[portal-commits] JBoss Portal SVN: r6770 - in trunk/identity/src/main/org/jboss/portal/identity: ldap and 1 other directory.

Author: bdaw Date: 2007-03-20 05:24:08 -0400 (Tue, 20 Mar 2007) New Revision: 6770 Modified: trunk/identity/src/main/org/jboss/portal/identity/IdentityConfiguration.java trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPMembershipModule.java trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleImpl.java trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleModule.java trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java Log: - code cleanup - make possible to force LDAP membership module to assign no users to role Modified: trunk/identity/src/main/org/jboss/portal/identity/IdentityConfiguration.java =================================================================== --- trunk/identity/src/main/org/jboss/portal/identity/IdentityConfiguration.java 2007-03-20 05:36:14 UTC (rev 6769) +++ trunk/identity/src/main/org/jboss/portal/identity/IdentityConfiguration.java 2007-03-20 09:24:08 UTC (rev 6770) @@ -31,9 +31,6 @@ public interface IdentityConfiguration { - //TODO: isMembershipAttributeRequired - //TODO: memebershipAttributeEmptyValue - public static final String GROUP_COMMON = "common"; public static final String GROUP_CONNECTION = "connection"; @@ -62,14 +59,10 @@ public static final String USER_PRINCIPAL_SUFFIX = "principalDNSuffix"; - //public static final String USER_CONTAINER_DN = "userContainerDN"; - public static final String USER_UID_ATTRIBUTE_ID = "uidAttributeID"; public static final String USER_PASSWORD_ATTRIBUTE_ID = "passwordAttributeID"; - //public static final String USER_EMAIL_ATTRIBUTE_ID = "emailAttributeID"; - public static final String USER_CONTEXT_DN = "userCtxDN"; public static final String USER_CONTAINER_DN = USER_CONTEXT_DN; @@ -82,13 +75,8 @@ public static final String ROLE_DISPLAY_NAME_ATTRIBUTE_ID = "roleDisplayNameAttributeID"; - //TODO: - public static final String ROLE_RECURSION = "roleRecursion"; - - //TODO: public static final String ROLE_SEARCH_FILTER = "roleSearchFilter"; - //TODO: public static final String ROLE_CONTEXT_DN = "roleCtxDN"; public static final String ROLE_CONTAINER_DN = ROLE_CONTEXT_DN; @@ -97,10 +85,12 @@ public static final String MEMBERSHIP_ATTRIBUTE_IS_DN = "membershipAttributeIsDN"; - //TODO: check if this is applied to every search in modules + public static final String MEMBERSHIP_MEMBERSHIP_ATTRIBUTE_REQUIRED = "membershipAttributeRequired"; + + public static final String MEMBERSHIP_MEMBERSHIP_ATTRIBUTE_EMPTY_VALUE = "membershipAttributeEmptyValue"; + public static final String SEARCH_TIME_LIMIT = "searchTimeLimit"; - //TODO: check if this is applied to role searches in role and membership modules public static final String SEARCH_SCOPE = "searchScope"; Modified: trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPMembershipModule.java =================================================================== --- trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPMembershipModule.java 2007-03-20 05:36:14 UTC (rev 6769) +++ trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPMembershipModule.java 2007-03-20 09:24:08 UTC (rev 6770) @@ -124,4 +124,24 @@ return getIdentityConfiguration().getValue(IdentityConfiguration.MEMBERSHIP_ATTRIBUTE_IS_DN).equals("true"); } + protected boolean isMembershipAttributeRequired() throws IdentityException + { + if (getIdentityConfiguration().getValue(IdentityConfiguration.MEMBERSHIP_MEMBERSHIP_ATTRIBUTE_REQUIRED) == null) + { + return true; + } + + return getIdentityConfiguration().getValue(IdentityConfiguration.MEMBERSHIP_MEMBERSHIP_ATTRIBUTE_REQUIRED).equals("true"); + } + + protected String getMembershipAttributeValue() throws IdentityException + { + String value = getIdentityConfiguration().getValue(IdentityConfiguration.MEMBERSHIP_ATTRIBUTE_ID); + if (value == null) + { + return "cn=emptyMembershipValue"; + } + return value; + } + } Modified: trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleImpl.java =================================================================== --- trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleImpl.java 2007-03-20 05:36:14 UTC (rev 6769) +++ trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleImpl.java 2007-03-20 09:24:08 UTC (rev 6770) @@ -121,7 +121,6 @@ return displayName; } - //TODO: testcase this public void setDisplayName(String name) { if (name == null) Modified: trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleModule.java =================================================================== --- trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleModule.java 2007-03-20 05:36:14 UTC (rev 6769) +++ trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleModule.java 2007-03-20 09:24:08 UTC (rev 6770) @@ -268,7 +268,7 @@ } } - protected int getRoleRecurtion() throws IdentityException + /* protected int getRoleRecurtion() throws IdentityException { int recurtion = 0; String rr = getIdentityConfiguration().getValue(IdentityConfiguration.ROLE_RECURSION); @@ -284,7 +284,7 @@ } } return recurtion; - } + }*/ } Modified: trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java =================================================================== --- trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java 2007-03-20 05:36:14 UTC (rev 6769) +++ trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPRoleModuleImpl.java 2007-03-20 09:24:08 UTC (rev 6770) @@ -319,51 +319,6 @@ } } - //TODO:remove this - it's only a fasade to make this implementation compatible with old RoleModule interface - public Set findRoleMembers(String roleName, int offset, int limit, String userNameFilter) throws IdentityException - { - try - { - MembershipModule mm = (MembershipModule)getIdentityContext().getObject(IdentityContext.TYPE_MEMBERSHIP_MODULE); - return mm.findRoleMembers(roleName, offset, limit, userNameFilter); - } - catch (IdentityException e) - { - throw new IdentityException("Unable to delegate method to MembershipModule: ", e); - } - - } - - //TODO:remove this - it's only a fasade to make this implementation compatible with old RoleModule interface - public void setRoles(User user, Set roles) throws IdentityException - { - try - { - MembershipModule mm = (MembershipModule)getIdentityContext().getObject(IdentityContext.TYPE_MEMBERSHIP_MODULE); - mm.assignRoles(user,roles); - } - catch (IdentityException e) - { - throw new IdentityException("Unable to delegate method to MembershipModule: ", e); - } - - } - - //TODO:remove this - it's only a fasade to make this implementation compatible with old RoleModule interface - public Set getRoles(User user) throws IdentityException - { - try - { - MembershipModule mm = (MembershipModule)getIdentityContext().getObject(IdentityContext.TYPE_MEMBERSHIP_MODULE); - return mm.getRoles(user); - } - catch (IdentityException e) - { - throw new IdentityException("Unable to delegate method to MembershipModule: ", e); - } - - } - private Map getAttributesToAdd() throws IdentityException { Map attributesToAdd = getIdentityConfiguration().getOptions(IdentityConfiguration.GROUP_ROLE_CREATE_ATTRIBUTES); Modified: trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java =================================================================== --- trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java 2007-03-20 05:36:14 UTC (rev 6769) +++ trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java 2007-03-20 09:24:08 UTC (rev 6770) @@ -221,7 +221,7 @@ - if (users.size() == 0) + if (users.size() == 0 && isMembershipAttributeRequired()) { throw new IdentityException("Cannot assigne 0 users to a role using this membership strategy (because some LDAPs " + "require the member field to be set). "); @@ -257,12 +257,19 @@ } catch (ClassCastException e) { - throw new IdentityException("Only can add LDAPUserImpl objects", e); + throw new IdentityException("Can add only LDAPUserImpl objects", e); } } attrs.put(member); - getConnectionContext().createInitialContext().modifyAttributes(ldapRole.getDn(), DirContext.REPLACE_ATTRIBUTE, attrs); + if (users.size() > 0) + { + getConnectionContext().createInitialContext().modifyAttributes(ldapRole.getDn(), DirContext.REPLACE_ATTRIBUTE, attrs); + } + else + { + getConnectionContext().createInitialContext().modifyAttributes(ldapRole.getDn(), DirContext.REMOVE_ATTRIBUTE, attrs); + } } catch (NamingException e) { @@ -391,7 +398,6 @@ } - //TODO: Implement usage of conditions! public Set findRoleMembers(String roleName, int offset, int limit, String userNameFilter) throws IdentityException { //throw new UnsupportedOperationException("Not yet implemented"); Modified: trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java =================================================================== --- trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java 2007-03-20 05:36:14 UTC (rev 6769) +++ trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java 2007-03-20 09:24:08 UTC (rev 6770) @@ -242,7 +242,7 @@ } catch(ClassCastException e) { - throw new IdentityException("Only can add LDAPUserImpl objects", e); + throw new IdentityException("Can add only LDAPUserImpl objects", e); } } @@ -380,10 +380,9 @@ } - //TODO: Implement usage of conditions public Set findRoleMembers(String roleName, int offset, int limit, String userNameFilter) throws IdentityException { - //throw new UnsupportedOperationException("Not yet implemented"); + Role role = getRoleModule().findRoleByName(roleName); //if exception was thrown - propagate it, if not.... if (role != null)