directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cp...@apache.org
Subject [31/43] directory-fortress-core git commit: changed how pa sets and pas are stored in ldap
Date Thu, 06 Oct 2016 17:49:48 GMT
changed how pa sets and pas are stored in ldap


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/fd2fead1
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/fd2fead1
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/fd2fead1

Branch: refs/heads/master
Commit: fd2fead1c50f44c6087b40ba4519fe83bc0e349e
Parents: 7a8d785
Author: clp207 <clp207@psu.edu>
Authored: Tue Aug 23 13:19:31 2016 -0400
Committer: clp207 <clp207@psu.edu>
Committed: Tue Aug 23 13:19:31 2016 -0400

----------------------------------------------------------------------
 ldap/schema/fortress.schema                     |  80 ++++++-
 .../directory/fortress/core/GlobalIds.java      |  41 +++-
 .../directory/fortress/core/impl/PermDAO.java   | 204 +++++++++++++----
 .../core/model/PermissionAttribute.java         | 221 ++++++++-----------
 .../core/model/PermissionAttributeSet.java      |  31 ++-
 .../fortress/core/impl/PermTestData.java        |   7 +-
 6 files changed, 389 insertions(+), 195 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/fd2fead1/ldap/schema/fortress.schema
----------------------------------------------------------------------
diff --git a/ldap/schema/fortress.schema b/ldap/schema/fortress.schema
index 6cb2040..754e43b 100644
--- a/ldap/schema/fortress.schema
+++ b/ldap/schema/fortress.schema
@@ -280,7 +280,7 @@ attributetype ( ftAtId:30
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
 # A31: User Role Constraints, type STRING, MULTI VALUE
-attributetype ( 1.3.6.1.4.1.1.38088.1.31
+attributetype ( ftAtId:31
     NAME 'ftPA'
     DESC 'Fortress Permission Attribute Constraints'
     EQUALITY caseIgnoreMatch
@@ -288,19 +288,59 @@ attributetype ( 1.3.6.1.4.1.1.38088.1.31
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
 # A32: User Role Constraints, type STRING, MULTI VALUE
-attributetype ( 1.3.6.1.4.1.1.38088.1.32
+attributetype ( ftAtId:32
     NAME 'ftPASet'
     DESC 'Fortress Permission Attribute Set'
     EQUALITY caseIgnoreMatch
     SUBSTR caseIgnoreSubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
-# A33: User Role Constraints, type STRING, MULTI VALUE
-attributetype ( 1.3.6.1.4.1.1.38088.1.33
+# A33: User Role Constraints, type STRING, SINGLE VALUE
+attributetype ( ftAtId:33
     NAME 'ftPADefaultOperator'
     DESC 'Fortress Permission Attribute Set Default Operator'
     EQUALITY caseIgnoreMatch
     SUBSTR caseIgnoreSubstringsMatch
+    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE VALUE )
+    
+# A34: User Role Constraints, type STRING, MULTI VALUE
+attributetype ( ftAtId:34
+    NAME 'ftPASetType'
+    DESC 'Fortress Permission Attribute Set Type'
+    EQUALITY caseIgnoreMatch
+    SUBSTR caseIgnoreSubstringsMatch
+    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+    
+# A35: Permission Attribute Data Type, type STRING, SINGLE VALUE
+attributetype ( ftAtId:35
+    NAME 'ftPADataType'
+    DESC 'Fortress Permission Attribute Data Type'
+    EQUALITY caseIgnoreMatch
+    SUBSTR caseIgnoreSubstringsMatch
+    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE VALUE )
+    
+# A36: Permission Attribute Default Value, type STRING, SINGLE VALUE
+attributetype ( ftAtId:36
+    NAME 'ftPADefaultValue'
+    DESC 'Fortress Permission Attribute Set Default Value'
+    EQUALITY caseIgnoreMatch
+    SUBSTR caseIgnoreSubstringsMatch
+    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE VALUE ) 
+    
+# A37: Permission Attribute Default Strategy, type STRING, SINGLE VALUE
+attributetype ( ftAtId:37
+    NAME 'ftPADefaultStrategy'
+    DESC 'Fortress Permission Attribute Default Strategy'
+    EQUALITY caseIgnoreMatch
+    SUBSTR caseIgnoreSubstringsMatch
+    SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE VALUE ) 
+    
+# A38: Permission Attribute Valid Values, type STRING, MULTI VALUE
+attributetype ( ftAtId:38
+    NAME 'ftPAValidVals'
+    DESC 'Fortress Permission Attribute Valid Values'
+    EQUALITY caseIgnoreMatch
+    SUBSTR caseIgnoreSubstringsMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 
 ######################################################################
@@ -432,19 +472,43 @@ objectClass ( ftObId:8
     MAY configParameter
     )
 
