portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dlest...@apache.org
Subject svn commit: r369983 - /portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/
Date Wed, 18 Jan 2006 00:36:07 GMT
Author: dlestrat
Date: Tue Jan 17 16:36:04 2006
New Revision: 369983

URL: http://svn.apache.org/viewcvs?rev=369983&view=rev
Log:
http://issues.apache.org/jira/browse/JS2-470

Contributions from Davy De Waele.

Added:
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapRoleSecurityHandler.java
Modified:
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultRoleSecurityHandler.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapGroupSecurityHandler.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java?rev=369983&r1=369982&r2=369983&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java
(original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java
Tue Jan 17 16:36:04 2006
@@ -51,7 +51,7 @@
     /**
      * @see org.apache.jetspeed.security.spi.GroupSecurityHandler#getGroupPrincipal(java.lang.String)
      */
-    public Principal getGroupPrincipal(String groupFullPathName)
+    public GroupPrincipal getGroupPrincipal(String groupFullPathName)
     {
         GroupPrincipal groupPrincipal = null;
         InternalGroupPrincipal internalGroup = commonQueries

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultRoleSecurityHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultRoleSecurityHandler.java?rev=369983&r1=369982&r2=369983&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultRoleSecurityHandler.java
(original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultRoleSecurityHandler.java
Tue Jan 17 16:36:04 2006
@@ -51,7 +51,7 @@
     /**
      * @see org.apache.jetspeed.security.spi.RoleSecurityHandler#getRolePrincipal(java.lang.String)
      */
-    public Principal getRolePrincipal(String roleFullPathName)
+    public RolePrincipal getRolePrincipal(String roleFullPathName)
     {
         RolePrincipal rolePrincipal = null;
         InternalRolePrincipal internalRole = commonQueries

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java?rev=369983&r1=369982&r2=369983&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java
(original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java
Tue Jan 17 16:36:04 2006
@@ -146,10 +146,10 @@
     }
 
     /**
-     * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRolePrincipal(java.lang.String,
+     * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setUserPrincipalInRole(java.lang.String,
      *      java.lang.String)
      */
-    public void setRolePrincipal(String username, String roleFullPathName) throws SecurityException
+    public void setUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException
     {
         InternalUserPrincipal internalUser = commonQueries.getInternalUserPrincipal(username);
         boolean isMappingOnly = false;
@@ -174,10 +174,10 @@
     }
 
     /**
-     * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeRolePrincipal(java.lang.String,
+     * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeUserPrincipalInRole(java.lang.String,
      *      java.lang.String)
      */
-    public void removeRolePrincipal(String username, String roleFullPathName) throws SecurityException
+    public void removeUserPrincipalInRole(String username, String roleFullPathName) throws
SecurityException
     {
         boolean isMappingOnly = false;
         // Check is the record is used for mapping only.

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapGroupSecurityHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapGroupSecurityHandler.java?rev=369983&r1=369982&r2=369983&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapGroupSecurityHandler.java
(original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapGroupSecurityHandler.java
Tue Jan 17 16:36:04 2006
@@ -68,7 +68,7 @@
     /**
      * @see org.apache.jetspeed.security.spi.GroupSecurityHandler#getGroupPrincipal(java.lang.String)
      */
-    public Principal getGroupPrincipal(String groupPrincipalUid)
+    public GroupPrincipal getGroupPrincipal(String groupPrincipalUid)
     {
         String groupUidWithoutSlashes = ldap.convertUidToLdapAcceptableName(groupPrincipalUid);
         verifyGroupId(groupUidWithoutSlashes);

