directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r1053217 - in /directory/apacheds/branches/apacheds-AP: core-api/src/main/java/org/apache/directory/server/core/administrative/ core-api/src/main/java/org/apache/directory/server/core/interceptor/ core-integ/src/test/java/org/apache/directo...
Date Mon, 27 Dec 2010 23:01:19 GMT
Author: elecharny
Date: Mon Dec 27 23:01:19 2010
New Revision: 1053217

URL: http://svn.apache.org/viewvc?rev=1053217&view=rev
Log:
o Used the AdministrativeRoleEnum instead of AdministrativeRole in the Subentry class
o Initialized the list of SeqNumber operational attributes in the BaseInterceptor class
o Fixed the tests
o Bypassed the SeqNumber modification in the OperationalAttributeInterceptor if the admin
is modifying those attributes
o Some code cleanup
o It's now allowed to modify the seqNumber ATs if the principal is admin
o Updated the SeqNumber correctly in the subtreeInterceptor

Modified:
    directory/apacheds/branches/apacheds-AP/core-api/src/main/java/org/apache/directory/server/core/administrative/Subentry.java
    directory/apacheds/branches/apacheds-AP/core-api/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java
    directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/subtree/SubentryAddOperationIT.java
    directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/subtree/SubentryDeleteOperationIT.java
    directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeInterceptor.java
    directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
    directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java

Modified: directory/apacheds/branches/apacheds-AP/core-api/src/main/java/org/apache/directory/server/core/administrative/Subentry.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-AP/core-api/src/main/java/org/apache/directory/server/core/administrative/Subentry.java?rev=1053217&r1=1053216&r2=1053217&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-AP/core-api/src/main/java/org/apache/directory/server/core/administrative/Subentry.java
(original)
+++ directory/apacheds/branches/apacheds-AP/core-api/src/main/java/org/apache/directory/server/core/administrative/Subentry.java
Mon Dec 27 23:01:19 2010
@@ -22,7 +22,6 @@ package org.apache.directory.server.core
 
 import java.util.Set;
 
-import org.apache.directory.shared.ldap.subtree.AdministrativeRole;
 import org.apache.directory.shared.ldap.subtree.SubtreeSpecification;
 
 
@@ -40,7 +39,7 @@ public class Subentry
     private SubtreeSpecification ss;
 
     /** The administratives roles */
-    private Set<AdministrativeRole> administrativeRoles;
+    private Set<AdministrativeRoleEnum> administrativeRoles;
     
     /** The subentry UUID */
     private String uuid;
@@ -73,7 +72,7 @@ public class Subentry
      *
      * @param administrativeRoles The roles to be added
      */
-    public void setAdministrativeRoles( Set<AdministrativeRole> administrativeRoles
)
+    public void setAdministrativeRoles( Set<AdministrativeRoleEnum> administrativeRoles
)
     {
         this.administrativeRoles = administrativeRoles;
     }
@@ -82,7 +81,7 @@ public class Subentry
     /**
      * @return The list of roles for this subentry
      */
-    public Set<AdministrativeRole> getAdministrativeRoles()
+    public Set<AdministrativeRoleEnum> getAdministrativeRoles()
     {
         return administrativeRoles;
     }
@@ -93,8 +92,7 @@ public class Subentry
      */
     public boolean isCollectiveAdminRole()
     {
-        return administrativeRoles.contains( AdministrativeRole.CollectiveAttributeInnerArea
) ||
-        administrativeRoles.contains( AdministrativeRole.CollectiveAttributeSpecificArea
);
+        return administrativeRoles.contains( AdministrativeRoleEnum.CollectiveAttribute );
     }
 
 
@@ -103,7 +101,7 @@ public class Subentry
      */
     public boolean isSchemaAdminRole()
     {
-        return administrativeRoles.contains( AdministrativeRole.SubSchemaSpecificArea );
+        return administrativeRoles.contains( AdministrativeRoleEnum.SubSchema );
     }
 
