portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r354200 - in /portals/jetspeed-2/trunk/components/security/src: java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java test/org/apache/jetspeed/security/TestRoleManager.java
Date Mon, 05 Dec 2005 21:45:50 GMT
Author: ate
Date: Mon Dec  5 13:45:43 2005
New Revision: 354200

URL: http://svn.apache.org/viewcvs?rev=354200&view=rev
Log:
First step of implementing feature JS2-21: "Check roles assigned to any group to user belongs".
This patch provides the feature itself already. 
Left to do is providing a ui for managing role to group assignments. 
Planning to deliver that by tomorrow.

Modified:
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java
    portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/TestRoleManager.java

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java?rev=354200&r1=354199&r2=354200&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java
(original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/DefaultSecurityMappingHandler.java
Mon Dec  5 13:45:43 2005
@@ -112,6 +112,7 @@
         this.groupHierarchyResolver = groupHierarchyResolver;
     }
 
+    
     /**
      * @see org.apache.jetspeed.security.spi.SecurityMappingHandler#getRolePrincipals(java.lang.String)
      */
@@ -122,27 +123,43 @@
         if (null != internalUser)
         {
             Collection internalRoles = internalUser.getRolePrincipals();
-            if (null != internalRoles)
+            addRolePrincipals(rolePrincipals, internalRoles);
+            // add all the group roles of the group the user belongs to
+            Collection internalGroups = internalUser.getGroupPrincipals();
+            if ( null != internalGroups )
             {
-                Iterator internalRolesIter = internalRoles.iterator();
-                while (internalRolesIter.hasNext())
+                Iterator internalGroupsIter = internalGroups.iterator();
+                while ( internalGroupsIter.hasNext())
                 {
-                    InternalRolePrincipal internalRole = (InternalRolePrincipal) internalRolesIter.next();
-                    Preferences preferences = Preferences.userRoot().node(internalRole.getFullPath());
-                    String[] fullPaths = roleHierarchyResolver.resolve(preferences);
-                    for (int i = 0; i < fullPaths.length; i++)
+                    // add all roles the group belongs to
+                    addRolePrincipals(rolePrincipals,((InternalGroupPrincipal)internalGroupsIter.next()).getRolePrincipals());
+                }
+            }            
+        }
+        return rolePrincipals;
+    }
+
+    private void addRolePrincipals(Set rolePrincipals, Collection internalRoles)
+    {
+        if (null != internalRoles)
+        {
+            Iterator internalRolesIter = internalRoles.iterator();
+            while (internalRolesIter.hasNext())
+            {
+                InternalRolePrincipal internalRole = (InternalRolePrincipal) internalRolesIter.next();
+                Preferences preferences = Preferences.userRoot().node(internalRole.getFullPath());
+                String[] fullPaths = roleHierarchyResolver.resolve(preferences);
+                for (int i = 0; i < fullPaths.length; i++)
+                {
+                    Principal rolePrincipal = new RolePrincipalImpl(RolePrincipalImpl
+                            .getPrincipalNameFromFullPath(fullPaths[i]));
+                    if (!rolePrincipals.contains(rolePrincipal))
                     {
-                        Principal rolePrincipal = new RolePrincipalImpl(RolePrincipalImpl
-                                .getPrincipalNameFromFullPath(fullPaths[i]));
-                        if (!rolePrincipals.contains(rolePrincipal))
-                        {
-                            rolePrincipals.add(rolePrincipal);
-                        }
+                        rolePrincipals.add(rolePrincipal);
                     }
                 }
             }
         }
-        return rolePrincipals;
     }
 
     /**

Modified: portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/TestRoleManager.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/TestRoleManager.java?rev=354200&r1=354199&r2=354200&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/TestRoleManager.java
(original)
+++ portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/TestRoleManager.java
Mon Dec  5 13:45:43 2005
@@ -431,7 +431,10 @@
         {
             ums.addUser("anonuser4", "password");
             rms.addRole("testuserrolemapping");
+            rms.addRole("testrole");
+            gms.addGroup("testrolegroupmapping");
             rms.addRoleToUser("anonuser4", "testuserrolemapping");
+            rms.addRoleToGroup("testrole","testrolegroupmapping");
         }
         catch (SecurityException sex)
         {
@@ -442,11 +445,30 @@
         {
             boolean isUserInRole = rms.isUserInRole("anonuser4", "testuserrolemapping");
             assertTrue("anonuser4 should be in role testuserrolemapping", isUserInRole);
+            assertFalse("anonuser4 should not be in role testrole", rms.isUserInRole("anonuser4","testrole"));
+            
         }
         catch (SecurityException sex)
         {
             assertTrue("user and role exist. should not have thrown an exception: " + sex,
false);
         }
+        
+        try
+        {
+            gms.addUserToGroup("anonuser4","testrolegroupmapping");
+        }
+        catch (SecurityException sex)
+        {
+            assertTrue("failed to add user anonuser4 to group testrolegroupmapping " + sex,
false);
+        }        
+        try
+        {
+            assertTrue("anonuser4 should be in role testrole because it is assigned the group
testrolegroupmapping", rms.isUserInRole("anonuser4","testrole"));
+        }
+        catch (SecurityException sex)
+        {
+            assertTrue("user, group and role exist. should not have thrown an exception:
" + sex, false);
+        }
 
         // Cleanup test.
         try
@@ -556,7 +578,7 @@
         final String[] users = new String[] { "anonuser1", "anonuser2", "anonuser3", "anonuser4",
"anonuser5", };
         final String[] roles = new String[] { "testrole", "testrole1", "testrole2", "testrole3",
"testgetrole",
                 "testusertorole1", "testuserrolemapping.role1", "testuserrolemapping2.role2",
"testuserrolemapping","testuserrolemapping2" };
-        final String[] groups = new String[] { "testusertorole1" };
+        final String[] groups = new String[] { "testrolegroupmapping" };
 
         for (int i = 0; i < users.length; i++)
         {



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message