-## OC3: Fortress Permission Attribute Set Structural Object Class
-objectclass    ( 1.3.6.1.4.1.38088.2.9
+## OC9: Fortress Permission Attribute Set Structural Object Class
+objectclass    ( ftObId:9
     NAME 'ftAttributeSet'
     DESC 'Fortress Attribute Set Structural Object Class'
-    SUP organizationalrole
+    SUP organizationalunit
     STRUCTURAL
     MUST (
         ftId $
+        ftPASet $
         cn
         )
     MAY (
         ftPA $
-        ftPADefaultOperator
+        ftPASetType $
+        description
+        )
+    )
+    
+## OC10: Fortress Permission Attribute Structural Object Class
+objectclass    ( ftObId:10
+    NAME 'ftAttribute'
+    DESC 'Fortress Attribute Structural Object Class'
+    SUP organizationalrole
+    STRUCTURAL
+    MUST (
+        ftId $
+        ftPASet $
+        ftPA $
+        cn
+        )
+    MAY (        
+        ftPADataType $
+        ftPADefaultValue $
+        ftPADefaultStrategy $
+        ftPADefaultOperator $
+        ftPAValidVals $
+        description
         )
     )
 

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/fd2fead1/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
index 8994761..24c2972 100755
--- a/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
+++ b/src/main/java/org/apache/directory/fortress/core/GlobalIds.java
@@ -490,14 +490,45 @@ public final class GlobalIds
      * Attribute name for storing Fortress permission attribute set object names.
      */
     public static final String PERMISSION_ATTRIBUTE_SET_NAME = "ftAttributeSet";
-    
-    /**
-     * Attribute name for storing default operator of a PA set
-     */
-    public static final String FT_PA_SET_DEFAULT_OPERATOR = "ftPADefaultOperator";
 
     /**
      * When this property is set to true in fortress.properties, the userPassword field on
newly created users will not be created.
      */
     public static final String USER_CREATION_PASSWORD_FIELD = "user.creation.field.password.disable";
+    
+    /**
+     * The ftPASetType field contains the user defined type of a pa set
+     */
+    public static final String FT_PERMISSION_ATTRIBUTE_SET_TYPE = "ftPASetType";
+    
+    /**
+     * Attribute name for storing Fortress permission attribute set object names.
+     */
+    public static final String PERMISSION_ATTRIBUTE_NAME = "ftAttribute";
+    
+    /**
+     * Attribute name for storing Fortress permission attribute data type name.
+     */
+    public static final String FT_PERMISSION_ATTRIBUTE_DATA_TYPE = "ftPADataType";
+    
+    /**
+     * Attribute name for storing Fortress permission attribute default value name.
+     */
+    public static final String FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE = "ftPADefaultValue";
+    
+    /**
+     * Attribute name for storing Fortress permission attribute default strategy name.
+     */
+    public static final String FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY = "ftPADefaultStrategy";
+    
+    /**
+     * Attribute name for storing Fortress permission attribute set default operator name.
+     */
+    public static final String FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR = "ftPADefaultOperator";
+    
+    /**
+     * Attribute name for storing Fortress permission attribute valid vals name.
+     */
+    public static final String FT_PERMISSION_ATTRIBUTE_VALID_VALUES = "ftPAValidVals";
+    		
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/fd2fead1/src/main/java/org/apache/directory/fortress/core/impl/PermDAO.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/PermDAO.java b/src/main/java/org/apache/directory/fortress/core/impl/PermDAO.java
index 1a7f242..838d425 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/PermDAO.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/PermDAO.java
@@ -22,6 +22,7 @@ package org.apache.directory.fortress.core.impl;
 
 import java.io.UnsupportedEncodingException;
 import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
 
