dlestrat 2004/10/02 16:05:09
Modified: components/security/src/java/org/apache/jetspeed/security/impl
GroupManagerImpl.java PermissionManagerImpl.java
RoleManagerImpl.java
Removed: components/security/src/java/org/apache/jetspeed/security/impl
BaseSecurityImpl.java
Log:
http://nagoya.apache.org/jira/browse/JS2-114#action_53626
Revision Changes Path
1.9 +66 -147
jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/GroupManagerImpl.java
Index: GroupManagerImpl.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/GroupManagerImpl.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- GroupManagerImpl.java 25 Sep 2004 23:03:17 -0000 1.8
+++ GroupManagerImpl.java 2 Oct 2004 23:05:09 -0000 1.9
@@ -15,7 +15,6 @@
package org.apache.jetspeed.security.impl;
import java.security.Principal;
-import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
@@ -25,16 +24,11 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.jetspeed.components.persistence.store.Filter;
-import org.apache.jetspeed.components.persistence.store.PersistenceStore;
import org.apache.jetspeed.security.Group;
import org.apache.jetspeed.security.GroupManager;
import org.apache.jetspeed.security.GroupPrincipal;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SecurityProvider;
-import org.apache.jetspeed.security.om.InternalGroupPrincipal;
-import org.apache.jetspeed.security.om.InternalUserPrincipal;
-import org.apache.jetspeed.security.om.impl.InternalGroupPrincipalImpl;
import org.apache.jetspeed.security.spi.GroupSecurityHandler;
import org.apache.jetspeed.security.spi.SecurityMappingHandler;
import org.apache.jetspeed.util.ArgUtil;
@@ -56,7 +50,7 @@
*
* @author <a href="mailto:[EMAIL PROTECTED]">David Le Strat </a>
*/
-public class GroupManagerImpl extends BaseSecurityImpl implements GroupManager
+public class GroupManagerImpl implements GroupManager
{
/** The logger. */
private static final Log log = LogFactory.getLog(GroupManagerImpl.class);
@@ -68,19 +62,10 @@
private SecurityMappingHandler securityMappingHandler = null;
/**
- * @param persistenceStore
- */
- public GroupManagerImpl(PersistenceStore persistenceStore)
- {
- super(persistenceStore);
- }
-
- /**
* @param securityProvider The security provider.
*/
- public GroupManagerImpl(PersistenceStore persistenceStore, SecurityProvider
securityProvider)
+ public GroupManagerImpl(SecurityProvider securityProvider)
{
- super(persistenceStore);
this.groupSecurityHandler = securityProvider.getGroupSecurityHandler();
this.securityMappingHandler = securityProvider.getSecurityMappingHandler();
}
@@ -93,32 +78,47 @@
ArgUtil.notNull(new Object[] { groupFullPathName }, new String[] {
"groupFullPathName" },
"addGroup(java.lang.String)");
- GroupPrincipal groupPrincipal = new GroupPrincipalImpl(groupFullPathName);
- String fullPath = groupPrincipal.getFullPath();
// Check if group already exists.
if (groupExists(groupFullPathName))
{
throw new SecurityException(SecurityException.GROUP_ALREADY_EXISTS + "
" + groupFullPathName);
}
- // If does not exist, create.
- InternalGroupPrincipal omGroup = new InternalGroupPrincipalImpl(fullPath);
+ GroupPrincipal groupPrincipal = new GroupPrincipalImpl(groupFullPathName);
+ String fullPath = groupPrincipal.getFullPath();
+ // Add the preferences.
Preferences preferences = Preferences.userRoot().node(fullPath);
- PersistenceStore store = getPersistenceStore();
+ if (log.isDebugEnabled())
+ {
+ log.debug("Added group preferences node: " + fullPath);
+ }
try
{
if ((null != preferences) &&
preferences.absolutePath().equals(fullPath))
{
- store.lockForWrite(omGroup);
- store.getTransaction().checkpoint();
+ // Add role principal.
+ groupSecurityHandler.setGroupPrincipal(groupPrincipal);
+ if (log.isDebugEnabled())
+ {
+ log.debug("Added group: " + fullPath);
+ }
}
}
- catch (Exception e)
+ catch (SecurityException se)
{
- String msg = "Unable to lock Group for update.";
- log.error(msg, e);
- store.getTransaction().rollback();
- throw new SecurityException(msg, e);
+ String msg = "Unable to create the role.";
+ log.error(msg, se);
+
+ // Remove the preferences node.
