incubator-ftpserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From n..@apache.org
Subject svn commit: r490758 - in /incubator/ftpserver/trunk: admin-gui/src/java/org/apache/ftpserver/gui/ core/src/java/org/apache/ftpserver/ core/src/java/org/apache/ftpserver/command/ core/src/java/org/apache/ftpserver/filesystem/ core/src/java/org/apache/ft...
Date Thu, 28 Dec 2006 16:38:52 GMT
Author: ngn
Date: Thu Dec 28 08:38:51 2006
New Revision: 490758

URL: http://svn.apache.org/viewvc?view=rev&rev=490758
Log:
Implementation of a more flexible authorization design. Instead if fixed authorizations in
the User interface (like getWriteAccess) the user now has a list of authorities and can authorize
any action. Right now, only write permissions has been implemented, the rest will follow.

Added:
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/ftplet/EmptyConfiguration.java
      - copied unchanged from r487956, incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/EmptyConfiguration.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WritePermission.java
  (with props)
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WriteRequest.java
  (with props)
    incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/Authority.java
  (with props)
    incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/AuthorizationRequest.java
  (with props)
Removed:
    incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/EmptyConfiguration.java
Modified:
    incubator/ftpserver/trunk/admin-gui/src/java/org/apache/ftpserver/gui/UserManagerPanel.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/ConfigurableFtpServerContext.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/command/SITE_DESCUSER.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/filesystem/NativeFileObject.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/filesystem/NativeFileSystemView.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/BaseUser.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/DbUserManager.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/PropertiesUserManager.java
    incubator/ftpserver/trunk/core/src/test/org/apache/ftpserver/filesystem/NativeFileObjectTest.java
    incubator/ftpserver/trunk/core/src/test/org/apache/ftpserver/usermanager/UserManagerTestTemplate.java
    incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/User.java

Modified: incubator/ftpserver/trunk/admin-gui/src/java/org/apache/ftpserver/gui/UserManagerPanel.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/admin-gui/src/java/org/apache/ftpserver/gui/UserManagerPanel.java?view=diff&rev=490758&r1=490757&r2=490758
==============================================================================
--- incubator/ftpserver/trunk/admin-gui/src/java/org/apache/ftpserver/gui/UserManagerPanel.java
(original)
+++ incubator/ftpserver/trunk/admin-gui/src/java/org/apache/ftpserver/gui/UserManagerPanel.java
Thu Dec 28 08:38:51 2006
@@ -28,6 +28,8 @@
 import java.awt.Insets;
 import java.awt.event.ActionEvent;
 import java.awt.event.ActionListener;
+import java.util.ArrayList;
+import java.util.List;
 import java.util.Random;
 
 import javax.swing.BorderFactory;
@@ -41,11 +43,14 @@
 import javax.swing.JTextField;
 import javax.swing.SwingConstants;
 
+import org.apache.ftpserver.ftplet.Authority;
 import org.apache.ftpserver.ftplet.FtpException;
 import org.apache.ftpserver.ftplet.User;
 import org.apache.ftpserver.ftplet.UserManager;
 import org.apache.ftpserver.interfaces.FtpServerContext;
 import org.apache.ftpserver.usermanager.BaseUser;
+import org.apache.ftpserver.usermanager.WritePermission;
+import org.apache.ftpserver.usermanager.WriteRequest;
 
 /**
  * User management panel.
@@ -530,7 +535,7 @@
                     passwordChkBox.setSelected(false);
                     directoryTxt.setText(user.getHomeDirectory());
                     enabledChkBox.setSelected(user.getEnabled());
-                    writeChkBox.setSelected(user.getWritePermission());
+                    writeChkBox.setSelected(user.authorize(new WriteRequest()));
                     setLoginNumberCombo(loginNumberLst, user.getMaxLoginNumber());
                     setLoginPerIPCombo(loginPerIPLst, user.getMaxLoginPerIP());
                     setIdleTimeCombo(idleLst, user.getMaxIdleTime());
@@ -562,7 +567,15 @@
             if(setPassword(user)) {
                 user.setHomeDirectory(directoryTxt.getText());
                 user.setEnabled(enabledChkBox.isSelected());
-                user.setWritePermission(writeChkBox.isSelected());
+                
+                List authorities = new ArrayList();
+                
+                if(writeChkBox.isSelected()) {
+                    authorities.add(new WritePermission());
+                }
+                
+                user.setAuthorities((Authority[]) authorities.toArray(new Authority[0]));
+                
                 user.setMaxLoginNumber(getMaxLoginNumber(loginNumberLst));
                 user.setMaxLoginPerIP(getMaxLoginPerIP(loginPerIPLst));
                 user.setMaxIdleTime(getMaxIdleTime(idleLst));
@@ -742,8 +755,12 @@
             BaseUser user = new BaseUser();
             user.setName(userName);
             user.setPassword(userName);
+            
+            List authorities = new ArrayList();
+            
+            user.setAuthorities((Authority[]) authorities.toArray(new Authority[0]));
+            
             user.setEnabled(true);
-            user.setWritePermission(false);
             user.setMaxUploadRate(0);
             user.setMaxDownloadRate(0);
             user.setHomeDirectory("./res/home");