@@ -163,7 +164,8 @@ final class PermDAO extends LdapDataProvider
     private static final String TYPE = "ftType";
     private static final String PERM_OBJ_OBJECT_CLASS_NAME = "ftObject";
     private static final String PERM_OP_OBJECT_CLASS_NAME = "ftOperation";
-    private static final String PERMISSION_ATTRIBUTE_OBJECT_CLASS_NAME = "ftAttributeSet";
+    private static final String PERMISSION_ATTRIBUTE_SET_OBJECT_CLASS_NAME = "ftAttributeSet";
+    private static final String PERMISSION_ATTRIBUTE_OBJECT_CLASS_NAME = "ftAttribute";
     
     private static final String PERM_OBJ_OBJ_CLASS[] =
         {
@@ -210,8 +212,22 @@ final class PermDAO extends LdapDataProvider
     };
     
     private static final String[] PERMISION_ATTRIBUTE_SET_ATRS =
-        {
-            GlobalIds.FT_IID, GlobalIds.FT_PERMISSION_ATTRIBUTE, SchemaConstants.DESCRIPTION_AT,
SchemaConstants.CN_AT
+    {
+        GlobalIds.FT_IID, SchemaConstants.DESCRIPTION_AT, SchemaConstants.CN_AT, GlobalIds.FT_PERMISSION_ATTRIBUTE_SET_TYPE
+    };
+    
+    private static final String[] PERMISION_ATTRIBUTE_ATRS =
+    {
+        GlobalIds.FT_IID, 
+        GlobalIds.FT_PERMISSION_ATTRIBUTE, 
+        SchemaConstants.DESCRIPTION_AT, 
+        SchemaConstants.CN_AT, 
+        GlobalIds.FT_PERMISSION_ATTRIBUTE_SET,
+        GlobalIds.FT_PERMISSION_ATTRIBUTE_DATA_TYPE,
+        GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR,
+        GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY,
+        GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE,
+        GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES
     };
 
     public PermDAO(){
@@ -459,20 +475,21 @@ final class PermDAO extends LdapDataProvider
 
         return entity;
     }
-
     
     //TODO: add documentation
     PermissionAttributeSet createPermissionAttributeSet( PermissionAttributeSet entity )
throws CreateException
     {
         LdapConnection ld = null;
-        String dn = getPASetDn( entity.getName() , entity.getContextId() );
+        String dn = getDn( entity , entity.getContextId() );
 
         try
         {
             Entry entry = new DefaultEntry( dn );
 
-            entry.add( SchemaConstants.OBJECT_CLASS_AT, PERMISSION_ATTRIBUTE_OBJECT_CLASS_NAME
);
+            entry.add( SchemaConstants.OBJECT_CLASS_AT, PERMISSION_ATTRIBUTE_SET_OBJECT_CLASS_NAME
);
 
+            entry.add( GlobalIds.FT_PERMISSION_ATTRIBUTE_SET, entity.getName() );
+            
             // this will generate a new random, unique id on this entity:
             entity.setInternalId();
 
@@ -485,15 +502,14 @@ final class PermDAO extends LdapDataProvider
                 entry.add( SchemaConstants.DESCRIPTION_AT, entity.getDescription() );
             }
 
-            // organizational name requires CN attribute:
-            entry.add( SchemaConstants.CN_AT, entity.getName() );
-                    
-            //default operator between attributes
-            if( StringUtils.isNotEmpty(entity.getDefaultOperator()) )
+            if ( StringUtils.isNotEmpty( entity.getType() ) )
             {
-                entry.add( GlobalIds.FT_PA_SET_DEFAULT_OPERATOR, entity.getDefaultOperator()
);
+                entry.add( GlobalIds.FT_PERMISSION_ATTRIBUTE_SET_TYPE, entity.getType() );
             }
             
+            // organizational name requires CN attribute:
+            entry.add( SchemaConstants.CN_AT, entity.getName() );                    
+            
             // now add the new entry to directory:
             ld = getAdminConnection();
             add( ld, entry, entity );
@@ -522,22 +538,66 @@ final class PermDAO extends LdapDataProvider
     PermissionAttribute createPermissionAttribute( PermissionAttribute entity, String attributeSetName
) throws CreateException
     {
         LdapConnection ld = null;
-        String dn = getPASetDn( attributeSetName, entity.getContextId() );
+        String dn = getDn( entity, attributeSetName, entity.getContextId() );
     
