directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cp...@apache.org
Subject [08/43] directory-fortress-core git commit: added remove constraint method
Date Thu, 06 Oct 2016 17:49:25 GMT
added remove constraint method


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/8a47b1fc
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/8a47b1fc
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/8a47b1fc

Branch: refs/heads/master
Commit: 8a47b1fcd9dd7c47dc343b0ee7cf9bca88cf3385
Parents: 2f3045b
Author: clp207 <clp207@psu.edu>
Authored: Tue Jan 26 16:29:52 2016 -0500
Committer: clp207 <clp207@psu.edu>
Committed: Wed Mar 30 15:44:22 2016 -0400

----------------------------------------------------------------------
 .../directory/fortress/core/AdminMgr.java       |  6 +++-
 .../fortress/core/impl/AdminMgrImpl.java        | 19 ++++++++++--
 .../directory/fortress/core/impl/UserDAO.java   | 31 ++++++++++++++++++++
 .../directory/fortress/core/impl/UserP.java     |  8 +++++
 .../fortress/core/rest/AdminMgrRestImpl.java    |  8 +++++
 5 files changed, 68 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/8a47b1fc/src/main/java/org/apache/directory/fortress/core/AdminMgr.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/AdminMgr.java b/src/main/java/org/apache/directory/fortress/core/AdminMgr.java
index 4c49e5f..4131d2b 100755
--- a/src/main/java/org/apache/directory/fortress/core/AdminMgr.java
+++ b/src/main/java/org/apache/directory/fortress/core/AdminMgr.java
@@ -451,8 +451,12 @@ public interface AdminMgr extends Manageable
 
     //TODO: add documentation
     RoleConstraint addRoleConstraint( UserRole uRole, RoleConstraint roleConstraint )
-   	  throws SecurityException;
+    	throws SecurityException;
 
+    //TODO: remove documentation
+    void removeRoleConstraint( UserRole uRole, RoleConstraint roleConstraint )
+    	throws SecurityException;
+    
     /**
      * This command deletes the assignment of the User from the Role entities. The command
is
      * valid if and only if the user is a member of the USERS data set, the role is a member
of

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/8a47b1fc/src/main/java/org/apache/directory/fortress/core/impl/AdminMgrImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/AdminMgrImpl.java b/src/main/java/org/apache/directory/fortress/core/impl/AdminMgrImpl.java
index 166558a..ab4aea9 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/AdminMgrImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/AdminMgrImpl.java
@@ -341,7 +341,7 @@ public final class AdminMgrImpl extends Manageable implements AdminMgr,
Serializ
     	   	throws SecurityException
     {
         //TODO: need new arbac perm and/or add security check
-    	 	String methodName = "assignUser";
+    	String methodName = "assignUser";
         assertContext( CLS_NM, methodName, uRole, GlobalErrIds.URLE_NULL );
         
         userP.assign( uRole, roleConstraint );
@@ -353,6 +353,20 @@ public final class AdminMgrImpl extends Manageable implements AdminMgr,
Serializ
      * {@inheritDoc}
      */
     @Override
+    public void removeRoleConstraint( UserRole uRole, RoleConstraint roleConstraint )
+        	throws SecurityException
+    {
+        //TODO: need new arbac perm and/or add security check
+    	String methodName = "assignUser";
+        assertContext( CLS_NM, methodName, uRole, GlobalErrIds.URLE_NULL );
+        
+        userP.deassign( uRole, roleConstraint );    	
+    }
+    
+    /**
+     * {@inheritDoc}
+     */
+    @Override
     public void deassignUser( UserRole uRole ) throws SecurityException
     {
         String methodName = "deassignUser";
@@ -367,8 +381,7 @@ public final class AdminMgrImpl extends Manageable implements AdminMgr,
Serializ
         // Now "deassign" user dn attribute, this will remove a single, standard attribute
value,
         // called "roleOccupant", from the node:
         roleP.deassign( role, dn );
-    }
-
+    }    
 
     /**
      * {@inheritDoc}

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/8a47b1fc/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java b/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
index 6ffb8e0..47da5ac 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
@@ -1856,6 +1856,37 @@ final class UserDAO extends ApacheDsDataProvider
         }
     }
     
+    void deassign( UserRole uRole, RoleConstraint roleConstraint ) throws UpdateException,
FinderException
+    {
+    	LdapConnection ld = null;
+    	String szRoleConstraint = "";
+        String userDn = getDn( uRole.getUserId(), uRole.getContextId() );
+
+        try
+        {
+            List<Modification> mods = new ArrayList<Modification>();
+            szRoleConstraint = roleConstraint.gerRawData(uRole);
+
+            mods.add( new DefaultModification( ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.USER_ROLE_DATA,
+            		szRoleConstraint ) );
+
+            ld = getAdminConnection();
+            modify( ld, userDn, mods, uRole );
+            
+            //TODO: make sure not adding same RC twice
+        }
+        catch ( LdapException e )
+        {
+            String warning = "deassign userId [" + uRole.getUserId() + "] role constraint
[" + szRoleConstraint + "] ";
+
+            warning += "caught LDAPException=" + e.getMessage();
+            throw new UpdateException( GlobalErrIds.URLE_ASSIGN_FAILED, warning, e );
+        }
+        finally
+        {
+            closeAdminConnection( ld );
+        }
+    }
     
     /**
      * @param uRole

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/8a47b1fc/src/main/java/org/apache/directory/fortress/core/impl/UserP.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/UserP.java b/src/main/java/org/apache/directory/fortress/core/impl/UserP.java
index 979bcd4..940ca63 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/UserP.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/UserP.java
@@ -643,6 +643,14 @@ final class UserP
     	
     	uDao.assign( uRole, roleConstraint );
     }
+    
+    //TODO: add documentation, maybe change method name?
+    void deassign( UserRole uRole, RoleConstraint roleConstraint ) throws SecurityException
+    {
+    	//TODO: validate?
+    	
+    	uDao.deassign( uRole, roleConstraint );
+    }
 
 
     /**

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/8a47b1fc/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java b/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
index b9b45e5..c3e61ac 100644
--- a/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/rest/AdminMgrRestImpl.java
@@ -1257,4 +1257,12 @@ public final class AdminMgrRestImpl extends Manageable implements AdminMgr
 		// TODO Auto-generated method stub
 		return null;
 	}
+
+
+	@Override
+	public void removeRoleConstraint(UserRole uRole,
+			RoleConstraint roleConstraint) throws SecurityException {
+		// TODO Auto-generated method stub
+		
+	}
 }
\ No newline at end of file


Mime
View raw message