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/ConfigurableFtpServerContext.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/ConfigurableFtpServerContext.java?view=diff&rev=490758&r1=490757&r2=490758
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/ConfigurableFtpServerContext.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/ConfigurableFtpServerContext.java
Thu Dec 28 08:38:51 2006
@@ -25,6 +25,7 @@
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.ftpserver.filesystem.NativeFileSystemManager;
+import org.apache.ftpserver.ftplet.Authority;
 import org.apache.ftpserver.ftplet.Component;
 import org.apache.ftpserver.ftplet.Configuration;
 import org.apache.ftpserver.ftplet.DefaultFtpletContainer;
@@ -37,9 +38,9 @@
 import org.apache.ftpserver.interfaces.CommandFactory;
 import org.apache.ftpserver.interfaces.ConnectionManager;
 import org.apache.ftpserver.interfaces.DataConnectionConfig;
+import org.apache.ftpserver.interfaces.FtpServerContext;
 import org.apache.ftpserver.interfaces.IpRestrictor;
 import org.apache.ftpserver.interfaces.MessageResource;
-import org.apache.ftpserver.interfaces.FtpServerContext;
 import org.apache.ftpserver.interfaces.ServerFtpStatistics;
 import org.apache.ftpserver.interfaces.SocketFactory;
 import org.apache.ftpserver.iprestrictor.FileIpRestrictor;
@@ -47,6 +48,7 @@
 import org.apache.ftpserver.socketfactory.FtpSocketFactory;
 import org.apache.ftpserver.usermanager.BaseUser;
 import org.apache.ftpserver.usermanager.PropertiesUserManager;
+import org.apache.ftpserver.usermanager.WritePermission;
 
 /**
  * FTP server configuration implementation. It holds all 
@@ -71,6 +73,12 @@
     
     private Log log;
     
+    private static final Authority[] ADMIN_AUTHORITIES = new Authority[]{
+        new WritePermission()
+    };
+
+    private static final Authority[] ANON_AUTHORITIES = new Authority[]{
+    };
     
     /**
      * Constructor - set the root configuration.
@@ -184,7 +192,9 @@
             adminUser.setName(adminName);
             adminUser.setPassword(adminName);
             adminUser.setEnabled(true);
-            adminUser.setWritePermission(true);
+            
+            adminUser.setAuthorities(ADMIN_AUTHORITIES);
+
             adminUser.setMaxLoginNumber(0);
             adminUser.setMaxLoginPerIP(0);
             adminUser.setMaxUploadRate(0);
@@ -200,8 +210,10 @@
             BaseUser anonUser = new BaseUser();
             anonUser.setName("anonymous");
             anonUser.setPassword("");
+            
+            anonUser.setAuthorities(ANON_AUTHORITIES);
+            
             anonUser.setEnabled(true);
-            anonUser.setWritePermission(false);
             anonUser.setMaxLoginNumber(20);
             anonUser.setMaxLoginPerIP(2);
             anonUser.setMaxUploadRate(4800);

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/command/SITE_DESCUSER.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/command/SITE_DESCUSER.java?view=diff&rev=490758&r1=490757&r2=490758
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/command/SITE_DESCUSER.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/command/SITE_DESCUSER.java
Thu Dec 28 08:38:51 2006
@@ -27,8 +27,9 @@
 import org.apache.ftpserver.ftplet.FtpException;
 import org.apache.ftpserver.ftplet.User;
 import org.apache.ftpserver.ftplet.UserManager;
-import org.apache.ftpserver.interfaces.Command;
 import org.apache.ftpserver.interfaces.FtpServerContext;
+import org.apache.ftpserver.usermanager.WritePermission;
+import org.apache.ftpserver.usermanager.WriteRequest;
 
 /**
  * This SITE command returns the specified user information.
@@ -36,7 +37,7 @@
  * @author <a href="mailto:rana_b@yahoo.com">Rana Bhattacharyya</a>
  */
 public 
-class SITE_DESCUSER implements Command {
+class SITE_DESCUSER extends AbstractCommand {
 