-    	try
+        try
         {
-            List<Modification> mods = new ArrayList<Modification>();
-            mods.add( new DefaultModification(
-                ModificationOperation.ADD_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE, entity.toFtPAString())
);
-            ld = getAdminConnection();
-            modify( ld, dn, mods, entity );
+            Entry entry = new DefaultEntry( dn );
+
+            entry.add( SchemaConstants.OBJECT_CLASS_AT, PERMISSION_ATTRIBUTE_OBJECT_CLASS_NAME
);
+
+            // this will generate a new random, unique id on this entity:
+            entity.setInternalId();            
+            
+            // create the internal id:
+            entry.add( GlobalIds.FT_IID, entity.getInternalId() );
+            
+            entry.add( GlobalIds.FT_PERMISSION_ATTRIBUTE, entity.getAttributeName() );
+            entry.add( GlobalIds.FT_PERMISSION_ATTRIBUTE_SET, attributeSetName );
+            
+            // description is optional
+            if ( StringUtils.isNotEmpty( entity.getDescription() ) )
+            {
+                entry.add( SchemaConstants.DESCRIPTION_AT, entity.getDescription() );
+            }
+
+            if ( StringUtils.isNotEmpty( entity.getDataType() ) )
+            {
+                entry.add( GlobalIds.FT_PERMISSION_ATTRIBUTE_DATA_TYPE, entity.getDataType()
);
+            }
+
+            if ( StringUtils.isNotEmpty( entity.getDefaultOperator() ) )
+            {
+                entry.add( GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR, entity.getDefaultOperator()
);
+            }
+            
+            if ( StringUtils.isNotEmpty( entity.getDefaultStrategy() ) )
+            {
+                entry.add( GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY, entity.getDefaultStrategy()
);
+            }
+            
+            if ( StringUtils.isNotEmpty( entity.getDefaultValue() ) )
+            {
+                entry.add( GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE, entity.getDefaultValue()
);
+            }
+            
+            //add one to many valid values
+            for(String validValue : entity.getValidValues()){
+            	entry.add( GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES, validValue );
+            }
+            
+            // organizational name requires CN attribute:
+            entry.add( SchemaConstants.CN_AT, entity.getAttributeName() );    
+            
             
-            //TODO: make sure not adding same attribute twice...???
+            // now add the new entry to directory:
+            ld = getAdminConnection();
+            add( ld, entry, entity );
+            entity.setDn( dn );
         }
         catch ( LdapException e )
         {
-            String error = "create perm attribute [" + entity.getAttributeName() + "] caught
LdapException="
-                + e.getMessage();
+            String error = "createPermissionAttribute name [" + entity.getAttributeName()
+ "] caught LdapException=" + e.getMessage();
             throw new CreateException( GlobalErrIds.PERM_ATTR_ADD_FAILED, error, e );
         }
         finally
@@ -660,7 +720,7 @@ final class PermDAO extends LdapDataProvider
     void deleteAttributeSet( PermissionAttributeSet entity ) throws RemoveException
     {
         LdapConnection ld = null;
-        String dn = getPASetDn( entity.getName(), entity.getContextId() );
+        String dn = getDn( entity, entity.getContextId() );
 
         try
         {
@@ -692,19 +752,16 @@ final class PermDAO extends LdapDataProvider
     void deletePermissionAttribute( PermissionAttribute entity, String attributeSetName )
throws RemoveException
     {
         LdapConnection ld = null;
-        String dn = getPASetDn( attributeSetName, entity.getContextId() );
+        String dn = getDn( entity, attributeSetName, entity.getContextId() );
 
         try
         {
-            List<Modification> mods = new ArrayList<Modification>();
-            mods.add( new DefaultModification(
-                ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE,
entity.toFtPAString() ) );
             ld = getAdminConnection();
-            modify( ld, dn, mods, new PermissionAttributeSet(attributeSetName) );
+            delete(ld,  dn);
         }
         catch ( LdapException e )
         {
-            String error = "deletePermissionAttribute name [" + entity.getAttributeName()
+ "] set ["
+            String error = "deletePermission name [" + entity.getAttributeName() + "] set
["
             		+ attributeSetName + "] caught LdapException=" + e.getMessage();
             throw new RemoveException( GlobalErrIds.PERM_ATTRIBUTE_DELETE_FAILED, error,
e );
         }     
@@ -992,7 +1049,7 @@ final class PermDAO extends LdapDataProvider
     {
     	PermissionAttributeSet entity = null;
     	LdapConnection ld = null;
-    	String dn = getPASetDn(permAttributeSet.getName(), permAttributeSet.getContextId());
+    	String dn = getDn(permAttributeSet, permAttributeSet.getContextId());
 
     	try
     	{
@@ -1004,6 +1061,9 @@ final class PermDAO extends LdapDataProvider
     			throw new FinderException( GlobalErrIds.PERM_ATTRIBUTE_SET_NOT_FOUND, warning );
     		}
     		entity = unloadPASetLdapEntry( findEntry, 0 );
+    		
+    		//find permission attributes for this set
+    		entity.setAttributes(this.findPermissionAttributes(entity));
     	}
     	catch ( LdapNoSuchObjectException e )
     	{
@@ -1023,6 +1083,50 @@ final class PermDAO extends LdapDataProvider
     	return entity;
     }
 
