teiid SVN: r1943 - in trunk: build/kit-jboss-container/teiid-examples/simpleclient and 45 other directories.
8:31 a.m.
Author: shawkins
Date: 2010-03-09 09:31:12 -0500 (Tue, 09 Mar 2010)
New Revision: 1943
Added:
trunk/build/kit-jboss-container/teiid-examples/simpleclient/JDBCClient.class
trunk/engine/src/main/java/com/metamatrix/common/log/
trunk/engine/src/main/java/com/metamatrix/common/util/
trunk/engine/src/main/java/com/metamatrix/dqp/service/SessionService.java
trunk/engine/src/main/java/com/metamatrix/internal/
trunk/engine/src/main/java/com/metamatrix/internal/core/
trunk/engine/src/main/java/com/metamatrix/internal/core/xml/
trunk/engine/src/main/java/com/metamatrix/vdb/
trunk/engine/src/main/java/com/metamatrix/vdb/runtime/
trunk/engine/src/main/java/org/teiid/security/
trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java
trunk/engine/src/main/java/org/teiid/security/roles/
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationActions.java
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermission.java
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissionFactory.java
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissions.java
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissionsImpl.java
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPoliciesHolder.java
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicy.java
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicyFactory.java
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicyID.java
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationRealm.java
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationResource.java
trunk/engine/src/main/java/org/teiid/security/roles/BasicAuthorizationPermission.java
trunk/engine/src/main/java/org/teiid/security/roles/BasicAuthorizationPermissionFactory.java
trunk/engine/src/main/java/org/teiid/security/roles/DataAccessResource.java
trunk/engine/src/main/java/org/teiid/security/roles/GranteeEntitlementEntry.java
trunk/engine/src/main/java/org/teiid/security/roles/RolePermission.java
trunk/engine/src/main/java/org/teiid/security/roles/RolePermissionFactory.java
trunk/engine/src/main/java/org/teiid/security/roles/SecurityMessagesKeys.java
trunk/engine/src/main/java/org/teiid/security/roles/StandardAuthorizationActions.java
trunk/engine/src/main/java/org/teiid/security/roles/UserEntitlementInfo.java
trunk/engine/src/main/resources/org/
trunk/engine/src/main/resources/org/teiid/
trunk/engine/src/main/resources/org/teiid/security/
trunk/engine/src/main/resources/org/teiid/security/i18n.properties
trunk/engine/src/main/resources/org/teiid/security/roles/
trunk/engine/src/main/resources/org/teiid/security/roles/authorizations.xsd
trunk/engine/src/test/java/com/metamatrix/common/log/
trunk/engine/src/test/java/com/metamatrix/common/util/
trunk/engine/src/test/java/com/metamatrix/common/util/TestPermutation.java
trunk/engine/src/test/java/com/metamatrix/internal/
trunk/engine/src/test/java/com/metamatrix/internal/core/
trunk/engine/src/test/java/com/metamatrix/internal/core/xml/
trunk/engine/src/test/java/com/metamatrix/vdb/
trunk/engine/src/test/java/com/metamatrix/vdb/runtime/
trunk/engine/src/test/resources/testdoc.xml
trunk/runtime/src/main/java/org/teiid/deployers/VirtualDatabaseException.java
Removed:
trunk/build/kit-jboss-container/teiid-examples/simpleclient/JDBCClient.class
trunk/common-internal/
trunk/engine/src/main/java/com/metamatrix/common/application/exception/
trunk/engine/src/main/java/com/metamatrix/common/util/ErrorMessageKeys.java
trunk/engine/src/main/java/com/metamatrix/platform/security/api/UserEntitlementInfo.java
trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/
trunk/engine/src/main/java/org/teiid/security/AuthorizationActions.java
trunk/engine/src/main/java/org/teiid/security/AuthorizationPermission.java
trunk/engine/src/main/java/org/teiid/security/AuthorizationPermissionFactory.java
trunk/engine/src/main/java/org/teiid/security/AuthorizationPermissions.java
trunk/engine/src/main/java/org/teiid/security/AuthorizationPermissionsImpl.java
trunk/engine/src/main/java/org/teiid/security/AuthorizationPoliciesHolder.java
trunk/engine/src/main/java/org/teiid/security/AuthorizationPolicy.java
trunk/engine/src/main/java/org/teiid/security/AuthorizationPolicyFactory.java
trunk/engine/src/main/java/org/teiid/security/AuthorizationPolicyID.java
trunk/engine/src/main/java/org/teiid/security/AuthorizationRealm.java
trunk/engine/src/main/java/org/teiid/security/AuthorizationResource.java
trunk/engine/src/main/java/org/teiid/security/BasicAuthorizationPermission.java
trunk/engine/src/main/java/org/teiid/security/BasicAuthorizationPermissionFactory.java
trunk/engine/src/main/java/org/teiid/security/DataAccessResource.java
trunk/engine/src/main/java/org/teiid/security/GranteeEntitlementEntry.java
trunk/engine/src/main/java/org/teiid/security/SecurityMessagesKeys.java
trunk/engine/src/main/java/org/teiid/security/StandardAuthorizationActions.java
trunk/runtime/src/main/java/com/metamatrix/platform/security/
Modified:
trunk/connectors/pom.xml
trunk/engine/pom.xml
trunk/engine/src/main/java/com/metamatrix/common/log/LogManager.java
trunk/engine/src/main/java/com/metamatrix/common/queue/StatsCapturingWorkManager.java
trunk/engine/src/main/java/com/metamatrix/common/util/Permutation.java
trunk/engine/src/main/java/com/metamatrix/dqp/service/AuthorizationService.java
trunk/engine/src/main/java/com/metamatrix/query/processor/dynamic/TupleInputSource.java
trunk/engine/src/main/java/org/teiid/dqp/internal/datamgr/impl/ConnectorManager.java
trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java
trunk/engine/src/main/java/org/teiid/security/Credentials.java
trunk/engine/src/main/java/org/teiid/security/SecurityPlugin.java
trunk/engine/src/main/resources/com/metamatrix/query/i18n.properties
trunk/engine/src/test/java/com/metamatrix/dqp/service/FakeAuthorizationService.java
trunk/engine/src/test/java/com/metamatrix/query/processor/dynamic/TestSqlEval.java
trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/ConnectorBindingDeployer.java
trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java
trunk/pom.xml
trunk/runtime/pom.xml
trunk/runtime/src/main/java/org/teiid/deployers/VDBRepository.java
trunk/runtime/src/main/java/org/teiid/services/AuthorizationServiceImpl.java
trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java
trunk/runtime/src/main/java/org/teiid/services/TeiidLoginContext.java
trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyFactory.java
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyID.java
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationRealm.java
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestBasicAuthorizationPermission.java
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestStandardAuthorizationActions.java
trunk/runtime/src/test/java/org/teiid/services/TestMembershipServiceImpl.java
trunk/runtime/src/test/java/org/teiid/services/TestSessionServiceImpl.java
trunk/runtime/src/test/java/org/teiid/transport/TestCommSockets.java
trunk/runtime/src/test/java/org/teiid/transport/TestLogonImpl.java
trunk/test-integration/pom.xml
Log:
TEIID-833 cleaning up post merge, removing common-internal
Deleted: trunk/build/kit-jboss-container/teiid-examples/simpleclient/JDBCClient.class
===================================================================
(Binary files differ)
Added: trunk/build/kit-jboss-container/teiid-examples/simpleclient/JDBCClient.class
===================================================================
(Binary files differ)
Property changes on:
trunk/build/kit-jboss-container/teiid-examples/simpleclient/JDBCClient.class
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Modified: trunk/connectors/pom.xml
===================================================================
--- trunk/connectors/pom.xml 2010-03-09 05:42:40 UTC (rev 1942)
+++ trunk/connectors/pom.xml 2010-03-09 14:31:12 UTC (rev 1943)
@@ -50,11 +50,6 @@
</dependency>
<dependency>
<groupId>org.jboss.teiid</groupId>
- <artifactId>teiid-common-internal</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.jboss.teiid</groupId>
<artifactId>teiid-metadata</artifactId>
<scope>test</scope>
</dependency>
Modified: trunk/engine/pom.xml
===================================================================
--- trunk/engine/pom.xml 2010-03-09 05:42:40 UTC (rev 1942)
+++ trunk/engine/pom.xml 2010-03-09 14:31:12 UTC (rev 1943)
@@ -1,90 +1,93 @@
<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
- <parent>
- <artifactId>teiid</artifactId>
- <groupId>org.jboss.teiid</groupId>
- <version>7.0.0-SNAPSHOT</version>
- </parent>
- <modelVersion>4.0.0</modelVersion>
- <artifactId>teiid-engine</artifactId>
- <name>Engine</name>
- <description>Relational, procedural, and xml core engine.</description>
-
- <build>
- <plugins>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>javacc-maven-plugin</artifactId>
- <version>2.4</version>
- <executions>
- <execution>
- <id>javacc</id>
- <goals>
- <goal>javacc</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- </plugins>
- </build>
-
- <dependencies>
-
- <dependency>
- <groupId>org.jboss.teiid</groupId>
- <artifactId>teiid-common-internal</artifactId>
- </dependency>
-
- <dependency>
- <groupId>org.jboss.teiid</groupId>
- <artifactId>teiid-common-core</artifactId>
- <type>test-jar</type>
- </dependency>
-
- <dependency>
- <groupId>org.jboss.teiid</groupId>
- <artifactId>teiid-common-internal</artifactId>
- <type>test-jar</type>
- </dependency>
-
- <dependency>
- <groupId>org.jboss.teiid</groupId>
- <artifactId>teiid-connector-api</artifactId>
- <scope>provided</scope>
- </dependency>
-
- <dependency>
- <groupId>org.jboss.teiid</groupId>
- <artifactId>teiid-client</artifactId>
- <scope>provided</scope>
- </dependency>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <artifactId>teiid</artifactId>
+ <groupId>org.jboss.teiid</groupId>
+ <version>7.0.0-SNAPSHOT</version>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>teiid-engine</artifactId>
+ <name>Engine</name>
+ <description>Relational, procedural, and xml core engine.</description>
- <dependency>
- <groupId>org.jboss.teiid</groupId>
- <artifactId>teiid-client</artifactId>
- <type>test-jar</type>
- </dependency>
-
- <dependency>
- <groupId>javax.resource</groupId>
- <artifactId>connector-api</artifactId>
- <scope>provided</scope>
- </dependency>
-
- <dependency>
- <groupId>org.jboss.deployers</groupId>
- <artifactId>jboss-deployers-vfs-spi</artifactId>
- <scope>provided</scope>
- </dependency>
-
- <dependency>
- <groupId>org.jboss.deployers</groupId>
- <artifactId>jboss-deployers-vfs</artifactId>
- <scope>provided</scope>
- </dependency>
-
- </dependencies>
-
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>javacc-maven-plugin</artifactId>
+ <version>2.4</version>
+ <executions>
+ <execution>
+ <id>javacc</id>
+ <goals>
+ <goal>javacc</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
-
+ <dependencies>
+
+ <dependency>
+ <groupId>org.jboss.teiid</groupId>
+ <artifactId>teiid-common-core</artifactId>
+ <type>test-jar</type>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.teiid</groupId>
+ <artifactId>teiid-connector-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.teiid</groupId>
+ <artifactId>teiid-client</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.teiid</groupId>
+ <artifactId>teiid-client</artifactId>
+ <type>test-jar</type>
+ </dependency>
+
+ <dependency>
+ <groupId>javax.resource</groupId>
+ <artifactId>connector-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.deployers</groupId>
+ <artifactId>jboss-deployers-vfs-spi</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.deployers</groupId>
+ <artifactId>jboss-deployers-vfs</artifactId>
+ <scope>provided</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>jdom</groupId>
+ <artifactId>jdom</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>net.sf.saxon</groupId>
+ <artifactId>saxon</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>net.sf.saxon</groupId>
+ <artifactId>saxon-dom</artifactId>
+ </dependency>
+
+ </dependencies>
+
</project>
\ No newline at end of file
Copied: trunk/engine/src/main/java/com/metamatrix/common/log (from rev 1941,
trunk/common-internal/src/main/java/com/metamatrix/common/log)
Modified: trunk/engine/src/main/java/com/metamatrix/common/log/LogManager.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/common/log/LogManager.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/com/metamatrix/common/log/LogManager.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -27,8 +27,6 @@
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
-import com.metamatrix.common.CommonPlugin;
-import com.metamatrix.core.MetaMatrixRuntimeException;
import com.metamatrix.core.log.JavaLogWriter;
import com.metamatrix.core.log.LogListener;
import com.metamatrix.core.log.LogMessage;
@@ -320,9 +318,6 @@
* @return a modifiable copy of the current log configuration
*/
public static LogConfiguration getLogConfigurationCopy() {
- if (configuration == null) {
- throw new
MetaMatrixRuntimeException(CommonPlugin.Util.getString("LogManager_not_configured"));
//$NON-NLS-1$
- }
return LogConfigurationImpl.makeCopy(configuration);
}
@@ -370,7 +365,7 @@
*/
public static Object createLoggingProxy(final String loggingContext,
final Object instance,
- final Class[] interfaces,
+ final Class<?>[] interfaces,
final int level) {
return Proxy.newProxyInstance(Thread.currentThread().getContextClassLoader(),
interfaces, new InvocationHandler() {
Modified:
trunk/engine/src/main/java/com/metamatrix/common/queue/StatsCapturingWorkManager.java
===================================================================
---
trunk/engine/src/main/java/com/metamatrix/common/queue/StatsCapturingWorkManager.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/engine/src/main/java/com/metamatrix/common/queue/StatsCapturingWorkManager.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -44,11 +44,11 @@
import org.teiid.adminapi.impl.WorkerPoolStatisticsMetadata;
-import com.metamatrix.common.CommonPlugin;
import com.metamatrix.common.log.LogManager;
import com.metamatrix.common.util.LogConstants;
import com.metamatrix.core.log.MessageLevel;
import com.metamatrix.core.util.NamedThreadFactory;
+import com.metamatrix.query.QueryPlugin;
/**
* StatsCapturingWorkManager acts as a wrapper to the passed in {@link WorkManager} to
@@ -192,7 +192,7 @@
}
if (atMaxThreads) {
if (newMaxQueueSize && maximumPoolSize > 1) {
- LogManager.logWarning(LogConstants.CTX_POOLING,
CommonPlugin.Util.getString("WorkerPool.Max_thread", maximumPoolSize, poolName,
highestQueueSize)); //$NON-NLS-1$
+ LogManager.logWarning(LogConstants.CTX_POOLING,
QueryPlugin.Util.getString("WorkerPool.Max_thread", maximumPoolSize, poolName,
highestQueueSize)); //$NON-NLS-1$
}
return;
}
Copied: trunk/engine/src/main/java/com/metamatrix/common/util (from rev 1941,
trunk/common-internal/src/main/java/com/metamatrix/common/util)
Deleted: trunk/engine/src/main/java/com/metamatrix/common/util/ErrorMessageKeys.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/common/util/ErrorMessageKeys.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/com/metamatrix/common/util/ErrorMessageKeys.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,964 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.common.util;
-
-/**
- * Date Apr 2, 2003
- *
- * <p>
- * The ErrorMessageKeys contains the message ID's for use with
- * {@link I18NLogManager I18NLogManager} for internationalization
- * of error messages.
- * </p>
- *
- * <b>Adding a Message ID</b>
- * <br>
- * An error message placed here <b>MUST</b> have a related entry
- * in the project resource bundle file.
- * </br>
- * <br>
- * The format of the message ID should conform to the following convention:
- * </br>
- * ERR.000.000.0000
- *
- * <strong>Example:</strong>
- * <code>ERR.003.001.0002</code>
- *
- * where
- * - node 003 is the common project number
- * - node 001 is the component and must be unique for the project
- * - node 0002 is a unique number for the specified component
- *
- *
- *
- * <p>
- * <strong>Common Component Codes</strong>
- * <li>000 - misc</li>
- * <li>001 - config</li>
- * <li>002 - pooling</li>
- * <li>003 - api</li>
- * <li>004 - actions</li>
- * <li>005 - beans</li>
- * <li>006 - buffering</li>
- * <li>007 - util</li>
- * <li>008 - cache</li>
- * <li>009 - callback</li>
- * <li>010 - connecteion</li>
- * <li>011 - event</li>
- * <li>012 - finder</li>
- * <li>013 - id</li>
- * <li>014 - log</li>
- * <li>015 - jdbc</li>
- * <li>016 - license</li>
- * <li>017 - messaging</li>
- * <li>018 - namedobject</li>
- * <li>019 - object</li>
- * <li>020 - plugin</li>
- * <li>021 - properties</li>
- * <li>022 - proxy</li>
- * <li>023 - queue</li>
- * <li>024 - remote</li>
- * <li>025 - thread</li>
- * <li>026 - transaction</li>
- * <li>027 - transform</li>
- * <li>028 - tree</li>
- * <li>029 - types</li>
- * <li>030 - util</li>
- * <li>031 - xa</li>
- * <li>032 - xml</li>
- *
- *
- * </p>
- */
-public interface ErrorMessageKeys {
-
- /** misc (000) */
- public static final String MISC_ERR_0001 = "ERR.003.000.0001"; //$NON-NLS-1$
-
-
- /** config (001) */
- // moved from platform
- public static final String CONFIG_0001 = "ERR.003.001.0093";
//$NON-NLS-1$
- public static final String CONFIG_0002 = "ERR.003.001.0094";
//$NON-NLS-1$
- public static final String CONFIG_0003 = "ERR.003.001.0095";
//$NON-NLS-1$
- public static final String CONFIG_0004 = "ERR.003.001.0096";
//$NON-NLS-1$
- public static final String CONFIG_0005 = "ERR.003.001.0097";
//$NON-NLS-1$
- public static final String CONFIG_0006 = "ERR.003.001.0098";
//$NON-NLS-1$
- public static final String CONFIG_0016 = "ERR.003.001.0099";
//$NON-NLS-1$
- public static final String CONFIG_0017 = "ERR.003.001.0100";
//$NON-NLS-1$
- public static final String CONFIG_0018 = "ERR.003.001.0101";
//$NON-NLS-1$
-
-
-
- public static final String CONFIG_ERR_0001 = "ERR.003.001.0001";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0002 = "ERR.003.001.0002";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0003 = "ERR.003.001.0003";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0004 = "ERR.003.001.0004";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0005 = "ERR.003.001.0005";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0006 = "ERR.003.001.0006";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0007 = "ERR.003.001.0007";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0008 = "ERR.003.001.0008";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0009 = "ERR.003.001.0009";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0010 = "ERR.003.001.0010";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0011 = "ERR.003.001.0011";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0012 = "ERR.003.001.0012";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0013 = "ERR.003.001.0013";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0014 = "ERR.003.001.0014";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0015 = "ERR.003.001.0015";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0016 = "ERR.003.001.0016";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0017 = "ERR.003.001.0017";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0018 = "ERR.003.001.0018";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0019 = "ERR.003.001.0019";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0020 = "ERR.003.001.0020";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0021 = "ERR.003.001.0021";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0022 = "ERR.003.001.0022";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0023 = "ERR.003.001.0023";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0024 = "ERR.003.001.0024";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0025 = "ERR.003.001.0025";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0026 = "ERR.003.001.0026";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0027 = "ERR.003.001.0027";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0028 = "ERR.003.001.0028";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0029 = "ERR.003.001.0029";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0030 = "ERR.003.001.0030";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0031 = "ERR.003.001.0031";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0032 = "ERR.003.001.0032";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0033 = "ERR.003.001.0033";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0034 = "ERR.003.001.0034";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0035 = "ERR.003.001.0035";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0036 = "ERR.003.001.0036";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0037 = "ERR.003.001.0037";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0038 = "ERR.003.001.0038";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0039 = "ERR.003.001.0039";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0040 = "ERR.003.001.0040";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0041 = "ERR.003.001.0041";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0042 = "ERR.003.001.0042";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0043 = "ERR.003.001.0043";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0044 = "ERR.003.001.0044";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0045 = "ERR.003.001.0045";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0046 = "ERR.003.001.0046";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0047 = "ERR.003.001.0047";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0048 = "ERR.003.001.0048";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0049 = "ERR.003.001.0049";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0050 = "ERR.003.001.0050";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0051 = "ERR.003.001.0051";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0052 = "ERR.003.001.0052";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0053 = "ERR.003.001.0053";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0054 = "ERR.003.001.0054";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0055 = "ERR.003.001.0055";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0056 = "ERR.003.001.0056";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0057 = "ERR.003.001.0057";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0058 = "ERR.003.001.0058";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0059 = "ERR.003.001.0059";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0060 = "ERR.003.001.0060";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0061 = "ERR.003.001.0061";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0062 = "ERR.003.001.0062";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0063 = "ERR.003.001.0063";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0064 = "ERR.003.001.0064";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0065 = "ERR.003.001.0065";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0066 = "ERR.003.001.0066";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0067 = "ERR.003.001.0067";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0068 = "ERR.003.001.0068";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0069 = "ERR.003.001.0069";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0070 = "ERR.003.001.0070";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0071 = "ERR.003.001.0071";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0072 = "ERR.003.001.0072";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0073 = "ERR.003.001.0073";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0074 = "ERR.003.001.0074";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0075 = "ERR.003.001.0075";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0076 = "ERR.003.001.0076";
//$NON-NLS-1$
-
- public static final String CONFIG_ERR_0077 = "ERR.003.001.0077";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0078 = "ERR.003.001.0078";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0079 = "ERR.003.001.0079";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0080 = "ERR.003.001.0080";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0081 = "ERR.003.001.0081";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0082 = "ERR.003.001.0082";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0083 = "ERR.003.001.0083";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0084 = "ERR.003.001.0084";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0085 = "ERR.003.001.0085";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0086 = "ERR.003.001.0086";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0087 = "ERR.003.001.0087";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0088 = "ERR.003.001.0088";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0089 = "ERR.003.001.0089";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0090 = "ERR.003.001.0090";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0091 = "ERR.003.001.0091";
//$NON-NLS-1$
- public static final String CONFIG_ERR_0092 = "ERR.003.001.0092";
//$NON-NLS-1$
-
-
-
- /** pooling (002 */
-
- public static final String POOLING_ERR_0001 = "ERR.003.002.0001";
//$NON-NLS-1$
- public static final String POOLING_ERR_0002 = "ERR.003.002.0002";
//$NON-NLS-1$
- public static final String POOLING_ERR_0003 = "ERR.003.002.0003";
//$NON-NLS-1$
- public static final String POOLING_ERR_0005 = "ERR.003.002.0005";
//$NON-NLS-1$
- public static final String POOLING_ERR_0006 = "ERR.003.002.0006";
//$NON-NLS-1$
- public static final String POOLING_ERR_0007 = "ERR.003.002.0007";
//$NON-NLS-1$
- public static final String POOLING_ERR_0008 = "ERR.003.002.0008";
//$NON-NLS-1$
- public static final String POOLING_ERR_0009 = "ERR.003.002.0009";
//$NON-NLS-1$
- public static final String POOLING_ERR_0010 = "ERR.003.002.0010";
//$NON-NLS-1$
- public static final String POOLING_ERR_0011 = "ERR.003.002.0011";
//$NON-NLS-1$
- public static final String POOLING_ERR_0012 = "ERR.003.002.0012";
//$NON-NLS-1$
- public static final String POOLING_ERR_0013 = "ERR.003.002.0013";
//$NON-NLS-1$
- public static final String POOLING_ERR_0014 = "ERR.003.002.0014";
//$NON-NLS-1$
- public static final String POOLING_ERR_0015 = "ERR.003.002.0015";
//$NON-NLS-1$
- public static final String POOLING_ERR_0016 = "ERR.003.002.0016";
//$NON-NLS-1$
- public static final String POOLING_ERR_0017 = "ERR.003.002.0017";
//$NON-NLS-1$
- public static final String POOLING_ERR_0018 = "ERR.003.002.0018";
//$NON-NLS-1$
- public static final String POOLING_ERR_0019 = "ERR.003.002.0019";
//$NON-NLS-1$
-