     /**
      * Execute command.
@@ -75,6 +76,7 @@
             }
         }
         catch(FtpException ex) {
+            log.debug("Exception trying to get user from user manager", ex);
             user = null;
         }
         if(user == null) {
@@ -88,7 +90,7 @@
         sb.append("uid             : ").append(user.getName()).append("\n");
         sb.append("userpassword    : ********\n");
         sb.append("homedirectory   : ").append(user.getHomeDirectory()).append("\n");
-        sb.append("writepermission : ").append(user.getWritePermission()).append("\n");
+        sb.append("writepermission : ").append(user.authorize(new WriteRequest())).append("\n");
         sb.append("enableflag      : ").append(user.getEnabled()).append("\n");
         sb.append("idletime        : ").append(user.getMaxIdleTime()).append("\n");
         sb.append("uploadrate      : ").append(user.getMaxUploadRate()).append("\n");

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/filesystem/NativeFileObject.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/filesystem/NativeFileObject.java?view=diff&rev=490758&r1=490757&r2=490758
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/filesystem/NativeFileObject.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/filesystem/NativeFileObject.java
Thu Dec 28 08:38:51 2006
@@ -29,6 +29,8 @@
 import java.util.StringTokenizer;
 
 import org.apache.ftpserver.ftplet.FileObject;
+import org.apache.ftpserver.ftplet.User;
+import org.apache.ftpserver.usermanager.WriteRequest;
 
 /**
  * This class wraps native file object. 
@@ -44,13 +46,14 @@
     private String fileName;
     
     private File file;
-    private boolean writePermission;
+    
+    private User user;
     
     
     /**
      * Constructor.
      */
-    protected NativeFileObject(String fileName, File file, boolean writePerm) {
+    protected NativeFileObject(String fileName, File file, User user) {
         if(fileName == null) {
             throw new IllegalArgumentException("fileName can not be null");
         } 
@@ -68,7 +71,7 @@
         
         this.fileName = fileName;
         this.file = file;
-        this.writePermission = writePerm;
+        this.user = user;
     }
     
     /**
@@ -182,10 +185,10 @@
     }
     
     /**
-     * Chech file write permission.
+     * Check file write permission.
      */
     public boolean hasWritePermission() {
-        if(!writePermission) {
+        if(!user.authorize(new WriteRequest(getFullName()))) {
             return false;
         }
         
@@ -285,7 +288,7 @@
         for(int i=0; i<files.length; ++i) {
             File fileObj = files[i];
             String fileName = virtualFileStr + fileObj.getName();
-            virtualFiles[i] = new NativeFileObject(fileName, fileObj, writePermission);
+            virtualFiles[i] = new NativeFileObject(fileName, fileObj, user);
         }
         return virtualFiles;
     }

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/filesystem/NativeFileSystemView.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/filesystem/NativeFileSystemView.java?view=diff&rev=490758&r1=490757&r2=490758
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/filesystem/NativeFileSystemView.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/filesystem/NativeFileSystemView.java
Thu Dec 28 08:38:51 2006
@@ -42,11 +42,12 @@
     // It is always with respect to the root directory.
     private String currDir;
     
-    private boolean writePermission;
+    private User user;
+    
+    //private boolean writePermission;
 
 	private boolean caseInsensitive = false;
     
-    
     /**
      * Constructor - set the user object.
      */
@@ -75,7 +76,8 @@
         }
         this.rootDir = rootDir;
         
-        writePermission = user.getWritePermission();
+        this.user = user;
+        
         currDir = "/";
     }
     
@@ -84,7 +86,7 @@
      * for the user. 
      */
     public FileObject getHomeDirectory() {
-        return new NativeFileObject("/", new File(rootDir), writePermission);
+        return new NativeFileObject("/", new File(rootDir), user);
     }
     
     /**
@@ -93,11 +95,11 @@
     public FileObject getCurrentDirectory() {
         FileObject fileObj = null;
         if(currDir.equals("/")) {
-            fileObj = new NativeFileObject("/", new File(rootDir), writePermission); 
+            fileObj = new NativeFileObject("/", new File(rootDir), user); 
         }
         else {
             File file = new File(rootDir, currDir.substring(1));
-            fileObj = new NativeFileObject(currDir, file, writePermission);
+            fileObj = new NativeFileObject(currDir, file, user);
             
         }
         return fileObj;
@@ -114,7 +116,7 @@
         
         // strip the root directory and return
         String userFileName = physicalName.substring(rootDir.length() - 1);
-        return new NativeFileObject(userFileName, fileObj, writePermission);
+        return new NativeFileObject(userFileName, fileObj, user);
     }
     