 
@@ -112,8 +110,7 @@ public class Subentry
      */
     public boolean isAccessControlAdminRole()
     {
-        return administrativeRoles.contains( AdministrativeRole.AccessControlSpecificArea
) ||
-               administrativeRoles.contains( AdministrativeRole.AccessControlInnerArea );
+        return administrativeRoles.contains( AdministrativeRoleEnum.AccessControl );
     }
 
 
@@ -122,8 +119,7 @@ public class Subentry
      */
     public boolean isTriggersAdminRole()
     {
-        return administrativeRoles.contains( AdministrativeRole.TriggerExecutionSpecificArea
) ||
-               administrativeRoles.contains( AdministrativeRole.TriggerExecutionInnerArea
);
+        return administrativeRoles.contains( AdministrativeRoleEnum.TriggerExecution );
     }
 
 
@@ -173,7 +169,7 @@ public class Subentry
         
         boolean isFirst = true;
         
-        for ( AdministrativeRole role : administrativeRoles )
+        for ( AdministrativeRoleEnum role : administrativeRoles )
         {
             if ( isFirst )
             {

Modified: directory/apacheds/branches/apacheds-AP/core-api/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-AP/core-api/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java?rev=1053217&r1=1053216&r2=1053217&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-AP/core-api/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java
(original)
+++ directory/apacheds/branches/apacheds-AP/core-api/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java
Mon Dec 27 23:01:19 2010
@@ -58,10 +58,11 @@ import org.apache.directory.shared.ldap.
  */
 public abstract class BaseInterceptor implements Interceptor
 {
-
     /** set of operational attribute types used for representing the password policy state
of a user entry */
     protected static final Set<AttributeType> PWD_POLICY_STATE_ATTRIBUTE_TYPES = new
HashSet<AttributeType>();
 
+    /** Set of operational attribute types used to manage the AdmnistrativePoint SequenceNumbers
 */
+    protected static final Set<AttributeType> AP_SEQUENCE_NUMBER_ATTRIBUTE_TYPES =
new HashSet<AttributeType>();
 
     /**
      * default interceptor name is its class, preventing accidental duplication of interceptors
by naming

Modified: directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/subtree/SubentryAddOperationIT.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/subtree/SubentryAddOperationIT.java?rev=1053217&r1=1053216&r2=1053217&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/subtree/SubentryAddOperationIT.java
(original)
+++ directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/subtree/SubentryAddOperationIT.java
Mon Dec 27 23:01:19 2010
@@ -325,7 +325,7 @@ public class SubentryAddOperationIT exte
 
         Entry ap = adminConnection.lookup( "ou=SAP,ou=system", "+", "*" );
         assertNotNull( ap );
-        assertEquals( "0", ap.get( "APSeqNumber" ).getString() );
+        assertEquals( "0", ap.get( "CollectiveAttributeSeqNumber" ).getString() );
         
         // Now, try to inject an AP under the subentry
         // First add an AAP
@@ -489,7 +489,10 @@ public class SubentryAddOperationIT exte
         
         Entry adminPoint = adminConnection.lookup( "ou=autonomousArea, ou=system", "+" );
         assertNotNull( adminPoint );
-        assertEquals( -1, Long.parseLong( adminPoint.get( "APSeqNumber" ).getString() ) );
+        assertEquals( -1, Long.parseLong( adminPoint.get( "AccessControlSeqNumber" ).getString()
) );
+        assertEquals( -1, Long.parseLong( adminPoint.get( "CollectiveAttributeSeqNumber"
).getString() ) );
+        assertEquals( -1, Long.parseLong( adminPoint.get( "SubSchemaSeqNumber" ).getString()
) );
+        assertEquals( -1, Long.parseLong( adminPoint.get( "TriggerExecutionSeqNumber" ).getString()
) );
 
         // Check that the entry is containing all the roles
         Entry entry = getAdminRole( "ou=autonomousArea, ou=system" );

Modified: directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/subtree/SubentryDeleteOperationIT.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/subtree/SubentryDeleteOperationIT.java?rev=1053217&r1=1053216&r2=1053217&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/subtree/SubentryDeleteOperationIT.java
(original)
+++ directory/apacheds/branches/apacheds-AP/core-integ/src/test/java/org/apache/directory/server/core/subtree/SubentryDeleteOperationIT.java
Mon Dec 27 23:01:19 2010
@@ -124,7 +124,7 @@ public class SubentryDeleteOperationIT e
 
