Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 56182 invoked from network); 23 Dec 2010 23:34:31 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 23 Dec 2010 23:34:31 -0000 Received: (qmail 55425 invoked by uid 500); 23 Dec 2010 23:34:31 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 55381 invoked by uid 500); 23 Dec 2010 23:34:30 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 55374 invoked by uid 99); 23 Dec 2010 23:34:30 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 23 Dec 2010 23:34:30 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 23 Dec 2010 23:34:28 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 3D47F23889ED; Thu, 23 Dec 2010 23:34:07 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1052413 - /directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java Date: Thu, 23 Dec 2010 23:34:07 -0000 To: commits@directory.apache.org From: elecharny@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20101223233407.3D47F23889ED@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: elecharny Date: Thu Dec 23 23:34:06 2010 New Revision: 1052413 URL: http://svn.apache.org/viewvc?rev=1052413&view=rev Log: o Added the apSeqNumber in the added AP o Cleanup the code o Started to revamp the delete method Modified: directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java Modified: directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java?rev=1052413&r1=1052412&r2=1052413&view=diff ============================================================================== --- directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java (original) +++ directory/apacheds/branches/apacheds-AP/core/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java Thu Dec 23 23:34:06 2010 @@ -1783,6 +1783,9 @@ public class SubentryInterceptor extends throw new LdapUnwillingToPerformException( message ); } + // Add a negative seqNumber + entry.add( AP_SEQ_NUMBER_AT, Long.toString( -1L ) ); + // Ok, we are golden. next.add( addContext ); @@ -1876,76 +1879,12 @@ public class SubentryInterceptor extends else { // The added entry is a normal entry - // We have to check each role + // We have to process the addition for each role processAddEntry( AdministrativeRoleEnum.AccessControl, entry ); processAddEntry( AdministrativeRoleEnum.CollectiveAttribute, entry ); processAddEntry( AdministrativeRoleEnum.TriggerExecution, entry ); processAddEntry( AdministrativeRoleEnum.SubSchema, entry ); - // Nevertheless, we have to check if the entry is added into an AdministrativePoint - // and is associated with some SubtreeSpecification. The best is to check the AP cache - if ( directoryService.getAccessControlAPCache().hasParent( dn ) ) - { - // This entry has a AccessControl AP parent. - } - - if ( directoryService.getCollectiveAttributeAPCache().hasParent( dn ) ) - { - // This entry has a CollectiveAttribute AP parent. - } - - if ( directoryService.getTriggerExecutionAPCache().hasParent( dn ) ) - { - // This entry has a TriggerExecution AP parent. - } - - if ( directoryService.getSubschemaAPCache().hasParent( dn ) ) - { - // This entry has a Subschema AP parent. - } - - - /* - for ( DN subentryDn : subentryCache ) - { - DN apDn = subentryDn.getParent(); - - // No need to evaluate the entry if it's not below an AP. - if ( dn.isChildOf( apDn ) ) - { - Subentry subentry = subentryCache.getSubentry( subentryDn ); - SubtreeSpecification ss = subentry.getSubtreeSpecification(); - - // Now, evaluate the entry wrt the subentry ss - // and inject a ref to the subentry if it evaluates to true - if ( evaluator.evaluate( ss, apDn, dn, entry ) ) - { - - if ( subentry.isAccessControlAdminRole() ) - { - setOperationalAttribute( entry, subentryDn, ACCESS_CONTROL_SUBENTRIES_AT ); - } - - if ( subentry.isSchemaAdminRole() ) - { - setOperationalAttribute( entry, subentryDn, SUBSCHEMA_SUBENTRY_AT ); - } - - if ( subentry.isCollectiveAdminRole() ) - { - setOperationalAttribute( entry, subentryDn, COLLECTIVE_ATTRIBUTE_SUBENTRIES_AT ); - } - - if ( subentry.isTriggersAdminRole() ) - { - setOperationalAttribute( entry, subentryDn, TRIGGER_EXECUTION_SUBENTRIES_AT ); - } - } - } - - } - */ - // Propagate the addition down to the backend. next.add( addContext ); } @@ -1960,10 +1899,32 @@ public class SubentryInterceptor extends DN dn = deleteContext.getDn(); Entry entry = deleteContext.getEntry(); - // If the entry has a "subentry" Objectclass, we can process the entry. - // We first remove the re - if ( entry.contains( OBJECT_CLASS_AT, SchemaConstants.SUBENTRY_OC ) ) + // Check if we are deleting an Administrative Point + EntryAttribute adminPointAT = entry.get( ADMINISTRATIVE_ROLE_AT ); + + boolean isAdmin = deleteContext.getSession().getAuthenticatedPrincipal().getName().equals( + ServerDNConstants.ADMIN_SYSTEM_DN_NORMALIZED ); + + // First, deal with an AP deletion + if ( adminPointAT != null ) { + // It's an AP : we can delete the entry, and if done successfully, + // we can update the APCache for each role + next.delete( deleteContext ); + + // Now, update the AP cache + } + else if ( entry.contains( OBJECT_CLASS_AT, SchemaConstants.SUBENTRY_OC ) ) + { + // It's a subentry + if ( !isAdmin ) + { + String message = "Cannot add the given Subentry, user is not an Admin"; + LOG.error( message ); + + throw new LdapUnwillingToPerformException( message ); + } + Subentry removedSubentry = subentryCache.getSubentry( dn ); /* ---------------------------------------------------------------- @@ -1989,7 +1950,7 @@ public class SubentryInterceptor extends } else { - // TODO : deal with AP removal. + // This is a normal entry : propagate the deletion down to the backend next.delete( deleteContext ); } }