Added: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapRoleSecurityHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapRoleSecurityHandler.java?rev=369983&view=auto
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapRoleSecurityHandler.java
(added)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapRoleSecurityHandler.java
Tue Jan 17 16:36:04 2006
@@ -0,0 +1,147 @@
+package org.apache.jetspeed.security.spi.impl;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.naming.NamingException;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.jetspeed.security.GroupPrincipal;
+import org.apache.jetspeed.security.RolePrincipal;
+import org.apache.jetspeed.security.SecurityException;
+import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
+import org.apache.jetspeed.security.impl.RolePrincipalImpl;
+import org.apache.jetspeed.security.spi.RoleSecurityHandler;
+import org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl;
+import org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao;
+
+public class LdapRoleSecurityHandler implements RoleSecurityHandler {
+
+	   /** The logger. */
+    private static final Log logger = LogFactory.getLog(LdapRoleSecurityHandler.class);
+
+    /** The {@link LdapPrincipalDao}. */
+    private LdapPrincipalDao ldap;
+
+    /**
+     * @param ldap The {@link LdapPrincipalDao}.
+     */
+    public LdapRoleSecurityHandler(LdapPrincipalDao ldap)
+    {
+        this.ldap = ldap;
+    }
+
+    /**
+     * <p>
+     * Default constructor.
+     * </p>
+     * 
+     * @throws NamingException A {@link NamingException}.
+     * @throws SecurityException A {@link SecurityException}.
+     */
+    public LdapRoleSecurityHandler() throws NamingException, SecurityException
+    {
+        this(new LdapRoleDaoImpl());
+    }
+	
+	public RolePrincipal getRolePrincipal(String roleFullPathName) {
+        String roleUidWithoutSlashes = ldap.convertUidToLdapAcceptableName(roleFullPathName);
+        verifyRoleId(roleUidWithoutSlashes);
+        try
+        {
+            String dn = ldap.lookupByUid(roleUidWithoutSlashes);
+
+            if (!StringUtils.isEmpty(dn))
+            {
+                return new RolePrincipalImpl(roleFullPathName);
+            }
+        }
+        catch (SecurityException e)
+        {
+            logSecurityException(e, roleFullPathName);
+        }
+        return null;
+	}
+
+	public void setRolePrincipal(RolePrincipal rolePrincipal) throws SecurityException {
+        verifyRolePrincipal(rolePrincipal);
+
+        String fullPath = rolePrincipal.getFullPath();
+        String groupUidWithoutSlashes = ldap.convertUidToLdapAcceptableName(fullPath);
+        if (getRolePrincipal(groupUidWithoutSlashes) == null)
+        {
+            ldap.create(groupUidWithoutSlashes);
+        }
+	}
+
+	public void removeRolePrincipal(RolePrincipal rolePrincipal) throws SecurityException {
+        verifyRolePrincipal(rolePrincipal);
+
+        String fullPath = rolePrincipal.getFullPath();
+        String roleUidWithoutSlashes = ldap.convertUidToLdapAcceptableName(fullPath);
+
+        ldap.delete(roleUidWithoutSlashes);
+	}
+
+	public List getRolePrincipals(String filter) {
+        try
+        {
+            return Arrays.asList(ldap.find(filter, RolePrincipal.PREFS_ROLE_ROOT));
+        }
+        catch (SecurityException e)
+        {
+            logSecurityException(e, filter);
+        }
+        return new ArrayList();
+	}
+	
+    /**
+     * <p>
+     * Verify that the group uid is valid.
+     * </p>
+     * 
+     * @param groupPrincipalUid The group uid.
+     */
+    private void verifyRoleId(String rolePrincipalUid)
+    {
+        if (StringUtils.isEmpty(rolePrincipalUid))
+        {
+            throw new IllegalArgumentException("The roleId cannot be null or empty.");
+        }
+    }
+
+    /**
+     * <p>
+     * Log the security exception.
+     * </p>
+     * 
+     * @param e The {@link SecurityException}.
+     * @param groupPrincipalUid The group principal uid.
+     */
+    private void logSecurityException(SecurityException e, String groupPrincipalUid)
+    {
+        if (logger.isErrorEnabled())
+        {
+            logger.error("An LDAP error has occurred for groupId:" + groupPrincipalUid, e);
+        }
+    }
+    
+    /**
+     * <p>
+     * Verify that the group principal is valid.
+     * </p>
+     * 
+     * @param groupPrincipal The group principal.
+     */
+    private void verifyRolePrincipal(RolePrincipal rolePrincipal)
+    {
+        if (rolePrincipal == null)
+        {
+            throw new IllegalArgumentException("The RolePrincipal cannot be null or empty.");
+        }
+    }    
+}