         Entry ap = adminConnection.lookup( "ou=AAP,ou=system", "+", "*" );
         assertNotNull( ap );
-        assertEquals( "0", ap.get( "APSeqNumber" ).getString() );
+        assertEquals( "0", ap.get( "collectiveAttributeSeqNumber" ).getString() );
         
         // Now try to delete the AP
         DeleteResponse delResponse = adminConnection.delete( "ou=AAP,ou=system" );

Modified: directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeInterceptor.java?rev=1053217&r1=1053216&r2=1053217&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeInterceptor.java
(original)
+++ directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeInterceptor.java
Mon Dec 27 23:01:19 2010
@@ -117,9 +117,9 @@ public class OperationalAttributeInterce
     /** The schemaManager */
     private SchemaManager schemaManager;
 
-    private static AttributeType MODIFIERS_NAME_ATTRIBUTE_TYPE;
-    private static AttributeType MODIFY_TIMESTAMP_ATTRIBUTE_TYPE;
-    private static AttributeType ENTRY_CSN_ATTRIBUTE_TYPE;
+    private static AttributeType MODIFIERS_NAME_AT;
+    private static AttributeType MODIFY_TIMESTAMP_AT;
+    private static AttributeType ENTRY_CSN_AT;
 
     /**
      * Creates the operational attribute management service interceptor.
@@ -143,9 +143,22 @@ public class OperationalAttributeInterce
         adminDn = service.getDNFactory().create( ServerDNConstants.ADMIN_SYSTEM_DN );
 
         // Init the At we use locally
-        MODIFIERS_NAME_ATTRIBUTE_TYPE = schemaManager.getAttributeType( SchemaConstants.MODIFIERS_NAME_AT
);
-        MODIFY_TIMESTAMP_ATTRIBUTE_TYPE = schemaManager.getAttributeType( SchemaConstants.MODIFY_TIMESTAMP_AT
);
-        ENTRY_CSN_ATTRIBUTE_TYPE = schemaManager.getAttributeType( SchemaConstants.ENTRY_CSN_AT
);
+        MODIFIERS_NAME_AT = schemaManager.getAttributeType( SchemaConstants.MODIFIERS_NAME_AT
);
+        MODIFY_TIMESTAMP_AT = schemaManager.getAttributeType( SchemaConstants.MODIFY_TIMESTAMP_AT
);
+        ENTRY_CSN_AT = schemaManager.getAttributeType( SchemaConstants.ENTRY_CSN_AT );
+        
+        // Init the ApSeqNuber ATs
+        AttributeType seqNumberAT = schemaManager.lookupAttributeTypeRegistry( ApacheSchemaConstants.ACCESS_CONTROL_SEQ_NUMBER_AT
);
+        AP_SEQUENCE_NUMBER_ATTRIBUTE_TYPES.add( seqNumberAT );
+
+        seqNumberAT = schemaManager.lookupAttributeTypeRegistry( ApacheSchemaConstants.COLLECTIVE_ATTRIBUTE_SEQ_NUMBER_AT
);
+        AP_SEQUENCE_NUMBER_ATTRIBUTE_TYPES.add( seqNumberAT );
+        
+        seqNumberAT = schemaManager.lookupAttributeTypeRegistry( ApacheSchemaConstants.SUB_SCHEMA_SEQ_NUMBER_AT
);
+        AP_SEQUENCE_NUMBER_ATTRIBUTE_TYPES.add( seqNumberAT );
+
+        seqNumberAT = schemaManager.lookupAttributeTypeRegistry( ApacheSchemaConstants.TRIGGER_EXECUTION_SEQ_NUMBER_AT
);
+        AP_SEQUENCE_NUMBER_ATTRIBUTE_TYPES.add( seqNumberAT );
     }
 
 
@@ -208,6 +221,27 @@ public class OperationalAttributeInterce
         nextInterceptor.add( addContext );
     }
 