     /**

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/BaseUser.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/BaseUser.java?view=diff&rev=490758&r1=490757&r2=490758
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/BaseUser.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/BaseUser.java
Thu Dec 28 08:38:51 2006
@@ -21,6 +21,8 @@
 
 import java.io.Serializable;
 
+import org.apache.ftpserver.ftplet.Authority;
+import org.apache.ftpserver.ftplet.AuthorizationRequest;
 import org.apache.ftpserver.ftplet.User;
 
 /**
@@ -55,10 +57,10 @@
     private int maxLoginNumber = 0; //no limit
     private int maxLoginPerIP = 0; //no limit
 
-    private boolean hasWritePermission;
-    
     private String homeDir    = null;
     private boolean isEnabled = true;
+
+    private Authority[] authorities = new Authority[0];
     
     /**
      * Default constructor.
@@ -72,10 +74,10 @@
     public BaseUser(User user) {
         name = user.getName();
         password = user.getPassword();
+        authorities = user.getAuthorities();
         maxIdleTimeSec = user.getMaxIdleTime();
         maxUploadRate = user.getMaxUploadRate();
         maxDownloadRate = user.getMaxDownloadRate();
-        hasWritePermission = user.getWritePermission();
         homeDir = user.getHomeDirectory();
         isEnabled = user.getEnabled();
         maxLoginNumber = user.getMaxLoginNumber();
@@ -110,6 +112,14 @@
         password = pass;
     }
 
+    public Authority[] getAuthorities() {
+        return authorities;
+    }
+
+    public void setAuthorities(Authority[] authorities) {
+        this.authorities = authorities;
+    }
+    
     /**
      * Get the maximum idle time in second.
      */
@@ -214,25 +224,29 @@
     public void setMaxLoginPerIP(int loginPerIP) {
       maxLoginPerIP = loginPerIP;
     }
-        
-    /**
-     * Get write permission.
-     */
-    public boolean getWritePermission() {
-        return hasWritePermission;
-    }
-    
-    /**
-     * Set write permission.
-     */
-    public void setWritePermission(boolean writePerm) {
-        hasWritePermission = writePerm;
-    } 
 
     /** 
      * String representation.
      */
     public String toString() {
         return name;
-    }    
+    }  
+    
+    /**
+     * @see User#authorize(AuthorizationRequest)
+     */
+    public boolean authorize(AuthorizationRequest request) {
+        Authority[] authorities = getAuthorities();
+        
+        for (int i = 0; i < authorities.length; i++) {
+            Authority authority = authorities[i];
+            
+            if(authority.canAuthorize(request)) {
+                return authority.authorize(request);
+            }
+            
+        }
+        
+        return false;
+    }
 }

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/DbUserManager.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/DbUserManager.java?view=diff&rev=490758&r1=490757&r2=490758
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/DbUserManager.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/DbUserManager.java
Thu Dec 28 08:38:51 2006
@@ -26,11 +26,13 @@
 import java.sql.Statement;
 import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.List;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.ftpserver.ftplet.Authentication;
 import org.apache.ftpserver.ftplet.AuthenticationFailedException;
+import org.apache.ftpserver.ftplet.Authority;
 import org.apache.ftpserver.ftplet.Configuration;
 import org.apache.ftpserver.ftplet.FtpException;
 import org.apache.ftpserver.ftplet.User;
@@ -264,7 +266,7 @@
             map.put( ATTR_PASSWORD, escapeString(getPassword(user)) );
             map.put( ATTR_HOME, escapeString(user.getHomeDirectory()) );
             map.put( ATTR_ENABLE, String.valueOf(user.getEnabled()) );
-            map.put( ATTR_WRITE_PERM, String.valueOf(user.getWritePermission()) );
+            map.put( ATTR_WRITE_PERM, String.valueOf(user.authorize(new WriteRequest()))
);
             map.put( ATTR_MAX_IDLE_TIME, new Integer(user.getMaxIdleTime()) );
             map.put( ATTR_MAX_UPLOAD_RATE, new Integer(user.getMaxUploadRate()) );
             map.put( ATTR_MAX_DOWNLOAD_RATE, new Integer(user.getMaxDownloadRate()) ); 
@@ -329,12 +331,19 @@
                 thisUser.setName(rs.getString(ATTR_LOGIN));
                 thisUser.setHomeDirectory(rs.getString(ATTR_HOME));
                 thisUser.setEnabled(trueStr.equalsIgnoreCase(rs.getString(ATTR_ENABLE)));
-                thisUser.setWritePermission(trueStr.equalsIgnoreCase(rs.getString(ATTR_WRITE_PERM)));
                 thisUser.setMaxLoginNumber(rs.getInt(ATTR_MAX_LOGIN_NUMBER));
                 thisUser.setMaxLoginPerIP(rs.getInt(ATTR_MAX_LOGIN_PER_IP));
                 thisUser.setMaxIdleTime(rs.getInt(ATTR_MAX_IDLE_TIME));
                 thisUser.setMaxUploadRate(rs.getInt(ATTR_MAX_UPLOAD_RATE));
                 thisUser.setMaxDownloadRate(rs.getInt(ATTR_MAX_DOWNLOAD_RATE));
+                
+                List authorities = new ArrayList();
+                
+                if(trueStr.equalsIgnoreCase(rs.getString(ATTR_WRITE_PERM))) {
+                    authorities.add(new WritePermission());
+                }
+                
+                thisUser.setAuthorities((Authority[]) authorities.toArray(new Authority[0]));
             }
             return thisUser;
         }

