directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cp...@apache.org
Subject directory-fortress-core git commit: FC-219 added method to get assigned user for a role with a role constraint filter
Date Thu, 06 Jul 2017 20:21:46 GMT
Repository: directory-fortress-core
Updated Branches:
  refs/heads/master 807e6819f -> 4bb32a9be


FC-219 added method to get assigned user for a role with a role constraint filter


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/commit/4bb32a9b
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/tree/4bb32a9b
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-core/diff/4bb32a9b

Branch: refs/heads/master
Commit: 4bb32a9be2c227701a6f5197f1c1a48085d649e3
Parents: 807e681
Author: clp207 <clp207@psu.edu>
Authored: Thu Jul 6 16:20:41 2017 -0400
Committer: clp207 <clp207@psu.edu>
Committed: Thu Jul 6 16:20:41 2017 -0400

----------------------------------------------------------------------
 .../apache/directory/fortress/core/ReviewMgr.java | 18 +++++++++++++++++-
 .../fortress/core/impl/ReviewMgrImpl.java         | 14 ++++++++++++++
 .../directory/fortress/core/impl/UserDAO.java     | 15 +++++++++++++--
 .../directory/fortress/core/impl/UserP.java       | 17 +++++++++++++++--
 .../fortress/core/rest/ReviewMgrRestImpl.java     |  8 ++++++++
 .../fortress/core/impl/AdminMgrImplTest.java      |  9 +++++++--
 6 files changed, 74 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/4bb32a9b/src/main/java/org/apache/directory/fortress/core/ReviewMgr.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/ReviewMgr.java b/src/main/java/org/apache/directory/fortress/core/ReviewMgr.java
index e298b98..a7f985a 100755
--- a/src/main/java/org/apache/directory/fortress/core/ReviewMgr.java
+++ b/src/main/java/org/apache/directory/fortress/core/ReviewMgr.java
@@ -373,7 +373,22 @@ public interface ReviewMgr extends Manageable
     List<User> assignedUsers( Role role )
         throws SecurityException;
 
-
+    /**
+     * This method returns the data set of all users who are assigned the given role.  This
searches the User data set for
+     * Role relationship.  This method does NOT search for hierarchical RBAC Roles relationships.
+     * <h3></h3>
+     * <h4>required parameters</h4>
+     * <ul>
+     *   <li>{@link Role#name} - contains the name to use for the Role targeted for
search.</li>
+     * </ul>
+     *
+     * @param role contains the role name, {@link Role#name} used to search the User data
set.
+     * @param roleConstraint constraint to filter the roles return
+     * @return List of type User containing the users assigned data.
+     * @throws SecurityException If system error occurs.
+     */
+    List<User> assignedUsers( Role role, RoleConstraint roleConstraint ) throws SecurityException;
+    
     /**
      * This function returns the set of roles assigned to a given user. The function is valid
if and
      * only if the user is a member of the USERS data set.
@@ -740,4 +755,5 @@ public interface ReviewMgr extends Manageable
      */
     List<RoleConstraint>  findRoleConstraints(User user, Permission permission, RoleConstraint.RCType
rcType)
         throws SecurityException;
+    
 }

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/4bb32a9b/src/main/java/org/apache/directory/fortress/core/impl/ReviewMgrImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/ReviewMgrImpl.java b/src/main/java/org/apache/directory/fortress/core/impl/ReviewMgrImpl.java
index 897d4d1..9828ebf 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/ReviewMgrImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/ReviewMgrImpl.java
@@ -369,6 +369,20 @@ public class ReviewMgrImpl extends Manageable implements ReviewMgr, Serializable
         checkAccess(CLS_NM, methodName);
         return userP.getAssignedUsers(role);
     }
+    
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    @AdminPermissionOperation
+    public List<User> assignedUsers(Role role, RoleConstraint roleConstraint)
+        throws SecurityException
+    {
+        String methodName = "assignedUsers";
+        assertContext(CLS_NM, methodName, role, GlobalErrIds.ROLE_NULL);
+        checkAccess(CLS_NM, methodName);
+        return userP.getAssignedUsers(role, roleConstraint);
+    }
 
     /**
      * {@inheritDoc}

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/4bb32a9b/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java b/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
index 5e1cc1c..1f20196 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/UserDAO.java
@@ -1129,10 +1129,11 @@ final class UserDAO extends LdapDataProvider
 