+    
+    private boolean checkCanModify( boolean isAdmin, Modification modification, AttributeType
attributeType ) throws LdapException
+    {
+        AttributeType modifiedAT = modification.getAttribute().getAttributeType();
+
+        if ( attributeType.equals( modifiedAT ) )
+        {
+            if ( !isAdmin )
+            {
+                String message = I18n.err( I18n.ERR_31 );
+                LOG.error( message );
+                throw new LdapSchemaViolationException( ResultCodeEnum.INSUFFICIENT_ACCESS_RIGHTS,
message );
+            }
+            else
+            {
+                return true;
+            }
+        }
+        
+        return false;
+    }
 
     /**
      * {@inheritDoc}
@@ -229,51 +263,18 @@ public class OperationalAttributeInterce
         
         for ( Modification modification : mods )
         {
-            AttributeType attributeType = modification.getAttribute().getAttributeType();
-
-            if ( attributeType.equals( MODIFIERS_NAME_ATTRIBUTE_TYPE ) )
-            {
-                if ( !isAdmin )
-                {
-                    String message = I18n.err( I18n.ERR_31 );
-                    LOG.error( message );
-                    throw new LdapSchemaViolationException( ResultCodeEnum.INSUFFICIENT_ACCESS_RIGHTS,
message );
-                }
-                else
-                {
-                    modifierAtPresent = true;
-                }
-            }
-
-            if ( attributeType.equals( MODIFY_TIMESTAMP_ATTRIBUTE_TYPE ) )
-            {
-                if ( !isAdmin )
-                {
-                    String message = I18n.err( I18n.ERR_32 );
-                    LOG.error( message );
-                    throw new LdapSchemaViolationException( ResultCodeEnum.INSUFFICIENT_ACCESS_RIGHTS,
message );
-                }
-                else
-                {
-                    modifiedTimeAtPresent = true;
-                }
-            }
-
-            if ( attributeType.equals( ENTRY_CSN_ATTRIBUTE_TYPE ) )
+            modifierAtPresent = checkCanModify( isAdmin, modification, MODIFIERS_NAME_AT
);
+            modifiedTimeAtPresent = checkCanModify( isAdmin, modification, MODIFY_TIMESTAMP_AT
);
+            entryCsnAtPresent = checkCanModify( isAdmin, modification, ENTRY_CSN_AT );
+            
+            if ( AP_SEQUENCE_NUMBER_ATTRIBUTE_TYPES.contains( modification.getAttribute().getAttributeType()
) && !isAdmin )
             {
-                if ( !isAdmin )
-                {
-                    String message = I18n.err( I18n.ERR_32 );
-                    LOG.error( message );
-                    throw new LdapSchemaViolationException( ResultCodeEnum.INSUFFICIENT_ACCESS_RIGHTS,
message );
-                }
-                else
-                {
-                    entryCsnAtPresent = true;
-                }
+                String message = I18n.err( I18n.ERR_32 );
+                LOG.error( message );
+                throw new LdapSchemaViolationException( ResultCodeEnum.INSUFFICIENT_ACCESS_RIGHTS,
message );
             }
 
-            if ( PWD_POLICY_STATE_ATTRIBUTE_TYPES.contains( attributeType ) && !isAdmin
)
+            if ( PWD_POLICY_STATE_ATTRIBUTE_TYPES.contains( modification.getAttribute().getAttributeType()
) && !isAdmin )
             {
                 String message = I18n.err( I18n.ERR_32 );
                 LOG.error( message );
@@ -284,7 +285,7 @@ public class OperationalAttributeInterce
         if ( !modifierAtPresent )
         {
             // Inject the ModifiersName AT if it's not present
-            EntryAttribute attribute = new DefaultEntryAttribute( MODIFIERS_NAME_ATTRIBUTE_TYPE,
getPrincipal()
+            EntryAttribute attribute = new DefaultEntryAttribute( MODIFIERS_NAME_AT, getPrincipal()
                 .getName() );
 