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/PropertiesUserManager.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/PropertiesUserManager.java?view=diff&rev=490758&r1=490757&r2=490758
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/PropertiesUserManager.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/PropertiesUserManager.java
Thu Dec 28 08:38:51 2006
@@ -26,11 +26,13 @@
 import java.util.Collections;
 import java.util.Enumeration;
 import java.util.Iterator;
+import java.util.List;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.ftpserver.ftplet.Authentication;
 import org.apache.ftpserver.ftplet.AuthenticationFailedException;
+import org.apache.ftpserver.ftplet.Authority;
 import org.apache.ftpserver.ftplet.Configuration;
 import org.apache.ftpserver.ftplet.FtpException;
 import org.apache.ftpserver.ftplet.User;
@@ -122,7 +124,7 @@
        }
        userDataProp.setProperty(thisPrefix + ATTR_HOME,              home);
        userDataProp.setProperty(thisPrefix + ATTR_ENABLE,            usr.getEnabled());
-       userDataProp.setProperty(thisPrefix + ATTR_WRITE_PERM,        usr.getWritePermission());
+       userDataProp.setProperty(thisPrefix + ATTR_WRITE_PERM,        usr.authorize(new WriteRequest()));
        userDataProp.setProperty(thisPrefix + ATTR_MAX_IDLE_TIME,     usr.getMaxIdleTime());
        userDataProp.setProperty(thisPrefix + ATTR_MAX_UPLOAD_RATE,   usr.getMaxUploadRate());
        userDataProp.setProperty(thisPrefix + ATTR_MAX_DOWNLOAD_RATE, usr.getMaxDownloadRate());
@@ -252,7 +254,16 @@
         user.setName(userName);
         user.setEnabled(userDataProp.getBoolean(baseKey + ATTR_ENABLE, true));
         user.setHomeDirectory( userDataProp.getProperty(baseKey + ATTR_HOME, "/") );
-        user.setWritePermission(userDataProp.getBoolean(baseKey + ATTR_WRITE_PERM, false));
+        
+        List authorities = new ArrayList();
+        
+        if(userDataProp.getBoolean(baseKey + ATTR_WRITE_PERM, false)) {
+            authorities.add(new WritePermission());
+        }
+        
+        user.setAuthorities((Authority[]) authorities.toArray(new Authority[0]));
+        
+        //user.setWritePermission(userDataProp.getBoolean(baseKey + ATTR_WRITE_PERM, false));
         user.setMaxLoginNumber(userDataProp.getInteger(baseKey + ATTR_MAX_LOGIN_NUMBER, 0));
         user.setMaxLoginPerIP(userDataProp.getInteger(baseKey + ATTR_MAX_LOGIN_PER_IP, 0));
         user.setMaxIdleTime(userDataProp.getInteger(baseKey + ATTR_MAX_IDLE_TIME, 0));