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java?rev=369983&r1=369982&r2=369983&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java
(original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java
Tue Jan 17 16:36:04 2006
@@ -15,7 +15,9 @@
 package org.apache.jetspeed.security.spi.impl;
 
 import java.security.Principal;
+import java.util.Collection;
 import java.util.HashSet;
+import java.util.Iterator;
 import java.util.Set;
 import java.util.prefs.Preferences;
 
@@ -25,14 +27,19 @@
 import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.security.GroupPrincipal;
 import org.apache.jetspeed.security.HierarchyResolver;
+import org.apache.jetspeed.security.RolePrincipal;
 import org.apache.jetspeed.security.SecurityException;
 import org.apache.jetspeed.security.UserPrincipal;
 import org.apache.jetspeed.security.impl.GeneralizationHierarchyResolver;
 import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
+import org.apache.jetspeed.security.impl.RolePrincipalImpl;
 import org.apache.jetspeed.security.impl.UserPrincipalImpl;
+import org.apache.jetspeed.security.om.InternalGroupPrincipal;
+import org.apache.jetspeed.security.om.InternalUserPrincipal;
 import org.apache.jetspeed.security.spi.SecurityMappingHandler;
 import org.apache.jetspeed.security.spi.impl.ldap.LdapGroupDaoImpl;
 import org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao;
+import org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl;
 import org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDao;
 import org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDaoImpl;
 
@@ -47,6 +54,8 @@
     private LdapUserPrincipalDao userDao;
 
     private LdapPrincipalDao groupDao;
+    
+    private LdapPrincipalDao roleDao;
 
     /** The logger. */
     private static final Log LOG = LogFactory.getLog(LdapSecurityMappingHandler.class);
@@ -61,10 +70,11 @@
      * @param userDao
      * @param groupDao
      */
-    public LdapSecurityMappingHandler(LdapUserPrincipalDao userDao, LdapPrincipalDao groupDao)
+    public LdapSecurityMappingHandler(LdapUserPrincipalDao userDao, LdapPrincipalDao groupDao,LdapPrincipalDao
roleDao)
     {
         this.userDao = userDao;
         this.groupDao = groupDao;
+        this.roleDao = roleDao;
     }
 
     /**
@@ -75,6 +85,7 @@
     {
         this.userDao = new LdapUserPrincipalDaoImpl();
         this.groupDao = new LdapGroupDaoImpl();
+        this.roleDao = new LdapRoleDaoImpl();
     }
 
     /** 
@@ -115,23 +126,42 @@
     public Set getRolePrincipals(String username)
     {
         Set rolePrincipals = new HashSet();
+        String[] roles;
+        try
+        {
+            roles = userDao.getRoleUidsForUser(username);
+            for (int i = 0; i < roles.length; i++)
+            {
+                createResolvedRolePrincipalSet(username, rolePrincipals, roles, i);
+            }
+        }
+        catch (SecurityException e)
+        {
+            LOG.error(e);
+        }
         return rolePrincipals;
+        
     }
 
     /**
-     * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRolePrincipal(java.lang.String,
+     * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setUserPrincipalInRole(java.lang.String,
      *      java.lang.String)
      */
-    public void setRolePrincipal(String username, String roleFullPathName) throws SecurityException
+    public void setUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException
     {
+        verifyUserAndRoleExist(username, roleFullPathName);
+        addRoleToUser(username, roleFullPathName);
     }
 
     /**
-     * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeRolePrincipal(java.lang.String,
+     * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeUserPrincipalInRole(java.lang.String,
      *      java.lang.String)
      */
-    public void removeRolePrincipal(String username, String roleFullPathName) throws SecurityException
+    public void removeUserPrincipalInRole(String username, String roleFullPathName) throws
SecurityException
     {
+    	//TODO: check if this is ok
+        verifyUserAndRoleExist(username, roleFullPathName);
+        removeUserFromRole(username, roleFullPathName);
     }
 