             Modification modifiersName = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE,
attribute );
@@ -295,7 +296,7 @@ public class OperationalAttributeInterce
         if ( !modifiedTimeAtPresent )
         {
             // Inject the ModifyTimestamp AT if it's not present
-            EntryAttribute attribute = new DefaultEntryAttribute( MODIFY_TIMESTAMP_ATTRIBUTE_TYPE,
DateUtils
+            EntryAttribute attribute = new DefaultEntryAttribute( MODIFY_TIMESTAMP_AT, DateUtils
                 .getGeneralizedTime() );
 
             Modification timestamp = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE,
attribute );
@@ -306,7 +307,7 @@ public class OperationalAttributeInterce
         if ( !entryCsnAtPresent )
         {
             String csn = service.getCSN().toString();
-            EntryAttribute attribute = new DefaultEntryAttribute( ENTRY_CSN_ATTRIBUTE_TYPE,
csn );
+            EntryAttribute attribute = new DefaultEntryAttribute( ENTRY_CSN_AT, csn );
             Modification updatedCsn = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE,
attribute );
             mods.add( updatedCsn );
         }

Modified: directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java?rev=1053217&r1=1053216&r2=1053217&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
(original)
+++ directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
Mon Dec 27 23:01:19 2010
@@ -1048,7 +1048,8 @@ public class SchemaInterceptor extends B
                 && ( !attributeType.equals( MODIFIERS_NAME_ATTRIBUTE_TYPE )
                 && ( !attributeType.equals( MODIFY_TIMESTAMP_ATTRIBUTE_TYPE ) )
                 && ( !attributeType.equals( ENTRY_CSN_ATTRIBUTE_TYPE ) )
-                && ( !PWD_POLICY_STATE_ATTRIBUTE_TYPES.contains( attributeType )
) ) )
+                && ( !PWD_POLICY_STATE_ATTRIBUTE_TYPES.contains( attributeType )
)
+                && ( !AP_SEQUENCE_NUMBER_ATTRIBUTE_TYPES.contains( attributeType
) ) ) )
             {
                 String msg = I18n.err( I18n.ERR_52, attributeType );
                 LOG.error( msg );

Modified: directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java?rev=1053217&r1=1053216&r2=1053217&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java
(original)
+++ directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java
Mon Dec 27 23:01:19 2010
@@ -181,8 +181,17 @@ public class SubentryInterceptor extends
     /** A reference to the TriggerExecutionSubentries AT */
     private static AttributeType TRIGGER_EXECUTION_SUBENTRIES_AT;
     
-    /** A reference to the SeqNumber AT */
-    private static AttributeType AP_SEQ_NUMBER_AT;
+    /** A reference to the AccessControl SeqNumber AT */
+    private static AttributeType ACCESS_CONTROL_SEQ_NUMBER_AT;
+
+    /** A reference to the CollectiveAttribute SeqNumber AT */
+    private static AttributeType COLLECTIVE_ATTRIBUTE_SEQ_NUMBER_AT;
+
+    /** A reference to the SubSchema SeqNumber AT */
+    private static AttributeType SUB_SCHEMA_SEQ_NUMBER_AT;
+
+    /** A reference to the TriggerExecution SeqNumber AT */
+    private static AttributeType TRIGGER_EXECUTION_SEQ_NUMBER_AT;
 
     /** An enum used for the entries update */
     private enum OperationEnum
@@ -360,7 +369,10 @@ public class SubentryInterceptor extends
         COLLECTIVE_ATTRIBUTE_SUBENTRIES_AT = schemaManager.getAttributeType( SchemaConstants.COLLECTIVE_ATTRIBUTE_SUBENTRIES_AT
);
         TRIGGER_EXECUTION_SUBENTRIES_AT = schemaManager.getAttributeType( SchemaConstants.TRIGGER_EXECUTION_SUBENTRIES_AT
);
         ENTRY_UUID_AT = schemaManager.getAttributeType( SchemaConstants.ENTRY_UUID_AT );
-        AP_SEQ_NUMBER_AT = schemaManager.getAttributeType( ApacheSchemaConstants.AP_SEQ_NUMBER_AT
);
+        ACCESS_CONTROL_SEQ_NUMBER_AT = schemaManager.getAttributeType( ApacheSchemaConstants.ACCESS_CONTROL_SEQ_NUMBER_AT
);
+        COLLECTIVE_ATTRIBUTE_SEQ_NUMBER_AT = schemaManager.getAttributeType( ApacheSchemaConstants.COLLECTIVE_ATTRIBUTE_SEQ_NUMBER_AT
);
+        SUB_SCHEMA_SEQ_NUMBER_AT = schemaManager.getAttributeType( ApacheSchemaConstants.SUB_SCHEMA_SEQ_NUMBER_AT
);
+        TRIGGER_EXECUTION_SEQ_NUMBER_AT = schemaManager.getAttributeType( ApacheSchemaConstants.TRIGGER_EXECUTION_SEQ_NUMBER_AT
);
 