Added: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WritePermission.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WritePermission.java?view=auto&rev=490758
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WritePermission.java
(added)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WritePermission.java
Thu Dec 28 08:38:51 2006
@@ -0,0 +1,71 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */  
+
+package org.apache.ftpserver.usermanager;
+
+import org.apache.ftpserver.ftplet.Authority;
+import org.apache.ftpserver.ftplet.AuthorizationRequest;
+
+/**
+ * Class representing a write permission
+ */
+public class WritePermission implements Authority {
+
+    private String permissionRoot;
+
+    /**
+     * Construct a write permission for the user home directory (/)
+     */
+    public WritePermission() {
+        this.permissionRoot = "/";
+    }
+
+    /**
+     * Construct a write permission for a file or directory relative to the user home directory
+     * @param permissionRoot The file or directory
+     */
+    public WritePermission(String permissionRoot) {
+        this.permissionRoot = permissionRoot;
+    }
+    
+    /**
+     * @see Authority#authorize(AuthorizationRequest)
+     */
+    public boolean authorize(AuthorizationRequest request) {
+        if(request instanceof WriteRequest) {
+            WriteRequest writeRequest = (WriteRequest) request;
+            
+            String requestFile = writeRequest.getFile();
+
+            return requestFile.startsWith(permissionRoot);
+        } else {
+            return false;
+        }
+    }
+
+    /**
+     * @see Authority#canAuthorize(AuthorizationRequest)
+     */
+    public boolean canAuthorize(AuthorizationRequest request) {
+        return request instanceof WriteRequest;
+    }
+   
+
+    
+}

Propchange: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WritePermission.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WriteRequest.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WriteRequest.java?view=auto&rev=490758
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WriteRequest.java
(added)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WriteRequest.java
Thu Dec 28 08:38:51 2006
@@ -0,0 +1,57 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */  
+
+package org.apache.ftpserver.usermanager;
+
+import org.apache.ftpserver.ftplet.AuthorizationRequest;
+
+/**
+ * Class representing a write request
+ */
+public class WriteRequest implements AuthorizationRequest {
+   
+    private String file;
+    
+    /**
+     * Request write access to the user home directory (/)
+     *
+     */
+    public WriteRequest() {
+        this("/");
+    }
+    
+    /**
+     * Request write access to a file or directory relative to the user home directory
+     * @param file
+     */
+    public WriteRequest(String file) {
+        this.file = file;
+    }
+
+    /**
+     * Get the file or directory to which write access is requested
+     * @return the file The file or directory
+     */
+    public String getFile() {
+        return file;
+    }
+    
+    
+    
+}

Propchange: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/usermanager/WriteRequest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: incubator/ftpserver/trunk/core/src/test/org/apache/ftpserver/filesystem/NativeFileObjectTest.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/test/org/apache/ftpserver/filesystem/NativeFileObjectTest.java?view=diff&rev=490758&r1=490757&r2=490758
==============================================================================
--- incubator/ftpserver/trunk/core/src/test/org/apache/ftpserver/filesystem/NativeFileObjectTest.java
(original)
+++ incubator/ftpserver/trunk/core/src/test/org/apache/ftpserver/filesystem/NativeFileObjectTest.java
Thu Dec 28 08:38:51 2006
@@ -22,6 +22,8 @@
 import java.io.File;
 import java.io.IOException;
 
+import org.apache.ftpserver.ftplet.AuthorizationRequest;
+import org.apache.ftpserver.usermanager.BaseUser;
 import org.apache.ftpserver.util.IoUtils;
 
 import junit.framework.TestCase;
@@ -43,6 +45,14 @@
     private static final String FULL_PATH_NO_CURRDIR = ROOT_DIR_PATH + "/"
             + TEST_FILE2_IN_DIR1.getName();
 
+    public static class AlwaysAuthorizedUser extends BaseUser {
+
+        public boolean authorize(AuthorizationRequest request) {
+            return true;
+        }
+        
+    }
+    
     /*
      * (non-Javadoc)
      * 
@@ -128,7 +138,7 @@
     
     public void testConstructorWithNullFileName() {
         try{
-            new NativeFileObject(null, TEST_FILE2_IN_DIR1, true);
+            new NativeFileObject(null, TEST_FILE2_IN_DIR1, new AlwaysAuthorizedUser());
             fail("Must throw IllegalArgumentException");
         } catch(IllegalArgumentException e) {
             // OK
@@ -137,7 +147,7 @@
 
     public void testEmptyFileName() {
         try{
-            new NativeFileObject("", TEST_FILE2_IN_DIR1, true);
+            new NativeFileObject("", TEST_FILE2_IN_DIR1, new AlwaysAuthorizedUser());
             fail("Must throw IllegalArgumentException");
         } catch(IllegalArgumentException e) {
             // OK
@@ -146,7 +156,7 @@
 
     public void testNonLeadingSlash() {
         try{
-            new NativeFileObject("foo", TEST_FILE2_IN_DIR1, true);
+            new NativeFileObject("foo", TEST_FILE2_IN_DIR1, new AlwaysAuthorizedUser());
             fail("Must throw IllegalArgumentException");
         } catch(IllegalArgumentException e) {
             // OK
@@ -155,7 +165,7 @@
 