+ try
+ {
+ preferences.removeNode();
+ }
+ catch (BackingStoreException bse)
+ {
+ bse.printStackTrace();
+ }
+ throw new SecurityException(msg, se);
}
}
@@ -130,71 +130,35 @@
ArgUtil.notNull(new Object[] { groupFullPathName }, new String[] {
"groupFullPathName" },
"removeGroup(java.lang.String)");
- InternalGroupPrincipal omParentGroup =
super.getJetspeedGroupPrincipal(groupFullPathName);
- if (null != omParentGroup)
+ // Resolve the group hierarchy.
+ Preferences prefs = Preferences.userRoot().node(
+ GroupPrincipalImpl.getFullPathFromPrincipalName(groupFullPathName));
+ String[] groups =
securityMappingHandler.getGroupHierarchyResolver().resolveChildren(prefs);
+ for (int i = 0; i < groups.length; i++)
{
- PersistenceStore store = getPersistenceStore();
- Filter filter = store.newFilter();
- filter.addLike("fullPath", omParentGroup.getFullPath() + "/*");
- Object query = store.newQuery(InternalGroupPrincipalImpl.class, filter);
- Collection omGroups = store.getCollectionByQuery(query);
- if (null == omGroups)
+ try
{
- omGroups = new ArrayList();
+ groupSecurityHandler.removeGroupPrincipal(new
GroupPrincipalImpl(GroupPrincipalImpl
+ .getPrincipalNameFromFullPath((String) groups[i])));
}
- omGroups.add(omParentGroup);
- // Remove each group in the collection.
- Iterator omGroupsIterator = omGroups.iterator();
- while (omGroupsIterator.hasNext())
+ catch (Exception e)
{
- InternalGroupPrincipal omGroup = (InternalGroupPrincipal)
omGroupsIterator.next();
- // TODO This should be managed in a transaction.
- Collection omUsers = omGroup.getUserPrincipals();
- if (null != omUsers)
- {
- omUsers.clear();
- }
- Collection omRoles = omGroup.getRolePrincipals();
- if (null != omRoles)
- {
- omRoles.clear();
- }
- Collection omPermissions = omGroup.getPermissions();
- if (null != omPermissions)
- {
- omPermissions.clear();
- }
- try
- {
- // TODO Can this be done in one shot?
- // Remove dependencies.
- store.lockForWrite(omGroup);
- omGroup.setUserPrincipals(omUsers);
- omGroup.setRolePrincipals(omRoles);
- omGroup.setPermissions(omPermissions);
- store.getTransaction().checkpoint();
-
- // Remove group.
- store.deletePersistent(omGroup);
- store.getTransaction().checkpoint();
- }
- catch (Exception e)
- {
- String msg = "Unable to lock Group for update.";
- log.error(msg, e);
- store.getTransaction().rollback();
- throw new SecurityException(msg, e);
- }
- // Remove preferences
- Preferences preferences =
Preferences.userRoot().node(omGroup.getFullPath());
- try
- {
- preferences.removeNode();
- }
- catch (BackingStoreException bse)
- {
- bse.printStackTrace();
- }
+ String msg = "Unable to remove group: "
+ + GroupPrincipalImpl.getPrincipalNameFromFullPath((String)
groups[i]);
+ log.error(msg, e);
+ throw new SecurityException(msg, e);
+ }
+ // Remove preferences
+ Preferences groupPref = Preferences.userRoot().node((String) groups[i]);
+ try
+ {
+ groupPref.removeNode();
+ }
+ catch (BackingStoreException bse)
+ {
+ String msg = "Unable to remove group preferences: " + groups[i];
+ log.error(msg, bse);
+ throw new SecurityException(msg, bse);
}
}
}
@@ -289,41 +253,18 @@
ArgUtil.notNull(new Object[] { username, groupFullPathName }, new String[]
{ "username", "groupFullPathName" },
"addUserToGroup(java.lang.String, java.lang.String)");
- InternalUserPrincipal omUser = super.getJetspeedUserPrincipal(username);
- if (null == omUser)
- {
- throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST + " "
+ username);
- }
-
- InternalGroupPrincipal omGroup =
super.getJetspeedGroupPrincipal(groupFullPathName);
- if (null == omGroup)
+ // Get the group principal to add to user.
+ Principal groupPrincipal =
groupSecurityHandler.getGroupPrincipal(groupFullPathName);
+ if (null == groupPrincipal)
{
throw new SecurityException(SecurityException.GROUP_DOES_NOT_EXIST + "
" + groupFullPathName);
}
-
- Collection omUserGroups = omUser.getGroupPrincipals();
- if (null == omUserGroups)
- {
- omUserGroups = new ArrayList();
- }
- if (!omUserGroups.contains(omGroup))
+ // Get the user groups.