         SUBENTRY_OPATTRS = new AttributeType[]
             {
@@ -443,30 +455,30 @@ public class SubentryInterceptor extends
     // Helper methods
     //-------------------------------------------------------------------------------------------
     /**
-     * Return the list of AdministrativeRole for a subentry. We only use Specific Area roles.
+     * Return the list of AdministrativeRole for a subentry
      */
-    private Set<AdministrativeRole> getSubentryAdminRoles( Entry subentry ) throws
LdapException
+    private Set<AdministrativeRoleEnum> getSubentryAdminRoles( Entry subentry ) throws
LdapException
     {
-        Set<AdministrativeRole> adminRoles = new HashSet<AdministrativeRole>();
+        Set<AdministrativeRoleEnum> adminRoles = new HashSet<AdministrativeRoleEnum>();
 
         if ( subentry.hasObjectClass( SchemaConstants.ACCESS_CONTROL_SUBENTRY_OC ) )
         {
-            adminRoles.add( AdministrativeRole.AccessControlSpecificArea );
+            adminRoles.add( AdministrativeRoleEnum.AccessControl );
         }
 
         if ( subentry.hasObjectClass( SchemaConstants.SUBSCHEMA_OC ) )
         {
-            adminRoles.add( AdministrativeRole.SubSchemaSpecificArea );
+            adminRoles.add( AdministrativeRoleEnum.SubSchema );
         }
 
         if ( subentry.hasObjectClass( SchemaConstants.COLLECTIVE_ATTRIBUTE_SUBENTRY_OC )
)
         {
-            adminRoles.add( AdministrativeRole.CollectiveAttributeSpecificArea );
+            adminRoles.add( AdministrativeRoleEnum.CollectiveAttribute );
         }
 
         if ( subentry.hasObjectClass( ApacheSchemaConstants.TRIGGER_EXECUTION_SUBENTRY_OC
) )
         {
-            adminRoles.add( AdministrativeRole.TriggerExecutionSpecificArea );
+            adminRoles.add( AdministrativeRoleEnum.TriggerExecution );
         }
 
         return adminRoles;
@@ -1098,7 +1110,7 @@ public class SubentryInterceptor extends
     // Methods dealing with subentry modification
     // -----------------------------------------------------------------------
 
-    private Set<AdministrativeRole> getSubentryTypes( Entry entry, List<Modification>
mods ) throws LdapException
+    private Set<AdministrativeRoleEnum> getSubentryTypes( Entry entry, List<Modification>
mods ) throws LdapException
     {
         EntryAttribute ocFinalState = entry.get( OBJECT_CLASS_AT ).clone();
 