+    Set<PermissionAttribute> findPermissionAttributes( PermissionAttributeSet paSet
)
+    		throws FinderException
+    {
+    	Set<PermissionAttribute> paList = new HashSet<PermissionAttribute>();
+    	LdapConnection ld = null;
+    	String permRoot = getRootDn( paSet.getContextId() );
+
+    	try
+    	{
+    		String paSetVal = encodeSafeText( paSet.getName(), GlobalIds.PERM_LEN );
+    		StringBuilder filterbuf = new StringBuilder();
+    		filterbuf.append( GlobalIds.FILTER_PREFIX );
+    		filterbuf.append( PERMISSION_ATTRIBUTE_OBJECT_CLASS_NAME );
+    		filterbuf.append( ")(" );
+    		filterbuf.append( GlobalIds.FT_PERMISSION_ATTRIBUTE );
+    		filterbuf.append( "=" );
+    		filterbuf.append( paSetVal );
+    		filterbuf.append(  "))" );
+    		ld = getAdminConnection();
+    		SearchCursor searchResults = search( ld, permRoot,
+    				SearchScope.SUBTREE, filterbuf.toString(), PERMISION_ATTRIBUTE_ATRS, false, GlobalIds.BATCH_SIZE
);
+    		long sequence = 0;
+
+    		while ( searchResults.next() )
+    		{
+    			paList.add( unloadPALdapEntry( searchResults.getEntry(), sequence++ ) );
+    		}
+    	}
+    	catch ( LdapException e )
+    	{
+    		String error = "findPermissionAttributes caught LdapException=" + e.getMessage();
+    		throw new FinderException( GlobalErrIds.PERM_SEARCH_FAILED, error, e );
+    	}
+    	catch ( CursorException e )
+    	{
+    		String error = "findPermissionAttributes caught CursorException=" + e.getMessage();
+    		throw new FinderException( GlobalErrIds.PERM_SEARCH_FAILED, error, e );
+    	}
+    	finally
+    	{
+    		closeAdminConnection( ld );
+    	}
+    	return paList;
+    }
 
     /**
      * This method performs fortress authorization using data passed in (session) and stored
on ldap server (permission).  It has been recently changed to use ldap compare operations
in order to trigger slapd access log updates in directory.
@@ -1274,15 +1378,30 @@ final class PermDAO extends LdapDataProvider
     	entity.setDn( le.getDn().getName() );
     	entity.setInternalId( getAttribute( le, GlobalIds.FT_IID ) );
     	entity.setDescription( getAttribute( le, SchemaConstants.DESCRIPTION_AT ) );
+    	entity.setType( getAttribute( le, GlobalIds.FT_PERMISSION_ATTRIBUTE_SET_TYPE ) );  
 	    	
     	
-    	List<String> ftPAs = getAttributes( le, GlobalIds.FT_PERMISSION_ATTRIBUTE );
+    	return entity;
+    }
+    
+    private PermissionAttribute unloadPALdapEntry( Entry le, long sequence )
+    		throws LdapInvalidAttributeValueException
+    {
+    	PermissionAttribute entity = new ObjectFactory().createPermissionAttribute();
+    	entity.setSequenceId( sequence );
+    	entity.setAttributeName( getAttribute( le, SchemaConstants.CN_AT ) );
+    	entity.setDn( le.getDn().getName() );
+    	entity.setInternalId( getAttribute( le, GlobalIds.FT_IID ) );
+    	entity.setDescription( getAttribute( le, SchemaConstants.DESCRIPTION_AT ) );
+    	entity.setDataType( getAttribute( le, GlobalIds.FT_PERMISSION_ATTRIBUTE_DATA_TYPE )
);
+    	entity.setDefaultOperator( getAttribute( le, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR
) );
+    	entity.setDefaultStrategy( getAttribute( le, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY
) );
+    	entity.setDefaultValue( getAttribute( le, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE
) );
     	