-// #s 20 - 35 were moved to util
-
- public static final String POOLING_ERR_0026 = "ERR.003.002.0026";
//$NON-NLS-1$
- public static final String POOLING_ERR_0027 = "ERR.003.002.0027";
//$NON-NLS-1$
- public static final String POOLING_ERR_0028 = "ERR.003.002.0028";
//$NON-NLS-1$
- public static final String POOLING_ERR_0029 = "ERR.003.002.0029";
//$NON-NLS-1$
- public static final String POOLING_ERR_0030 = "ERR.003.002.0030";
//$NON-NLS-1$
- public static final String POOLING_ERR_0031 = "ERR.003.002.0031";
//$NON-NLS-1$
- public static final String POOLING_ERR_0032 = "ERR.003.002.0032";
//$NON-NLS-1$
- public static final String POOLING_ERR_0033 = "ERR.003.002.0033";
//$NON-NLS-1$
- public static final String POOLING_ERR_0034 = "ERR.003.002.0034";
//$NON-NLS-1$
- public static final String POOLING_ERR_0035 = "ERR.003.002.0035";
//$NON-NLS-1$
- public static final String POOLING_ERR_0036 = "ERR.003.002.0036";
//$NON-NLS-1$
- public static final String POOLING_ERR_0037 = "ERR.003.002.0037";
//$NON-NLS-1$
-
- public static final String POOLING_ERR_0038 = "ERR.003.002.0038";
//$NON-NLS-1$
- public static final String POOLING_ERR_0039 = "ERR.003.002.0039";
//$NON-NLS-1$
-
-//*** not used because they were not needed at the time, but can be used now
-// public static final String POOLING_ERR_0040 = "ERR.003.002.0040";
-// public static final String POOLING_ERR_0041 = "ERR.003.002.0041";
-// public static final String POOLING_ERR_0042 = "ERR.003.002.0042";
-// public static final String POOLING_ERR_0043 = "ERR.003.002.0043";
-
- public static final String POOLING_ERR_0044 = "ERR.003.002.0044";
//$NON-NLS-1$
- public static final String POOLING_ERR_0045 = "ERR.003.002.0045";
//$NON-NLS-1$
- public static final String POOLING_ERR_0046 = "ERR.003.002.0046";
//$NON-NLS-1$
- public static final String POOLING_ERR_0047 = "ERR.003.002.0047";
//$NON-NLS-1$
- public static final String POOLING_ERR_0048 = "ERR.003.002.0048";
//$NON-NLS-1$
- public static final String POOLING_ERR_0049 = "ERR.003.002.0049";
//$NON-NLS-1$
-
-/** api (003) */
-
- public static final String API_ERR_0001 = "ERR.003.003.0001"; //$NON-NLS-1$
- public static final String API_ERR_0002 = "ERR.003.003.0002"; //$NON-NLS-1$
- public static final String API_ERR_0003 = "ERR.003.003.0003"; //$NON-NLS-1$
- public static final String API_ERR_0004 = "ERR.003.003.0004"; //$NON-NLS-1$
- public static final String API_ERR_0005 = "ERR.003.003.0005"; //$NON-NLS-1$
- public static final String API_ERR_0006 = "ERR.003.003.0006"; //$NON-NLS-1$
- public static final String API_ERR_0007 = "ERR.003.003.0007"; //$NON-NLS-1$
- public static final String API_ERR_0008 = "ERR.003.003.0008"; //$NON-NLS-1$
- public static final String API_ERR_0009 = "ERR.003.003.0009"; //$NON-NLS-1$
- public static final String API_ERR_0010 = "ERR.003.003.0010"; //$NON-NLS-1$
- public static final String API_ERR_0011 = "ERR.003.003.0011"; //$NON-NLS-1$
- public static final String API_ERR_0012 = "ERR.003.003.0012"; //$NON-NLS-1$
- public static final String API_ERR_0013 = "ERR.003.003.0013"; //$NON-NLS-1$
- public static final String API_ERR_0014 = "ERR.003.003.0014"; //$NON-NLS-1$
- public static final String API_ERR_0015 = "ERR.003.003.0015"; //$NON-NLS-1$
- public static final String API_ERR_0016 = "ERR.003.003.0016"; //$NON-NLS-1$
- public static final String API_ERR_0017 = "ERR.003.003.0017"; //$NON-NLS-1$
- public static final String API_ERR_0018 = "ERR.003.003.0018"; //$NON-NLS-1$
- public static final String API_ERR_0019 = "ERR.003.003.0019"; //$NON-NLS-1$
- public static final String API_ERR_0020 = "ERR.003.003.0020"; //$NON-NLS-1$
- public static final String API_ERR_0021 = "ERR.003.003.0021"; //$NON-NLS-1$
- public static final String API_ERR_0022 = "ERR.003.003.0022"; //$NON-NLS-1$
-
-
-/** actions (004) */
-
- public static final String ACTIONS_ERR_0001 = "ERR.003.004.0001";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0002 = "ERR.003.004.0002";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0003 = "ERR.003.004.0003";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0004 = "ERR.003.004.0004";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0005 = "ERR.003.004.0005";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0006 = "ERR.003.004.0006";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0007 = "ERR.003.004.0007";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0008 = "ERR.003.004.0008";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0009 = "ERR.003.004.0009";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0010 = "ERR.003.004.0010";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0011 = "ERR.003.004.0011";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0012 = "ERR.003.004.0012";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0013 = "ERR.003.004.0013";
//$NON-NLS-1$
- public static final String ACTIONS_ERR_0014 = "ERR.003.004.0014";
//$NON-NLS-1$
-
-/** beans (005) */
-
- public static final String BEANS_ERR_0001 = "ERR.003.005.0001";
//$NON-NLS-1$
- public static final String BEANS_ERR_0002 = "ERR.003.005.0002";
//$NON-NLS-1$
- public static final String BEANS_ERR_0003 = "ERR.003.005.0003";
//$NON-NLS-1$
-
-/** buffering (006) */
- public static final String BUFFERING_ERR_0003 = "ERR.003.006.0003";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0004 = "ERR.003.006.0004";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0005 = "ERR.003.006.0005";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0006 = "ERR.003.006.0006";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0007 = "ERR.003.006.0007";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0009 = "ERR.003.006.0009";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0010 = "ERR.003.006.0010";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0011 = "ERR.003.006.0011";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0012 = "ERR.003.006.0012";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0013 = "ERR.003.006.0013";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0014 = "ERR.003.006.0014";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0015 = "ERR.003.006.0015";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0016 = "ERR.003.006.0016";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0017 = "ERR.003.006.0017";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0018 = "ERR.003.006.0018";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0019 = "ERR.003.006.0019";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0020 = "ERR.003.006.0020";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0021 = "ERR.003.006.0021";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0022 = "ERR.003.006.0022";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0023 = "ERR.003.006.0023";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0024 = "ERR.003.006.0024";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0025 = "ERR.003.006.0025";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0026 = "ERR.003.006.0026";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0027 = "ERR.003.006.0027";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0028 = "ERR.003.006.0028";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0029 = "ERR.003.006.0029";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0030 = "ERR.003.006.0030";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0031 = "ERR.003.006.0031";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0032 = "ERR.003.006.0032";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0033 = "ERR.003.006.0033";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0034 = "ERR.003.006.0034";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0035 = "ERR.003.006.0035";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0036 = "ERR.003.006.0036";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0037 = "ERR.003.006.0037";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0038 = "ERR.003.006.0038";
//$NON-NLS-1$
- public static final String BUFFERING_ERR_0039 = "ERR.003.006.0039";
//$NON-NLS-1$
-
- /** util (007) */
- // this should be in the same package with util (030)
- public static final String UTIL_ERR_0001 = "ERR.003.007.0001"; //$NON-NLS-1$
- public static final String UTIL_ERR_0002 = "ERR.003.007.0002"; //$NON-NLS-1$
- public static final String UTIL_ERR_0003 = "ERR.003.007.0003"; //$NON-NLS-1$
- public static final String UTIL_ERR_0004 = "ERR.003.007.0004"; //$NON-NLS-1$
- public static final String UTIL_ERR_0005 = "ERR.003.007.0005"; //$NON-NLS-1$
- public static final String UTIL_ERR_0006 = "ERR.003.007.0006"; //$NON-NLS-1$
-
-
- /** cache (008) */
- public static final String CACHE_ERR_0001 = "ERR.003.008.0001";
//$NON-NLS-1$
- public static final String CACHE_ERR_0002 = "ERR.003.008.0002";
//$NON-NLS-1$
- public static final String CACHE_ERR_0003 = "ERR.003.008.0003";
//$NON-NLS-1$
- public static final String CACHE_ERR_0004 = "ERR.003.008.0004";
//$NON-NLS-1$
- public static final String CACHE_ERR_0005 = "ERR.003.008.0005";
//$NON-NLS-1$
- public static final String CACHE_ERR_0006 = "ERR.003.008.0006";
//$NON-NLS-1$
- public static final String CACHE_ERR_0007 = "ERR.003.008.0007";
//$NON-NLS-1$
- public static final String CACHE_ERR_0008 = "ERR.003.008.0008";
//$NON-NLS-1$
- public static final String CACHE_ERR_0009 = "ERR.003.008.0009";
//$NON-NLS-1$
- public static final String CACHE_ERR_0010 = "ERR.003.008.0010";
//$NON-NLS-1$
- public static final String CACHE_ERR_0011 = "ERR.003.008.0011";
//$NON-NLS-1$
- public static final String CACHE_ERR_0012 = "ERR.003.008.0012";
//$NON-NLS-1$
- public static final String CACHE_ERR_0013 = "ERR.003.008.0013";
//$NON-NLS-1$
- public static final String CACHE_ERR_0014 = "ERR.003.008.0014";
//$NON-NLS-1$
- public static final String CACHE_ERR_0015 = "ERR.003.008.0015";
//$NON-NLS-1$
- public static final String CACHE_ERR_0016 = "ERR.003.008.0016";
//$NON-NLS-1$
- public static final String CACHE_ERR_0017 = "ERR.003.008.0017";
//$NON-NLS-1$
- public static final String CACHE_ERR_0018 = "ERR.003.008.0018";
//$NON-NLS-1$
- public static final String CACHE_ERR_0019 = "ERR.003.008.0019";
//$NON-NLS-1$
- public static final String CACHE_ERR_0020 = "ERR.003.008.0020";
//$NON-NLS-1$
- public static final String CACHE_ERR_0021 = "ERR.003.008.0021";
//$NON-NLS-1$
-
- /** callback (009) */
- // moved to console.toolbox project
-
- /** connection (010) */
- public static final String CONNECTION_ERR_0001 = "ERR.003.010.0001";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0002 = "ERR.003.010.0002";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0003 = "ERR.003.010.0003";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0004 = "ERR.003.010.0004";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0005 = "ERR.003.010.0005";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0006 = "ERR.003.010.0006";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0007 = "ERR.003.010.0007";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0008 = "ERR.003.010.0008";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0009 = "ERR.003.010.0009";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0010 = "ERR.003.010.0010";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0011 = "ERR.003.010.0011";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0012 = "ERR.003.010.0012";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0013 = "ERR.003.010.0013";
//$NON-NLS-1$
- public static final String CONNECTION_ERR_0014 = "ERR.003.010.0014";
//$NON-NLS-1$
-
-
-
- /** id (013) */
- public static final String ID_ERR_0001 = "ERR.003.013.0001"; //$NON-NLS-1$
- public static final String ID_ERR_0002 = "ERR.003.013.0002"; //$NON-NLS-1$
- public static final String ID_ERR_0003 = "ERR.003.013.0003"; //$NON-NLS-1$
- public static final String ID_ERR_0004 = "ERR.003.013.0004"; //$NON-NLS-1$
- public static final String ID_ERR_0005 = "ERR.003.013.0005"; //$NON-NLS-1$
- public static final String ID_ERR_0006 = "ERR.003.013.0006"; //$NON-NLS-1$
- public static final String ID_ERR_0007 = "ERR.003.013.0007"; //$NON-NLS-1$
- public static final String ID_ERR_0008 = "ERR.003.013.0008"; //$NON-NLS-1$
- public static final String ID_ERR_0009 = "ERR.003.013.0009"; //$NON-NLS-1$
- public static final String ID_ERR_0010 = "ERR.003.013.0010"; //$NON-NLS-1$
- public static final String ID_ERR_0011 = "ERR.003.013.0011"; //$NON-NLS-1$
- public static final String ID_ERR_0012 = "ERR.003.013.0012"; //$NON-NLS-1$
- public static final String ID_ERR_0013 = "ERR.003.013.0013"; //$NON-NLS-1$
- public static final String ID_ERR_0014 = "ERR.003.013.0014"; //$NON-NLS-1$
- public static final String ID_ERR_0015 = "ERR.003.013.0015"; //$NON-NLS-1$
- public static final String ID_ERR_0016 = "ERR.003.013.0016"; //$NON-NLS-1$
- public static final String ID_ERR_0017 = "ERR.003.013.0017"; //$NON-NLS-1$
- public static final String ID_ERR_0018 = "ERR.003.013.0018"; //$NON-NLS-1$
- public static final String ID_ERR_0019 = "ERR.003.013.0019"; //$NON-NLS-1$
- public static final String ID_ERR_0020 = "ERR.003.013.0020"; //$NON-NLS-1$
- public static final String ID_ERR_0021 = "ERR.003.013.0021"; //$NON-NLS-1$
- public static final String ID_ERR_0022 = "ERR.003.013.0022"; //$NON-NLS-1$
- public static final String ID_ERR_0023 = "ERR.003.013.0023"; //$NON-NLS-1$
- public static final String ID_ERR_0024 = "ERR.003.013.0024"; //$NON-NLS-1$
-
-
-
- /** log (014) */
- public static final String LOG_ERR_0001 = "ERR.003.014.0001"; //$NON-NLS-1$
- public static final String LOG_ERR_0002 = "ERR.003.014.0002"; //$NON-NLS-1$
- public static final String LOG_ERR_0003 = "ERR.003.014.0003"; //$NON-NLS-1$
- public static final String LOG_ERR_0004 = "ERR.003.014.0004"; //$NON-NLS-1$
- public static final String LOG_ERR_0005 = "ERR.003.014.0005"; //$NON-NLS-1$
- public static final String LOG_ERR_0006 = "ERR.003.014.0006"; //$NON-NLS-1$
- public static final String LOG_ERR_0007 = "ERR.003.014.0007"; //$NON-NLS-1$
- public static final String LOG_ERR_0008 = "ERR.003.014.0008"; //$NON-NLS-1$
- public static final String LOG_ERR_0009 = "ERR.003.014.0009"; //$NON-NLS-1$
- public static final String LOG_ERR_0010 = "ERR.003.014.0010"; //$NON-NLS-1$
- public static final String LOG_ERR_0011 = "ERR.003.014.0011"; //$NON-NLS-1$
- public static final String LOG_ERR_0012 = "ERR.003.014.0012"; //$NON-NLS-1$
- public static final String LOG_ERR_0013 = "ERR.003.014.0013"; //$NON-NLS-1$
- public static final String LOG_ERR_0014 = "ERR.003.014.0014"; //$NON-NLS-1$
- public static final String LOG_ERR_0015 = "ERR.003.014.0015"; //$NON-NLS-1$
- public static final String LOG_ERR_0016 = "ERR.003.014.0016"; //$NON-NLS-1$
- public static final String LOG_ERR_0017 = "ERR.003.014.0017"; //$NON-NLS-1$
- public static final String LOG_ERR_0018 = "ERR.003.014.0018"; //$NON-NLS-1$
- public static final String LOG_ERR_0019 = "ERR.003.014.0019"; //$NON-NLS-1$
- public static final String LOG_ERR_0020 = "ERR.003.014.0020"; //$NON-NLS-1$
- public static final String LOG_ERR_0021 = "ERR.003.014.0021"; //$NON-NLS-1$
- public static final String LOG_ERR_0022 = "ERR.003.014.0022"; //$NON-NLS-1$
- public static final String LOG_ERR_0023 = "ERR.003.014.0023"; //$NON-NLS-1$
- public static final String LOG_ERR_0024 = "ERR.003.014.0024"; //$NON-NLS-1$
- public static final String LOG_ERR_0025 = "ERR.003.014.0025"; //$NON-NLS-1$
- public static final String LOG_ERR_0026 = "ERR.003.014.0026"; //$NON-NLS-1$
- public static final String LOG_ERR_0027 = "ERR.003.014.0027"; //$NON-NLS-1$
- public static final String LOG_ERR_0028 = "ERR.003.014.0028"; //$NON-NLS-1$
- public static final String LOG_ERR_0029 = "ERR.003.014.0029"; //$NON-NLS-1$
- public static final String LOG_ERR_0030 = "ERR.003.014.0030"; //$NON-NLS-1$
- public static final String LOG_ERR_0031 = "ERR.003.014.0031"; //$NON-NLS-1$
- public static final String LOG_ERR_0032 = "ERR.003.014.0032";
//$NON-NLS-1$
-
- /** jdbc (015) */
- public static final String JDBC_ERR_0001 = "ERR.003.015.0001"; //$NON-NLS-1$
- public static final String JDBC_ERR_0002 = "ERR.003.015.0002"; //$NON-NLS-1$
- public static final String JDBC_ERR_0003 = "ERR.003.015.0003"; //$NON-NLS-1$
- public static final String JDBC_ERR_0004 = "ERR.003.015.0004"; //$NON-NLS-1$
- public static final String JDBC_ERR_0005 = "ERR.003.015.0005"; //$NON-NLS-1$
- public static final String JDBC_ERR_0006 = "ERR.003.015.0006"; //$NON-NLS-1$
- public static final String JDBC_ERR_0007 = "ERR.003.015.0007"; //$NON-NLS-1$
- public static final String JDBC_ERR_0008 = "ERR.003.015.0008"; //$NON-NLS-1$
- public static final String JDBC_ERR_0009 = "ERR.003.015.0009"; //$NON-NLS-1$
- public static final String JDBC_ERR_0010 = "ERR.003.015.0010"; //$NON-NLS-1$
- public static final String JDBC_ERR_0011 = "ERR.003.015.0011"; //$NON-NLS-1$
- public static final String JDBC_ERR_0012 = "ERR.003.015.0012"; //$NON-NLS-1$
- public static final String JDBC_ERR_0013 = "ERR.003.015.0013"; //$NON-NLS-1$
- public static final String JDBC_ERR_0014 = "ERR.003.015.0014"; //$NON-NLS-1$
- public static final String JDBC_ERR_0015 = "ERR.003.015.0015"; //$NON-NLS-1$
- public static final String JDBC_ERR_0016 = "ERR.003.015.0016"; //$NON-NLS-1$
- public static final String JDBC_ERR_0017 = "ERR.003.015.0017"; //$NON-NLS-1$
- public static final String JDBC_ERR_0018 = "ERR.003.015.0018"; //$NON-NLS-1$
- public static final String JDBC_ERR_0019 = "ERR.003.015.0019"; //$NON-NLS-1$
- public static final String JDBC_ERR_0020 = "ERR.003.015.0020"; //$NON-NLS-1$
- public static final String JDBC_ERR_0021 = "ERR.003.015.0021"; //$NON-NLS-1$
- public static final String JDBC_ERR_0022 = "ERR.003.015.0022"; //$NON-NLS-1$
- public static final String JDBC_ERR_0023 = "ERR.003.015.0023"; //$NON-NLS-1$
- public static final String JDBC_ERR_0024 = "ERR.003.015.0024"; //$NON-NLS-1$
- public static final String JDBC_ERR_0025 = "ERR.003.015.0025"; //$NON-NLS-1$
- public static final String JDBC_ERR_0026 = "ERR.003.015.0026"; //$NON-NLS-1$
- public static final String JDBC_ERR_0027 = "ERR.003.015.0027"; //$NON-NLS-1$
- public static final String JDBC_ERR_0028 = "ERR.003.015.0028"; //$NON-NLS-1$
- public static final String JDBC_ERR_0029 = "ERR.003.015.0029"; //$NON-NLS-1$
- public static final String JDBC_ERR_0030 = "ERR.003.015.0030"; //$NON-NLS-1$
- public static final String JDBC_ERR_0031 = "ERR.003.015.0031"; //$NON-NLS-1$
- public static final String JDBC_ERR_0032 = "ERR.003.015.0032"; //$NON-NLS-1$
- public static final String JDBC_ERR_0033 = "ERR.003.015.0033"; //$NON-NLS-1$
- public static final String JDBC_ERR_0034 = "ERR.003.015.0034"; //$NON-NLS-1$
- public static final String JDBC_ERR_0035 = "ERR.003.015.0035"; //$NON-NLS-1$
- public static final String JDBC_ERR_0036 = "ERR.003.015.0036"; //$NON-NLS-1$
- public static final String JDBC_ERR_0037 = "ERR.003.015.0037"; //$NON-NLS-1$
- public static final String JDBC_ERR_0038 = "ERR.003.015.0038"; //$NON-NLS-1$
- public static final String JDBC_ERR_0039 = "ERR.003.015.0039"; //$NON-NLS-1$
- public static final String JDBC_ERR_0040 = "ERR.003.015.0040"; //$NON-NLS-1$
- public static final String JDBC_ERR_0041 = "ERR.003.015.0041"; //$NON-NLS-1$
- public static final String JDBC_ERR_0042 = "ERR.003.015.0042"; //$NON-NLS-1$
- public static final String JDBC_ERR_0043 = "ERR.003.015.0043"; //$NON-NLS-1$
- public static final String JDBC_ERR_0044 = "ERR.003.015.0044"; //$NON-NLS-1$
- public static final String JDBC_ERR_0045 = "ERR.003.015.0045"; //$NON-NLS-1$
- public static final String JDBC_ERR_0046 = "ERR.003.015.0046"; //$NON-NLS-1$
- public static final String JDBC_ERR_0047 = "ERR.003.015.0047"; //$NON-NLS-1$
- public static final String JDBC_ERR_0048 = "ERR.003.015.0048"; //$NON-NLS-1$
- public static final String JDBC_ERR_0049 = "ERR.003.015.0049"; //$NON-NLS-1$
- public static final String JDBC_ERR_0050 = "ERR.003.015.0050"; //$NON-NLS-1$
- public static final String JDBC_ERR_0051 = "ERR.003.015.0051"; //$NON-NLS-1$
- public static final String JDBC_ERR_0052 = "ERR.003.015.0052"; //$NON-NLS-1$
- public static final String JDBC_ERR_0053 = "ERR.003.015.0053"; //$NON-NLS-1$
- public static final String JDBC_ERR_0054 = "ERR.003.015.0054"; //$NON-NLS-1$
- public static final String JDBC_ERR_0055 = "ERR.003.015.0055"; //$NON-NLS-1$
- public static final String JDBC_ERR_0056 = "ERR.003.015.0056"; //$NON-NLS-1$
- public static final String JDBC_ERR_0057 = "ERR.003.015.0057"; //$NON-NLS-1$
- public static final String JDBC_ERR_0058 = "ERR.003.015.0058"; //$NON-NLS-1$
- public static final String JDBC_ERR_0059 = "ERR.003.015.0059"; //$NON-NLS-1$
- public static final String JDBC_ERR_0060 = "ERR.003.015.0060"; //$NON-NLS-1$
- public static final String JDBC_ERR_0061 = "ERR.003.015.0061"; //$NON-NLS-1$
- public static final String JDBC_ERR_0062 = "ERR.003.015.0062"; //$NON-NLS-1$
- public static final String JDBC_ERR_0063 = "ERR.003.015.0063"; //$NON-NLS-1$
- public static final String JDBC_ERR_0064 = "ERR.003.015.0064"; //$NON-NLS-1$
- public static final String JDBC_ERR_0065 = "ERR.003.015.0065";
//$NON-NLS-1$
-
-
- /** messaging (017) */
- public static final String MESSAGING_ERR_0001 = "ERR.003.017.0001";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0002 = "ERR.003.017.0002";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0003 = "ERR.003.017.0003";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0004 = "ERR.003.017.0004";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0005 = "ERR.003.017.0005";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0006 = "ERR.003.017.0006";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0007 = "ERR.003.017.0007";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0008 = "ERR.003.017.0008";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0009 = "ERR.003.017.0009";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0010 = "ERR.003.017.0010";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0011 = "ERR.003.017.0011";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0012 = "ERR.003.017.0012";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0013 = "ERR.003.017.0013";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0014 = "ERR.003.017.0014";
//$NON-NLS-1$
- public static final String MESSAGING_ERR_0015 = "ERR.003.017.0015";
//$NON-NLS-1$
-
- /** namedobject (018) */
- public static final String NAMEDOBJECT_ERR_0001 = "ERR.003.018.0001";
//$NON-NLS-1$
- public static final String NAMEDOBJECT_ERR_0002 = "ERR.003.018.0002";
//$NON-NLS-1$
- public static final String NAMEDOBJECT_ERR_0003 = "ERR.003.018.0003";
//$NON-NLS-1$
- public static final String NAMEDOBJECT_ERR_0004 = "ERR.003.018.0004";
//$NON-NLS-1$
- public static final String NAMEDOBJECT_ERR_0005 = "ERR.003.018.0005";
//$NON-NLS-1$
- public static final String NAMEDOBJECT_ERR_0006 = "ERR.003.018.0006";
//$NON-NLS-1$
- public static final String NAMEDOBJECT_ERR_0007 = "ERR.003.018.0007";
//$NON-NLS-1$
-
- /** object (019) */
- public static final String OBJECT_ERR_0001 = "ERR.003.019.0001";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0002 = "ERR.003.019.0002";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0003 = "ERR.003.019.0003";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0004 = "ERR.003.019.0004";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0005 = "ERR.003.019.0005";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0006 = "ERR.003.019.0006";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0007 = "ERR.003.019.0007";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0008 = "ERR.003.019.0008";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0009 = "ERR.003.019.0009";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0010 = "ERR.003.019.0010";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0011 = "ERR.003.019.0011";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0012 = "ERR.003.019.0012";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0013 = "ERR.003.019.0013";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0014 = "ERR.003.019.0014";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0015 = "ERR.003.019.0015";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0016 = "ERR.003.019.0016";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0017 = "ERR.003.019.0017";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0018 = "ERR.003.019.0018";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0019 = "ERR.003.019.0019";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0020 = "ERR.003.019.0020";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0021 = "ERR.003.019.0021";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0022 = "ERR.003.019.0022";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0023 = "ERR.003.019.0023";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0024 = "ERR.003.019.0024";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0025 = "ERR.003.019.0025";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0026 = "ERR.003.019.0026";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0027 = "ERR.003.019.0027";
//$NON-NLS-1$
- public static final String OBJECT_ERR_0028 = "ERR.003.019.0028";
//$NON-NLS-1$
-
- /** properties (021) */
- public static final String PROPERTIES_ERR_0001 = "ERR.003.021.0001";
//$NON-NLS-1$
- public static final String PROPERTIES_ERR_0002 = "ERR.003.021.0002";
//$NON-NLS-1$
- public static final String PROPERTIES_ERR_0003 = "ERR.003.021.0003";
//$NON-NLS-1$
- public static final String PROPERTIES_ERR_0004 = "ERR.003.021.0004";
//$NON-NLS-1$
- public static final String PROPERTIES_ERR_0005 = "ERR.003.021.0005";
//$NON-NLS-1$
- public static final String PROPERTIES_ERR_0006 = "ERR.003.021.0006";
//$NON-NLS-1$
- public static final String PROPERTIES_ERR_0007 = "ERR.003.021.0007";
//$NON-NLS-1$
- public static final String PROPERTIES_ERR_0008 = "ERR.003.021.0008";
//$NON-NLS-1$
- public static final String PROPERTIES_ERR_0009 = "ERR.003.021.0009";
//$NON-NLS-1$
- public static final String PROPERTIES_ERR_0012 = "ERR.003.021.0012";
//$NON-NLS-1$
-
- /** proxy (022) */
- public static final String PROXY_ERR_0001 = "ERR.003.022.0001";
//$NON-NLS-1$
- public static final String PROXY_ERR_0002 = "ERR.003.022.0002";
//$NON-NLS-1$
- public static final String PROXY_ERR_0003 = "ERR.003.022.0003";
//$NON-NLS-1$
- public static final String PROXY_ERR_0004 = "ERR.003.022.0004";
//$NON-NLS-1$
- public static final String PROXY_ERR_0005 = "ERR.003.022.0005";
//$NON-NLS-1$
-
- /** queue (023) */
- public static final String QUEUE_ERR_0001 = "ERR.003.023.0001";
//$NON-NLS-1$
- public static final String QUEUE_ERR_0002 = "ERR.003.023.0002";
//$NON-NLS-1$
- public static final String QUEUE_ERR_0003 = "ERR.003.023.0003";
//$NON-NLS-1$