     public void testWhiteSpaceFileName() {
         try{
-            new NativeFileObject(" \t", TEST_FILE2_IN_DIR1, true);
+            new NativeFileObject(" \t", TEST_FILE2_IN_DIR1, new AlwaysAuthorizedUser());
             fail("Must throw IllegalArgumentException");
         } catch(IllegalArgumentException e) {
             // OK
@@ -164,7 +174,7 @@
 
     public void testConstructorWithNullFile() {
         try{
-            new NativeFileObject("foo", null, true);
+            new NativeFileObject("foo", null, new AlwaysAuthorizedUser());
             fail("Must throw IllegalArgumentException");
         } catch(IllegalArgumentException e) {
             // OK
@@ -174,25 +184,25 @@
     
     public void testFullName() {
         NativeFileObject fileObject = new NativeFileObject("/dir1/file2",
-                TEST_FILE2_IN_DIR1, true);
+                TEST_FILE2_IN_DIR1, new AlwaysAuthorizedUser());
         assertEquals("/dir1/file2", fileObject.getFullName());
 
-        fileObject = new NativeFileObject("/dir1/", TEST_DIR1, true);
+        fileObject = new NativeFileObject("/dir1/", TEST_DIR1, new AlwaysAuthorizedUser());
         assertEquals("/dir1", fileObject.getFullName());
 
-        fileObject = new NativeFileObject("/dir1", TEST_DIR1, true);
+        fileObject = new NativeFileObject("/dir1", TEST_DIR1, new AlwaysAuthorizedUser());
         assertEquals("/dir1", fileObject.getFullName());
     }
 
     public void testShortName() {
         NativeFileObject fileObject = new NativeFileObject("/dir1/file2",
-                TEST_FILE2_IN_DIR1, true);
+                TEST_FILE2_IN_DIR1, new AlwaysAuthorizedUser());
         assertEquals("file2", fileObject.getShortName());
 
-        fileObject = new NativeFileObject("/dir1/", TEST_DIR1, true);
+        fileObject = new NativeFileObject("/dir1/", TEST_DIR1, new AlwaysAuthorizedUser());
         assertEquals("dir1", fileObject.getShortName());
 
-        fileObject = new NativeFileObject("/dir1", TEST_DIR1, true);
+        fileObject = new NativeFileObject("/dir1", TEST_DIR1, new AlwaysAuthorizedUser());
         assertEquals("dir1", fileObject.getShortName());
     }
 

Modified: incubator/ftpserver/trunk/core/src/test/org/apache/ftpserver/usermanager/UserManagerTestTemplate.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/test/org/apache/ftpserver/usermanager/UserManagerTestTemplate.java?view=diff&rev=490758&r1=490757&r2=490758
==============================================================================
--- incubator/ftpserver/trunk/core/src/test/org/apache/ftpserver/usermanager/UserManagerTestTemplate.java
(original)
+++ incubator/ftpserver/trunk/core/src/test/org/apache/ftpserver/usermanager/UserManagerTestTemplate.java
Thu Dec 28 08:38:51 2006
@@ -19,6 +19,8 @@
 
 package org.apache.ftpserver.usermanager;
 
+import java.util.ArrayList;
+import java.util.List;
 import java.util.Properties;
 
 import junit.framework.TestCase;
@@ -26,6 +28,7 @@
 import org.apache.ftpserver.config.PropertiesConfiguration;
 import org.apache.ftpserver.ftplet.Authentication;
 import org.apache.ftpserver.ftplet.AuthenticationFailedException;
+import org.apache.ftpserver.ftplet.Authority;
 import org.apache.ftpserver.ftplet.User;
 import org.apache.ftpserver.ftplet.UserManager;
 
@@ -137,7 +140,7 @@
         assertEquals(0, user.getMaxLoginNumber());
         assertEquals(0, user.getMaxLoginPerIP());
         assertEquals(0, user.getMaxUploadRate());
-        assertFalse(user.getWritePermission());
+        assertFalse(user.authorize(new WriteRequest()));
         assertTrue(user.getEnabled());
     }
 
@@ -152,7 +155,7 @@
         assertEquals(3, user.getMaxLoginNumber());
         assertEquals(4, user.getMaxLoginPerIP());
         assertEquals(5, user.getMaxUploadRate());
-        assertTrue(user.getWritePermission());
+        assertTrue(user.authorize(new WriteRequest()));
         assertFalse(user.getEnabled());
     }
 
@@ -172,7 +175,10 @@
         user.setMaxLoginPerIP(4);
         user.setMaxUploadRate(5);
 