-    	if(ftPAs != null){
-    		for(String ftPARaw : ftPAs){
-    			PermissionAttribute permAttribute = new ObjectFactory().createPermissionAttribute();
-                permAttribute.load( ftPARaw );
-                
-                entity.getAttributes().add(permAttribute);
+    	List<String> validValues = getAttributes( le, GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES
);
+    	
+    	if(validValues != null){
+    		for(String value : validValues){
+    			entity.getValidValues().add(value);
     		}
     	}
     	
@@ -1905,12 +2024,17 @@ final class PermDAO extends LdapDataProvider
     }
     
 
-    private String getPASetDn( String name, String contextId )
+    private String getDn( PermissionAttributeSet paSet, String contextId )
     {
-    	//TODO: what ou to put this?
-        return SchemaConstants.CN_AT + "=" + name + "," + getRootDn( contextId, GlobalIds.SD_ROOT
);
+        return GlobalIds.PERMISSION_ATTRIBUTE_SET_NAME + "=" + paSet.getName() + "," + getRootDn(
contextId, GlobalIds.SD_ROOT );
     }
 
+    
+    private String getDn( PermissionAttribute pa, String paSetName, String contextId )
+    {
+        return GlobalIds.PERMISSION_ATTRIBUTE_SET_NAME + "=" + paSetName + "," + GlobalIds.PERMISSION_ATTRIBUTE_NAME
 + "=" + pa.getAttributeName() + "," + getRootDn( contextId, GlobalIds.SD_ROOT );
+    }
+    
 
     private String getRootDn( boolean isAdmin, String contextId )
     {

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/fd2fead1/src/main/java/org/apache/directory/fortress/core/model/PermissionAttribute.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/model/PermissionAttribute.java
b/src/main/java/org/apache/directory/fortress/core/model/PermissionAttribute.java
index 56105cd..1ca5e43 100644
--- a/src/main/java/org/apache/directory/fortress/core/model/PermissionAttribute.java
+++ b/src/main/java/org/apache/directory/fortress/core/model/PermissionAttribute.java
@@ -21,47 +21,39 @@ package org.apache.directory.fortress.core.model;
 
 import java.io.Serializable;
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.List;
+import java.util.UUID;
 
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlRootElement;
 import javax.xml.bind.annotation.XmlType;
 
-import org.apache.commons.lang.StringUtils;
-
-//AccountId?dataType=int&required=true&validValues=SELF,ANY,int&comparator=equals&default=SELF
-
 @XmlRootElement(name = "ftPA")
 @XmlAccessorType(XmlAccessType.FIELD)
 @XmlType(name = "permission", propOrder =
-    {
-        "required",
-        "operator",
-        "dataType",
-        "validValues",
-        "defaultValue"
+{
+    "attributeName",
+    "defaultOperator",
+    "dataType",
+    "defaultValue",
+    "defaultStrategy",
+    "validValues"
 })
 public class PermissionAttribute extends FortEntity implements Serializable {
 
     /** Default serialVersionUID */
     private static final long serialVersionUID = 1L;
     
-    private static final String REQUIRED_PARAM_NAME = "required";
-    private static final String OPERATOR_PARAM_NAME = "operator";
-    private static final String DATA_TYPE_PARAM_NAME = "dataType";
-    private static final String VALID_VALUES_PARAM_NAME = "validValues";
-    private static final String DEFAULT_VALUE_PARAM_NAME = "defaultValue";
-    
     private String attributeName;
-    private Boolean required = false;
-    private ComparisonOperator operator;
-    //TODO: make this an enum?
-    private String dataType;
-    //TODO: should this be an enum?
-    private List<String> validValues;
+    private String defaultOperator;
+    private String dataType;    
     private String defaultValue;
+    private String defaultStrategy;
+    private List<String> validValues;
+    private String dn;
+    private String internalId;
+    private String description;
     