- public static final String QUEUE_ERR_0004 = "ERR.003.023.0004";
//$NON-NLS-1$
-
- /** remote (024) */
-
- /** thread (025) */
- public static final String THREAD_ERR_0001 = "ERR.003.025.0001";
//$NON-NLS-1$
- public static final String THREAD_ERR_0002 = "ERR.003.025.0002";
//$NON-NLS-1$
-
- /** transaction (026) */
- public static final String TRANSACTION_ERR_0001 = "ERR.003.026.0001";
//$NON-NLS-1$
-
- /** transform (027) */
- public static final String TRANSFORM_ERR_0001 = "ERR.003.027.0001";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0002 = "ERR.003.027.0002";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0003 = "ERR.003.027.0003";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0004 = "ERR.003.027.0004";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0005 = "ERR.003.027.0005";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0006 = "ERR.003.027.0006";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0007 = "ERR.003.027.0007";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0008 = "ERR.003.027.0008";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0009 = "ERR.003.027.0009";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0010 = "ERR.003.027.0010";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0011 = "ERR.003.027.0011";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0012 = "ERR.003.027.0012";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0013 = "ERR.003.027.0013";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0014 = "ERR.003.027.0014";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0015 = "ERR.003.027.0015";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0016 = "ERR.003.027.0016";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0017 = "ERR.003.027.0017";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0018 = "ERR.003.027.0018";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0019 = "ERR.003.027.0019";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0020 = "ERR.003.027.0020";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0021 = "ERR.003.027.0021";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0022 = "ERR.003.027.0022";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0023 = "ERR.003.027.0023";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0024 = "ERR.003.027.0024";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0025 = "ERR.003.027.0025";
//$NON-NLS-1$
- public static final String TRANSFORM_ERR_0026 = "ERR.003.027.0026";
//$NON-NLS-1$
-
- /** tree (028) */
- public static final String TREE_ERR_0001 = "ERR.003.028.0001"; //$NON-NLS-1$
- public static final String TREE_ERR_0002 = "ERR.003.028.0002"; //$NON-NLS-1$
- public static final String TREE_ERR_0003 = "ERR.003.028.0003"; //$NON-NLS-1$
- public static final String TREE_ERR_0004 = "ERR.003.028.0004"; //$NON-NLS-1$
- public static final String TREE_ERR_0005 = "ERR.003.028.0005"; //$NON-NLS-1$
- public static final String TREE_ERR_0006 = "ERR.003.028.0006"; //$NON-NLS-1$
- public static final String TREE_ERR_0007 = "ERR.003.028.0007"; //$NON-NLS-1$
- public static final String TREE_ERR_0008 = "ERR.003.028.0008"; //$NON-NLS-1$
- public static final String TREE_ERR_0009 = "ERR.003.028.0009"; //$NON-NLS-1$
- public static final String TREE_ERR_0010 = "ERR.003.028.0010"; //$NON-NLS-1$
- public static final String TREE_ERR_0011 = "ERR.003.028.0011"; //$NON-NLS-1$
- public static final String TREE_ERR_0012 = "ERR.003.028.0012"; //$NON-NLS-1$
- public static final String TREE_ERR_0013 = "ERR.003.028.0013"; //$NON-NLS-1$
- public static final String TREE_ERR_0014 = "ERR.003.028.0014"; //$NON-NLS-1$
- public static final String TREE_ERR_0015 = "ERR.003.028.0015"; //$NON-NLS-1$
- public static final String TREE_ERR_0016 = "ERR.003.028.0016"; //$NON-NLS-1$
- public static final String TREE_ERR_0017 = "ERR.003.028.0017"; //$NON-NLS-1$
- public static final String TREE_ERR_0018 = "ERR.003.028.0018"; //$NON-NLS-1$
- public static final String TREE_ERR_0019 = "ERR.003.028.0019"; //$NON-NLS-1$
- public static final String TREE_ERR_0020 = "ERR.003.028.0020"; //$NON-NLS-1$
- public static final String TREE_ERR_0021 = "ERR.003.028.0021"; //$NON-NLS-1$
- public static final String TREE_ERR_0022 = "ERR.003.028.0022"; //$NON-NLS-1$
- public static final String TREE_ERR_0023 = "ERR.003.028.0023"; //$NON-NLS-1$
- public static final String TREE_ERR_0024 = "ERR.003.028.0024"; //$NON-NLS-1$
- public static final String TREE_ERR_0025 = "ERR.003.028.0025"; //$NON-NLS-1$
- public static final String TREE_ERR_0026 = "ERR.003.028.0026"; //$NON-NLS-1$
- public static final String TREE_ERR_0027 = "ERR.003.028.0027"; //$NON-NLS-1$
- public static final String TREE_ERR_0028 = "ERR.003.028.0028"; //$NON-NLS-1$
- public static final String TREE_ERR_0029 = "ERR.003.028.0029"; //$NON-NLS-1$
- public static final String TREE_ERR_0030 = "ERR.003.028.0030"; //$NON-NLS-1$
- public static final String TREE_ERR_0031 = "ERR.003.028.0031"; //$NON-NLS-1$
- public static final String TREE_ERR_0032 = "ERR.003.028.0032"; //$NON-NLS-1$
- public static final String TREE_ERR_0033 = "ERR.003.028.0033"; //$NON-NLS-1$
- public static final String TREE_ERR_0034 = "ERR.003.028.0034"; //$NON-NLS-1$
- public static final String TREE_ERR_0035 = "ERR.003.028.0035"; //$NON-NLS-1$
- public static final String TREE_ERR_0036 = "ERR.003.028.0036"; //$NON-NLS-1$
- public static final String TREE_ERR_0037 = "ERR.003.028.0037"; //$NON-NLS-1$
- public static final String TREE_ERR_0038 = "ERR.003.028.0038"; //$NON-NLS-1$
- public static final String TREE_ERR_0039 = "ERR.003.028.0039"; //$NON-NLS-1$
- public static final String TREE_ERR_0040 = "ERR.003.028.0040"; //$NON-NLS-1$
- public static final String TREE_ERR_0041 = "ERR.003.028.0041"; //$NON-NLS-1$
- public static final String TREE_ERR_0042 = "ERR.003.028.0042"; //$NON-NLS-1$
- public static final String TREE_ERR_0043 = "ERR.003.028.0043"; //$NON-NLS-1$
- public static final String TREE_ERR_0044 = "ERR.003.028.0044"; //$NON-NLS-1$
- public static final String TREE_ERR_0045 = "ERR.003.028.0045"; //$NON-NLS-1$
- public static final String TREE_ERR_0046 = "ERR.003.028.0046"; //$NON-NLS-1$
- public static final String TREE_ERR_0047 = "ERR.003.028.0047"; //$NON-NLS-1$
- public static final String TREE_ERR_0048 = "ERR.003.028.0048"; //$NON-NLS-1$
- public static final String TREE_ERR_0049 = "ERR.003.028.0049"; //$NON-NLS-1$
- public static final String TREE_ERR_0050 = "ERR.003.028.0050"; //$NON-NLS-1$
- public static final String TREE_ERR_0051 = "ERR.003.028.0051"; //$NON-NLS-1$
- public static final String TREE_ERR_0052 = "ERR.003.028.0052"; //$NON-NLS-1$
- public static final String TREE_ERR_0053 = "ERR.003.028.0053"; //$NON-NLS-1$
- public static final String TREE_ERR_0054 = "ERR.003.028.0054"; //$NON-NLS-1$
- public static final String TREE_ERR_0055 = "ERR.003.028.0055"; //$NON-NLS-1$
- public static final String TREE_ERR_0056 = "ERR.003.028.0056"; //$NON-NLS-1$
- public static final String TREE_ERR_0057 = "ERR.003.028.0057"; //$NON-NLS-1$
- public static final String TREE_ERR_0058 = "ERR.003.028.0058"; //$NON-NLS-1$
- public static final String TREE_ERR_0059 = "ERR.003.028.0059"; //$NON-NLS-1$
- public static final String TREE_ERR_0060 = "ERR.003.028.0060"; //$NON-NLS-1$
- public static final String TREE_ERR_0061 = "ERR.003.028.0061"; //$NON-NLS-1$
- public static final String TREE_ERR_0062 = "ERR.003.028.0062"; //$NON-NLS-1$
- public static final String TREE_ERR_0063 = "ERR.003.028.0063"; //$NON-NLS-1$
- public static final String TREE_ERR_0064 = "ERR.003.028.0064"; //$NON-NLS-1$
- public static final String TREE_ERR_0065 = "ERR.003.028.0065"; //$NON-NLS-1$
- public static final String TREE_ERR_0066 = "ERR.003.028.0066"; //$NON-NLS-1$
- public static final String TREE_ERR_0067 = "ERR.003.028.0067"; //$NON-NLS-1$
- public static final String TREE_ERR_0068 = "ERR.003.028.0068"; //$NON-NLS-1$
- public static final String TREE_ERR_0069 = "ERR.003.028.0069"; //$NON-NLS-1$
- public static final String TREE_ERR_0070 = "ERR.003.028.0070"; //$NON-NLS-1$
- public static final String TREE_ERR_0071 = "ERR.003.028.0071"; //$NON-NLS-1$
- public static final String TREE_ERR_0072 = "ERR.003.028.0072"; //$NON-NLS-1$
-
-
-
- /** util (030) */
- public static final String CM_UTIL_ERR_0001 = "ERR.003.030.0001";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0002 = "ERR.003.030.0002";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0003 = "ERR.003.030.0003";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0004 = "ERR.003.030.0004";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0005 = "ERR.003.030.0005";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0006 = "ERR.003.030.0006";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0007 = "ERR.003.030.0007";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0008 = "ERR.003.030.0008";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0009 = "ERR.003.030.0009";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0010 = "ERR.003.030.0010";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0011 = "ERR.003.030.0011";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0012 = "ERR.003.030.0012";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0013 = "ERR.003.030.0013";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0014 = "ERR.003.030.0014";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0015 = "ERR.003.030.0015";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0016 = "ERR.003.030.0016";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0017 = "ERR.003.030.0017";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0018 = "ERR.003.030.0018";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0019 = "ERR.003.030.0019";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0020 = "ERR.003.030.0020";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0021 = "ERR.003.030.0021";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0022 = "ERR.003.030.0022";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0023 = "ERR.003.030.0023";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0024 = "ERR.003.030.0024";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0025 = "ERR.003.030.0025";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0026 = "ERR.003.030.0026";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0027 = "ERR.003.030.0027";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0028 = "ERR.003.030.0028";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0029 = "ERR.003.030.0029";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0030 = "ERR.003.030.0030";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0031 = "ERR.003.030.0031";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0032 = "ERR.003.030.0032";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0033 = "ERR.003.030.0033";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0034 = "ERR.003.030.0034";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0035 = "ERR.003.030.0035";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0036 = "ERR.003.030.0036";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0037 = "ERR.003.030.0037";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0038 = "ERR.003.030.0038";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0039 = "ERR.003.030.0039";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0040 = "ERR.003.030.0040";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0041 = "ERR.003.030.0041";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0042 = "ERR.003.030.0042";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0043 = "ERR.003.030.0043";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0044 = "ERR.003.030.0044";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0045 = "ERR.003.030.0045";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0046 = "ERR.003.030.0046";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0047 = "ERR.003.030.0047";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0048 = "ERR.003.030.0048";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0049 = "ERR.003.030.0049";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0050 = "ERR.003.030.0050";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0051 = "ERR.003.030.0051";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0052 = "ERR.003.030.0052";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0053 = "ERR.003.030.0053";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0054 = "ERR.003.030.0054";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0055 = "ERR.003.030.0055";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0056 = "ERR.003.030.0056";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0057 = "ERR.003.030.0057";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0058 = "ERR.003.030.0058";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0059 = "ERR.003.030.0059";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0060 = "ERR.003.030.0060";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0061 = "ERR.003.030.0061";
//$NON-NLS-1$
-
- public static final String CM_UTIL_ERR_0063 = "ERR.003.030.0063";
//$NON-NLS-1$
-
- public static final String CM_UTIL_ERR_0065 = "ERR.003.030.0065";
//$NON-NLS-1$
-
-
- public static final String CM_UTIL_ERR_0069 = "ERR.003.030.0069";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0070 = "ERR.003.030.0070";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0079 = "ERR.003.030.0079";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0080 = "ERR.003.030.0080";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0082 = "ERR.003.030.0082";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0083 = "ERR.003.030.0083";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0084 = "ERR.003.030.0084";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0085 = "ERR.003.030.0085";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0086 = "ERR.003.030.0086";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0087 = "ERR.003.030.0087";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0088 = "ERR.003.030.0088";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0089 = "ERR.003.030.0089";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0090 = "ERR.003.030.0090";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0091 = "ERR.003.030.0091";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0092 = "ERR.003.030.0092";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0093 = "ERR.003.030.0093";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0094 = "ERR.003.030.0094";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0095 = "ERR.003.030.0095";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0096 = "ERR.003.030.0096";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0097 = "ERR.003.030.0097";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0098 = "ERR.003.030.0098";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0099 = "ERR.003.030.0099";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0100 = "ERR.003.030.0100";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0101 = "ERR.003.030.0101";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0102 = "ERR.003.030.0102";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0103 = "ERR.003.030.0103";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0104 = "ERR.003.030.0104";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0105 = "ERR.003.030.0105";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0106 = "ERR.003.030.0106";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0107 = "ERR.003.030.0107";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0108 = "ERR.003.030.0108";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0109 = "ERR.003.030.0109";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0110 = "ERR.003.030.0110";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0111 = "ERR.003.030.0111";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0112 = "ERR.003.030.0112";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0150 = "ERR.003.030.0150";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0151 = "ERR.003.030.0151";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0152 = "ERR.003.030.0152";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0153 = "ERR.003.030.0153";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0154 = "ERR.003.030.0154";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0155 = "ERR.003.030.0155";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0156 = "ERR.003.030.0156";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0157 = "ERR.003.030.0157";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0158 = "ERR.003.030.0158";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0159 = "ERR.003.030.0159";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0160 = "ERR.003.030.0160";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0161 = "ERR.003.030.0161";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0162 = "ERR.003.030.0162";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0163 = "ERR.003.030.0163";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0164 = "ERR.003.030.0164";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0165 = "ERR.003.030.0165";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0166 = "ERR.003.030.0166";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0167 = "ERR.003.030.0167";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0168 = "ERR.003.030.0168";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0169 = "ERR.003.030.0169";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0170 = "ERR.003.030.0170";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0171 = "ERR.003.030.0171";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0172 = "ERR.003.030.0172";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0173 = "ERR.003.030.0173";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0174 = "ERR.003.030.0174";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0175 = "ERR.003.030.0175";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0176 = "ERR.003.030.0176";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0177 = "ERR.003.030.0177";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0178 = "ERR.003.030.0178";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0179 = "ERR.003.030.0179";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0180 = "ERR.003.030.0180";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0181 = "ERR.003.030.0181";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0182 = "ERR.003.030.0182";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0183 = "ERR.003.030.0183";
//$NON-NLS-1$
- public static final String CM_UTIL_ERR_0184 = "ERR.003.030.0184";
//$NON-NLS-1$
-
- /** xml (032) */
- public static final String XML_ERR_0001 = "ERR.003.032.0001"; //$NON-NLS-1$
- public static final String XML_ERR_0002 = "ERR.003.032.0002"; //$NON-NLS-1$
- public static final String XML_ERR_0003 = "ERR.003.032.0003"; //$NON-NLS-1$
- public static final String XML_ERR_0004 = "ERR.003.032.0004"; //$NON-NLS-1$
- public static final String XML_ERR_0005 = "ERR.003.032.0005"; //$NON-NLS-1$
- public static final String XML_ERR_0006 = "ERR.003.032.0006"; //$NON-NLS-1$
- public static final String XML_ERR_0007 = "ERR.003.032.0007"; //$NON-NLS-1$
- public static final String XML_ERR_0008 = "ERR.003.032.0008"; //$NON-NLS-1$
- public static final String XML_ERR_0009 = "ERR.003.032.0009"; //$NON-NLS-1$
- public static final String XML_ERR_0010 = "ERR.003.032.0010"; //$NON-NLS-1$
- public static final String XML_ERR_0011 = "ERR.003.032.0011"; //$NON-NLS-1$
- public static final String XML_ERR_0012 = "ERR.003.032.0012"; //$NON-NLS-1$
- public static final String XML_ERR_0013 = "ERR.003.032.0013"; //$NON-NLS-1$
- public static final String XML_ERR_0014 = "ERR.003.032.0014"; //$NON-NLS-1$
- public static final String XML_ERR_0015 = "ERR.003.032.0015"; //$NON-NLS-1$
- public static final String XML_ERR_0016 = "ERR.003.032.0016"; //$NON-NLS-1$
-
- /** pooling (033) */
-
- /** extension package (004) */
- public static final String EXTENSION_0001 = "ERR.014.004.0001";
//$NON-NLS-1$
- public static final String EXTENSION_0002 = "ERR.014.004.0002";
//$NON-NLS-1$
- public static final String EXTENSION_0003 = "ERR.014.004.0003";
//$NON-NLS-1$
- public static final String EXTENSION_0004 = "ERR.014.004.0004";
//$NON-NLS-1$
- public static final String EXTENSION_0005 = "ERR.014.004.0005";
//$NON-NLS-1$
- public static final String EXTENSION_0006 = "ERR.014.004.0006";
//$NON-NLS-1$
- public static final String EXTENSION_0007 = "ERR.014.004.0007";
//$NON-NLS-1$
- public static final String EXTENSION_0008 = "ERR.014.004.0008";
//$NON-NLS-1$
- public static final String EXTENSION_0009 = "ERR.014.004.0009";
//$NON-NLS-1$
- public static final String EXTENSION_0010 = "ERR.014.004.0010";
//$NON-NLS-1$
- public static final String EXTENSION_0011 = "ERR.014.004.0011";
//$NON-NLS-1$
- public static final String EXTENSION_0012 = "ERR.014.004.0012";
//$NON-NLS-1$
- public static final String EXTENSION_0013 = "ERR.014.004.0013";
//$NON-NLS-1$
- public static final String EXTENSION_0014 = "ERR.014.004.0014";
//$NON-NLS-1$
- public static final String EXTENSION_0015 = "ERR.014.004.0015";
//$NON-NLS-1$
- public static final String EXTENSION_0016 = "ERR.014.004.0016";
//$NON-NLS-1$
- public static final String EXTENSION_0017 = "ERR.014.004.0017";
//$NON-NLS-1$
- public static final String EXTENSION_0018 = "ERR.014.004.0018";
//$NON-NLS-1$
- public static final String EXTENSION_0019 = "ERR.014.004.0019";
//$NON-NLS-1$
- public static final String EXTENSION_0020 = "ERR.014.004.0020";
//$NON-NLS-1$
- public static final String EXTENSION_0021 = "ERR.014.004.0021";
//$NON-NLS-1$
- public static final String EXTENSION_0022 = "ERR.014.004.0022";
//$NON-NLS-1$
- public static final String EXTENSION_0023 = "ERR.014.004.0023";
//$NON-NLS-1$
- public static final String EXTENSION_0024 = "ERR.014.004.0024";
//$NON-NLS-1$
- public static final String EXTENSION_0025 = "ERR.014.004.0025";
//$NON-NLS-1$
- public static final String EXTENSION_0026 = "ERR.014.004.0026";
//$NON-NLS-1$
- public static final String EXTENSION_0027 = "ERR.014.004.0027";
//$NON-NLS-1$
- public static final String EXTENSION_0028 = "ERR.014.004.0028";
//$NON-NLS-1$
- public static final String EXTENSION_0029 = "ERR.014.004.0029";
//$NON-NLS-1$
- public static final String EXTENSION_0030 = "ERR.014.004.0030";
//$NON-NLS-1$
- public static final String EXTENSION_0031 = "ERR.014.004.0031";
//$NON-NLS-1$
- public static final String EXTENSION_0032 = "ERR.014.004.0032";
//$NON-NLS-1$
- public static final String EXTENSION_0033 = "ERR.014.004.0033";
//$NON-NLS-1$
- public static final String EXTENSION_0034 = "ERR.014.004.0034";
//$NON-NLS-1$
- public static final String EXTENSION_0035 = "ERR.014.004.0035";
//$NON-NLS-1$
- public static final String EXTENSION_0036 = "ERR.014.004.0036";
//$NON-NLS-1$
- public static final String EXTENSION_0037 = "ERR.014.004.0037";
//$NON-NLS-1$
- public static final String EXTENSION_0038 = "ERR.014.004.0038";
//$NON-NLS-1$
- public static final String EXTENSION_0039 = "ERR.014.004.0039";
//$NON-NLS-1$
- public static final String EXTENSION_0040 = "ERR.014.004.0040";
//$NON-NLS-1$
- public static final String EXTENSION_0041 = "ERR.014.004.0041";
//$NON-NLS-1$
- public static final String EXTENSION_0042 = "ERR.014.004.0042";
//$NON-NLS-1$
- public static final String EXTENSION_0043 = "ERR.014.004.0043";
//$NON-NLS-1$
- public static final String EXTENSION_0044 = "ERR.014.004.0044";
//$NON-NLS-1$
- public static final String EXTENSION_0045 = "ERR.014.004.0045";
//$NON-NLS-1$
- public static final String EXTENSION_0046 = "ERR.014.004.0046";
//$NON-NLS-1$
- public static final String EXTENSION_0047 = "ERR.014.004.0047";
//$NON-NLS-1$
- public static final String EXTENSION_0048 = "ERR.014.004.0048";
//$NON-NLS-1$
- public static final String EXTENSION_0049 = "ERR.014.004.0049";
//$NON-NLS-1$
- public static final String EXTENSION_0050 = "ERR.014.004.0050";
//$NON-NLS-1$
- public static final String EXTENSION_0051 = "ERR.014.004.0051";
//$NON-NLS-1$
- public static final String EXTENSION_0052 = "ERR.014.004.0052";
//$NON-NLS-1$
- public static final String EXTENSION_0053 = "ERR.014.004.0053";
//$NON-NLS-1$
- public static final String EXTENSION_0054 = "ERR.014.004.0054";
//$NON-NLS-1$
- public static final String EXTENSION_0055 = "ERR.014.004.0055";
//$NON-NLS-1$
- public static final String EXTENSION_0056 = "ERR.014.004.0056";
//$NON-NLS-1$
- public static final String EXTENSION_0057 = "ERR.014.004.0057";
//$NON-NLS-1$
- public static final String EXTENSION_0058 = "ERR.014.004.0058";
//$NON-NLS-1$
- public static final String EXTENSION_0059 = "ERR.014.004.0059";
//$NON-NLS-1$
- public static final String EXTENSION_0060 = "ERR.014.004.0060";
//$NON-NLS-1$
- public static final String EXTENSION_0061 = "ERR.014.004.0061";
//$NON-NLS-1$
- public static final String EXTENSION_0062 = "ERR.014.004.0062";
//$NON-NLS-1$
- public static final String EXTENSION_0063 = "ERR.014.004.0063";
//$NON-NLS-1$
- public static final String EXTENSION_0064 = "ERR.014.004.0064";
//$NON-NLS-1$
- public static final String EXTENSION_0065 = "ERR.014.004.0065";
//$NON-NLS-1$
- public static final String EXTENSION_0066 = "ERR.014.004.0066";
//$NON-NLS-1$
- public static final String EXTENSION_0067 = "ERR.014.004.0067";
//$NON-NLS-1$
- public static final String EXTENSION_0068 = "ERR.014.004.0068";
//$NON-NLS-1$
- public static final String EXTENSION_0069 = "ERR.014.004.0069";
//$NON-NLS-1$
- public static final String EXTENSION_0070 = "ERR.014.004.0070";
//$NON-NLS-1$
- public static final String EXTENSION_0071 = "ERR.014.004.0071";
//$NON-NLS-1$
- public static final String EXTENSION_0072 = "ERR.014.004.0072";
//$NON-NLS-1$
- public static final String EXTENSION_0073 = "ERR.014.004.0073";
//$NON-NLS-1$
-
-
-
-
-}
-
Modified: trunk/engine/src/main/java/com/metamatrix/common/util/Permutation.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/common/util/Permutation.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/com/metamatrix/common/util/Permutation.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -25,17 +25,14 @@
import java.util.Iterator;
import java.util.NoSuchElementException;
-import com.metamatrix.common.CommonPlugin;
+import com.metamatrix.core.util.ArgCheck;
public class Permutation {
private Object[] items;
public Permutation(Object[] items) {
- if(items == null) {
- throw new
IllegalArgumentException(CommonPlugin.Util.getString(ErrorMessageKeys.CM_UTIL_ERR_0027));
- }
-
+ ArgCheck.isNotNull(items);
this.items = items;
}
@@ -43,7 +40,7 @@
* Create list of arrays of items, in all possible permutations (that's n!