     /**
      * @param role
+     * @param roleConstraint
      * @return
      * @throws FinderException
      */
-    List<User> getAssignedUsers( Role role ) throws FinderException
+    List<User> getAssignedUsers( Role role, RoleConstraint roleConstraint ) throws
FinderException
     {
         List<User> userList = new ArrayList<>();
         LdapConnection ld = null;
@@ -1148,8 +1149,18 @@ final class UserDAO extends LdapDataProvider
             filterbuf.append( GlobalIds.USER_ROLE_ASSIGN );
             filterbuf.append( "=" );
             filterbuf.append( roleVal );
-            filterbuf.append( "))" );
+            filterbuf.append( ")" );
 
+            if( roleConstraint != null ){
+                filterbuf.append( "(" );
+                filterbuf.append( GlobalIds.USER_ROLE_DATA );
+                filterbuf.append( "=" );
+                filterbuf.append( roleConstraint.getRawData( new UserRole( role.getName()
) ) );
+                filterbuf.append( ")" );                
+            }
+            
+            filterbuf.append( ")" );
+            
             ld = getAdminConnection();
             SearchCursor searchResults = search( ld, userRoot, SearchScope.ONELEVEL, filterbuf.toString(),
defaultAtrs, false,
                 GlobalIds.BATCH_SIZE );

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/4bb32a9b/src/main/java/org/apache/directory/fortress/core/impl/UserP.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/impl/UserP.java b/src/main/java/org/apache/directory/fortress/core/impl/UserP.java
index 49b7bf5..d8cfd9a 100755
--- a/src/main/java/org/apache/directory/fortress/core/impl/UserP.java
+++ b/src/main/java/org/apache/directory/fortress/core/impl/UserP.java
@@ -162,10 +162,23 @@ final class UserP
      */
     List<User> getAssignedUsers( Role role ) throws SecurityException
     {
-        return uDao.getAssignedUsers( role );
+        return uDao.getAssignedUsers( role, null );
     }
 
-
+    /**
+     * Return a list of Users assigned the given RBAC role.
+     * "Assigned" implies the hierarchical role relation graph will NOT be considered in
result set.
+     *
+     * @param role contains name of RBAC role used for search.
+     * @param roleConstraint filter roles that have this role constraint
+     * @return List of fully populated User entities matching target search. If no records
found this will be empty.
+     * @throws SecurityException in the event of DAO search error.
+     */
+    List<User> getAssignedUsers( Role role, RoleConstraint roleConstraint ) throws
SecurityException
+    {
+        return uDao.getAssignedUsers( role, roleConstraint );
+    }
+    
     /**
      * Return a list of Users assigned the given RBAC role.
      * "Assigned" implies the hierarchical role relation graph will NOT be considered in
result set.

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/4bb32a9b/src/main/java/org/apache/directory/fortress/core/rest/ReviewMgrRestImpl.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/core/rest/ReviewMgrRestImpl.java
b/src/main/java/org/apache/directory/fortress/core/rest/ReviewMgrRestImpl.java
index 4e4b910..cfe0527 100755
--- a/src/main/java/org/apache/directory/fortress/core/rest/ReviewMgrRestImpl.java
+++ b/src/main/java/org/apache/directory/fortress/core/rest/ReviewMgrRestImpl.java
@@ -1344,4 +1344,12 @@ public class ReviewMgrRestImpl extends Manageable implements ReviewMgr
         }
         return retConstraints;
 	}
+
+
+    @Override
+    public List<User> assignedUsers( Role role, RoleConstraint roleConstraint ) throws
SecurityException
+    {
+        // TODO Auto-generated method stub
+        return null;
+    }
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-fortress-core/blob/4bb32a9b/src/test/java/org/apache/directory/fortress/core/impl/AdminMgrImplTest.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/directory/fortress/core/impl/AdminMgrImplTest.java b/src/test/java/org/apache/directory/fortress/core/impl/AdminMgrImplTest.java
index 7699943..41bc491 100755
--- a/src/test/java/org/apache/directory/fortress/core/impl/AdminMgrImplTest.java
+++ b/src/test/java/org/apache/directory/fortress/core/impl/AdminMgrImplTest.java
@@ -1989,9 +1989,14 @@ public class AdminMgrImplTest extends TestCase
     	Role role = RoleTestData.getRole( rle );
 
     	adminMgr.addRoleConstraint(new UserRole(user.getUserId(), role.getName()), rc);
-
+    	    
     	LOG.debug("assignUserRoleConstraint user [" + user.getUserId() + "] role [" + role.getName()
+ "] " +
-    			" rcvalue [" + rc.getValue() + "]");       
+    			" rcvalue [" + rc.getValue() + "]");
+    	
+    	//get user with consratint filter
+    	List<User> usersWithRc = reviewMgr.assignedUsers( role, rc );
+    	assertTrue( usersWithRc.size() == 1 );
+    	assertEquals( user.getUserId(), usersWithRc.get( 0 ).getUserId() );
     }
     
     


Mime
View raw message