     public PermissionAttribute()
     {
@@ -71,110 +63,8 @@ public class PermissionAttribute extends FortEntity implements Serializable
{
     public PermissionAttribute(String attributeName)
     {
     	this.attributeName = attributeName;
-    }
-    
-    public String toFtPAString(){
-    	String ftPA = attributeName + "?";
-    	
-    	List<String> qualifiers = new ArrayList<String>();    	
-    	
-    	if(required != null){
-    		qualifiers.add(REQUIRED_PARAM_NAME + "=" + String.valueOf(required));
-    	}
-    	if(operator != null){
-    		qualifiers.add(OPERATOR_PARAM_NAME + "=" + operator);
-    	}
-    	if(dataType != null){
-    		qualifiers.add(DATA_TYPE_PARAM_NAME + "=" + dataType);
-    	}
-    	if(validValues != null && validValues.size() > 0){    		    		
-    		qualifiers.add(VALID_VALUES_PARAM_NAME + "=" + StringUtils.join(validValues, ","));
-    	}
-    	if(defaultValue != null){
-    		qualifiers.add(DEFAULT_VALUE_PARAM_NAME + "=" + defaultValue);
-    	}
-    		
-    	ftPA += StringUtils.join(qualifiers, "&");
-    	
-    	return ftPA;
-    }
-    
-	public Boolean getRequired() {
-		return required;
-	}
-	public void setRequired(Boolean required) {
-		this.required = required;
-	}
-	public ComparisonOperator getOperator() {
-		return operator;
-	}
-	public void setOperator(ComparisonOperator operator) {
-		this.operator = operator;
-	}
-	public String getDataType() {
-		return dataType;
-	}
-	public void setDataType(String dataType) {
-		this.dataType = dataType;
-	}
-	public List<String> getValidValues() {
-		return validValues;
-	}
-	public void setValidValues(List<String> validValues) {
-		this.validValues = validValues;
-	}
-	public String getDefaultValue() {
-		return defaultValue;
-	}
-	public void setDefaultValue(String defaultValue) {
-		this.defaultValue = defaultValue;
-	}
-	public String getAttributeName() {
-		return attributeName;
-	}
-	public void setAttributeName(String attributeName) {
-		this.attributeName = attributeName;
-	}
+    }       
 	
-	/**
-     * This method loads PermissionAttribute entity instance variables with data that was
retrieved from the
-     * 'ftPA' attribute on the 'ftOperation' object class.
-     *
-     * @param szRawData contains a raw formatted String that maps to 'ftPA' attribute on
'ftOperation' object class
-     */
-    public void load( String szRawData )
-    {    	
-        if ( ( szRawData != null ) && ( szRawData.length() > 0 ) )
-        {
-            String[] data = StringUtils.split(szRawData, "?"); 
-            attributeName = data[0];
-            		
-            String[] parameters = data[1].split("&");
-            for (String param : parameters){
-            	String[] paramSplit = param.split("=");
-            	String name = paramSplit[0];
-            	String val = paramSplit[1];
-            	
-            	if(name.equals(REQUIRED_PARAM_NAME)){
-            		required = Boolean.parseBoolean(val);
-            	}
-            	if(name.equals(OPERATOR_PARAM_NAME)){
-            		operator = ComparisonOperator.fromName(val);
-            	}
-            	if(name.equals(DATA_TYPE_PARAM_NAME)){
-            		dataType = val;
-            	}
-            	if(name.equals(VALID_VALUES_PARAM_NAME)){
-            		validValues = Arrays.asList(val.split(","));
-            	}
-            	if(name.equals(DEFAULT_VALUE_PARAM_NAME)){
-            		defaultValue = val;
-            	}
-            	
-            }
-        }
-    }
-    
     /**
      * Checks that attribute names are equal
      */
@@ -213,5 +103,84 @@ public class PermissionAttribute extends FortEntity implements Serializable
{
         return result;
     }
 
+	public String getDefaultOperator() {
+		return defaultOperator;
+	}
+
+	public void setDefaultOperator(String defaultOperator) {
+		this.defaultOperator = defaultOperator;
+	}
+
+	public String getDataType() {
+		return dataType;
+	}
+
+	public void setDataType(String dataType) {
+		this.dataType = dataType;
+	}
+
+	public String getDefaultValue() {
+		return defaultValue;
+	}
+
+	public void setDefaultValue(String defaultValue) {
+		this.defaultValue = defaultValue;
+	}
+
+	public String getDefaultStrategy() {
+		return defaultStrategy;
+	}
+
+	public void setDefaultStrategy(String defaultStrategy) {
+		this.defaultStrategy = defaultStrategy;
+	}
+
+	public List<String> getValidValues() {
+		if(validValues == null){
+			validValues = new ArrayList<String>();
+		}
+		return validValues;
+	}
+
+	public void setValidValues(List<String> validValues) {
+		this.validValues = validValues;
+	}
+
+	public String getAttributeName() {
+		return attributeName;
+	}
+
+	public void setAttributeName(String attributeName) {
+		this.attributeName = attributeName;
+	}
+
+	public String getDn() {
+		return dn;
+	}
+
+	public void setDn(String dn) {
+		this.dn = dn;
+	}
+
+	public String getInternalId() {
+		return internalId;
+	}
+
+	public void setInternalId() {
+        UUID uuid = UUID.randomUUID();
+        this.internalId = uuid.toString();
+	}
+	
+	public void setInternalId(String internalId) {        
+        this.internalId = internalId;
+	}
+
+	public String getDescription() {
+		return description;
+	}
+
+	public void setDescription(String description) {
+		this.description = description;
+	}
     