permutations).
* @return Iterator where each thing returned by the iterator is a permutation Object[]
*/
- public Iterator generate() {
+ public Iterator<Object[]> generate() {
return new PermutationIterator(this.items, this.items.length);
}
@@ -52,17 +49,17 @@
* @return Iterator where each thing returned by the iterator is a permutation Object[]
of
* length size
*/
- public Iterator generate(int size) {
+ public Iterator<Object[]> generate(int size) {
if(size > items.length) {
- throw new
IllegalArgumentException(CommonPlugin.Util.getString(ErrorMessageKeys.CM_UTIL_ERR_0028));
+ throw new IllegalArgumentException("Size is larger than length");
//$NON-NLS-1$
} else if(size < 0) {
- throw new
IllegalArgumentException(CommonPlugin.Util.getString(ErrorMessageKeys.CM_UTIL_ERR_0029));
+ throw new IllegalArgumentException("Size is negative"); //$NON-NLS-1$
}
return new PermutationIterator(this.items, size);
}
- private static class PermutationIterator implements Iterator {
+ private static class PermutationIterator implements Iterator<Object[]> {
// Given state
private Object[] items;
private int k;
@@ -97,9 +94,9 @@
return more;
}
- public Object next() {
+ public Object[] next() {
if(! more) {
- throw new
NoSuchElementException(CommonPlugin.Util.getString(ErrorMessageKeys.CM_UTIL_ERR_0030));
+ throw new NoSuchElementException();
}
if(j[0] < 0) {
@@ -166,7 +163,7 @@
}
public void remove() {
- throw new
UnsupportedOperationException(CommonPlugin.Util.getString(ErrorMessageKeys.CM_UTIL_ERR_0031));
+ throw new UnsupportedOperationException();
}
}
Modified: trunk/engine/src/main/java/com/metamatrix/dqp/service/AuthorizationService.java
===================================================================
---
trunk/engine/src/main/java/com/metamatrix/dqp/service/AuthorizationService.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/engine/src/main/java/com/metamatrix/dqp/service/AuthorizationService.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -24,11 +24,12 @@
import java.util.Collection;
+import org.teiid.security.roles.AuthorizationPolicy;
+import org.teiid.security.roles.AuthorizationRealm;
+
import com.metamatrix.api.exception.MetaMatrixComponentException;
import com.metamatrix.api.exception.security.AuthorizationException;
import com.metamatrix.api.exception.security.AuthorizationMgmtException;
-import com.metamatrix.platform.security.api.AuthorizationPolicy;
-import com.metamatrix.platform.security.api.AuthorizationRealm;
import com.metamatrix.query.eval.SecurityFunctionEvaluator;
/**
Copied: trunk/engine/src/main/java/com/metamatrix/dqp/service/SessionService.java (from
rev 1941,
trunk/engine/src/main/java/com/metamatrix/platform/security/api/service/SessionService.java)
===================================================================
--- trunk/engine/src/main/java/com/metamatrix/dqp/service/SessionService.java
(rev 0)
+++ trunk/engine/src/main/java/com/metamatrix/dqp/service/SessionService.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,148 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.dqp.service;
+
+import java.util.Collection;
+import java.util.Properties;
+
+import javax.security.auth.login.LoginException;
+
+import org.teiid.adminapi.impl.SessionMetadata;
+import org.teiid.dqp.internal.process.DQPCore;
+import org.teiid.security.Credentials;
+
+import com.metamatrix.admin.api.exception.security.InvalidSessionException;
+import com.metamatrix.api.exception.security.AuthorizationException;
+import com.metamatrix.api.exception.security.SessionServiceException;
+
+/**
+ * <p>
+ * The session service deals with managing sessions; this involves creating
+ * sessions, closing sessions, terminating sessions, and updating session
+ * state.
+ * </p>
+ * <p>
+ * A session has a timestamp, information about the principal owning the
+ * session, and a "state" indicating whether it is actively in use, in use
+ * but passivated, or has been rendered invalid by being closed or terminated,
+ * or by expiring.
+ * </p>
+ * <p>
+ * Note that this service does <i>not</i> deal with authentication
explicitly,
+ * but may use a membership service provider to authenticate some
+ * requests.
+ * </p>
+ */
+public interface SessionService {
+ public static String NAME = "SessionService"; //$NON-NLS-1$
+
+ public static final long DEFAULT_MAX_SESSIONS = 5000;
+ public static final long DEFAULT_SESSION_EXPIRATION = 0;
+
+ public static final String MAX_SESSIONS = "session.maxSessions";
//$NON-NLS-1$
+ public static final String SESSION_EXPIRATION =
"session.expirationTimeInMilli"; //$NON-NLS-1$
+
+ /**
+ * Create a session for the given user authenticating against the given
<code>Credentials</code>.
+ */
+ public SessionMetadata createSession(String userName,
+ Credentials credentials,
+ String applicationName,
+ Properties properties, boolean admin)
+ throws LoginException, SessionServiceException;
+
+ /**
+ * Closes the specified session.
+ *
+ * @param sessionID The MetaMatrixSessionID identifying user's session
+ * to be closed
+ * @throws InvalidSessionException If sessionID identifies an invalid
+ * session
+ * @throws SessionServiceException
+ */
+ void closeSession(long sessionID) throws InvalidSessionException;
+
+ /**
+ * Terminates the specified session. This is an administrative action.
+ *
+ * @param terminatedSessionID The MetaMatrixSessionID identifying user's session
+ * to be terminated
+ * @param adminSessionID The session id identifying session of administrator
+ * @throws InvalidSessionException If terminatedSessionID identifies an invalid
+ * session
+ * @throws AuthorizationException if the caller denoted by
<code>adminSessionID</code>
+ * does not have authority to terminate the
<code>terminatedSessionID</code> session
+ * @throws SessionServiceException
+ */
+ boolean terminateSession(long terminatedSessionID, long adminSessionID);
+
+ /**
+ * Get the collection of active user sessions on the system.
+ * @return The collection of MetaMatrixSessionInfo objects of active users on
+ * the system - possibly empty, never null.
+ */
+ Collection<SessionMetadata> getActiveSessions() throws
SessionServiceException;
+
+ /**
+ * Get the number of active user sessions on the system.
+ * @return int
+ */
+ int getActiveSessionsCount() throws SessionServiceException;
+
+ /**
+ * This method is intended to verify that the session is valid, and, if
+ * need be, set the session in an active state, ready to be used.
+ * @param sessionID MetaMatrixSessionID representing the session
+ * @return SessionToken object identifying the session
+ * @throws InvalidSessionException If sessionID identifies an invalid
+ * session
+ * @throws SessionServiceException
+ */
+ SessionMetadata validateSession(long sessionID)
+ throws InvalidSessionException, SessionServiceException;
+
+ /**
+ * Get all <code>MetaMatrixSessionID</code>s that are in the ACTIVE
state
+ * and currently logged in to a VDB.
+ * @param VDBName The name of the VDB.
+ * @param VDBVersion The version of the VDB.
+ * @throws SessionServiceException when transaction with database fails or unexpected
exception happens
+ */
+ Collection<SessionMetadata> getSessionsLoggedInToVDB(String VDBName, int
VDBVersion)
+ throws SessionServiceException;
+
+ /**
+ * Periodically called by the client to indicate the client is still alive.
+ *
+ * @param sessionID - identifies the client
+ */
+ public void pingServer(long sessionID) throws InvalidSessionException;
+
+
+ public void setLocalSession(long sessionID);
+
+ SessionMetadata getActiveSession(long sessionID);
+
+ void setDqp(DQPCore dqp);
+
+}
Property changes on:
trunk/engine/src/main/java/com/metamatrix/dqp/service/SessionService.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Copied: trunk/engine/src/main/java/com/metamatrix/internal/core/xml (from rev 1941,
trunk/common-internal/src/main/java/com/metamatrix/internal/core/xml)
Deleted:
trunk/engine/src/main/java/com/metamatrix/platform/security/api/UserEntitlementInfo.java
===================================================================
---
trunk/engine/src/main/java/com/metamatrix/platform/security/api/UserEntitlementInfo.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/engine/src/main/java/com/metamatrix/platform/security/api/UserEntitlementInfo.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,248 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-/**
- * Information about a particular entitled <i>Resource</i> (Group or table,
Element or column),
- * this class specifies a collection of <i>Principals</i> (users or user
groups) - <i>Grantee</i>s
- * that have been granted certain <i>Allowed Actions</i> (one or more of
{CREATE, READ, UPDATE, DELETE})
- * on the given <i>Resource</i> by one or more <i>Grantor</i>s
(granting authority).
- *
- * <p>There may be multiple <i>Grantee</i>s that have multiple
<i>Allowed Actions</i> they are entitled
- * to perform on this Group or Element by multiple <i>Grantor</i>s. This
means we have an independantly
- * varying triplet. We take a user-centered approach so this object contains a
<code>Set</code> of
- * {@link GranteeEntitlementEntry}s</p>
- */
-public class UserEntitlementInfo implements Serializable {
-
- // Invariants
- private String VDBName;
- private String VDBVersion;
- private String groupName;
- private String eleName;
-
- // There may be multiple Grantees that have multiple Allowed Actions
- // entitled to this Group or Element by multiple Grantors.
- // We have an independantly varying triplet.
- // Map this triplet by uppercase name of grantee
- private Map granteeMap;
-
- /**
- * ctor
- */
- public UserEntitlementInfo(AuthorizationRealm realm, String groupName, String
eleName) {
- this.VDBName = realm.getSuperRealmName();
- this.VDBVersion = realm.getSubRealmName();
- this.groupName = groupName;
- this.eleName = eleName;
- }
-
- /**
- * Does this represent a group or an element entitlement?
- * @return <code>true</code> if this object pertains to a group
entitlement,
- * <code>false</code> if it's an element entitlement.
- */
- public boolean isGroupEntitlement() {
- return eleName == null;
- }
-
- /**
- * Get the name of the VDB this entitlement falls under.
- * @return The VDB name.
- */
- public String getVDBName() {
- return this.VDBName;
- }
-
- /**
- * Get the version of the VDB this entitlement falls under.
- * @return The VDB version.
- */
- public String getVDBVersion() {
- return this.VDBVersion;
- }
-
- /**
- * Get the group (table) of this entitlement.
- * @return The group name this entitlement pertains to.
- */
- public String getGroupName() {
- return this.groupName;
- }
-
- /**
- * Get the element (column) of this entitlement.
- * <p><i><b>Note</b></i>: Will be
<code>null</code> if this is a group entitlement.
- * @return The element name this entitlement pertains to.
- */
- public String getElementName() {
- return this.eleName;
- }
-
- /**
- * Get the number of <i>Grantee</i>s in this entitlement.
- * @return The number of <i>Grantee</i>s this entitlement pertains to.
- */
- public int size() {
- return this.granteeMap.size();
- }
-
- /**
- * Is the given <i>grantee</i> entitled to perform
<i><b>any</b></i>
- * action on the <i>Resource</i> represented by this object?
- * @param grantee The user (or user group) name of inquery.
- * @return <code>true</code> if the <i>grantee</i> can
perform one or
- * more actions on this <i>Resource</i>, <code>false</code>
if he can
- * perform none.
- */
- public boolean contains(String grantee) {
- if ( this.granteeMap != null && this.granteeMap.containsKey(
grantee.toUpperCase()) ) {
- return true;
- }
- return false;
- }
-
- /**
- * Get the collection of <i>Grantee</i> names possessing this
entitlement.
- *
- * <p>Elements of the collection are of type {@link GranteeEntitlementEntry}
- * and are sorted.</p>
- * @return The collection of <i>Grantee</i> names.
- */
- public Collection getGrantees() {
- List granteeList = new ArrayList();
- if ( this.granteeMap != null && this.granteeMap.size() > 0 ) {
- Iterator granteeItr = this.granteeMap.keySet().iterator();
- while ( granteeItr.hasNext() ) {
- Set granteeEntries = (Set) granteeMap.get(granteeItr.next());
- granteeList.addAll(granteeEntries);
- }
- Collections.sort(granteeList);
- }
- return granteeList;
- }
-
- /**
- * Get an iterator over the <i>Grantee</i>s possessing this entitlement.
- * <br>Note that when iterating over elements, sort order is not
guaranteed.</br>
- *
- * <p>Elements of the iterator are of type {@link
GranteeEntitlementEntry}.</p>
- * @return The Iterator of <i>Grantee</i>s.
- */
- public Iterator iterator() {
- if ( this.granteeMap == null || this.granteeMap.size() == 0 ) {
- return Collections.EMPTY_SET.iterator();
- }
- return this.getGrantees().iterator();
- }
-
- /**
- * Add a <i>Grantee</i> -> <i>Grantor</i> ->
<i>Allowed Actions</i> triplet.
- * @param grantee A <i>Grantee</i>.
- * @param grantor A <i>Grantor</i>.
- * @param allowedActions The <i>Allowed Actions</i> on the resource
granted
- * by the <i>Grantor</i> to the <i>Grantee</i>.
- */
- public void addTriplet(MetaMatrixPrincipalName grantee, String grantor, int
allowedActions) {
- GranteeEntitlementEntry anEntry = new GranteeEntitlementEntry(grantee, grantor,
allowedActions);
- this.addTriplet(anEntry);
- }
-
- /**
- * Add a {@link GranteeEntitlementEntry} object.
- * @param newEntry A new entry.
- */
- public void addTriplet(GranteeEntitlementEntry newEntry) {
- if ( this.granteeMap == null ) {
- this.granteeMap = new HashMap();
- }
-
- String granteeName = newEntry.getGrantee().toUpperCase();
-
- Set granteeEntries = (Set) this.granteeMap.get(granteeName);
- if ( granteeEntries == null ) {
- // This grantee (principal) has not had a an entry
- // (grantor, actions) added for this resource yet
- granteeEntries = new HashSet();
- } else {
- // This grantee (principal) has at least one entry
- // (grantor, actions) added for this resource already
- Iterator granteeEntryItr = granteeEntries.iterator();
- while ( granteeEntryItr.hasNext() ) {
- GranteeEntitlementEntry aCurrentEntry = (GranteeEntitlementEntry)
granteeEntryItr.next();
- // Resource and grantee must be the same (or we wouldn't be here) so
- // only need to check that grantor is the same before adding (unioning)
- // the actions
- if ( newEntry.getGrantor().equalsIgnoreCase(aCurrentEntry.getGrantor()) )
{
- // We need to ultimately return the union of all
- // allowed actions (CRUD) granted to this grantee,
- // by this grantor, on this resource
- granteeEntries.remove(aCurrentEntry);
- newEntry.addActions(aCurrentEntry.getActions());
- break;
- }
- }
- }
- granteeEntries.add(newEntry);
- this.granteeMap.put(granteeName, granteeEntries);
- }
-
- /**
- * Pretty print this Object to a String.
- * <ol>
- * <li value=1>VDB Name, VDB Version</li>
- * <li>Group Name (fully qualified)</li>
- * <li>Element Name (fully qualified)</li>
- * <ul>
- * <li>Grantee Name; Grantor Name; Allowed Actions (A
<code>String[]</code> of one or more of {CREATE, READ, UPDATE,
DELETE})</li>
- * <li> ... </li>
- * </ul>
- * </ol>
- */
- public String toString() {
- StringBuffer buf = new StringBuffer();
- buf.append(this.VDBName + ", "); //$NON-NLS-1$
- buf.append(this.VDBVersion + "\n"); //$NON-NLS-1$
- buf.append(this.groupName + "\n"); //$NON-NLS-1$
- if ( this.eleName != null ) {
- buf.append(" " + this.eleName + "\n"); //$NON-NLS-1$
//$NON-NLS-2$
- }
- Iterator granteeItr = this.getGrantees().iterator();
- while ( granteeItr.hasNext() ) {
- GranteeEntitlementEntry entry = (GranteeEntitlementEntry) granteeItr.next();
- buf.append(" " + entry.toString() + "\n"); //$NON-NLS-1$
//$NON-NLS-2$
- }
- return buf.toString();
- }
-}
Modified:
trunk/engine/src/main/java/com/metamatrix/query/processor/dynamic/TupleInputSource.java
===================================================================
---
trunk/engine/src/main/java/com/metamatrix/query/processor/dynamic/TupleInputSource.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/engine/src/main/java/com/metamatrix/query/processor/dynamic/TupleInputSource.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -33,7 +33,6 @@
import com.metamatrix.api.exception.MetaMatrixProcessingException;
import com.metamatrix.common.buffer.TupleSource;
import com.metamatrix.common.types.DataTypeManager;
-import com.metamatrix.common.xml.XmlUtil;
/**
@@ -82,7 +81,7 @@
if (obj != null
&& types[i] !=
DataTypeManager.getDataTypeClass(DataTypeManager.DefaultDataTypes.CLOB)
&& types[i] !=
DataTypeManager.getDataTypeClass(DataTypeManager.DefaultDataTypes.BLOB)) {
- value = XmlUtil.escapeCharacterData(obj.toString());
+ value = obj.toString();
}
saxHandler.characters (value.toCharArray(), 0, value.length());
saxHandler.endElement(nsURI, element, element);
Copied: trunk/engine/src/main/java/com/metamatrix/vdb/runtime (from rev 1941,
trunk/common-internal/src/main/java/com/metamatrix/vdb/runtime)
Modified:
trunk/engine/src/main/java/org/teiid/dqp/internal/datamgr/impl/ConnectorManager.java
===================================================================
---
trunk/engine/src/main/java/org/teiid/dqp/internal/datamgr/impl/ConnectorManager.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/engine/src/main/java/org/teiid/dqp/internal/datamgr/impl/ConnectorManager.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -41,7 +41,6 @@
import org.jboss.managed.api.annotation.ManagementProperties;
import org.jboss.managed.api.annotation.ManagementProperty;
import org.jboss.managed.api.annotation.ViewUse;
-import org.teiid.SecurityHelper;
import org.teiid.adminapi.impl.WorkerPoolStatisticsMetadata;
import org.teiid.connector.api.Connection;
import org.teiid.connector.api.Connector;
@@ -55,6 +54,7 @@
import org.teiid.connector.metadata.runtime.MetadataStore;
import org.teiid.dqp.internal.cache.DQPContextCache;
import org.teiid.dqp.internal.datamgr.CapabilitiesConverter;
+import org.teiid.security.SecurityHelper;
import com.metamatrix.common.comm.api.ResultsReceiver;
import com.metamatrix.common.log.LogManager;
Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java 2010-03-09
05:42:40 UTC (rev 1942)
+++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -40,7 +40,6 @@
import javax.resource.spi.work.WorkManager;
import javax.transaction.xa.Xid;
-import org.teiid.SecurityHelper;
import org.teiid.adminapi.Admin;
import org.teiid.adminapi.AdminException;
import org.teiid.adminapi.impl.RequestMetadata;
@@ -48,6 +47,7 @@
import org.teiid.adminapi.impl.WorkerPoolStatisticsMetadata;
import org.teiid.dqp.internal.cache.DQPContextCache;
import org.teiid.dqp.internal.datamgr.impl.ConnectorManagerRepository;
+import org.teiid.security.SecurityHelper;
import com.metamatrix.api.exception.MetaMatrixComponentException;
import com.metamatrix.api.exception.MetaMatrixProcessingException;
@@ -75,10 +75,10 @@
import com.metamatrix.dqp.service.AuthorizationService;
import com.metamatrix.dqp.service.BufferService;
import com.metamatrix.dqp.service.CommandLogMessage;
+import com.metamatrix.dqp.service.SessionService;
import com.metamatrix.dqp.service.TransactionContext;
import com.metamatrix.dqp.service.TransactionService;
import com.metamatrix.dqp.util.LogConstants;
-import com.metamatrix.platform.security.api.service.SessionService;
import com.metamatrix.query.metadata.QueryMetadataInterface;
import com.metamatrix.query.processor.ProcessorDataManager;
import com.metamatrix.query.tempdata.TempTableStoreImpl;
Copied: trunk/engine/src/main/java/org/teiid/security (from rev 1941,
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api)
Deleted: trunk/engine/src/main/java/org/teiid/security/AuthorizationActions.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationActions.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/AuthorizationActions.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,93 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.util.Collection;
-
-/**
- * The EntitlementAction interface encapsulates the methods that are required to identify
the
- * set of actions associated with an entitlement. This interface may be implemented by
classes
- * (such as BasicEntitlementAction) that contain a closed set of entitlement actions
instances.