-        user.setWritePermission(true);
+        List authorities = new ArrayList();
+        authorities.add(new WritePermission());
+        user.setAuthorities((Authority[]) authorities.toArray(new Authority[0]));
+
         userManager.save(user);
         
         UserManager newUserManager = new PropertiesUserManager();
@@ -185,7 +191,7 @@
         assertNull(actualUser.getPassword());
         assertEquals(user.getHomeDirectory(), actualUser.getHomeDirectory());
         assertEquals(user.getEnabled(), actualUser.getEnabled());
-        assertEquals(user.getWritePermission(), actualUser.getWritePermission());
+        assertTrue(user.authorize(new WriteRequest()));
         assertEquals(user.getMaxDownloadRate(), actualUser.getMaxDownloadRate());
         assertEquals(user.getMaxIdleTime(), actualUser.getMaxIdleTime());
         assertEquals(user.getMaxLoginNumber(), actualUser.getMaxLoginNumber());
@@ -209,7 +215,7 @@
         assertEquals(0, actualUser.getMaxLoginNumber());
         assertEquals(0, actualUser.getMaxLoginPerIP());
         assertEquals(0, actualUser.getMaxUploadRate());
-        assertFalse(actualUser.getWritePermission());
+        assertFalse(user.authorize(new WriteRequest()));
         assertTrue(actualUser.getEnabled());
     }
 
@@ -228,7 +234,7 @@
         assertNull(actualUser.getPassword());
         assertEquals("/", actualUser.getHomeDirectory());
         assertEquals(true, actualUser.getEnabled());
-        assertEquals(false, actualUser.getWritePermission());
+        assertFalse(user.authorize(new WriteRequest()));
         assertEquals(0, actualUser.getMaxDownloadRate());
         assertEquals(0, actualUser.getMaxIdleTime());
         assertEquals(0, actualUser.getMaxLoginNumber());

Added: incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/Authority.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/Authority.java?view=auto&rev=490758
==============================================================================
--- incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/Authority.java
(added)
+++ incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/Authority.java
Thu Dec 28 08:38:51 2006
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */ 
+
+package org.apache.ftpserver.ftplet;
+
+/**
+ * Interface for an authority granted to the user,  typical
+ * example is write access or the number of concurrent logins
+ */
+public interface Authority {
+    
+    /**
+     * Indicates weather this Authority can authorize a certain request
+     * @param request The request to authorize
+     * @return True if the request can be authorized by this Authority
+     */
+    boolean canAuthorize(AuthorizationRequest request);
+    
+    /**
+     * Authorize an {@link AuthorizationRequest}. 
+     * @param request The {@link AuthorizationRequest}
+     * @return True if the request is authorized, false otherwise
+     *   If the request can not be authorized (as checked by {@link #canAuthorize(AuthorizationRequest)}

+     *   by this Authority, false is returned.
+     */
+    boolean authorize(AuthorizationRequest request);
+}

Propchange: incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/Authority.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/AuthorizationRequest.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/AuthorizationRequest.java?view=auto&rev=490758
==============================================================================
--- incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/AuthorizationRequest.java
(added)
+++ incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/AuthorizationRequest.java
Thu Dec 28 08:38:51 2006
@@ -0,0 +1,28 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */ 
+
+package org.apache.ftpserver.ftplet;
+
+/**
+ * A request for authorization for a specific task, for example
+ * write access.
+ */
+public interface AuthorizationRequest {
+    
+}

Propchange: incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/AuthorizationRequest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/User.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/User.java?view=diff&rev=490758&r1=490757&r2=490758
==============================================================================
--- incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/User.java (original)
+++ incubator/ftpserver/trunk/ftplet-api/src/java/org/apache/ftpserver/ftplet/User.java Thu
Dec 28 08:38:51 2006
@@ -38,6 +38,19 @@
     String getPassword();
     
     /**
+     * Get all authorities granted to this user
+     * @return All authorities
+     */
+    Authority[] getAuthorities();
+
+    /**
+     * Authorize a {@link AuthorizationRequest} for this user
+     * @param request The {@link AuthorizationRequest} to authorize
+     * @return True if the user is allowed to perform the action, false otherwise
+     */
+    boolean authorize(AuthorizationRequest request);
+    
+    /**
      * Get the maximum idle time in seconds. Zero or less idle time means no limit.
      */
     int getMaxIdleTime();
@@ -71,9 +84,4 @@
      * get user home directory
      */
     String getHomeDirectory();
-    
-    /**
-     * Get write permission
-     */
-    boolean getWritePermission();
 }



Mime
View raw message