dlestrat 2004/10/02 16:05:31 Modified: components/security/src/java/org/apache/jetspeed/security/spi/impl DefaultSecurityMappingHandler.java DefaultGroupSecurityHandler.java DefaultCredentialHandler.java CommonQueries.java Log: http://nagoya.apache.org/jira/browse/JS2-114#action_53626 Revision Changes Path 1.3 +102 -4 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java Index: DefaultSecurityMappingHandler.java =================================================================== RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- DefaultSecurityMappingHandler.java 30 Sep 2004 04:01:41 -0000 1.2 +++ DefaultSecurityMappingHandler.java 2 Oct 2004 23:05:31 -0000 1.3 @@ -22,6 +22,7 @@ import java.util.prefs.Preferences; import org.apache.jetspeed.security.HierarchyResolver; +import org.apache.jetspeed.security.SecurityException; import org.apache.jetspeed.security.impl.GeneralizationHierarchyResolver; import org.apache.jetspeed.security.impl.GroupPrincipalImpl; import org.apache.jetspeed.security.impl.RolePrincipalImpl; @@ -143,12 +144,39 @@ } /** - * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRolePrincipals(java.lang.String, java.util.Set) + * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRolePrincipals(java.lang.String, java.lang.String) */ - public void setRolePrincipals(String username, Set rolePrincipals) + public void setRolePrincipal(String username, String roleFullPathName) throws SecurityException { - // TODO Auto-generated method stub - + InternalUserPrincipal internalUser = commonQueries.getInternalUserPrincipal(username); + if (null == internalUser) + { + throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST + " " + username); + } + Collection internalRoles = internalUser.getRolePrincipals(); + InternalRolePrincipal internalRole = commonQueries.getInternalRolePrincipal(RolePrincipalImpl + .getFullPathFromPrincipalName(roleFullPathName)); + internalRoles.add(internalRole); + internalUser.setRolePrincipals(internalRoles); + commonQueries.setInternalUserPrincipal(internalUser); + } + + /** + * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeRolePrincipal(java.lang.String, java.lang.String) + */ + public void removeRolePrincipal(String username, String roleFullPathName) throws SecurityException + { + InternalUserPrincipal internalUser = commonQueries.getInternalUserPrincipal(username); + if (null == internalUser) + { + throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST + " " + username); + } + Collection internalRoles = internalUser.getRolePrincipals(); + InternalRolePrincipal internalRole = commonQueries.getInternalRolePrincipal(RolePrincipalImpl + .getFullPathFromPrincipalName(roleFullPathName)); + internalRoles.remove(internalRole); + internalUser.setRolePrincipals(internalRoles); + commonQueries.setInternalUserPrincipal(internalUser); } /** @@ -185,6 +213,41 @@ } return rolePrincipals; } + + /** + * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setRolePrincipalInGroup(java.lang.String, java.lang.String) + */ + public void setRolePrincipalInGroup(String groupFullPathName, String roleFullPathName) throws SecurityException + { + InternalGroupPrincipal internalGroup = commonQueries.getInternalGroupPrincipal(GroupPrincipalImpl.getFullPathFromPrincipalName(groupFullPathName)); + if (null == internalGroup) + { + throw new SecurityException(SecurityException.GROUP_DOES_NOT_EXIST + " " + groupFullPathName); + } + Collection internalRoles = internalGroup.getRolePrincipals(); + InternalRolePrincipal internalRole = commonQueries.getInternalRolePrincipal(RolePrincipalImpl.getFullPathFromPrincipalName(roleFullPathName)); + internalRoles.add(internalRole); + internalGroup.setRolePrincipals(internalRoles); + commonQueries.setInternalGroupPrincipal(internalGroup); + } + + /** + * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeRolePrincipalInGroup(java.lang.String, java.lang.String) + */ + public void removeRolePrincipalInGroup(String groupFullPathName, String roleFullPathName) throws SecurityException + { + InternalGroupPrincipal internalGroup = commonQueries.getInternalGroupPrincipal(GroupPrincipalImpl.getFullPathFromPrincipalName(groupFullPathName)); + if (null == internalGroup) + { + throw new SecurityException(SecurityException.GROUP_DOES_NOT_EXIST + " " + internalGroup); + } + Collection internalRoles = internalGroup.getRolePrincipals(); + InternalRolePrincipal internalRole = commonQueries.getInternalRolePrincipal(RolePrincipalImpl + .getFullPathFromPrincipalName(roleFullPathName)); + internalRoles.remove(internalRole); + internalGroup.setRolePrincipals(internalRoles); + commonQueries.setInternalGroupPrincipal(internalGroup); + } /** * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getGroupPrincipals(java.lang.String) @@ -319,5 +382,40 @@ } } return userPrincipals; + } + + /** + * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#setUserPrincipalInGroup(java.lang.String, java.lang.String) + */ + public void setUserPrincipalInGroup(String username, String groupFullPathName) throws SecurityException + { + InternalUserPrincipal internalUser = commonQueries.getInternalUserPrincipal(username); + if (null == internalUser) + { + throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST + " " + username); + } + Collection internalGroups = internalUser.getGroupPrincipals(); + InternalGroupPrincipal internalGroup = commonQueries.getInternalGroupPrincipal(GroupPrincipalImpl.getFullPathFromPrincipalName(groupFullPathName)); + internalGroups.add(internalGroup); + internalUser.setGroupPrincipals(internalGroups); + commonQueries.setInternalUserPrincipal(internalUser); + } + + + /** + * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#removeUserPrincipalInGroup(java.lang.String, java.lang.String) + */ + public void removeUserPrincipalInGroup(String username, String groupFullPathName) throws SecurityException + { + InternalUserPrincipal internalUser = commonQueries.getInternalUserPrincipal(username); + if (null == internalUser) + { + throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST + " " + username); + } + Collection internalGroups = internalUser.getGroupPrincipals(); + InternalGroupPrincipal internalGroup = commonQueries.getInternalGroupPrincipal(GroupPrincipalImpl.getFullPathFromPrincipalName(groupFullPathName)); + internalGroups.remove(internalGroup); + internalUser.setGroupPrincipals(internalGroups); + commonQueries.setInternalUserPrincipal(internalUser); } } 1.3 +26 -0 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java Index: DefaultGroupSecurityHandler.java =================================================================== RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultGroupSecurityHandler.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- DefaultGroupSecurityHandler.java 19 Sep 2004 19:04:11 -0000 1.2 +++ DefaultGroupSecurityHandler.java 2 Oct 2004 23:05:31 -0000 1.3 @@ -17,8 +17,10 @@ import java.security.Principal; import org.apache.jetspeed.security.GroupPrincipal; +import org.apache.jetspeed.security.SecurityException; import org.apache.jetspeed.security.impl.GroupPrincipalImpl; import org.apache.jetspeed.security.om.InternalGroupPrincipal; +import org.apache.jetspeed.security.om.impl.InternalGroupPrincipalImpl; import org.apache.jetspeed.security.spi.GroupSecurityHandler; /** @@ -53,4 +55,28 @@ } return groupPrincipal; } + + + /** + * @see org.apache.jetspeed.security.spi.GroupSecurityHandler#setGroupPrincipal(org.apache.jetspeed.security.GroupPrincipal) + */ + public void setGroupPrincipal(GroupPrincipal groupPrincipal) throws SecurityException + { + String fullPath = groupPrincipal.getFullPath(); + InternalGroupPrincipal internalGroup = new InternalGroupPrincipalImpl(fullPath); + commonQueries.setInternalGroupPrincipal(internalGroup); + } + + /** + * @see org.apache.jetspeed.security.spi.GroupSecurityHandler#removeGroupPrincipal(org.apache.jetspeed.security.GroupPrincipal) + */ + public void removeGroupPrincipal(GroupPrincipal groupPrincipal) throws SecurityException + { + InternalGroupPrincipal internalGroup = commonQueries.getInternalGroupPrincipal(groupPrincipal.getFullPath()); + if (null != internalGroup) + { + commonQueries.removeInternalGroupPrincipal(internalGroup); + } + } + } 1.3 +2 -4 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java Index: DefaultCredentialHandler.java =================================================================== RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultCredentialHandler.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- DefaultCredentialHandler.java 20 Sep 2004 04:14:56 -0000 1.2 +++ DefaultCredentialHandler.java 2 Oct 2004 23:05:31 -0000 1.3 @@ -115,10 +115,8 @@ if (credential.getType() == type) { // PasswordCredential support. - //Commenting out to fix LoginPortlet - //DLS: please verify this logic... It's failing currently. - //if ((null != credential.getClassname()) - // && (credential.getClassname().equals((PasswordCredential.class).getName()))) + if ((null != credential.getClassname()) + && (credential.getClassname().equals((PasswordCredential.class).getName()))) { PasswordCredential pwdCred = new PasswordCredential(username, credential.getValue() .toCharArray()); 1.4 +73 -74 jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/CommonQueries.java Index: CommonQueries.java =================================================================== RCS file: /home/cvs/jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/CommonQueries.java,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- CommonQueries.java 25 Sep 2004 23:03:17 -0000 1.3 +++ CommonQueries.java 2 Oct 2004 23:05:31 -0000 1.4 @@ -20,6 +20,7 @@ import org.apache.commons.logging.LogFactory; import org.apache.jetspeed.components.persistence.store.Filter; import org.apache.jetspeed.components.persistence.store.PersistenceStore; +import org.apache.jetspeed.components.persistence.store.Transaction; import org.apache.jetspeed.security.SecurityException; import org.apache.jetspeed.security.UserPrincipal; import org.apache.jetspeed.security.impl.UserPrincipalImpl; @@ -103,8 +104,10 @@ { try { + Transaction tx = persistenceStore.getTransaction(); + tx.begin(); persistenceStore.lockForWrite(internalUser); - persistenceStore.getTransaction().checkpoint(); + tx.commit(); } catch (Exception e) { @@ -128,8 +131,10 @@ try { // Remove user. + Transaction tx = persistenceStore.getTransaction(); + tx.begin(); persistenceStore.deletePersistent(internalUser); - persistenceStore.getTransaction().checkpoint(); + tx.commit(); if (log.isDebugEnabled()) { log.debug("Deleted user: " + internalUser.getFullPath()); @@ -174,8 +179,10 @@ { try { + Transaction tx = persistenceStore.getTransaction(); + tx.begin(); persistenceStore.lockForWrite(internalRole); - persistenceStore.getTransaction().checkpoint(); + tx.commit(); } catch (Exception e) { @@ -199,8 +206,10 @@ try { // Remove role. + Transaction tx = persistenceStore.getTransaction(); + tx.begin(); persistenceStore.deletePersistent(internalRole); - persistenceStore.getTransaction().checkpoint(); + tx.commit(); if (log.isDebugEnabled()) { log.debug("Deleted role: " + internalRole.getFullPath()); @@ -209,81 +218,12 @@ } catch (Exception e) { - String msg = "Unable to lock Role for update."; + String msg = "Unable to lock role for delete."; log.error(msg, e); persistenceStore.getTransaction().rollback(); throw new SecurityException(msg, e); } - /*InternalRolePrincipal omParentRole = super.getJetspeedRolePrincipal(roleFullPathName); - if (null != omParentRole) - { - PersistenceStore store = getPersistenceStore(); - Filter filter = store.newFilter(); - filter.addLike((Object) new String("fullPath"), (Object) (omParentRole.getFullPath() + "/*")); - Object query = store.newQuery(InternalRolePrincipalImpl.class, filter); - Collection omRoles = store.getCollectionByQuery(query); - if (null == omRoles) - { - omRoles = new ArrayList(); - } - omRoles.add(omParentRole); - // Remove each role in the collection. - Iterator omRolesIterator = omRoles.iterator(); - while (omRolesIterator.hasNext()) - { - InternalRolePrincipal omRole = (InternalRolePrincipal) omRolesIterator.next(); - // TODO This should be managed in a transaction. - Collection omUsers = omRole.getUserPrincipals(); - if (null != omUsers) - { - omUsers.clear(); - } - Collection omGroups = omRole.getGroupPrincipals(); - if (null != omGroups) - { - omGroups.clear(); - } - Collection omPermissions = omRole.getPermissions(); - if (null != omPermissions) - { - omPermissions.clear(); - } - - try - { - // TODO Can this be done in one shot? - // Remove dependencies. - store.lockForWrite(omRole); - omRole.setModifiedDate(new Timestamp(System.currentTimeMillis())); - omRole.setUserPrincipals(omUsers); - omRole.setGroupPrincipals(omGroups); - omRole.setPermissions(omPermissions); - store.getTransaction().checkpoint(); - - // Remove role. - store.deletePersistent(omRole); - store.getTransaction().checkpoint(); - } - catch (Exception e) - { - String msg = "Unable to lock Role for update."; - log.error(msg, e); - store.getTransaction().rollback(); - throw new SecurityException(msg, e); - } - // Remove preferences - Preferences preferences = Preferences.userRoot().node(omRole.getFullPath()); - try - { - preferences.removeNode(); - } - catch (BackingStoreException bse) - { - bse.printStackTrace(); - } - } - }*/ } /** @@ -301,6 +241,65 @@ Object query = persistenceStore.newQuery(InternalGroupPrincipalImpl.class, filter); InternalGroupPrincipal internalGroup = (InternalGroupPrincipal) persistenceStore.getObjectByQuery(query); return internalGroup; + } + + /** + * <p> + * Sets the given [EMAIL PROTECTED] InternalGroupPrincipal}. + * </p> + * + * @param internalGroup The [EMAIL PROTECTED] internalGroupPrincipal}. + * @throws SecurityException Throws a [EMAIL PROTECTED] SecurityException}. + */ + public void setInternalGroupPrincipal(InternalGroupPrincipal internalGroup) throws SecurityException + { + try + { + Transaction tx = persistenceStore.getTransaction(); + tx.begin(); + persistenceStore.lockForWrite(internalGroup); + tx.commit(); + } + catch (Exception e) + { + String msg = "Unable to lock group for update."; + log.error(msg, e); + persistenceStore.getTransaction().rollback(); + throw new SecurityException(msg, e); + } + } + + /** + * <p> + * Remove the given [EMAIL PROTECTED] InternalGroupPrincipal}. + * </p> + * + * @param internalGroup The [EMAIL PROTECTED] InternalGroupPrincipal}. + * @throws SecurityException Throws a [EMAIL PROTECTED] SecurityException}. + */ + public void removeInternalGroupPrincipal(InternalGroupPrincipal internalGroup) throws SecurityException + { + try + { + // Remove role. + Transaction tx = persistenceStore.getTransaction(); + tx.begin(); + persistenceStore.deletePersistent(internalGroup); + tx.commit(); + if (log.isDebugEnabled()) + { + log.debug("Deleted group: " + internalGroup.getFullPath()); + } + + } + catch (Exception e) + { + String msg = "Unable to lock group for delete."; + log.error(msg, e); + persistenceStore.getTransaction().rollback(); + throw new SecurityException(msg, e); + } + } }
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]