- * Thus, specialized implementations of EntitlementAction can be provided, extending
- * the capabilities of the Authorization framework.
- * @see BasicEntitlementAction
- */
-public interface AuthorizationActions extends Comparable {
-
- /**
- * Checks if the specified entitlement's actions are "implied by" this
object's actions.
- * <p>
- * Essentially, the specified entitlement action is implied by this entitlement
action
- * if all of the actions of <code>entitlement</code> are also actions of
this object's set.
- * @param entitlement the entitlement to check against.
- * @returns true if the specified entitlement is implied by this object, false if
not
- */
- public boolean implies(AuthorizationActions entitlement);
-
- /**
- * Return the value of this action.
- * @return the value of this action.
- */
- public int getValue();
-
- /**
- * Return the label of this action.
- * @return the label of this action.
- */
- public String getLabel();
-
- /**
- * Return the number of actions.
- * @return the number of actions.
- */
- public int getLabelCount();
-
- /**
- * Return the set of labels of this action.
- * @return the set of labels of this action.
- */
- public String[] getLabels();
-
- /**
- * Return whether this instance contains the specified label
- * @return true if this instance contains the specified label, or false otherwise
- */
- public boolean containsLabel(String label);
-
- /**
- * Return whether this instance contains all of the specified labels
- * @return true if this instance contains all of the specified labels, or false
otherwise
- */
- public boolean containsLabels(String[] labels);
-
- /**
- * Return whether this instance contains all of the specified labels
- * @return true if this instance contains all of the specified labels, or false
otherwise
- */
- public boolean containsLabels(Collection labels);
-
-}
-
-
-
-
Deleted: trunk/engine/src/main/java/org/teiid/security/AuthorizationPermission.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPermission.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/AuthorizationPermission.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,362 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.io.Serializable;
-
-/**
- * An authorization permission defines access permissions for a particular resource. A
rule determines what
- * action or actions can be performed on a resource, and is comprised of the resource,
- * the actions allowed, and an optional content modifier (which defines an additional
criteria
- * that is to be placed upon the usage of the resource).
- */
-public abstract class AuthorizationPermission implements Comparable, Serializable {
-
- /**
- * The default action for rules is NONE.
- */
- public static final AuthorizationActions DEFAULT_ACTIONS =
StandardAuthorizationActions.NONE;
-
- /**
- * The resource of this permission; generally the name of the resource to which this
rule applies.
- * This is a required attributed.
- */
- protected AuthorizationResource resource;
-
- /**
- * The realm in which this permission belongs.
- */
- private AuthorizationRealm realm;
-
- /**
- * The name of the factory that can create this permission.
- */
- private String factoryClassName;
-
- /**
- * The optional content modifier that should be used as an additional criteria for
queries to this resource.
- */
- private String contentModifier;
-
- /**
- * The cached value of the hash code for this object.
- */
- protected int hashCode;
- protected int PRIME = 1000003;
-
- private AuthorizationActions actions;
-
- /**
- * Create a new authorization rule for the specified resource.
- * @param resource the resource to which this permission applies.
- * @param realm the name of the realm for this rule (may not be null, but may be
empty)
- * @param actions the actions to apply to the resource
- * @param contentModifier the content modifier (may be null)
- * @param factoryClassName The factory class name that can instantiate this
permission (may not be null)
- */
- protected AuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realm, AuthorizationActions actions, String contentModifier, String factoryClassName) {
- if ( factoryClassName == null || factoryClassName.trim().length() == 0 ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0013));
- }
- if ( resource == null ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0014));
- }
- this.resource = resource;
- this.realm = realm;
- this.contentModifier = contentModifier;
- this.actions = ( actions != null ? actions : DEFAULT_ACTIONS );
- this.factoryClassName = factoryClassName;
- this.hashCode = this.computeHashCode();
- }
-
- /**
- * Create a new authorization rule for the specified resource.
- * @param resource The new resource
- * @param realm the name of the realm for this rule (may not be null, but may be
empty)
- * @param factoryClassName The factory class name that can instantiate this
permission (may not be null)
- */
- protected AuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realm, String factoryClassName) {
- this(resource, realm, DEFAULT_ACTIONS, null, factoryClassName);
- }
-
- /**
- * Create a new authorization rule for the specified resource.
- * @param resource The new resource
- * @param realm the name of the realm for this rule (may not be null, but may be
empty)
- * @param actions the actions for the resource
- * @param factoryClassName The factory class name that can instantiate this
permission (may not be null)
- */
- protected AuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realm, AuthorizationActions actions, String factoryClassName) {
- this(resource, realm, actions, null, factoryClassName);
- }
-
- /**
- * Make a deep copy of this object.
- * @return The newly copied object.
- */
- protected abstract Object clone() throws CloneNotSupportedException;
-
- /**
- * Obtain the name of the factory class for this rule.
- * @return the factory class name
- */
- public String getFactoryClassName() {
- return factoryClassName;
- }
-
- /**
- * Determin if this permission applies to all subnode resources.
- * @return <code>true</code> if this permission's resource is a node
in
- * a subtree and the allowed Action applies to all subnodes,
<code>false</code>
- * otherwise.
- */
- public boolean resourceIsRecursive() {
- return resource.isRecursive();
- }
-
- /**
- * Obtain the name of the resource for this rule.
- * @return the resource name
- */
- public String getResourceName() {
- return resource.getID();
- }
-
- /**
- * Obtain the resource object for this rule.
- * @return the resource
- */
- public AuthorizationResource getResource() {
- return resource;
- }
-
- /**
- * Determine whether this rule has a content modifier that should be used upon access
to the resource.
- * @return true if this rule has a content modifier
- */
- public boolean hasContentModifier() {
- return this.contentModifier != null;
- }
-
- /**
- * Get the content modifier for this rule. The content modifier should be used upon
access to the resource.
- * @return the content modifier
- */
- public String getContentModifier() {
- return contentModifier;
- }
-
- /**
- * Get the name of the realm in which this permission belongs.
- * @return The realm name for this permission
- */
- public String getRealmName() {
- return realm.getRealmName();
- }
-
- /**
- * Get the <code>AuthorizationRealm</code> in which this permission
belongs.
- * @return The realm for this permission
- */
- public AuthorizationRealm getRealm() {
- return realm;
- }
-
- /**
- * Set the realm in which this permission belongs.
- * @param realm The realm in which this permission should belong.
- */
- void setRealm(AuthorizationRealm realm) {
- this.realm = realm;
- }
-
- /**
- * Get the operations that the user may perform on the resource, as defined by this
rule.
- * @return this rule's actions
- */
- public AuthorizationActions getActions() {
- return actions;
- }
-
- /**
- * Checks if the specified resource is ipmlied by this resource instance.
- * @param resource the AuthorizationPermission instance to be checked
- * @return true if the specified resource is implied by this object, false if not
- * @throws IllegalArgumentException if the specified resource is null or incomplete.
- */
- public abstract boolean implies(AuthorizationPermission resource);
-
- /**
- * Returns a string representing the current state of the object.
- */
- public String toString() {
- StringBuffer sb = new StringBuffer();
- sb.append("[Realm=<"); //$NON-NLS-1$
- sb.append(this.realm);
- sb.append("> Resource=<"); //$NON-NLS-1$
- sb.append(this.resource.getID());
- sb.append("> Actions=<"); //$NON-NLS-1$
- sb.append(this.actions);
- sb.append("> Factory=<"); //$NON-NLS-1$
- sb.append(this.factoryClassName);
- sb.append(">]"); //$NON-NLS-1$
- return sb.toString();
- }
-
- /**
- * Overrides Object hashCode method.
- * @return a hash code value for this object.
- * @see Object#hashCode()
- * @see Object#equals(Object)
- */
- public int hashCode() {
- return this.hashCode;
- }
-
- /**
- * Returns true if the specified object is semantically equal to this instance.
- * Note: this method is consistent with <code>compareTo()</code>.
- * <p>
- * @param obj the object that this instance is to be compared to.
- * @return whether the object is equal to this object.
- */
- public boolean equals(Object obj) {
- // Check if instances are identical ...
- if (this == obj) {
- return true;
- }
- // Check if object can be compared to this one
- // (this includes checking for null ) ...
- if(obj instanceof AuthorizationPermission){
- return compare(this, (AuthorizationPermission)obj) == 0;
- }
-
- // Otherwise not comparable ...
- return false;
- }
-
- /**
- * Compares this AuthorizationPermission to another Object. If the Object is an
AuthorizationPermission,
- * this function compares the name. Otherwise, it throws a
- * ClassCastException (as policyID instances are comparable only to
- * other AuthorizationPermission instances). Note: this method is consistent with
- * <code>equals()</code>.
- * <p>
- * @param o the object that this instance is to be compared to.
- * @return a negative integer, zero, or a positive integer as this object
- * is less than, equal to, or greater than the specified object, respectively.
- * @throws ClassCastException if the specified object's type prevents it
- * from being compared to this AuthorizationPermission.
- */
- public int compareTo(Object o) throws ClassCastException {
- // Check if instances are identical ...
- if (this == o) {
- return 0;
- }
- if (o == null) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0015));
- }
-
- // Check if object cannot be compared to this one
- // (this includes checking for null ) ...
- if (!(o instanceof AuthorizationPermission)) {
- throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0016));
- }
-
- // Check if everything else is equal ...
- return compare(this, (AuthorizationPermission)o);
- }
-
- /**
- * Utility method to compare two AuthorizationPermission instances. Returns a
negative integer, zero,
- * or a positive integer as this object is less than, equal to, or greater than
- * the specified object. <p>
- *
- * Subclasses may not override this method because it is designed to enforce a
- * constraint placed on <emph>all</emph>
<code>AuthorizationPermission</code>s.<p>
- *
- * This method assumes that all type-checking has already been performed. <p>
- *
- * @param obj1 the first policyID to be compared
- * @param obj2 the second policyID to be compared
- * @return -1, 0, +1 based on whether obj1 is less than, equal to, or
- * greater than obj2
- */
- public static final int compare(AuthorizationPermission obj1, AuthorizationPermission
obj2) {
- // Because the hash codes were computed using the attributes,
- // returning the difference in the hash code values will give a
- // consistent (but NOT lexicographical) ordering for both equals and compareTo.
-
- // If the hash codes are different, then simply return the difference
- // (this will probably be the case in most invocations) ...
- if (obj1.hashCode != obj2.hashCode ) {
- return obj1.hashCode - obj2.hashCode;
- }
-
- // If the hash codes are the same, then the resource names should be the same,
so
- // so start comparing the rest of the attributes, starting with the most
simplistic
- int resourceDiff = obj1.resource.compareTo(obj2.resource);
- if ( resourceDiff != 0 ) {
- return resourceDiff;
- }
-
- int actionDiff = obj1.actions.compareTo(obj2.actions);
- if ( actionDiff != 0) {
- return actionDiff;
- }
-
- int realmDiff = obj1.realm.compareTo(obj2.realm);
- if ( realmDiff != 0) {
- return realmDiff;
- }
-
- if (obj1.contentModifier == null && obj2.contentModifier == null ) {
- return 0; // must compare both to return '0'
- }
-
- if ( obj1.contentModifier != null ) {
- return obj1.contentModifier.compareTo(obj2.contentModifier);
- }
- return obj2.contentModifier.compareTo(obj1.contentModifier);
- }
-
- /**
- * Compute the hash code value.
- */
- private int computeHashCode() {
- int result = 0;
- result = PRIME * result + this.actions.hashCode();
- result = PRIME * result + this.resource.hashCode();
- result = PRIME * result + this.realm.hashCode();
- if ( this.contentModifier != null ) {
- result = PRIME * result + this.contentModifier.hashCode();
- }
- return result;
- }
-
-}
-
-
-
-
-
Deleted:
trunk/engine/src/main/java/org/teiid/security/AuthorizationPermissionFactory.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPermissionFactory.java 2010-03-08
22:13:59 UTC (rev 1941)
+++
trunk/engine/src/main/java/org/teiid/security/AuthorizationPermissionFactory.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,74 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-
-
-/**
- * This interface is implemented by classes that are able to create
AuthorizationPermission
- * instances, and is invoked by the service providers during loading and saving of
policies from and to
- * data storage.
- */
-public interface AuthorizationPermissionFactory {
-
- /**
- * Get the class that this factory creates instances of.
- * @return the class of the instances returned by this factory's
<code>create</code> methods.
- */
- Class getPermissionClass();
-
- /**
- * Create the AuthorizationResource type for the permission type that this factory
creates instances of.
- * @return A new resource instance of the appropriate type.
- */
- AuthorizationResource createResource(String name);
-
- /**
- * Create a new authorization permission for the specified resource.
- * @param resource the resource identifier
- * @param realm the realm into which this resource belongs
- * @param actions the actions for the resource
- * @param contentModifier the content modifier (may be null)
- */
- AuthorizationPermission create(AuthorizationResource resource, AuthorizationRealm
realm, AuthorizationActions actions, String contentModifier);
-
- /**
- * Create a new authorization permission for the specified resource.
- * @param resource the resource identifier
- * @param realm the realm into which this resource belongs
- */
- AuthorizationPermission create(String resource, AuthorizationRealm realm);
-
- /**
- * Create a new authorization permission for the specified resource with the given
actions.
- * @param resource the resource identifier
- * @param realm the realm into which this resource belongs
- * @param actions the actions for the resource
- */
- AuthorizationPermission create(String resource, AuthorizationRealm realm,
AuthorizationActions actions);
-}
-
-
-
-
-
Deleted: trunk/engine/src/main/java/org/teiid/security/AuthorizationPermissions.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPermissions.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/AuthorizationPermissions.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,148 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-/*
- * Date: Apr 24, 2003
- * Time: 12:51:40 PM
- */
-package com.metamatrix.platform.security.api;
-
-import java.io.Serializable;
-import java.util.Iterator;
-import java.util.Set;
-
-import com.metamatrix.platform.security.api.AuthorizationPermission;
-
-/**
- * Interface AuthorizationPermissions.
- *
- * <p>This interface represents a collection of
<code>AuthorizationPermission</code>s.</p>
- */
-public interface AuthorizationPermissions extends Serializable {
- /**
- * Marks this AuthorizationPermissionCollection object as "readonly".
After
- * a AuthorizationPermissionCollection object is marked as readonly, no new
AuthorizationPermission
- * objects can be added to it using the {@link #add} method.
- */
- void setReadOnly();
-
- /**
- * Determine whether this AuthorizationPermissionCollection object is
"readonly". If it
- * is readonly, no new AuthorizationPermission objects can be added to it using the
{@link #add} method.
- */
- boolean isReadOnly();
-
- /**
- * Adds a permission object to this object by adding it to the
AuthorizationPermissionCollection
- * for the class the AuthorizationPermission belongs to.
- * This method creates
- * a new AuthorizationPermissionCollection object (and adds the permission to it)
- * if an appropriate collection does not yet exist. <p>
- *
- * @param permission the AuthorizationPermission object to add.
- * @return true if this collection changed as a result of the addition.
- * @throws java.lang.SecurityException if this AuthorizationPermission object is
marked as readonly.
- * @see #isReadOnly()
- * @see #add(AuthorizationPermissions)
- * @see #add(Set)
- */
- boolean add(AuthorizationPermission permission);
-
- /**
- * Convenience method to add <code>AuthorizationPermissionsImpl</code> to
this object by adding each
- * one to the AuthorizationPermissionCollection for the class that
AuthorizationPermission instance belongs to.
- * This method creates new AuthorizationPermissionCollection object as required.
- *
- * @param permissions the set of AuthorizationPermission objects to add.
- * @return true if this collection changed as a result of the addition.
- * @throws java.lang.SecurityException if this AuthorizationPermission object is
marked as readonly.
- * @see #isReadOnly()
- * @see #add(AuthorizationPermission)
- * @see #add(Set)
- */
- boolean add(AuthorizationPermissions permissions);
-
- /**
- * Convenience method to add a <code>Set</code> of permission objects to
this object by adding each
- * one to the AuthorizationPermissionCollection for the class that
AuthorizationPermission instance belongs to.
- * This method creates new AuthorizationPermissionCollection object as required.
- *
- * @param permissions the set of AuthorizationPermission objects to add.
- * @return true if this collection changed as a result of the addition.
- * @throws java.lang.SecurityException if this AuthorizationPermission object is
marked as readonly.
- * @see #isReadOnly()
- * @see #add(AuthorizationPermission)
- * @see #add(AuthorizationPermissions)
- */
- boolean add(Set permissions);
-
- /**
- * Remove from this collection's set of existing permissions the specified
permission. If the permission is not
- * currently in this collection, this method simply returns without performing any
operation.
- * @param permission the permission that is to be removed from this policy.
- */
- boolean remove(AuthorizationPermission permission);
-
- /**
- * Remove from this collection's set of existing permissions all of the
- * set of specified permissions. If any of the permissions are not
- * currently in this collection, that permission is ignored.
- * @param permissions the set of permissions that are to be removed from this
policy.
- */
- boolean removeAll(Set permissions);
-
- /**
- * Remove from this collection's set of existing permissions all of the
- * set of specified permissions. If any of the permissions are not
- * currently in this collection, that permission is ignored.
- * @param permissions The AuthorizationPermissionsImpl that are to be removed from
this policy.
- */
- boolean removeAll(AuthorizationPermissions permissions);
-
- /**
- * Remove from this collection the entire set of existing permissions.
- */
- void clear();
-
- /**
- * Obtain an iterator over the AuthorizationPermission instances in this collection.
- * @return an iterator that can be used to access each of the instances in this
- * collection.
- */
- Iterator iterator();
-
- /**
- * Checks to see if the AuthorizationPermissionCollection in this object that
corresponds
- * to the specified permission's type contains permissions that imply access to
the
- * resouces in the <i>permission</i> object.
- * @param permission the AuthorizationPermission object to check.
- * @return true if <i>permission</i> is implied by the permissions in the
AuthorizationPermissionCollection it
- * belongs to, false if not.
- */
- boolean implies(AuthorizationPermission permission);
-
- /**
- * Determine the number of AuthorizationPermission instances represented by this
object.
- * @return the number of permissions within this object.
- */
- int size();
-}
Deleted: trunk/engine/src/main/java/org/teiid/security/AuthorizationPermissionsImpl.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPermissionsImpl.java 2010-03-08
22:13:59 UTC (rev 1941)
+++
trunk/engine/src/main/java/org/teiid/security/AuthorizationPermissionsImpl.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,345 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.NoSuchElementException;
-import java.util.Set;
-import java.util.concurrent.locks.ReentrantLock;
-
-import com.metamatrix.common.log.LogManager;
-import com.metamatrix.common.util.LogConstants;
-
-/**
- * This class represents a heterogeneous set of AuthorizationPermission instances. Like
the AuthorizationPermission
- * class, this class (and all AuthorizationPermissionCollection classes) also has an
<code>implies</code>
- * method that can be used to determine whether a particular AuthorizationPermission is
allowed by the
- * permissions contained within an AuthorizationPermissionsImpl instance.
- * <p>
- * The different AuthorizationPermission instances contained by an
AuthorizationPermissionsImpl instance are
- * organized into homogeneous AuthorizationPermissionCollection objects contained in the
AuthorizationPermissionsImpl
- * object; an AuthorizationPermission object added to the AuthorizationPermissionsImpl
object is automatically
- * placed into the appropriate AuthorizationPermissionCollection object for that type (or
realm) of permission
- * (as prescribed by the result of the
<code>newAuthorizationPermissionCollection()</code> method on the
AuthorizationPermission
- * subclass). If no special container is specified, a default container (which has some
optimizations for the
- * <code>implies</code> method, based upon the AuthorizationPermission
object's <code>hashCode()</code> method) is used.
- */
-public final class AuthorizationPermissionsImpl implements AuthorizationPermissions {
-
- private static final long serialVersionUID = -5223347499647193459L;
-
- private Set<AuthorizationPermission> thePermissions = new
HashSet<AuthorizationPermission>();
- // Used to provide permissions collection synchronization
- private ReentrantLock lockObj = new ReentrantLock();
-
- private boolean readOnly = false;
-
- public AuthorizationPermissionsImpl() {
-
- }
- /**
- * Create a new AuthorizationPermissionsImpl object that is a copy of the original.
- * Make a deep copy of the orig.
- * @param orig The original to be copied.
- */
- public AuthorizationPermissionsImpl( AuthorizationPermissions orig ) {
-
- lockObj.lock();
- try {
- Iterator permItr = orig.iterator();
- while ( permItr.hasNext() ) {
- AuthorizationPermission aPerm = (AuthorizationPermission)
permItr.next();
- if ( aPerm != null ) {
- try {
- this.thePermissions.add((AuthorizationPermission)aPerm.clone());
- } catch ( CloneNotSupportedException e ) {
- // They're all clonable but log anyway
- final Object[] params = { aPerm };
- final String msg =
SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0005, params);
-
//I18nLogManager.logError(LogSecurityConstants.CTX_AUTHORIZATION,SecurityMessagesKeys.SEC_API_0005,e,aPerm);
- LogManager.logError(LogConstants.CTX_AUTHORIZATION, e, msg);
- }
- }
- }
- } finally {
- lockObj.unlock();
- }
- }
-
- /**
- * Marks this AuthorizationPermissionCollection object as "readonly".
After
- * a AuthorizationPermissionCollection object is marked as readonly, no new
AuthorizationPermission
- * objects can be added to it using the <code>add</code>.
- */
- public void setReadOnly() {
- this.readOnly = true;
- }
-
- /**
- * Determine whether this AuthorizationPermissionCollection object is
"readonly". If it
- * is readonly, no new AuthorizationPermission objects can be added to it using the
<code>add</code>.
- */
- public boolean isReadOnly() {
- return this.readOnly;
- }
-
- /**
- * Adds a permission object to this object by adding it to the
AuthorizationPermissionCollection
- * for the class the AuthorizationPermission belongs to.
- * This method creates
- * a new AuthorizationPermissionCollection object (and adds the permission to it)
- * if an appropriate collection does not yet exist. <p>
- *
- * @param permission the AuthorizationPermission object to add.
- * @return true if this collection changed as a result of the addition.
- * @throws SecurityException if this AuthorizationPermission object is marked as
readonly.
- */
- public boolean add(AuthorizationPermission permission) {
- if ( this.isReadOnly() ) {
- throw new
SecurityException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0017));
- }
- boolean result = false;
- if ( permission != null ) {
- lockObj.lock();
- try {
- result = this.thePermissions.add(permission);
- } finally {
- lockObj.unlock();
- }
- }
- return result;
- }
-
- /**
- * Convenience method to add <code>AuthorizationPermissionsImpl</code> to
this object by adding each
- * one to the AuthorizationPermissionCollection for the class that
AuthorizationPermission instance belongs to.
- * This method creates new AuthorizationPermissionCollection object as required.
- *
- * @param permissions the set of AuthorizationPermission objects to add.
- * @return true if this collection changed as a result of the addition.
- * @throws SecurityException if this AuthorizationPermission object is marked as
readonly.
- * @see #isReadOnly()
- */
- public boolean add(AuthorizationPermissions permissions) {
- if ( isReadOnly() ) {
- throw new
SecurityException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0017));
- }
- boolean result = false;
- if ( permissions != null ) {
- result = this.addPermissions(permissions.iterator());
- }
- return result;
- }
-
- /**
- * Convenience method to add a <code>Set</code> of permission objects to
this object by adding each
- * one to the AuthorizationPermissionCollection for the class that
AuthorizationPermission instance belongs to.
- * This method creates new AuthorizationPermissionCollection object as required.
- *
- * @param permissions the set of AuthorizationPermission objects to add.
- * @return true if this collection changed as a result of the addition.
- * @throws SecurityException if this AuthorizationPermission object is marked as
readonly.