+ Set groupPrincipals = securityMappingHandler.getGroupPrincipals(username);
+ // Add group to user.
+ if (!groupPrincipals.contains(groupPrincipal))
{
- omUserGroups.add(omGroup);
- PersistenceStore store = getPersistenceStore();
- try
- {
- store.lockForWrite(omUser);
- omUser.setModifiedDate(new Timestamp(System.currentTimeMillis()));
- omUser.setGroupPrincipals(omUserGroups);
- store.getTransaction().checkpoint();
- }
- catch (Exception e)
- {
- String msg = "Unable to lock User for update.";
- log.error(msg, e);
- store.getTransaction().rollback();
- throw new SecurityException(msg, e);
- }
+ securityMappingHandler.setUserPrincipalInGroup(username,
groupFullPathName);
}
}
@@ -336,33 +277,11 @@
ArgUtil.notNull(new Object[] { username, groupFullPathName }, new String[]
{ "username", "groupFullPathName" },
"removeUserFromGroup(java.lang.String, java.lang.String)");
- InternalUserPrincipal omUser = super.getJetspeedUserPrincipal(username);
- // TODO This should be managed in a transaction.
- if (null != omUser)
+ // Get the group principal to remove.
+ Principal groupPrincipal =
groupSecurityHandler.getGroupPrincipal(groupFullPathName);
+ if (null != groupPrincipal)
{
- Collection omGroups = omUser.getGroupPrincipals();
- if (null != omGroups)
- {
- Collection newOmGroups = super.removeGroup(omGroups,
groupFullPathName);
- if (newOmGroups.size() < omGroups.size())
- {
- PersistenceStore store = getPersistenceStore();
- try
- {
- store.lockForWrite(omUser);
- omUser.setModifiedDate(new
Timestamp(System.currentTimeMillis()));
- omUser.setGroupPrincipals(newOmGroups);
- store.getTransaction().checkpoint();
- }
- catch (Exception e)
- {
- String msg = "Unable to lock User for update.";
- log.error(msg, e);
- store.getTransaction().rollback();
- throw new SecurityException(msg, e);
- }
- }
- }
+ securityMappingHandler.removeUserPrincipalInGroup(username,
groupFullPathName);
}
}
1.7 +17 -6
jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/PermissionManagerImpl.java
Index: PermissionManagerImpl.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/PermissionManagerImpl.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- PermissionManagerImpl.java 28 Sep 2004 04:23:52 -0000 1.6
+++ PermissionManagerImpl.java 2 Oct 2004 23:05:09 -0000 1.7
@@ -27,6 +27,7 @@
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.components.persistence.store.Filter;
import org.apache.jetspeed.components.persistence.store.PersistenceStore;
+import org.apache.jetspeed.components.persistence.store.Transaction;
import org.apache.jetspeed.security.PermissionManager;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SecurityHelper;
@@ -203,8 +204,10 @@
.getName(), permission.getActions());
try
{
+ Transaction tx = persistenceStore.getTransaction();
+ tx.begin();
persistenceStore.lockForWrite(internalPermission);
- persistenceStore.getTransaction().checkpoint();
+ tx.commit();
}
catch (Exception e)
{
@@ -229,8 +232,10 @@
try
{
// Remove permission.