 }

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/fd2fead1/src/main/java/org/apache/directory/fortress/core/model/PermissionAttributeSet.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/model/PermissionAttributeSet.java
b/src/main/java/org/apache/directory/fortress/core/model/PermissionAttributeSet.java
index 34ab5e7..eced0e5 100644
--- a/src/main/java/org/apache/directory/fortress/core/model/PermissionAttributeSet.java
+++ b/src/main/java/org/apache/directory/fortress/core/model/PermissionAttributeSet.java
@@ -19,6 +19,7 @@
  */
 package org.apache.directory.fortress.core.model;
 
+import java.io.Serializable;
 import java.util.HashSet;
 import java.util.Set;
 import java.util.UUID;
@@ -27,6 +28,7 @@ import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlTransient;
 import javax.xml.bind.annotation.XmlType;
 
 @XmlRootElement(name = "ftPermissionAttributeSet")
@@ -37,18 +39,23 @@ import javax.xml.bind.annotation.XmlType;
         "attributes",
         "internalId",
         "description",
-        "defaultOperator"
+        "type"
 })
-public class PermissionAttributeSet extends FortEntity {
+public class PermissionAttributeSet extends FortEntity implements Serializable {
 
+    /** Default serialVersionUID */
+    private static final long serialVersionUID = 1L;
+	
 	private String name;
 	@XmlElement(nillable = true)
 	private Set<PermissionAttribute> attributes;
     private String internalId;
     private String description;
+    private String type;
+    @XmlTransient
     private String dn;
-    private String defaultOperator;
-	
+
+    	
     public PermissionAttributeSet(String name){
     	this.name = name;
     }
@@ -113,20 +120,20 @@ public class PermissionAttributeSet extends FortEntity {
 		this.description = description;
 	}
 
-	public String getDn() {
-		return dn;
+	public String getType() {
+		return type;
 	}
 
-	public void setDn(String dn) {
-		this.dn = dn;
+	public void setType(String type) {
+		this.type = type;
 	}
 
-	public String getDefaultOperator() {
-		return defaultOperator;
+	public String getDn() {
+		return dn;
 	}
 
-	public void setDefaultOperator(String defaultOperator) {
-		this.defaultOperator = defaultOperator;
+	public void setDn(String dn) {
+		this.dn = dn;
 	}
 
 }

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/fd2fead1/src/test/java/org/apache/directory/fortress/core/impl/PermTestData.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/directory/fortress/core/impl/PermTestData.java b/src/test/java/org/apache/directory/fortress/core/impl/PermTestData.java
index 45718a9..f3cd4e2 100755
--- a/src/test/java/org/apache/directory/fortress/core/impl/PermTestData.java
+++ b/src/test/java/org/apache/directory/fortress/core/impl/PermTestData.java
@@ -23,8 +23,6 @@ package org.apache.directory.fortress.core.impl;
 import java.util.HashSet;
 import java.util.Set;
 
-import junit.framework.TestCase;
-
 import org.apache.directory.fortress.core.model.ComparisonOperator;
 import org.apache.directory.fortress.core.model.PermObj;
 import org.apache.directory.fortress.core.model.Permission;
@@ -32,6 +30,8 @@ import org.apache.directory.fortress.core.model.PermissionAttribute;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import junit.framework.TestCase;
+
 
 /**
  * Description of the Class
@@ -2820,9 +2820,8 @@ public class PermTestData extends TestCase
     {
         PermissionAttribute permAttr = new PermissionAttribute();
         permAttr.setAttributeName(pa[0]);
-        permAttr.setRequired(Boolean.parseBoolean(pa[1]));
         permAttr.setDataType(pa[2]);
-        permAttr.setOperator(ComparisonOperator.valueOf(pa[3]));
+        permAttr.setDefaultOperator(ComparisonOperator.valueOf(pa[3]).name());
         return permAttr;
     }
     


Mime
View raw message