- * @see #isReadOnly()
- */
- public boolean add(Set permissions) {
- if ( isReadOnly() ) {
- throw new
SecurityException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0017));
- }
- boolean result = false;
- if ( permissions != null ) {
- result = this.addPermissions(permissions.iterator());
- }
- return result;
- }
-
- /**
- * Remove from this collection's set of existing permissions the specified
permission. If the permission is not
- * currently in this collection, this method simply returns without performing any
operation.
- * @param permission the permission that is to be removed from this policy.
- */
- public boolean remove(AuthorizationPermission permission) {
- boolean result = false;
- lockObj.lock();
- try {
- result = this.thePermissions.remove(permission);
- } finally {
- lockObj.unlock();
- }
- return result;
- }
-
- /**
- * Remove from this collection's set of existing permissions all of the
- * set of specified permissions. If any of the permissions are not
- * currently in this collection, that permission is ignored.
- * @param permissions the set of permissions that are to be removed from this
policy.
- */
- public boolean removeAll(Set permissions) {
- boolean result = false;
- if ( permissions != null ) {
- result = this.removePermissions(permissions.iterator());
- }
- return result;
- }
-
- /**
- * Remove from this collection's set of existing permissions all of the
- * set of specified permissions. If any of the permissions are not
- * currently in this collection, that permission is ignored.
- * @param permissions The AuthorizationPermissionsImpl that are to be removed from
this policy.
- */
- public boolean removeAll(AuthorizationPermissions permissions) {
- boolean result = false;
- if ( permissions != null ) {
- result = this.removePermissions(permissions.iterator());
- }
- return result;
- }
-
- /**
- * Remove from this collection the entire set of existing permissions.
- */
- public void clear() {
- this.thePermissions.clear();
- }
-
- /**
- * Obtain an iterator over the AuthorizationPermission instances in this collection.
- * @return an iterator that can be used to access each of the instances in this
- * collection.
- */
- public Iterator iterator() {
- Iterator permItr = Collections.EMPTY_SET.iterator();
- lockObj.lock();
- try {
- permItr = this.thePermissions.iterator();
- } finally {
- lockObj.unlock();
- }
- return permItr;
- }
-
- /**
- * Checks to see if the AuthorizationPermissionCollection in this object that
corresponds
- * to the specified permission's type contains permissions that imply access to
the
- * resouces in the <i>permission</i> object.
- * @param permission the AuthorizationPermission object to check.
- * @return true if <i>permission</i> is implied by the permissions in the
AuthorizationPermissionCollection it
- * belongs to, false if not.
- */
- public boolean implies(AuthorizationPermission permission) {
- if ( permission == null ) {
- return false;
- }
- Iterator permIter = thePermissions.iterator();
- while ( permIter.hasNext() ) {
- AuthorizationPermission aPerm = (AuthorizationPermission) permIter.next();
- if ( aPerm.implies(permission) ) {
- return true;
- }
- }
- return false;
- }
-
- /**
- * Determine the number of AuthorizationPermission instances represented by this
object.
- * @return the number of permissions within this object.
- */
- public int size() {
- return this.thePermissions.size();
- }
-
- /**
- * Returns a string representation of the object. In general, the
- * <code>toString</code> method returns a string that
- * "textually represents" this object. The result should
- * be a concise but informative representation that is easy for a
- * person to read.
- * @return a string representation of the object.
- */
- public String toString() {
- StringBuffer sb = new StringBuffer();
- Iterator iter = this.iterator();
- while ( iter.hasNext() ) {
- try {
- sb.append(iter.next().toString() + ',');
- } catch ( NoSuchElementException e ) {
- // ignore
- }
- }
- // Chop last ','
- int sbLen = sb.length();
- if ( sbLen > 0 ) {
- sb.setLength(sb.length() - 1);
- }
- return sb.toString();
- }
-
- /**
- * Add the <code>AuthorizationPermission</code>s from the given
iterator.
- * <br><code>null</code> permissions are ignored.</br>
- * @param permIter The Iterator that contains permissions to add.
- * @return <code>true</code> if the permissions were changed as a result
- * of adding the permisions.
- */
- private boolean addPermissions(Iterator permIter) {
- boolean result = false;
- lockObj.lock();
- try {
- while ( permIter.hasNext() ) {
- AuthorizationPermission aPerm = (AuthorizationPermission)
permIter.next();
- if ( aPerm != null && this.thePermissions.add(aPerm) &&
!result ) {
- result = true;
- }
- }
- } finally {
- lockObj.unlock();
- }
- return result;
- }
-
- /**
- * Remove the <code>AuthorizationPermission</code>s in the given
iterator.
- * <br><code>null</code> permissions are ignored.</br>
- * @param permIter The Iterator that contains permissions to remove.
- * @return <code>true</code> if the permissions were changed as a result
- * of removing the permisions.
- */
- private boolean removePermissions(Iterator permIter) {
- boolean result = false;
- lockObj.lock();
- try {
- while ( permIter.hasNext() ) {
- AuthorizationPermission aPerm = (AuthorizationPermission)
permIter.next();
- if ( aPerm != null && this.thePermissions.remove(aPerm)
&& !result ) {
- result = true;
- }
- }
- } finally {
- lockObj.unlock();
- }
- return result;
- }
-}
Deleted: trunk/engine/src/main/java/org/teiid/security/AuthorizationPoliciesHolder.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPoliciesHolder.java 2010-03-08
22:13:59 UTC (rev 1941)
+++
trunk/engine/src/main/java/org/teiid/security/AuthorizationPoliciesHolder.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,36 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-package com.metamatrix.platform.security.api;
-
-import java.util.Collection;
-
-public class AuthorizationPoliciesHolder {
- private Collection<AuthorizationPolicy> policies;
-
- public void setAuthorizationPolicies(Collection<AuthorizationPolicy> policies) {
- this.policies = policies;
- }
-
- public Collection<AuthorizationPolicy> getAuthorizationPolicies(){
- return this.policies;
- }
-}
Deleted: trunk/engine/src/main/java/org/teiid/security/AuthorizationPolicy.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPolicy.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/AuthorizationPolicy.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,547 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.LinkedHashSet;
-import java.util.NoSuchElementException;
-import java.util.Set;
-
-/**
- * The AuthorizationPolicy class defines a set of permissions (i.e., permissions) that
apply to a
- * set of principals (@see MetaMatrixPrincipalName). Each permission defines a resource
(or set of resources) that are to be
- * controlled, what actions are allowed, and possibly any additional restrictions that
should
- * be placed upon the resource to limit content (i.e., content modifiers).
- */
-public class AuthorizationPolicy implements Comparable, Serializable {
-
- private static final long serialVersionUID = -4542635173812413914L;
-
- /**
- * Contains principal name
- */
- private Set<MetaMatrixPrincipalName> principals;
-
- private AuthorizationPermissions permissions;
-
- private AuthorizationPolicyID authorizationPolicyID;
-
- /**
- * Create an instance of an AuthorizationPolicy that has the specified ID.
- * @param id the ID of the policy
- */
- public AuthorizationPolicy( AuthorizationPolicyID id ) {
- if( id == null){
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0001));
- }
- this.authorizationPolicyID = id;
- this.principals = new LinkedHashSet<MetaMatrixPrincipalName>();
- this.permissions = new AuthorizationPermissionsImpl();
- }
-
- /**
- * Create an instance of an AuthorizationPolicy that has the specified ID,
- * principal set and permissions.
- * @param id the ID of the policy
- * @param principals the set of <code>MetaMatrixPrincipalName</code>s to
which this policy applies.
- * @param permissions the permissions that define the resource access for this
policy.
- */
- public AuthorizationPolicy( AuthorizationPolicyID id,
Set<MetaMatrixPrincipalName> principals, Set permissions ) {
- this.authorizationPolicyID = id;
- if ( principals != null ) {
- this.principals = new
LinkedHashSet<MetaMatrixPrincipalName>(principals);
- } else {
- this.principals = new LinkedHashSet<MetaMatrixPrincipalName>();
- }
- this.permissions = new AuthorizationPermissionsImpl();
- this.permissions.add(permissions);
- }
-
- /**
- * Create an instance of an AuthorizationPolicy from a copy of another.
- * @param orig the original policy that this new instance is to be based upon
- */
- public AuthorizationPolicy( AuthorizationPolicy orig ) {
- this.authorizationPolicyID = orig.authorizationPolicyID;
- this.principals = new LinkedHashSet<MetaMatrixPrincipalName>(
orig.principals );
- this.permissions = new AuthorizationPermissionsImpl();
- Iterator iter = orig.iterator();
- while ( iter.hasNext() ) {
- this.permissions.add( (AuthorizationPermission) iter.next() );
- }
- }
-
- /**
- * Get the AuthorizationPermissionsImpl of this policy.
- * @return The AuthorizationPermissionsImpl.
- */
- AuthorizationPermissions getAuthorizationPermissions() {
- return this.permissions;
- }
-
- /**
- * Get the given AuthorizationPermission.
- * @param permission The requested AuthorizationPermission.
- * @return The requested AuthorizationPermission (may be null if not found).
- */
- AuthorizationPermission getPermission(AuthorizationPermission permission) {
- AuthorizationPermission oldPermission = null;
- Iterator permItr = this.permissions.iterator();
- while ( permItr.hasNext() ) {
- oldPermission = (AuthorizationPermission) permItr.next();
- if ( oldPermission.equals(permission) ) {
- return oldPermission;
- }
- }
- return null;
- }
-
- /**
- * Given an <code>AuthorizationResource</code>, find the
<code>AuthorizationPermission</code>,
- * if any, that supplies an <code>AuthorizationAction</code> for that
resource.
- * @param resource The resource for which to find a permission.
- * @return The requested AuthorizationPermission (may be null if not found).
- */
- public AuthorizationPermission findPermissionWithResource(AuthorizationResource
resource) {
- AuthorizationPermission permission = null;
- Iterator permItr = this.permissions.iterator();
- while ( permItr.hasNext() ) {
- permission = (AuthorizationPermission) permItr.next();
- AuthorizationResource theResource = permission.getResource();
- if ( theResource.isCannonicallyEquivalent(resource) ) {
- return permission;
- }
- }
- return null;
- }
-
- /**
- * Given an <code>AuthorizationResource</code>, find the
<code>AuthorizationPermission</code>s,
- * if any, that are dependant on that resource. An
<code>AuthorizationPermission</code> is
- * dependant on a resource if it has any
<code>AuthorizationAction</code>s on that resource
- * or if it is part of a recursive permission involving the resource.
- * @param resource The resource for which to find a permission.
- * @return The Collections AuthorizationPermission (may be empty but not null).
- */
- public Collection getDependantPermissions(AuthorizationResource resource) {
- Collection dependantPerms = new ArrayList();
-// boolean recursive = resource.isRecursive();
- AuthorizationPermission permission = null;
- Iterator permItr = this.permissions.iterator();
- while ( permItr.hasNext() ) {
- permission = (AuthorizationPermission) permItr.next();
- AuthorizationResource theResource = permission.getResource();
- if ( theResource.isCannonicallyEquivalent(resource) ) {
- dependantPerms.add( permission );
- }
- }
- return dependantPerms;
- }
-
- /**
- * Obtain the identifier for this policy.
- * @return the policy's identifier.
- */
- public AuthorizationPolicyID getAuthorizationPolicyID() {
- return authorizationPolicyID;
- }
-
- /**
- * Obtain the set of principal names that this policy applies to.
- * @return the set of <code>MetaMatrixPrincipalName</code>s to which
this
- * policy applies; never null but possibly empty
- */
- public Set<MetaMatrixPrincipalName> getPrincipals() {
- return principals;
- }
-
- /**
- * Obtain the number of principals that this policy applies to.
- * @return the number of principals instances in this policy.
- */
- public int getPrincipalCount() {
- return principals.size();
- }
-
- /**
- * Obtain the number of permissions that this policy applies.
- * @return the number of permissions instances in this policy.
- */
- public int getPermissionCount() {
- return permissions.size();
- }
-
- /**
- * Obtain the permissions that this policy applies as a Set.
- * @return the permission instances in this policy.
- */
- public Set getPermissions() {
- Set perms = new LinkedHashSet();
- Iterator permItr = permissions.iterator();
- while ( permItr.hasNext() ) {
- perms.add(permItr.next());
- }
- return perms;
- }
-
- /**
- * Return whether this policy currently has at least one permission instance.
- * @return true if this policy contains at least one AuthorizationPermission
instance
- * that it applies.
- */
- public boolean hasPermissions() {
- return permissions.size() > 0;
- }
-
- /**
- * Obtain the description for this policy which may be null.
- * @return the description. May be null.
- */
- public String getDescription() {
- return authorizationPolicyID.getDescription();
- }
-
- /**
- * Obtain an iterator over the AuthorizationPermission instances that this policy
applies.
- * @return an iterator that can be used to access each of the AuthorizationPermission
instances
- */
- public Iterator iterator() {
- return permissions.iterator();
- }
-
- /**
- * Return whether this policy currently has at least one principal reference.
- * @return true if this policy contains at least one principal instance
- * to which this policy is to be applied.
- */
- public boolean hasPrincipal() {
- return ! principals.isEmpty();
- }
-
- /**
- * Checks to see if any of the AuthorizationPermission instances in this policy
- * imply access to the resouces in the <i>permission</i> object.
- * @param permission the AuthorizationPermission object to check.
- * @return true if <i>permission</i> is implied by the
AuthorizationPermission
- * instances in this policy, or false otherwise
- */
- public boolean implies(AuthorizationPermission permission) {
- return permissions.implies(permission);
- }
-
- /**
- * Returns a string describing this policy object.
- * The format is:
- * <pre>
- * super.toString() (
- * // the authorization policy ID of the policy ...
- * // the description of the policy ...
- * // enumerate all the Principal
- * // objects and call toString() on them,
- * // one per line..
- * // enumerate all the AuthorizationPermission
- * // objects and call toString() on them,
- * // one per line..
- * )</pre>
- *
- * <code>super.toString</code> is a call to the
<code>toString</code>
- * method of this
- * object's superclass, which is Object. The result is
- * this object's type name followed by this object's
- * hashcode, thus enabling clients to differentiate different
- * AuthorizationPolicy objects, even if they contain the same permissions.
- */
- public String toString() {
- StringBuffer sb = new StringBuffer();
- sb.append('{');
- sb.append("ID=["); //$NON-NLS-1$
- sb.append(this.authorizationPolicyID);
- sb.append("] Principals=["); //$NON-NLS-1$
- Iterator iter = this.principals.iterator();
- while (iter.hasNext()) {
- try {
- sb.append(iter.next().toString() + ',');
- } catch (NoSuchElementException e){
- // ignore
- }
- }
- // Chop last ','
- if ( this.principals.size() > 0 ) {
- sb.setLength(sb.length()-1);
- }
- sb.append("] Permissions=["); //$NON-NLS-1$
- sb.append(this.permissions);
- sb.append("]}"); //$NON-NLS-1$
- return sb.toString();
- }
-
- /**
- * Overrides Object hashCode method.
- * @return a hash code value for this object.
- * @see Object#hashCode()
- * @see Object#equals(Object)
- */
- public int hashCode() {
- return this.authorizationPolicyID.hashCode();
- }
-
- /**
- * Returns true if the specified object is semantically equal to this instance.
- * Note: this method is consistent with <code>compareTo()</code>.
- * <p>
- * @param obj the object that this instance is to be compared to.
- * @return whether the object is equal to this object.
- */
- public boolean equals(Object obj) {
- // Check if instances are identical ...
- if (this == obj) {
- return true;
- }
-
- // Check if object can be compared to this one
- // (this includes checking for null ) ...
- if (this.getClass().isInstance(obj)) {
-
- // fail fast on different hash codes
- if (this.hashCode() != obj.hashCode()) {
- return false;
- }
-
- // slower comparison
- return compare(this, (AuthorizationPolicy)obj) == 0;
- }
-
- // Otherwise not comparable ...
- return false;
- }
-
- /**
- * Compares this AuthorizationPolicy to another Object. If the Object is an
AuthorizationPolicy,
- * this function compares the name. Otherwise, it throws a
- * ClassCastException (as AuthorizationPolicy instances are comparable only to
- * other AuthorizationPolicy instances). Note: this method is consistent with
- * <code>equals()</code>.
- * <p>
- * @param o the object that this instance is to be compared to.
- * @return a negative integer, zero, or a positive integer as this object
- * is less than, equal to, or greater than the specified object, respectively.
- * @throws ClassCastException if the specified object's type prevents it
- * from being compared to this AuthorizationPolicy.
- */
- public int compareTo(Object o) throws ClassCastException {
- // Check if instances are identical ...
- if (this == o) {
- return 0;
- }
- if (o == null) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0018));
- }
-
- // Check if object cannot be compared to this one
- // (this includes checking for null ) ...
- if (!(this.getClass().isInstance(o))) {
- throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0019,
o.getClass()));
- }
-
- // Check if everything else is equal ...
- return compare(this, (AuthorizationPolicy)o);
- }
-
- /**
- * Utility method to compare two AuthorizationPolicy instances. Returns a negative
integer, zero,
- * or a positive integer as this object is less than, equal to, or greater than
- * the specified object. <p>
- *
- * The comparison is based on the names of the user groups.<p>
- *
- * This method assumes that all type-checking has already been performed. <p>
- *
- * @param obj1 the first policyID to be compared
- * @param obj2 the second policyID to be compared
- * @return -1, 0, +1 based on whether obj1 is less than, equal to, or
- * greater than obj2
- */
- static int compare(AuthorizationPolicy obj1, AuthorizationPolicy obj2) {
-
- // Compare policy IDs
- return (obj1.hashCode() == obj2.hashCode()) ? 0 :
- obj1.authorizationPolicyID.compareTo(obj2.authorizationPolicyID);
- }
-
- // =========================================================================
- // M O D I F I E R M E T H O D S
- // =========================================================================
-
- /**
- * Define the set of description for this policy.
- * @param desc the new description for this policy.
- */
- public void setDescription(String desc) {
- this.authorizationPolicyID.setDescription(desc);
- }
-
- /**
- * Define the set of permissions that this policy is to apply. Any existing
- * permissions are removed from the policy. If the specified set is null,
- * this policy will have no governing permissions.
- * @param permissions the new permissions that this policy applies.
- */
- public void setPermissions(AuthorizationPermissions permissions) {
- if ( permissions != null ) {
- this.permissions = permissions;
- } else {
- this.permissions.clear();
- }
- }
-
- /**
- * Define the set of <code>MetaMatrixPrincipalName</code>s that this
policy applies to. Any existing
- * <code>MetaMatrixPrincipalName</code>s are removed from the policy. If
the specified set is null or empty,
- * this policy will apply to no principals.
- * @param principals the new set of <code>MetaMatrixPrincipalName</code>s
to which this policy applies.
- */
- public void setPrincipals(Set<MetaMatrixPrincipalName> principals) {
- if ( principals != null ) {
- this.principals = new
LinkedHashSet<MetaMatrixPrincipalName>(principals);
- } else {
- this.principals.clear();
- }
- }
-
- /**
- * Add to this policy's set of existing permissions a new permission that is to
be applied by the policy.
- * @param permission the new permission that is to be added to this policy. May not
be null.
- * @return true if this policy changed as a result of the addition.
- * @throws IllegalArgumentException if the specified permission is null.
- */
- public boolean addPermission(AuthorizationPermission permission) {
- if ( permission == null ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0020));
- }
- return this.permissions.add(permission);
- }
-
- /**
- * Add to this policy's set of existing permissions a new set of permissions
- * that are to be applied by the policy.
- * @param permissions the new permissions that are to be added to this policy. May
not be null.
- * @return true if this policy changed as a result of the addition.
- * @throws IllegalArgumentException if the specified permission is null.
- */
- public boolean addAllPermissions(AuthorizationPermissions permissions) {
- if ( permissions == null || permissions.size() == 0 ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0020));
- }
- return this.permissions.add(permissions);
- }
-
- /**
- * Add to this policy's set of existing permissions a set of additional
permissions that are to be applied by the policy.
- * Any permission that is added that has the same resource name as an existing
permission overwrites the existing
- * permission.
- * @param permissions the set of new permissions that are to be added to this policy.
May not be null.
- * @return true if this policy changed as a result of the additions.
- * @throws IllegalArgumentException if the specified set of permissions is null or if
the set contains a null value.
- */
- public boolean addAllPermissions(Set permissions) {
- if ( permissions == null ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0020));
- }
- if ( permissions.contains(null) ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0021));
- }
- return this.permissions.add(permissions);
- }
-
- /**
- * Remove from this policy's set of existing permissions the specified
permission. If the permission is not
- * currently in this policy, this method simply returns without performing any
operation.
- * @param permission the permission that is to be removed from this policy.
- */
- public void removePermission(AuthorizationPermission permission) {
- this.permissions.remove(permission);
- }
-
- /**
- * Remove all of this policy's existing permissions.
- */
- public void removePermissions() {
- this.permissions.clear();
- this.permissions = new AuthorizationPermissionsImpl();
- }
-
- /**
- * Add to this policy's set of existing principals a new
<code>MetaMatrixPrincipalName</code> name to whom this policy is to apply.
- * @param principal the new <code>MetaMatrixPrincipalName</code> that is
to be added to this policy. May not be null.
- * @return true if this policy changed as a result of the addition.
- * @throws IllegalArgumentException if the specified principal is null.
- */
- public boolean addPrincipal(MetaMatrixPrincipalName principal) {
- if ( principal == null ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0022));
- }
- return this.principals.add(principal);
- }
-
- /**
- * Add to this policy's set of existing principals a set of new
<code>MetaMatrixPrincipalName</code> to whom this policy is to apply.
- * @param newPrincipals the set of new
<code>MetaMatrixPrincipalName</code> that are to be added to this policy. May
not be null.
- * @return true if this policy changed as a result of the additions.
- * @throws IllegalArgumentException if the specified set of principals is null or if
the set contains a null value.
- */
- public boolean addAllPrincipals(Set<MetaMatrixPrincipalName> newPrincipals) {
- if ( newPrincipals == null ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0022));
- }
- if ( newPrincipals.contains(null) ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0023));
- }
- return this.principals.addAll(newPrincipals);
- }
-
- /**
- * Remove from this policy's set of existing principals the specified
<code>MetaMatrixPrincipalName</code>.
- * If the principal is not in the existing set of principal names for this policy,
- * this method simply does nothing for that principal.
- * @param principal the <code>MetaMatrixPrincipalName</code> that is to
be removed from this policy.
- */
- public void removePrincipal(MetaMatrixPrincipalName principal) {
- this.principals.remove(principal);
- }
-
- /**
- * Remove from this policy the entire set of existing
<code>MetaMatrixPrincipalName</code> references.