@@ -1667,21 +1679,45 @@ public class SubentryInterceptor extends
     /**
      * Inject a new seqNumber in an AP
      */
-    private long updateSeqNumber( DN apDn ) throws LdapException
+    private long updateSeqNumber( DN apDn, Set<AdministrativeRoleEnum> subentryRoles
) throws LdapException
     {
         long seqNumber = directoryService.getNewApSeqNumber();
-        
-        EntryAttribute newSeqNumber = new DefaultEntryAttribute( AP_SEQ_NUMBER_AT, Long.toString(
seqNumber ) );
-        
-        Modification modification = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE,
newSeqNumber );
         List<Modification> modifications = new ArrayList<Modification>();
-        modifications.add( modification );
+
+        for ( AdministrativeRoleEnum role : subentryRoles )
+        {
+            EntryAttribute newSeqNumber = null;
+            
+            switch ( role )
+            {
+                case AccessControl :
+                    newSeqNumber = new DefaultEntryAttribute( ACCESS_CONTROL_SEQ_NUMBER_AT,
Long.toString( seqNumber ) );
+                    break;
+
+                case CollectiveAttribute :
+                    newSeqNumber = new DefaultEntryAttribute( COLLECTIVE_ATTRIBUTE_SEQ_NUMBER_AT,
Long.toString( seqNumber ) );
+                    break;
+
+                case SubSchema :
+                    newSeqNumber = new DefaultEntryAttribute( SUB_SCHEMA_SEQ_NUMBER_AT, Long.toString(
seqNumber ) );
+                    break;
+
+                case TriggerExecution :
+                    newSeqNumber = new DefaultEntryAttribute( TRIGGER_EXECUTION_SEQ_NUMBER_AT,
Long.toString( seqNumber ) );
+                    break;
+
+            }
+            
+            Modification modification = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE,
newSeqNumber );
+            modifications.add( modification );
+            
+        }
         
         ModifyOperationContext modCtx = new ModifyOperationContext( directoryService.getAdminSession()
);
         modCtx.setByPassed( BYPASS_INTERCEPTORS );
         modCtx.setDn( apDn );
         modCtx.setModItems( modifications );
-        
+
         directoryService.getOperationManager().modify( modCtx );
         
         return seqNumber;
@@ -1840,29 +1876,29 @@ public class SubentryInterceptor extends
      */
     private void addSubentry( DN apDn, Entry entry, Subentry subentry, long seqNumber ) throws
LdapException
     {
-        for ( AdministrativeRole role : getSubentryAdminRoles( entry ) )
+        for ( AdministrativeRoleEnum role : getSubentryAdminRoles( entry ) )
         {
             switch ( role )
             {
-                case AccessControlSpecificArea :
+                case AccessControl :
                      AdministrativePoint apAC = directoryService.getAccessControlAPCache().getElement(
apDn );
                      apAC.addSubentry( subentry );
                      apAC.setSeqNumber( seqNumber );
                      break;
                      
-                case CollectiveAttributeSpecificArea :
+                case CollectiveAttribute :
                     AdministrativePoint apCA = directoryService.getCollectiveAttributeAPCache().getElement(
apDn );
                     apCA.addSubentry( subentry );
                     apCA.setSeqNumber( seqNumber );
                     break;
                     
-                case SubSchemaSpecificArea :
+                case SubSchema :
                     AdministrativePoint apSS = directoryService.getSubschemaAPCache().getElement(
apDn );
                     apSS.addSubentry( subentry );
                     apSS.setSeqNumber( seqNumber );
                     break;
                     
-                case TriggerExecutionSpecificArea :
+                case TriggerExecution :
                     AdministrativePoint apTE = directoryService.getTriggerExecutionAPCache().getElement(
apDn );
                     apTE.addSubentry( subentry );
                     apTE.setSeqNumber( seqNumber );
@@ -1878,29 +1914,68 @@ public class SubentryInterceptor extends
      */
     private void deleteSubentry( DN apDn, Entry entry, Subentry subentry ) throws LdapException
     {
-        for ( AdministrativeRole role : getSubentryAdminRoles( entry ) )
+        for ( AdministrativeRoleEnum role : getSubentryAdminRoles( entry ) )
         {
             switch ( role )
             {
-                case AccessControlSpecificArea :
+                case AccessControl :
                      directoryService.getAccessControlAPCache().getElement( apDn ).deleteSubentry(
subentry );
                      break;
                      
-                case CollectiveAttributeSpecificArea :
+                case CollectiveAttribute :
                     directoryService.getCollectiveAttributeAPCache().getElement( apDn ).deleteSubentry(
subentry );
                     break;
                     