     /**
@@ -139,8 +169,22 @@
      */
     public Set getRolePrincipalsInGroup(String groupFullPathName)
     {
-        Set rolePrincipals = new HashSet();
-        return rolePrincipals;
+        Set rolePrincipalsInGroup = new HashSet();
+        String[] roles;
+        try
+        {
+        	//TODO: see if we can't use the groupDao here
+            roles = userDao.getRolesForGroup(groupFullPathName);
+            for (int i = 0; i < roles.length; i++)
+            {
+                createResolvedRolePrincipalSet(groupFullPathName, rolePrincipalsInGroup,
roles, i);
+            }
+        }
+        catch (SecurityException e)
+        {
+            LOG.error(e);
+        }
+        return rolePrincipalsInGroup;        
     }
 
     /**
@@ -149,6 +193,8 @@
      */
     public void setRolePrincipalInGroup(String groupFullPathName, String roleFullPathName)
throws SecurityException
     {
+        verifyGroupAndRoleExist(groupFullPathName, roleFullPathName);
+        addRoleToGroup(groupFullPathName, roleFullPathName);    	
     }
 
     /**
@@ -157,9 +203,12 @@
      */
     public void removeRolePrincipalInGroup(String groupFullPathName, String roleFullPathName)
throws SecurityException
     {
+        verifyGroupAndRoleExist(groupFullPathName, roleFullPathName);
+        removeRoleFromGroup(groupFullPathName, roleFullPathName);    	
     }
 
-    /**
+
+	/**
      * This method returns the set of group principals associated with a user.
      * 
      * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getGroupPrincipals(java.lang.String)
@@ -198,7 +247,17 @@
      */
     public Set getUserPrincipalsInRole(String roleFullPathName)
     {
-        Set userPrincipals = new HashSet();
+    	//TODO: Check that this is correct
+    	Set userPrincipals = new HashSet();
+        String[] fullPaths = {roleFullPathName};
+        try
+        {
+            getUserPrincipalsInRole(userPrincipals, fullPaths);
+        }
+        catch (SecurityException e)
+        {
+            LOG.error(e);
+        }
         return userPrincipals;
     }
 
@@ -212,9 +271,15 @@
      */
     public Set getUserPrincipalsInGroup(String groupFullPathName)
     {
-        Set userPrincipals = new HashSet();
-        Preferences preferences = Preferences.userRoot().node(groupFullPathName);
-        String[] fullPaths = groupHierarchyResolver.resolve(preferences);
+    	Set userPrincipals = new HashSet();
+
+    	//TODO: Check that this is correct
+    	String[] fullPaths = {groupFullPathName};
+
+//        Preferences preferences = Preferences.userRoot().node(
+//                GroupPrincipalImpl.getFullPathFromPrincipalName(groupFullPathName));
+//        String[] fullPaths = groupHierarchyResolver.resolve(preferences);
+//        
         try
         {
             getUserPrincipalsInGroup(userPrincipals, fullPaths);
@@ -247,6 +312,28 @@
             }
         }
     }
+    
+    /**
+     * <p>
+     * Gets the user principals in groups.
+     * </p>
+     * 
+     * @param userPrincipals
+     * @param fullPaths
+     * @throws SecurityException A {@link SecurityException}.
+     */
+    private void getUserPrincipalsInRole(Set userPrincipals, String[] fullPaths) throws SecurityException
+    {
+        for (int i = 0; i < fullPaths.length; i++)
+        {
+            String[] usersInRole = userDao.getUserUidsForRole(fullPaths[i]);
+            for (int y = 0; y < usersInRole.length; y++)
+            {
+                Principal userPrincipal = new UserPrincipalImpl(usersInRole[y]);
+                userPrincipals.add(userPrincipal);
+            }
+        }
+    }    
 
     /**
      * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setUserPrincipalInGroup(java.lang.String,
@@ -267,7 +354,21 @@
         verifyUserAndGroupExist(username, groupFullPathName);
         removeUserFromGroup(username, groupFullPathName);
     }
-
+    /**
+     * @param username
+     * @param groupFullPathName
+     * @throws SecurityException
+     */
+    private void verifyGroupAndRoleExist(String groupFullPathName, String roleFullPathName)
throws SecurityException
+    {
+        GroupPrincipal group = getGroup(groupFullPathName);
+        RolePrincipal role = getRole(roleFullPathName);
+        if ((null == group) && (null == role))
+        {
+            throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST);
+        }
+    }
+    
     /**
      * @param username
      * @param groupFullPathName
@@ -281,6 +382,21 @@
         {
             throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST);
         }
+    }    
+
+    /**
+     * @param username
+     * @param groupFullPathName
+     * @throws SecurityException
+     */
+    private void verifyUserAndRoleExist(String username, String roleFullPathName) throws
SecurityException
+    {
+        UserPrincipal user = getUser(username);
+        RolePrincipal role = getRole(roleFullPathName);
+        if ((null == user) && (null == role))
+        {
+            throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST);
+        }
     }
 