- */
- public void clearPrincipals() {
- this.principals.clear();
- }
-
-
-}
-
-
-
-
Deleted: trunk/engine/src/main/java/org/teiid/security/AuthorizationPolicyFactory.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPolicyFactory.java 2010-03-08
22:13:59 UTC (rev 1941)
+++
trunk/engine/src/main/java/org/teiid/security/AuthorizationPolicyFactory.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,282 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.io.ByteArrayOutputStream;
-import java.io.CharArrayReader;
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Properties;
-import java.util.Set;
-import java.util.StringTokenizer;
-
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.jdom.Document;
-import org.jdom.Element;
-import org.jdom.input.DOMBuilder;
-import org.jdom.output.Format;
-import org.jdom.output.XMLOutputter;
-import org.teiid.adminapi.AdminRoles;
-import org.xml.sax.ErrorHandler;
-import org.xml.sax.InputSource;
-import org.xml.sax.SAXException;
-import org.xml.sax.SAXParseException;
-
-import com.metamatrix.common.log.LogManager;
-import com.metamatrix.common.util.LogConstants;
-
-/**
- * The class build the Policies from the xml file or converts the policies to xml file
for importing and exporting of the policy
- * files from one server to another. look in the authorizations.xsd in this package for
the format of the XML being imported and
- * exported
- */
-public class AuthorizationPolicyFactory {
-
- private static final String ROLE = "role"; //$NON-NLS-1$
- private static final String PRINCIPALS = "principals"; //$NON-NLS-1$
- private static final String ALLOW = "allow-"; //$NON-NLS-1$
- private static final String RESOURCE_NAME = "resource-name"; //$NON-NLS-1$
- private static final String PERMISSION = "permission"; //$NON-NLS-1$
- private static final String PERMISSIONS = "permissions"; //$NON-NLS-1$
- private static final String DESCRIPTION = "description"; //$NON-NLS-1$
- private static final String VDB_VERSION = "vdb-version"; //$NON-NLS-1$
- private static final String VDB_NAME = "vdb-name"; //$NON-NLS-1$
- private static final String NAME = "name"; //$NON-NLS-1$
- private static final String DATA_ROLE = "data-role"; //$NON-NLS-1$
- private static final String ROLES = "roles"; //$NON-NLS-1$
- private static final String REALM = "realm"; //$NON-NLS-1$
-
- static final String JAXP_SCHEMA_SOURCE =
"http://java.sun.com/xml/jaxp/properties/schemaSource"; //$NON-NLS-1$
- static final String JAXP_SCHEMA_LANGUAGE =
"http://java.sun.com/xml/jaxp/properties/schemaLanguage"; //$NON-NLS-1$
- static final String W3C_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema";
//$NON-NLS-1$
-
- private static String[] ALLOW_TYPES = new String[] {
- StandardAuthorizationActions.DATA_CREATE_LABEL,
- StandardAuthorizationActions.DATA_DELETE_LABEL,
- StandardAuthorizationActions.DATA_UPDATE_LABEL,
- StandardAuthorizationActions.DATA_READ_LABEL,
- };
-
- public static Collection<AuthorizationPolicy> buildPolicies(String vdbName,
String vdbVersion, char[] xmlContents)
- throws SAXException, IOException, ParserConfigurationException {
-
- DOMBuilder builder = new DOMBuilder();
-
- DocumentBuilderFactory documentBuilderFactory =
DocumentBuilderFactory.newInstance();
- documentBuilderFactory.setAttribute(JAXP_SCHEMA_LANGUAGE, W3C_XML_SCHEMA);
- documentBuilderFactory.setAttribute(JAXP_SCHEMA_SOURCE,
AuthorizationPolicyFactory.class.getResourceAsStream("authorizations.xsd"));
//$NON-NLS-1$
- documentBuilderFactory.setValidating(true);
- DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();
- docBuilder.setErrorHandler(new ErrorHandler() {
-
- public void warning(SAXParseException arg0) throws SAXException {
-
LogManager.logWarning(LogConstants.CTX_AUTHORIZATION,arg0,SecurityPlugin.Util.getString("AuthorizationPolicyFactory.parsing_warning",
arg0.getMessage())); //$NON-NLS-1$
- }
-
- public void error(SAXParseException arg0) throws SAXException {
- throw new
SAXException(SecurityPlugin.Util.getString("AuthorizationPolicyFactory.parsing_error",
arg0.getMessage()), arg0); //$NON-NLS-1$
- }
-
- public void fatalError(SAXParseException arg0) throws SAXException {
- throw new
SAXException(SecurityPlugin.Util.getString("AuthorizationPolicyFactory.parsing_error",
arg0.getMessage()), arg0); //$NON-NLS-1$
- }
- });
-
- Document doc = builder.build(docBuilder.parse(new InputSource(new
CharArrayReader(xmlContents))));
-
- Element root = doc.getRootElement();
- Element roles = root.getChild(ROLES);
- List dataRoles = roles.getChildren(DATA_ROLE);
-
- AuthorizationRealm realm = new AuthorizationRealm(vdbName, vdbVersion);
- BasicAuthorizationPermissionFactory bapf = new
BasicAuthorizationPermissionFactory();
-
- List<AuthorizationPolicy> result = new
ArrayList<AuthorizationPolicy>();
-
- for (final Iterator iter = dataRoles.iterator(); iter.hasNext();) {
- final Element role = (Element)iter.next();
-
- Element name = role.getChild(NAME);
-
- AuthorizationPolicyID policyID = new AuthorizationPolicyID(name.getText(),
vdbName, vdbVersion);
- AuthorizationPolicy policy = new AuthorizationPolicy(policyID);
-
- result.add(policy);
-
- Element description = role.getChild(DESCRIPTION);
- if (description != null) {
- policy.setDescription(description.getText());
- }
-
- Element permsElem = role.getChild(PERMISSIONS);
-
- if (permsElem != null) {
-
- List perms = permsElem.getChildren(PERMISSION);
-
- for (final Iterator permIter = perms.iterator(); permIter.hasNext();) {
- final Element perm = (Element)permIter.next();
-
- Element resourceElem = perm.getChild(RESOURCE_NAME);
-
- String resourceName = resourceElem.getText();
-
- int actionsValue = StandardAuthorizationActions.NONE_VALUE;
- for (int i = 0; i < ALLOW_TYPES.length; i++) {
- if (perm.getChild(ALLOW+ALLOW_TYPES[i].toLowerCase()) == null) {
- continue;
- }
- AuthorizationActions action =
StandardAuthorizationActions.getAuthorizationActions(ALLOW_TYPES[i]);
- actionsValue |= action.getValue();
- }
- AuthorizationPermission permission = bapf.create(resourceName, realm,
StandardAuthorizationActions.getAuthorizationActions(actionsValue));
- policy.addPermission(permission);
- }
- }
-
- Element principalsElem = role.getChild(PRINCIPALS);
-
- if (principalsElem != null) {
-
- List groups = principalsElem.getChildren(ROLE);
-
- for (final Iterator groupsIter = groups.iterator();
groupsIter.hasNext();) {
- final Element group = (Element)groupsIter.next();
-
- policy.addPrincipal(new MetaMatrixPrincipalName(group.getText(),
MetaMatrixPrincipal.TYPE_GROUP));
- }
- }
- }
-
- return result;
- }
-
- public static char[] exportPolicies(Collection<AuthorizationPolicy> roles)
throws IOException {
- Document doc = new Document(new Element(REALM));
-
- Element rolesElement = new Element(ROLES);
-
- doc.getRootElement().addContent(rolesElement);
-
- for (AuthorizationPolicy policy : roles) {
- AuthorizationPolicyID policyId = policy.getAuthorizationPolicyID();
-
- Element roleElement = new Element(DATA_ROLE);
- rolesElement.addContent(roleElement);
-
- roleElement.addContent(new
Element(NAME).setText(policyId.getDisplayName()));
-
- AuthorizationRealm realm = policyId.getRealm();
- roleElement.addContent(new
Element(VDB_NAME).setText(realm.getSuperRealmName()));
- roleElement.addContent(new
Element(VDB_VERSION).setText(realm.getSubRealmName()));
-
- roleElement.addContent(new
Element(DESCRIPTION).setText(policy.getDescription()));
-
- // Now add each individual role
- Set permissions = policy.getPermissions();
-
- if (!permissions.isEmpty()) {
- Element permissionsElement = new Element(PERMISSIONS);
- roleElement.addContent(permissionsElement);
-
- for (final Iterator permissionIter = permissions.iterator();
permissionIter.hasNext();) {
- BasicAuthorizationPermission permission =
(BasicAuthorizationPermission)permissionIter.next();
- Element permissionElement = new Element(PERMISSION);
- permissionsElement.addContent(permissionElement);
-
- permissionElement.addContent(new
Element(RESOURCE_NAME).setText(permission.getResourceName()));
-
- String[] labels = permission.getActions().getLabels();
- for (int i = 0; i < labels.length; i++) {
- permissionElement.addContent(new Element(ALLOW +
labels[i].toLowerCase()));
- }
- }
- }
-
- Set principals = policy.getPrincipals();
-
- if (!principals.isEmpty()) {
- Element principalsElement = new Element(PRINCIPALS);
- roleElement.addContent(principalsElement);
-
- for (final Iterator principalsIter = principals.iterator();
principalsIter.hasNext();) {
- MetaMatrixPrincipalName principal =
(MetaMatrixPrincipalName)principalsIter.next();
- principalsElement.addContent(new
Element(ROLE).setText(principal.getName()));
- }
- }
- } // for
-
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
- XMLOutputter outputter = new XMLOutputter();
- outputter.setFormat(Format.getPrettyFormat());
- outputter.output(doc, baos);
-
- return baos.toString().toCharArray();
- }
-
- /**
- * The properties will have format of
- * role1 = group1, group2
- * role2 = group3
- *
- * @param roles
- * @return
- */
- public static Collection<AuthorizationPolicy> buildAdminPolicies(Properties
roleMap) {
- List<AuthorizationPolicy> result = new ArrayList<AuthorizationPolicy>();
- Set keys = roleMap.keySet();
-
- for(Object key:keys) {
- String role = (String)key;
- AuthorizationPolicyID policyID = new AuthorizationPolicyID(role, role);
- AuthorizationPolicy policy = new AuthorizationPolicy(policyID);
-
- // allowed groups
- StringTokenizer st = new StringTokenizer(roleMap.getProperty(role),
","); //$NON-NLS-1$
- while (st.hasMoreTokens()) {
- String group = st.nextToken();
- MetaMatrixPrincipalName member = new MetaMatrixPrincipalName(group,
MetaMatrixPrincipal.TYPE_GROUP);
- policy.addPrincipal(member);
- }
- result.add(policy);
- }
- return result;
- }
-
- public static Collection<AuthorizationPolicy> buildDefaultAdminPolicies() {
- Properties p = new Properties();
- for (String role:AdminRoles.getAllRoleNames()) {
- p.setProperty(role, role);
- }
- return buildAdminPolicies(p);
-
- }
-
-}
Deleted: trunk/engine/src/main/java/org/teiid/security/AuthorizationPolicyID.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationPolicyID.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/AuthorizationPolicyID.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,369 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.io.Serializable;
-
-import com.metamatrix.platform.security.util.RolePermissionFactory;
-
-public class AuthorizationPolicyID implements Comparable, Serializable {
- public final static char DELIMITER= '!';
-
- public final static int DESCRIPTION_LEN = 250;
-
- /**
- * The immutable name for the policy.
- */
- private String name;
-
- /**
- * The policy description.
- */
- private String description;
-
- /**
- * Console display name for this policy.
- */
- private String displayName;
-
- /**
- * Get the <code>AuthorizationRealm</code> this policy
- * belongs in.
- * @return the policy's realm.
- */
- public AuthorizationRealm getRealm() {
- return realm;
- }
-
- /**
- * The AuthorizationRealm that this policy belongs in
- * (usually - but not limited to - a VDB version).
- */
- private AuthorizationRealm realm;
-
- /**
- * ctor
- * Meant to be used only by <code>JDBCAuthorizationTransaction</code> to
- * populate <code>AuthorizationPolicyID</code>s when retrieving
- * them from the authorization store.
- * Construct a policy ID with the specified name and description.
- * @param name the identifier (name) for the policy composed of
- * @param description the policy description.
- */
- public AuthorizationPolicyID(String name, String description) {
- parseAndSetName(name);
- this.setDescription(description);
- }
-
- /**
- * Construct a policy ID that is tied to an
<code>AuthorizationRealm</code>.
- * @param theDisplayName the identifier that the Console will display.
- * @param description The policy description - may be <code>null</code>.
- * @param theRealm The <code>AuthorizationRealm</code> this policy
should
- * be tied to - may <i>not</i> be <code>null</code>.
- */
- public AuthorizationPolicyID(String theDisplayName, String description,
AuthorizationRealm theRealm) {
- if ( theDisplayName == null || theDisplayName.trim().length() == 0 ) {
- throw new IllegalArgumentException(
- SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0024));
- }
- if ( theDisplayName.indexOf(DELIMITER) >= 0 ) {
- // The display name cannot contain any DELIMETERS
- throw new IllegalArgumentException(
- SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0025,
DELIMITER));
- }
- if ( theRealm == null ) {
- throw new IllegalArgumentException(
- SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0026));
- }
- if ( theRealm.equals(RolePermissionFactory.getRealm()) ) {
- this.name = theDisplayName;
- } else {
- this.name = formName(theDisplayName, theRealm.getSuperRealmName(),
theRealm.getSubRealmName());
- }
- this.realm = theRealm;
- this.displayName = theDisplayName;
- this.setDescription(description);
- }
-
- /**
- * Construct a policy ID that is tied to a VDB.
- * @param theDisplayName the identifier that the Console will display.
- * @param vdbName The name of the VDB this policy should be tied to.
- * @param vdbVersion The version of the VDB this policy should be tied to.
- */
- public AuthorizationPolicyID(String theDisplayName, String vdbName, int vdbVersion)
{
- this(theDisplayName, vdbName, Integer.toString(vdbVersion));
- }
-
- /**
- * Construct a policy ID that is tied to a VDB.
- * @param theDisplayName the identifier that the Console will display.
- * @param vdbName The name of the VDB this policy should be tied to.
- * @param vdbVersion The version of the VDB this policy should be tied to.
- */
- public AuthorizationPolicyID(String theDisplayName, String vdbName, String
vdbVersion) {
- if (theDisplayName == null || theDisplayName.trim().length() == 0) {
- throw new IllegalArgumentException(
- SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0024));
- }
- if (vdbName == null || vdbName.trim().length() == 0) {
- throw new IllegalArgumentException(
- SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0027));
- }
- this.displayName = theDisplayName;
- this.realm = new AuthorizationRealm(vdbName, vdbVersion);
- this.name = formName(theDisplayName, vdbName, vdbVersion);
- this.description = ""; //$NON-NLS-1$
- }
-
- /**
- * Returns the name for the policy.
- * @return the policy's name
- */
- public String getName() {
- return this.name;
- }
-
- /**
- * Obtain the description for this policy which may be null.
- * @return the description. May be null.
- */
- public String getDescription() {
- return description;
- }
-
- /**
- * Returns the Console display name for the policy. May return the same as
- * <code>getName()</code>.
- * @return the Console display name
- */
- public String getDisplayName() {
- return this.displayName;
- }
-
- /**
- * Returns the Console's VDB name for the policy. (Console limits policy to one
version of one VDB.)
- * May be <code>null</code>.
- * @return The VDB name or <code>null</code> if the policy that this ID
represents
- * is not tied to a VDB.
- */
- public String getVDBName() {
- return this.realm.getSuperRealmName();
- }
-
- /**
- * Return the Console's VDB version for the policy. (Console limits policy to
one version of one VDB.)
- * @return The VDB version or <code>-1</code> if the policy that this ID
represents
- * is not tied to a VDB.
- */
- public int getVDBVersion() {
- String vdbVersion = this.realm.getSubRealmName();
- return (vdbVersion == null ? -1 : Integer.parseInt(vdbVersion));
- }
-
- /**
- * Return the Stringified Console's VDB version for the policy. (Console limits
policy to one
- * version of one VDB.)
- * @return The VDB version or <code>-1</code> if the policy that this ID
represents
- * is not tied to a VDB.
- */
- public String getVDBVersionString() {
- String vdbVersion = this.realm.getSubRealmName();
- return (vdbVersion == null ? "-1" : vdbVersion); //$NON-NLS-1$
- }
-
- /**
- * Define the set of description for this policy.
- * @param desc the new description for this policy.
- */
- public void setDescription(String desc) {
- if ( desc != null ) {
- if (desc.length() > DESCRIPTION_LEN) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0028,
DESCRIPTION_LEN));
- }
- this.description = desc;
- } else {
- this.description = ""; //$NON-NLS-1$
- }
- }
-
- /**
- * Returns a string representing the current state of the object.
- */
- public String toString() {
- StringBuffer buf = new StringBuffer("Name=<" + this.name);
//$NON-NLS-1$
- buf.append("> Realm=<" + this.realm + '>');
//$NON-NLS-1$
- buf.append("> Desc=<" + this.description); //$NON-NLS-1$
- return buf.toString();
- }
-
- /**
- * Overrides Object hashCode method.
- * @return a hash code value for this object.
- * @see Object#hashCode()
- * @see Object#equals(Object)
- */
- public int hashCode() {
- return this.name.hashCode();
- }
-
- /**
- * Returns true if the specified object is semantically equal to this instance.
- * Note: this method is consistent with <code>compareTo()</code>.
- * <p>
- * @param obj the object that this instance is to be compared to.
- * @return whether the object is equal to this object.
- */
- public boolean equals(Object obj) {
- // Check if instances are identical ...
- if (this == obj) {
- return true;
- }
-
- // Check if object can be compared to this one
- // (this includes checking for null ) ...
- if (obj instanceof AuthorizationPolicyID) {
-
- // fail fast on different hash codes
- if (this.hashCode() != obj.hashCode()) {
- return false;
- }
-
- // slower comparison
- return compare(this, (AuthorizationPolicyID)obj) == 0;
- }
-
- // Otherwise not comparable ...
- return false;
- }
-
- /**
- * Compares this AuthorizationPolicyID to another Object. If the Object is an
AuthorizationPolicyID,
- * this function compares the name. Otherwise, it throws a
- * ClassCastException (as policyID instances are comparable only to
- * other policyID instances). Note: this method is consistent with
- * <code>equals()</code>.
- * <p>
- * @param o the object that this instance is to be compared to.
- * @return a negative integer, zero, or a positive integer as this object
- * is less than, equal to, or greater than the specified object, respectively.
- * @throws ClassCastException if the specified object's type prevents it
- * from being compared to this AuthorizationPolicyID.
- */
- public int compareTo(Object o) throws ClassCastException {
- // Check if instances are identical ...
- if (this == o) {
- return 0;
- }
- if (o == null) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0029));
- }
-
- // Check if object cannot be compared to this one
- // (this includes checking for null ) ...
- if (!(o instanceof AuthorizationPolicyID)) {
- throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0030,
o.getClass()));
- }
-
- // Check if everything else is equal ...
- return compare(this, (AuthorizationPolicyID)o);
- }
-
- /**
- * Utility method to compare two policyIDs. Returns a negative integer, zero,
- * or a positive integer as this object is less than, equal to, or greater than
- * the specified object. <p>
- *
- * The comparison is based on the names of the user groups.<p>
- *
- * This method assumes that all type-checking has already been performed. <p>
- *
- * @param obj1 the first policyID to be compared
- * @param obj2 the second policyID to be compared
- * @return -1, 0, +1 based on whether obj1 is less than, equal to, or
- * greater than obj2
- */
- static int compare(AuthorizationPolicyID obj1, AuthorizationPolicyID obj2) {
- return (obj1.hashCode() == obj2.hashCode()) ? 0 :
obj1.name.compareTo(obj2.name);
- }
-
- public static String parseRealm(AuthorizationRealm aRealm) {
- String superRealmName = aRealm.getSuperRealmName();
- String subRealmName = aRealm.getSubRealmName();
- if ( subRealmName == null ) {
- return superRealmName;
- }
- return formName("", superRealmName, subRealmName); //$NON-NLS-1$
- }
-
- public static String formName(String displayName, String vdbName, String vdbVersion)
{
- String delimiterString = new String(new char[] {DELIMITER});
- StringBuffer name = new StringBuffer();
- if ( displayName != null && displayName.trim().length() > 0 ) {
- name.append(displayName);
- }
- if ( displayName.indexOf('.') < 0 ) {
- if ( vdbName != null && vdbName.trim().length() > 0 ) {
- name.append(delimiterString);
- name.append(vdbName);
- }
- if ( vdbVersion != null && vdbVersion.trim().length() > 0 ) {
- String versionString = vdbVersion;
- // left pad with zeros if needed
- while (versionString.length() < 3) {
- versionString = "0" + versionString; //$NON-NLS-1$
- }
- name.append(delimiterString);
- name.append(versionString);
- }
- }
- return name.toString();
- }
-
- /**
- *
- */
- private void parseAndSetName(String idName) {
- this.name = idName;
- int firstDelimiterLoc = idName.indexOf(DELIMITER);
- String superRealmName = ""; //$NON-NLS-1$
- String subRealmName = ""; //$NON-NLS-1$
- if ( firstDelimiterLoc > 0 ) {
- this.displayName = idName.substring(0, firstDelimiterLoc);
- int secondDelimiterLoc = idName.lastIndexOf(DELIMITER);
- if ( secondDelimiterLoc > firstDelimiterLoc + 1 ) {
- superRealmName = idName.substring(firstDelimiterLoc + 1,
secondDelimiterLoc);
- if ( secondDelimiterLoc < idName.length() ) {
- subRealmName = idName.substring(secondDelimiterLoc + 1);
- }
- }
- this.realm = new AuthorizationRealm(superRealmName, subRealmName);
- } else {
- this.displayName = idName;
- this.realm = RolePermissionFactory.getRealm();
- }
- }
-}
-
-
Deleted: trunk/engine/src/main/java/org/teiid/security/AuthorizationRealm.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationRealm.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/AuthorizationRealm.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,286 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.io.Serializable;
-import java.util.List;
-
-import com.metamatrix.core.util.StringUtil;
-
-/**
- * This class contains the realm and sub realm for an
<code>AuthorizationPermission</code>.<br>
- * It may be composed of two divisions - a super realm and a sub realm. The super
- * realm is required and is a major grouping for
<code>AuthorizationPermission</code>s.
- * The sub realm is an optional and arbitrary tag that subdivides the super
realm.<br>
- * This object will not change during the life of an
<code>AuthorizationPermission</code>.
- */
-public class AuthorizationRealm implements Comparable, Serializable {
-
- private static final String REALM_DELIMITER = "."; //$NON-NLS-1$
- private static final int NUMBER_OF_REALM_COMPONENTS = 2;
-
- // The Realm
- private String superRealmName;
-
- // The Sub Realm
- private String subRealmName;
-
- // Realm description
- private String description;
-
- /** Largest allowable description. Descriptions longer will be truncated. */
- public static final int MAX_DESCRIPTION_LEN = 550;
-
- /**
- * The cached value of the hash code for this object.
- */
- private int hashCode;
-
- /**
- * ctor
- * Meant to be used only by <code>JDBCAuthorizationTransaction</code> to
- * populate <code>AuthorizationPermission</code>s with their realm when
retrieving
- * them from the database.
- * @param realmName The name of the realm to which an AuthorizationPermission
- * belongs - May not be null. May be the combined super and sub realm names,
- * in which case it will be parsed correctly. Must contain no more than 2
- * realm components.
- * @throws IllegalArgumentException if <code>realmName</code> contains
too many
- * components.
- */
- public AuthorizationRealm(String realmName) {
- if ( realmName == null || realmName.trim().length() == 0 ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0031));
- }
- if ( realmName.indexOf(REALM_DELIMITER) >= 0 ) {
- List realms = StringUtil.split(realmName, REALM_DELIMITER);
- if ( realms.size() > NUMBER_OF_REALM_COMPONENTS ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0032,
realmName));
- }
-
- init((String)realms.get(0), (String)realms.get(1), null);
- } else {
- init(realmName, null, null);
- }
- }
-
- /**
- * ctor
- * Must have at least a superRealmName and may have a subRealmName.
- * @param superRealmName The name of the realm to which an AuthorizationPermission
- * belongs - May not be null.
- * @param subRealmName An arbitrary subdivision of the given realm - May be null.
- * @throws IllegalArgumentException if <code>realmName</code> contains
too many
- * components.
- */
- public AuthorizationRealm(String superRealmName, String subRealmName) {
- this(superRealmName, subRealmName, null);
- }
-
- /**
- * ctor
- * Must have at least a superRealmName and may have a subRealmName.
- * @param superRealmName The name of the realm to which an AuthorizationPermission
- * belongs - May not be null.
- * @param subRealmName An arbitrary subdivision of the given realm - May be null.
- * @param description May be null.
- * @throws IllegalArgumentException if <code>superRelamName</code> is
null or empty
- * or if either superRealmName or subRealmName contain a realm delimeter char
'.'.
- */
- public AuthorizationRealm(String superRealmName, String subRealmName, String
description) {
- if ( superRealmName == null || superRealmName.trim().length() == 0 ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0031));
- }
- if ( superRealmName.indexOf(REALM_DELIMITER) >= 0 ||
- (subRealmName != null && subRealmName.indexOf(REALM_DELIMITER) >=
0) ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0033,
- new Object[] {superRealmName, subRealmName}));
- }
- init(superRealmName, subRealmName, description);
- }
-
- /**
- * Must have at least a realmName and may have a subRealmName.
- * @param superRealmName The name of the realm to which an AuthorizationPermission
- * belongs - May not be null.
- * @param subRealmName An arbitrary subdivision of the given realm - May be null.
- */
- private void init(String superRealmName, String subRealmName, String description) {
- this.superRealmName = superRealmName;
-
- if ( subRealmName != null && subRealmName.trim().length() > 0 ) {
- // Remove left zero padding if needed
- char[] chars = subRealmName.toCharArray();
- int nonZeroIndex = 0;
- while ( chars[nonZeroIndex] == '0' && nonZeroIndex <
chars.length ) {
- nonZeroIndex++;
- }
- if ( nonZeroIndex >= chars.length ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0034));
- }
- this.subRealmName = subRealmName.substring(nonZeroIndex);
- }
-
- setDescription(description);
-
- hashCode = getRealmName().hashCode();
- }
-
- /**
- * Get the full realm name.