+ Transaction tx = persistenceStore.getTransaction();
+ tx.begin();
persistenceStore.deletePersistent(internalPermission);
- persistenceStore.getTransaction().checkpoint();
+ tx.commit();
}
catch (Exception e)
{
@@ -262,10 +267,12 @@
}
try
{
+ Transaction tx = persistenceStore.getTransaction();
+ tx.begin();
persistenceStore.lockForWrite(internalPrincipal);
internalPrincipal.setModifiedDate(new
Timestamp(System.currentTimeMillis()));
internalPrincipal.setPermissions(internalPermissions);
- persistenceStore.getTransaction().checkpoint();
+ tx.commit();
}
catch (Exception e)
{
@@ -311,10 +318,12 @@
}
try
{
+ Transaction tx = persistenceStore.getTransaction();
+ tx.begin();
persistenceStore.lockForWrite(internalPrincipal);
internalPrincipal.setModifiedDate(new
Timestamp(System.currentTimeMillis()));
internalPrincipal.setPermissions(internalPermissions);
- persistenceStore.getTransaction().checkpoint();
+ tx.commit();
}
catch (Exception e)
{
@@ -377,14 +386,16 @@
{
try
{
+ Transaction tx = persistenceStore.getTransaction();
+ tx.begin();
persistenceStore.lockForWrite(internalPrincipal);
internalPrincipal.setModifiedDate(new
Timestamp(System.currentTimeMillis()));
internalPrincipal.setPermissions(newInternalPermissions);
- persistenceStore.getTransaction().checkpoint();
+ tx.commit();
}
catch (Exception e)
{
- String msg = "Unable to lock Principal for update.";
+ String msg = "Unable to lock principal for update.";
log.error(msg, e);
persistenceStore.getTransaction().rollback();
throw new SecurityException(msg, e);
1.10 +24 -133
jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/RoleManagerImpl.java
Index: RoleManagerImpl.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/impl/RoleManagerImpl.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- RoleManagerImpl.java 30 Sep 2004 04:01:41 -0000 1.9
+++ RoleManagerImpl.java 2 Oct 2004 23:05:09 -0000 1.10
@@ -15,7 +15,6 @@
package org.apache.jetspeed.security.impl;
import java.security.Principal;
-import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
@@ -25,15 +24,11 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.jetspeed.components.persistence.store.PersistenceStore;
import org.apache.jetspeed.security.Role;
import org.apache.jetspeed.security.RoleManager;
import org.apache.jetspeed.security.RolePrincipal;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SecurityProvider;
-import org.apache.jetspeed.security.om.InternalGroupPrincipal;
-import org.apache.jetspeed.security.om.InternalRolePrincipal;
-import org.apache.jetspeed.security.om.InternalUserPrincipal;
import org.apache.jetspeed.security.spi.RoleSecurityHandler;
import org.apache.jetspeed.security.spi.SecurityMappingHandler;
import org.apache.jetspeed.util.ArgUtil;
@@ -55,7 +50,7 @@
*
* @author <a href="mailto:[EMAIL PROTECTED]">David Le Strat </a>
*/
-public class RoleManagerImpl extends BaseSecurityImpl implements RoleManager
+public class RoleManagerImpl implements RoleManager
{
/** The logger. */
private static final Log log = LogFactory.getLog(RoleManagerImpl.class);
@@ -67,19 +62,10 @@
private SecurityMappingHandler securityMappingHandler = null;
/**
- * @param persistenceStore
- */
- public RoleManagerImpl(PersistenceStore persistenceStore)
- {
- super(persistenceStore);
- }
-
- /**
* @param securityProvider The security provider.
*/
- public RoleManagerImpl(PersistenceStore persistenceStore, SecurityProvider
securityProvider)
+ public RoleManagerImpl(SecurityProvider securityProvider)
{
- super(persistenceStore);
this.roleSecurityHandler = securityProvider.getRoleSecurityHandler();
this.securityMappingHandler = securityProvider.getSecurityMappingHandler();
}
@@ -267,40 +253,18 @@
ArgUtil.notNull(new Object[] { username, roleFullPathName }, new String[] {
"username", "roleFullPathName" },
"addUserToRole(java.lang.String, java.lang.String)");
- InternalUserPrincipal omUser = super.getJetspeedUserPrincipal(username);
- if (null == omUser)
- {
- throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST + " "
+ username);
- }
- InternalRolePrincipal omRole =
super.getJetspeedRolePrincipal(roleFullPathName);
- if (null == omRole)
+ // Get the role principal to add to user.
+ Principal rolePrincipal =
roleSecurityHandler.getRolePrincipal(roleFullPathName);
+ if (null == rolePrincipal)
{
throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST + " "
+ roleFullPathName);
}
-
- Collection omUserRoles = omUser.getRolePrincipals();
- if (null == omUserRoles)
+ // Get the user roles.
+ Set rolePrincipals = securityMappingHandler.getRolePrincipals(username);
+ // Add role to user.
+ if (!rolePrincipals.contains(rolePrincipal))
{
- omUserRoles = new ArrayList();
- }
- if (!omUserRoles.contains(omRole))
- {
- omUserRoles.add(omRole);
- PersistenceStore store = getPersistenceStore();
- try
- {
- store.lockForWrite(omUser);
- omUser.setModifiedDate(new Timestamp(System.currentTimeMillis()));
- omUser.setRolePrincipals(omUserRoles);
- store.getTransaction().checkpoint();
- }
- catch (Exception e)
- {
- String msg = "Unable to lock User for update.";
- log.error(msg, e);
- store.getTransaction().rollback();
- throw new SecurityException(msg, e);
- }
+ securityMappingHandler.setRolePrincipal(username, roleFullPathName);
}
}
@@ -313,33 +277,11 @@
ArgUtil.notNull(new Object[] { username, roleFullPathName }, new String[] {
"username", "roleFullPathName" },
"removeRoleFromUser(java.lang.String, java.lang.String)");
- InternalUserPrincipal omUser = super.getJetspeedUserPrincipal(username);
- // TODO This should be managed in a transaction.