-                case SubSchemaSpecificArea :
+                case SubSchema :
                     directoryService.getSubschemaAPCache().getElement( apDn ).deleteSubentry(
subentry );
                     break;
                     
-                case TriggerExecutionSpecificArea :
+                case TriggerExecution :
                     directoryService.getTriggerExecutionAPCache().getElement( apDn ).deleteSubentry(
subentry );
                     break;
                     
             }
         }
     }
+    
+    
+    private void initSeqNumber( Entry entry, EntryAttribute adminPoint ) throws LdapException
+    {
+        String initSeqNumber = Long.toString( -1L );
+        
+        if ( adminPoint.contains( AdministrativeRole.AutonomousArea.getRole() ) )
+        {
+            entry.add( ApacheSchemaConstants.ACCESS_CONTROL_SEQ_NUMBER_AT, initSeqNumber);
+            entry.add( ApacheSchemaConstants.COLLECTIVE_ATTRIBUTE_SEQ_NUMBER_AT, initSeqNumber);
+            entry.add( ApacheSchemaConstants.SUB_SCHEMA_SEQ_NUMBER_AT, initSeqNumber);
+            entry.add( ApacheSchemaConstants.TRIGGER_EXECUTION_SEQ_NUMBER_AT, initSeqNumber);
+            
+            return;
+        }
+        
+        if ( adminPoint.contains( AdministrativeRole.AccessControlSpecificArea.getRole()
) || 
+             adminPoint.contains( AdministrativeRole.AccessControlInnerArea.getRole() ) )
+        {
+            entry.add( ApacheSchemaConstants.ACCESS_CONTROL_SEQ_NUMBER_AT, initSeqNumber);
+        }
+        
+        if ( adminPoint.contains( AdministrativeRole.CollectiveAttributeSpecificArea.getRole()
) || 
+             adminPoint.contains( AdministrativeRole.CollectiveAttributeInnerArea.getRole()
) )
+        {
+            entry.add( ApacheSchemaConstants.COLLECTIVE_ATTRIBUTE_SEQ_NUMBER_AT, initSeqNumber);
+        }
+        
+        if ( adminPoint.contains( AdministrativeRole.SubSchemaSpecificArea.getRole() )  )
+        {
+            entry.add( ApacheSchemaConstants.SUB_SCHEMA_SEQ_NUMBER_AT, initSeqNumber);
+        }
+        
+        if ( adminPoint.contains( AdministrativeRole.TriggerExecutionSpecificArea.getRole()
) ||
+             adminPoint.contains( AdministrativeRole.TriggerExecutionInnerArea.getRole()
))
+        {
+            entry.add( ApacheSchemaConstants.TRIGGER_EXECUTION_SEQ_NUMBER_AT, initSeqNumber);
+        }
+    }
 
 
     //-------------------------------------------------------------------------------------------
@@ -1959,8 +2034,8 @@ public class SubentryInterceptor extends
                     throw new LdapUnwillingToPerformException( message );
                 }
                 
-                // Add a negative seqNumber 
-                entry.add( AP_SEQ_NUMBER_AT, Long.toString( -1L ) );
+                // Add a negative seqNumber for each role this AP manage
+                initSeqNumber( entry, adminPointAT );
                 
                 // Ok, we are golden.
                 next.add( addContext );
@@ -2010,13 +2085,14 @@ public class SubentryInterceptor extends
                 Subentry subentry = new Subentry();
 
                 subentry.setCn( entry.get( SchemaConstants.CN_AT ).getString() );
-                subentry.setAdministrativeRoles( getSubentryAdminRoles( entry ) );
+                Set<AdministrativeRoleEnum> subentryRoles = getSubentryAdminRoles(
entry ) ;
+                subentry.setAdministrativeRoles( subentryRoles );
                 setSubtreeSpecification( subentry, entry );
                 
                 subentryCache.addSubentry( dn, subentry );
 
                 // Update the seqNumber and update the parent AP
-                long seqNumber = updateSeqNumber( apDn );
+                long seqNumber = updateSeqNumber( apDn, subentryRoles );
     
                 // Now inject the subentry into the backend
                 next.add( addContext );



Mime
View raw message