Jul 15 09:49:34 2010
@@ -286,6 +286,13 @@ public class OperationalAttributeInterce
                     modifiedTimeAtPresent = true;
                 }
             }
+            
+            if( PWD_POLICY_STATE_ATTRIBUTE_TYPES.contains( attributeType ) && !isAdmin
)
+            {
+                String message = I18n.err( I18n.ERR_32 );
+                LOG.error( message );
+                throw new LdapSchemaViolationException( ResultCodeEnum.INSUFFICIENT_ACCESS_RIGHTS,
message );
+            }
         }
 
         if ( !modifierAtPresent )

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java?rev=964355&r1=964354&r2=964355&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
Thu Jul 15 09:49:34 2010
@@ -20,6 +20,8 @@
 package org.apache.directory.server.core.schema;
 
 
+import static org.apache.directory.shared.ldap.constants.PasswordPolicySchemaConstants.PWD_GRACE_USE_TIME_AT;
+
 import java.io.UnsupportedEncodingException;
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -169,8 +171,7 @@ public class SchemaInterceptor extends B
 
     private static AttributeType MODIFIERS_NAME_ATTRIBUTE_TYPE;
     private static AttributeType MODIFY_TIMESTAMP_ATTRIBUTE_TYPE;
-    private static AttributeType PWD_CHANGED_TIME_ATTRIBUTE_TYPE;
-    private static AttributeType PWD_HISTRORY_ATTRIBUTE_TYPE;
+    
 
     /**
      * Initialize the Schema Service
@@ -214,9 +215,7 @@ public class SchemaInterceptor extends B
 
         MODIFIERS_NAME_ATTRIBUTE_TYPE = schemaManager.getAttributeType( SchemaConstants.MODIFIERS_NAME_AT
);
         MODIFY_TIMESTAMP_ATTRIBUTE_TYPE = schemaManager.getAttributeType( SchemaConstants.MODIFY_TIMESTAMP_AT
);
-        PWD_CHANGED_TIME_ATTRIBUTE_TYPE = schemaManager.getAttributeType( PasswordPolicySchemaConstants.PWD_CHANGED_TIME_AT
);
-        PWD_HISTRORY_ATTRIBUTE_TYPE = schemaManager.getAttributeType( PasswordPolicySchemaConstants.PWD_HISTORY_AT
);
-
+        
         if ( IS_DEBUG )
         {
             LOG.debug( "SchemaInterceptor Initialized !" );
@@ -1050,8 +1049,7 @@ public class SchemaInterceptor extends B
             if ( !attributeType.isUserModifiable()
                 && ( !attributeType.equals( MODIFIERS_NAME_ATTRIBUTE_TYPE ) 
                 && ( !attributeType.equals( MODIFY_TIMESTAMP_ATTRIBUTE_TYPE ) )
-                && ( !attributeType.equals( PWD_CHANGED_TIME_ATTRIBUTE_TYPE ) )
-                && ( !attributeType.equals( PWD_HISTRORY_ATTRIBUTE_TYPE ) ) ) )
+                && ( !PWD_POLICY_STATE_ATTRIBUTE_TYPES.contains( attributeType )
) ) )
             {
                 String msg = I18n.err( I18n.ERR_52, attributeType );
                 LOG.error( msg );



Mime
View raw message