- if (null != omUser)
+ // Get the role principal to remove.
+ Principal rolePrincipal =
roleSecurityHandler.getRolePrincipal(roleFullPathName);
+ if (null != rolePrincipal)
{
- Collection omRoles = omUser.getRolePrincipals();
- if (null != omRoles)
- {
- Collection newOmRoles = super.removeRole(omRoles, roleFullPathName);
- if (newOmRoles.size() < omRoles.size())
- {
- PersistenceStore store = getPersistenceStore();
- try
- {
- store.lockForWrite(omUser);
- omUser.setModifiedDate(new
Timestamp(System.currentTimeMillis()));
- omUser.setRolePrincipals(newOmRoles);
- store.getTransaction().checkpoint();
- }
- catch (Exception e)
- {
- String msg = "Unable to lock User for update.";
- log.error(msg, e);
- store.getTransaction().rollback();
- throw new SecurityException(msg, e);
- }
- }
- }
+ securityMappingHandler.removeRolePrincipal(username, roleFullPathName);
}
}
@@ -372,42 +314,13 @@
ArgUtil.notNull(new Object[] { roleFullPathName, groupFullPathName }, new
String[] { "roleFullPathName",
"groupFullPathName" }, "addRoleToGroup(java.lang.String,
java.lang.String)");
- InternalRolePrincipal omRole =
super.getJetspeedRolePrincipal(roleFullPathName);
- if (null == omRole)
+ // Get the role principal to add to group.
+ Principal rolePrincipal =
roleSecurityHandler.getRolePrincipal(roleFullPathName);
+ if (null == rolePrincipal)
{
throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST + " "
+ roleFullPathName);
}
-
- InternalGroupPrincipal omGroup =
super.getJetspeedGroupPrincipal(groupFullPathName);
- if (null == omGroup)
- {
- throw new SecurityException(SecurityException.GROUP_DOES_NOT_EXIST + "
" + groupFullPathName);
- }
-
- Collection omGroupRoles = omGroup.getRolePrincipals();
- if (null == omGroupRoles)
- {
- omGroupRoles = new ArrayList();
- }
- if (!omGroupRoles.contains(omRole))
- {
- omGroupRoles.add(omRole);
- PersistenceStore store = getPersistenceStore();
- try
- {
- store.lockForWrite(omGroup);
- omGroup.setModifiedDate(new Timestamp(System.currentTimeMillis()));
- omGroup.setRolePrincipals(omGroupRoles);
- store.getTransaction().checkpoint();
- }
- catch (Exception e)
- {
- String msg = "Unable to lock Group for update.";
- log.error(msg, e);
- store.getTransaction().rollback();
- throw new SecurityException(msg, e);
- }
- }
+ securityMappingHandler.setRolePrincipalInGroup(groupFullPathName,
roleFullPathName);
}
/**
@@ -418,34 +331,12 @@
{
ArgUtil.notNull(new Object[] { roleFullPathName, groupFullPathName }, new
String[] { "roleFullPathName",
"groupFullPathName" }, "removeRoleFromGroup(java.lang.String,
java.lang.String)");
-
- InternalGroupPrincipal omGroup =
super.getJetspeedGroupPrincipal(groupFullPathName);
- // TODO This should be managed in a transaction.
- if (null != omGroup)
+
+ // Get the role principal to remove.
+ Principal rolePrincipal =
roleSecurityHandler.getRolePrincipal(roleFullPathName);
+ if (null != rolePrincipal)
{
- Collection omRoles = omGroup.getRolePrincipals();
- if (null != omRoles)
- {
- Collection newOmRoles = super.removeRole(omRoles, roleFullPathName);
- if (newOmRoles.size() < omRoles.size())
- {
- PersistenceStore store = getPersistenceStore();
- try
- {
- store.lockForWrite(omGroup);
- omGroup.setModifiedDate(new
Timestamp(System.currentTimeMillis()));
- omGroup.setRolePrincipals(newOmRoles);
- store.getTransaction().checkpoint();
- }
- catch (Exception e)
- {
- String msg = "Unable to lock Group for update.";
- log.error(msg, e);
- store.getTransaction().rollback();
- throw new SecurityException(msg, e);
- }
- }
- }
+ securityMappingHandler.removeRolePrincipalInGroup(groupFullPathName,
roleFullPathName);
}
}
@@ -466,7 +357,7 @@
{
isGroupInRole = true;
}
-
+
return isGroupInRole;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