     /**
@@ -294,7 +410,7 @@
         LOG.debug("Group [" + i + "] for user[" + username + "] is [" + groups[i] + "]");
 
         GroupPrincipal group = new GroupPrincipalImpl(groups[i]);
-        Preferences preferences = Preferences.userRoot().node(group.getName());
+        Preferences preferences = Preferences.userRoot().node(group.getFullPath());
         LOG.debug("Group name:" + group.getName());
         String[] fullPaths = groupHierarchyResolver.resolve(preferences);
         for (int n = 0; n < fullPaths.length; n++)
@@ -307,6 +423,29 @@
 
     /**
      * @param username
+     * @param groupPrincipals
+     * @param groups
+     * @param i
+     */
+    private void createResolvedRolePrincipalSet(String username, Set rolePrincipals, String[]
roles, int i)
+    {
+        LOG.debug("Group [" + i + "] for user[" + username + "] is [" + roles[i] + "]");
+
+        RolePrincipal role = new RolePrincipalImpl(roles[i]);
+        Preferences preferences = Preferences.userRoot().node(role.getFullPath());
+        LOG.debug("Group name:" + role.getName());
+        String[] fullPaths = roleHierarchyResolver.resolve(preferences);
+        for (int n = 0; n < fullPaths.length; n++)
+        {
+            LOG.debug("Group [" + i + "] for user[" + username + "] is ["
+                    + RolePrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n]) + "]");
+            rolePrincipals.add(new RolePrincipalImpl(RolePrincipalImpl.getPrincipalNameFromFullPath(fullPaths[n])));
+        }
+    }
+
+    
+    /**
+     * @param username
      * @param groupFullPathName
      * @throws SecurityException
      */
@@ -314,6 +453,22 @@
     {
         userDao.removeGroup(username, groupFullPathName);
     }
+    
+    /**
+     * @param username
+     * @param groupFullPathName
+     * @throws SecurityException
+     */
+    private void removeUserFromRole(String username, String roleFullPathName) throws SecurityException
+    {
+        userDao.removeRole(username, roleFullPathName);
+    }    
+    
+    private void removeRoleFromGroup(String groupFullPathName, String roleFullPathName)throws
SecurityException
+    {
+    	userDao.removeRoleFromGroup(groupFullPathName,roleFullPathName);
+	}
+    
 
     /**
      * @param uid
@@ -352,6 +507,26 @@
     }
 
     /**
+     * @param uid
+     * @return
+     * @throws SecurityException A {@link SecurityException}.
+     */
+    private RolePrincipal getRole(String uid) throws SecurityException
+    {
+        Principal[] role = roleDao.find(uid, RolePrincipal.PREFS_ROLE_ROOT);
+        
+        if (role.length == 1)
+        
+        {
+            return (RolePrincipal) role[0];
+        }
+        else
+        {
+            throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(uid));
+        }
+    }
+
+    /**
      * @param username
      * @param groupFullPathName
      * @throws SecurityException A {@link SecurityException}.
@@ -360,5 +535,26 @@
     {
         userDao.addGroup(username, groupFullPathName);
     }
+
+    /**
+     * @param username
+     * @param groupFullPathName
+     * @throws SecurityException A {@link SecurityException}.
+     */
+    private void addRoleToUser(String username, String roleFullPathName) throws SecurityException
+    {
+        userDao.addRole(username, roleFullPathName);
+    }
+    
+    /**
+     * @param username
+     * @param groupFullPathName
+     * @throws SecurityException A {@link SecurityException}.
+     */
+    private void addRoleToGroup(String groupFullPathName, String roleFullPathName) throws
SecurityException
+    {
+        userDao.addRoleToGroup(groupFullPathName, roleFullPathName);
+    }    
+
 
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message