- * @return The full realm name.
- */
- public String getRealmName() {
- StringBuffer realm = new StringBuffer(this.superRealmName);
- if ( this.subRealmName != null ) {
- realm.append(REALM_DELIMITER);
- realm.append(this.subRealmName);
- }
- return realm.toString();
- }
-
- /**
- * Get the super realm name.
- * @return The realm name.
- */
- public String getSuperRealmName() {
- return this.superRealmName;
- }
-
- /**
- * Get the sub realm name.
- * @return The sub realm name - <strong>May be null</strong>.
- */
- public String getSubRealmName() {
- return this.subRealmName;
- }
-
- /**
- * Get the realm description.
- * @return The realm description.
- */
- public String getDescription() {
- return this.description;
- }
-
- /**
- * Set the realm description. The description argument will be ignored if
- * it's null or empty.
- * @param description The realm description.
- */
- public void setDescription(String description) {
- if ( description != null && description.trim().length() > 0 ) {
- this.description = StringUtil.truncString(description, MAX_DESCRIPTION_LEN);
- }
- }
-
- /**
- * Override Object method.
- */
- public String toString() {
- return getRealmName();
- }
-
- /**
- * Overrides Object hashCode method.
- * @return a hash code value for this object.
- * @see Object#hashCode()
- * @see Object#equals(Object)
- */
- public int hashCode() {
- return this.hashCode;
- }
-
- /**
- * Returns true if the specified object is semantically equal to this instance.
- * Note: this method is consistent with <code>compareTo()</code>.
- * <p>
- * @param obj the object that this instance is to be compared to.
- * @return whether the object is equal to this object.
- */
- public boolean equals(Object obj) {
- // Check if instances are identical ...
- if (this == obj) {
- return true;
- }
- // Check if object can be compared to this one
- // (this includes checking for null ) ...
- if(obj instanceof AuthorizationRealm){
- return compare(this, (AuthorizationRealm)obj) == 0;
- }
-
- // Otherwise not comparable ...
- return false;
- }
-
- /**
- * Compares this AuthorizationRealm to another Object. If the Object is an
AuthorizationRealm,
- * this function compares the name. Otherwise, it throws a
- * ClassCastException (as AuthorizationRealm instances are comparable only to
- * other AuthorizationRealm instances). Note: this method is consistent with
- * <code>equals()</code>.
- * <p>
- * @param o the object that this instance is to be compared to.
- * @return a negative integer, zero, or a positive integer as this object
- * is less than, equal to, or greater than the specified object, respectively.
- * @throws ClassCastException if the specified object's type prevents it
- * from being compared to this AuthorizationRealm.
- */
- public int compareTo(Object o) throws ClassCastException {
- // Check if instances are identical ...
- if (this == o) {
- return 0;
- }
- if (o == null) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0035));
- }
-
- // Check if object cannot be compared to this one
- // (this includes checking for null ) ...
- if (!(o instanceof AuthorizationRealm)) {
- throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0036,
o.getClass()));
- }
-
- // Check if everything else is equal ...
- return compare(this, (AuthorizationRealm)o);
- }
-
- /**
- * Utility method to compare two AuthorizationRealm instances. Returns a negative
integer, zero,
- * or a positive integer as this object is less than, equal to, or greater than
- * the specified object. <p>
- *
- * Subclasses may not override this method because it is designed to enforce a
- * constraint placed on <emph>all</emph>
<code>AuthorizationRealm</code>s.<p>
- *
- * This method assumes that all type-checking has already been performed. <p>
- *
- * @param obj1 the first policyID to be compared
- * @param obj2 the second policyID to be compared
- * @return -1, 0, +1 based on whether obj1 is less than, equal to, or
- * greater than obj2
- */
- static public final int compare(AuthorizationRealm obj1, AuthorizationRealm obj2) {
- return
obj1.getRealmName().toLowerCase().compareTo(obj2.getRealmName().toLowerCase());
- }
-}
Deleted: trunk/engine/src/main/java/org/teiid/security/AuthorizationResource.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/AuthorizationResource.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/AuthorizationResource.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,83 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-
-/**
- * This interface defines a Resource on which can be granted one or more
- * {@link com.metamatrix.platform.security.api.AuthorizationActions Actions}.
- * Together these form an
- * {@link com.metamatrix.platform.security.api.AuthorizationPermission
AuthorizationPermission}.
- */
-public interface AuthorizationResource extends Comparable {
- /**
- * Get the name of this resource. May be <code>null</code>
- * if the resorce's ID has not been resolved.
- * @return The resource name.
- */
- String getName();
-
- /**
- * Get the identifier of this resource. <i>Will not</i> be
<code>null</code>.
- * This is the identifier used to store and retrieve this resource from
- * the Authorization store.
- * @return The resource identifier.
- */
- String getID();
-
- /**
- * Get the UUID of this resource. May be <code>null</code>.
- * This is a payload of UUID for MetaBase authorization code.
- * @return The resource's UUID, if present, else <code>null</code>.
- */
- String getUUID();
-
- /**
- * Get the canonical name of this resource used for comparing.
- * May be <code>null</code> if the resource's ID has not been
resolved.
- * @return The canonical resource name.
- */
- String getCanonicalName();
-
- /**
- * Determine if the Actions applies to this resource should be
- * applied recursively to sub resources.
- * @return Whether the actions are to be applied recursivly.
- */
- boolean isRecursive();
-
- /**
- * Does this resource imply another?
- * @param resource The other resource
- * @throws MetaBaseResourceNotResolvedException if implies is called bfore
- * the resource's ID has been resolved to a path.
- */
- boolean implies(AuthorizationResource resource);
-
- /**
- * Are these resources equal exception for recursion?
- * @param resource The resource to compare with this one disregarding recursion.
- * @return <code>true</code> if these two resources differ only be
recursion.
- */
- boolean isCannonicallyEquivalent(AuthorizationResource resource);
-}
Deleted: trunk/engine/src/main/java/org/teiid/security/BasicAuthorizationPermission.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/BasicAuthorizationPermission.java 2010-03-08
22:13:59 UTC (rev 1941)
+++
trunk/engine/src/main/java/org/teiid/security/BasicAuthorizationPermission.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,208 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import com.metamatrix.common.log.LogManager;
-import com.metamatrix.common.util.LogConstants;
-
-/**
- * A BasicAuthorizationPermission defines access permissions for Metadata resources
(i.e., MetadataID instances).
- * This class extends the AuthorizationPermission abstract class and provides
specialized
- * <code>implies</code>, <code>equals</code>, and
<code>compareTo</code> method implementations.
- * <p>
- */
-public class BasicAuthorizationPermission extends AuthorizationPermission implements
Cloneable {
-
- public static final String RECURSIVE = DataAccessResource.RECURSIVE;
- public static final String SEPARATOR_WITH_RECURSIVE =
DataAccessResource.SEPARATOR_WITH_RECURSIVE;
-
- /**
- * Create a new Metadata authorization permission for the specified resource.
- * @param resource the resource
- * @param realm the name of the realm for this rule (may not be null, but may be
empty)
- * @param actions the actions for the resource
- * @param contentModifier the content modifier (may be null)
- */
- BasicAuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realm, AuthorizationActions actions, String contentModifier, String factoryClassName) {
- super( resource, realm, actions, contentModifier, factoryClassName);
- }
-
- /**
- * Create a new Metadata authorization permission for the specified resource.
- * @param resource the new resource
- * @param realmName the name of the realm for this rule (may not be null, but may be
empty)
- * @param factoryClassName the name of the factory class used to create this
permissions (may not be null, but may be empty)
- */
- BasicAuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realmName, String factoryClassName) {
- super( resource, realmName, factoryClassName);
- }
-
- /**
- * Create a new Metadata authorization permission for the specified resource.
- * @param resource the new resource name
- * @param realm the name of the realm for this rule (may not be null, but may be
empty)
- * @param actions the actions for the resource
- */
- BasicAuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realm, AuthorizationActions actions, String factoryClassName) {
- super( resource, realm, actions, factoryClassName);
- }
-
- /**
- * Make a deep copy of this object.
- * @return The newly copied object.
- */
- protected Object clone() throws CloneNotSupportedException {
- return new BasicAuthorizationPermission(this.getResource(),
- this.getRealm(),
- this.getActions(),
- this.getContentModifier(),
- this.getFactoryClassName());
- }
-
- /**
- * Determine whether this <i>official</i>
<code>AuthorizationPermission</code> instance <i>implies</i>
- * the access requested by the <code>request</code>
<code>AuthorizationPermission</code> instance. This
- * <i>official</i> permission is stored by the Authorization subsystem
and is owned by a given
- * <code>Principal</code>. The <code>request</code>
permission has been created by a software component
- * on behalf of the given <code>Principal</code> wishing access to a
resource controlled by the component.
- * <p>
- * The requested permission is implied by the official permission if
<b><i>all</i></b> of the following
- * conditions are satisfied:</p>
- *
- * <li>The <code>request</code> permission must be of the same type
(evaluated using
- * <code>instanceof</code>);</li>
- * <li>The {@link AuthorizationRealm} of each permission instance must be
equivalent;</li>
- * <li>All of the actions of the requested permission must be included in the
actions
- * of the official permission. See {@link AuthorizationActions#implies};</li>
- * <li>if there is a recursive parameter in both resource names, and the
- * requested resource name is more restrictive than the official resource
name;</li>
- * <li>if there is a recursive parameter in the official resource but not the
- * requested resource or neither resource contains a recursive parameter, and
- * the requested resource is contained in its entirety within the official resource
- * name (starting at the beginning of the official resource).</li>
- * Note: the content modifier of the permissions is not used in this algorithm.
- *
- * @param request The permission that is being requested or attempted, and which is
in question
- * by the caller
- * @return <code>true</code> if the official permission does imply access
to the resource(s) specified
- * by the request
- */
- public boolean implies( AuthorizationPermission request ) {
-// LogManager.logTrace( LogSecurityConstants.CTX_AUTHORIZATION,
"BasicAuthorizationPermission.implies(): this [" +
-// this.toString() + "] => that [" + request +
"]");
- if (!(request instanceof BasicAuthorizationPermission)) {
-// LogManager.logDetail( LogSecurityConstants.CTX_AUTHORIZATION,
"implies(): Permission not an instance of BasicAuthorizationPermission");
- return false;
- }
-
- // --------------------------------------
- // Actions NONE does not imply anything!
- // --------------------------------------
- if ( this.getActions().equals(StandardAuthorizationActions.NONE) ||
- request.getActions().equals(StandardAuthorizationActions.NONE) ) {
- return false;
- }
-
- // -----------------------
- // Compare the Realms ...
- // -----------------------
- if ( ! this.getRealm().equals(request.getRealm()) ) {
-// LogManager.logTrace( LogSecurityConstants.CTX_AUTHORIZATION,
"implies(): Realms not equal: this [" +
-// this.getRealm() + "] != that [" + request.getRealm() +
"]");
- return false;
- }
- LogManager.logTrace( LogConstants.CTX_AUTHORIZATION, "implies(): Realms are
equal"); //$NON-NLS-1$
-
- // -----------------------
- // Compare the actions ...
- // -----------------------
- if ( ! this.getActions().implies(request.getActions()) ) {
-// LogManager.logTrace( LogSecurityConstants.CTX_AUTHORIZATION,
"implies(): Actions not implied: this [" +
-// this.getActions() + "] != that [" + request.getActions()
+ "]");
- return false;
- }
- LogManager.logTrace( LogConstants.CTX_AUTHORIZATION, "implies(): Actions are
implied"); //$NON-NLS-1$
-
- BasicAuthorizationPermission that = (BasicAuthorizationPermission) request;
- // ---------------------------
- // Compare the resource(s) ...
- // ---------------------------
- DataAccessResource thisResource = (DataAccessResource) getResource();
- return thisResource.implies(that.getResource());
- }
-
- public boolean equals(Object obj) {
- // Check if instances are identical ...
- if (this == obj) {
- return true;
- }
- // Check if object can be compared to this one
- // (this includes checking for null ) ...
- if(obj instanceof BasicAuthorizationPermission){
- return compare(this, (BasicAuthorizationPermission)obj) == 0;
- }
-
- // Otherwise not comparable ...
- return false;
- }
-
- public int compareTo(Object o) throws ClassCastException {
- // Check if instances are identical ...
- if (this == o) {
- return 0;
- }
- if (o == null) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0037));
- }
-
- // Check if object cannot be compared to this one
- // (this includes checking for null ) ...
- if (!(o instanceof BasicAuthorizationPermission)) {
- throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0038,
o.getClass()));
- }
-
- // Check if everything else is equal ...
- return compare(this, (BasicAuthorizationPermission)o);
- }
-
- /**
- * Remove recursive attribute.
- * @param resourceName The resource name from which to remove recursion.
- * @return The non recursive resource name.
- */
- public static String removeRecursion(String resourceName) {
- return resourceName.substring(0,
resourceName.indexOf(SEPARATOR_WITH_RECURSIVE));
- }
-
- /**
- * Does this resource have the recursive attribute.
- * @param resourceName The resource name to check for recursion.
- * @return <code>true</code> if the resource is recursive.
- */
- public static boolean isRecursiveResource(String resourceName) {
- return resourceName.endsWith(SEPARATOR_WITH_RECURSIVE);
- }
-
-}
-
-
Deleted:
trunk/engine/src/main/java/org/teiid/security/BasicAuthorizationPermissionFactory.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/BasicAuthorizationPermissionFactory.java 2010-03-08
22:13:59 UTC (rev 1941)
+++
trunk/engine/src/main/java/org/teiid/security/BasicAuthorizationPermissionFactory.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,78 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.io.Serializable;
-
-/**
- * This class is the factory for BasicAuthorizationPermission instances.
- */
-public class BasicAuthorizationPermissionFactory implements
AuthorizationPermissionFactory, Serializable {
-
- /**
- * Get the class that this factory creates instances of.
- * @return the class of the instances returned by this factory's
<code>create</code> methods.
- */
- public Class getPermissionClass() { return BasicAuthorizationPermission.class; }
-
- /**
- * Create the AuthorizationResource type for the permission type that this factory
creates instances of.
- * @return A new resource instance of the appropriate type.
- */
- public AuthorizationResource createResource(String name) {
- return new DataAccessResource(name);
- }
-
- /**
- * Create a new authorization permission for the specified resource.
- * @param resource the resource
- * @param realm the realm into which this resource belongs
- * @param actions the actions for the resource
- * @param contentModifier the content modifier (may be null)
- */
- public AuthorizationPermission create(AuthorizationResource resource,
AuthorizationRealm realm, AuthorizationActions actions, String contentModifier) {
- String factoryClassName = this.getClass().getName();
- return new BasicAuthorizationPermission(resource,realm,actions,contentModifier,
factoryClassName);
- }
-
- /**
- * Create a new authorization permission for the specified resource.
- * @param resource the resource
- * @param realm the realm into which this resource belongs
- */
- public AuthorizationPermission create(String resource, AuthorizationRealm realm) {
- return new BasicAuthorizationPermission(new DataAccessResource(resource),realm,
this.getClass().getName());
- }
-
- /**
- * Create a new authorization permission for the specified resource.
- * @param resource the resource
- * @param realm the realm into which this resource belongs
- * @param actions the actions for the resource
- */
- public AuthorizationPermission create(String resource, AuthorizationRealm realm,
AuthorizationActions actions) {
- return new BasicAuthorizationPermission(new
DataAccessResource(resource),realm,actions, this.getClass().getName());
- }
-}
-
-
Modified: trunk/engine/src/main/java/org/teiid/security/Credentials.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/Credentials.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/Credentials.java 2010-03-09 14:31:12 UTC
(rev 1943)
@@ -20,7 +20,7 @@
* 02110-1301 USA.
*/
-package com.metamatrix.platform.security.api;
+package org.teiid.security;
import java.io.Serializable;
Deleted: trunk/engine/src/main/java/org/teiid/security/DataAccessResource.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/DataAccessResource.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/DataAccessResource.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,256 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.io.Serializable;
-
-//import com.metamatrix.common.log.LogManager;
-
-//import com.metamatrix.platform.security.util.LogSecurityConstants;
-
-/**
- * Defines a resource associated with a
- * {@link com.metamatrix.platform.security.api.BasicAuthorizationPermission
BasicAuthorizationPermission}.
- */
-public class DataAccessResource implements AuthorizationResource, Serializable {
-
- // --------------------------------------------------
- // Static constants related to the naming lexicon ...
- // --------------------------------------------------
-// private static final boolean IGNORE_CASE = false;
- private static final String SEPARATOR = "."; //$NON-NLS-1$
- public static final String RECURSIVE = "*"; //$NON-NLS-1$
- private static final String ALL_NODES = RECURSIVE;
- public static final String SEPARATOR_WITH_RECURSIVE = SEPARATOR + RECURSIVE;
-
- // The resource name
- private String name;
- // The resource's canonical name
- private String canonicalName;
- // Is this a recursive resource?
- private boolean isRecursive;
-
- /**
- * ctor
- * @param name The resource name
- */
- public DataAccessResource(String name) {
- this.name = name;
- init(name);
- }
-
- /**
- * Overrides method defined in <code>Object</code>.
- * @return The hashCode of this object.
- */
- public int hashCode() {
- return name.hashCode();
- }
-
- /**
- * Overrides method defined in <code>Object</code>.
- * Note: this method is consistent with <code>compareTo()</code>.
- * @param obj The <code>Object</code> to compare.
- * @return <code>true</code> if two DataAccessResource instances are
semantically equal.
- */
- public boolean equals(Object obj) {
- // Check if instances are identical ...
- if (this == obj) {
- return true;
- }
-
- // Check if object can be compared to this one
- // (this includes checking for null ) ...
- if (obj instanceof DataAccessResource) {
- return this.name.equals(((DataAccessResource)obj).name);
- }
- return false;
- }
-
- /**
- * Are these resources equal exception for recursion?
- * @param resource The resource to compare with this one disregarding recursion.
- * @return <code>true</code> if these two resources differ only be
recursion.
- */
- public boolean isCannonicallyEquivalent(AuthorizationResource resource) {
- if (resource instanceof DataAccessResource) {
- return
this.canonicalName.equals(((DataAccessResource)resource).canonicalName);
- }
- return false;
- }
-
- /**
- * Get the resource name.
- * @return The resource name.
- */
- public String getName() {
- return name;
- }
-
- /**
- * Get the identifier of this resource. <i>Will not</i> be
<code>null</code>.
- * This is the identifier used to store and retrieve this resource from
- * the Authorization store.
- * @return The resource identifier.
- */
- public String getID() {
- return name;
- }
-
- /**
- * Get the UUID of this resource. May be <code>null</code>.
- * This is a payload of UUID for MetaBase authorization code.
- * @return The resource's UUID, if present, else <code>null</code>.
- */
- public String getUUID() {
- return null;
- }
-
- /**
- * Get the canonical name for this resource - used internally for comparing.
- * @return The resource's canonical name.
- */
- public String getCanonicalName() {
- return canonicalName;
- }
-
- /**
- * Determine if the Actions applies to this resource should be
- * applied recursively to sub resources.
- * @return Whether the actions are to be applied recursivly.
- */
- public boolean isRecursive() {
- return isRecursive;
- }
-
- /**
- * Package level method for use by the permission instance to
- * specify wheather this resoruce is recursive.
- * @param recursive
- */
- void setRecursive(boolean recursive) {
- isRecursive = recursive;
- }
-
- /**
- * Compares this DataAccessResource to another Object. If the Object is an
DataAccessResource,
- * this function compares the name. Otherwise, it throws a
- * ClassCastException (as DataAccessResource instances are comparable only to
- * other DataAccessResource instances). Note: this method is consistent with
- * <code>equals()</code>.
- * <p>
- * @param o the object that this instance is to be compared to.
- * @return a negative integer, zero, or a positive integer as this object
- * is less than, equal to, or greater than the specified object, respectively.
- * @throws ClassCastException if the specified object's type prevents it
- * from being compared to this DataAccessResource.
- */
- public int compareTo(Object o) throws ClassCastException {
- // Check if instances are identical ...
- if (this == o) {
- return 0;
- }
- if (o == null) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0043));
- }
-
- // Check if object cannot be compared to this one
- // (this includes checking for null ) ...
- if (!(o instanceof DataAccessResource)) {
- throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0044,
o.getClass()));
- }
-
- // Check if everything else is equal ...
- return this.name.compareTo(((DataAccessResource)o).name);
- }
-
- /**
- * Does this resource <i>"imply"</i> another?
- */
- public boolean implies(AuthorizationResource thatResource) {
- if ( !(thatResource instanceof DataAccessResource) ) {
- return false;
- }
- DataAccessResource that = (DataAccessResource) thatResource;
-// DEBUG:
-//System.out.println(" *** implies: Permission is recursive? " +
this.isRecursive);
- if ( isRecursive ) {
- // A recursive group implies access to its element
- if ( that.canonicalName.startsWith(this.canonicalName) ) {
-// DEBUG:
-//System.out.println(" *** implies: Permission is recursive and implied.");
-// LogManager.logTrace( LogSecurityConstants.CTX_AUTHORIZATION,
"implies(): Recursive perm implies that: this [" +
-// this.canonicalName + "] => that [" +
that.canonicalName + "]");
- return true;
- }
- } else if ( ! that.isRecursive ) {
-// DEBUG:
-//System.out.println(" *** implies: Permission is NOT recursive.");
- // If this perms resource is an element of the requested perms resource (a
group),
- // enforce policy that ANY element entitles its group.
- int lastSepIndex = this.canonicalName.lastIndexOf(SEPARATOR);
- if ( lastSepIndex > 0 && this.canonicalName.substring(0,
lastSepIndex).equals(that.canonicalName) ) {
-// DEBUG:
-//System.out.println(" *** implies: Permission is NOT recursive and is
implied.");
- return true;
- }
- }
-
-// LogManager.logTrace( LogSecurityConstants.CTX_AUTHORIZATION, "implies():
These resources equal? this [" +
-// this.canonicalName + "] == that [" + that.canonicalName +
"]");
- return this.canonicalName.equals(that.canonicalName);
- }
-
- /**
- * This method is invoked by the constructors that take a string resource name, and
is
- * to strip out any recursive or wildcard characters and return simple the name of
the
- * node.
- */
- private void init( String resourceName ) {
-
- // If the resource name is the ALL_NODES resource ...
- if ( resourceName.equals(ALL_NODES) ) {
- isRecursive = true;
- this.canonicalName = ""; // resource name should be nothing
//$NON-NLS-1$
- }
-
- // If the resource name includes the recursive parameter ...
- if ( resourceName.endsWith(SEPARATOR_WITH_RECURSIVE) ) {
- isRecursive = true;
- this.canonicalName = resourceName.substring(0, resourceName.length()-2);
- } else if ( resourceName.endsWith(RECURSIVE) ) {
- isRecursive = true;
- this.canonicalName = resourceName.substring(0, resourceName.length()-1);
- } else {
- // overkill since it is initialized to false, but
- // commented out here to remind us...
- //isRecursive = false;
- this.canonicalName = resourceName;
- }
- this.canonicalName = this.canonicalName.toLowerCase();
- }
-
- public String toString() {
- return name;
- }
-}
Deleted: trunk/engine/src/main/java/org/teiid/security/GranteeEntitlementEntry.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/GranteeEntitlementEntry.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/GranteeEntitlementEntry.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,239 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.io.Serializable;
-
-
-/**
- * This object contains one entry for an entitlement entry in {@link
UserEntitlementInfo}.
- * It comprises the triplet of <i>Grantee</i> the <i>Grantor</i>
that assigned him the
- * <i>Allowed Actions</i> and the <i>Allowed Actions</i> on the
<i>Resource</i> of the
- * entitlement.
- *
- * <p>This is not a standalone object. These objects are returned as elements of
- * {@link UserEntitlementInfo#iterator}. Specifically, the <i>Resource</i>
and VDB name and
- * version are constant over iteration and are contained in {@link
UserEntitlementInfo}.</p>
- */
-public final class GranteeEntitlementEntry implements Serializable, Comparable {
- private MetaMatrixPrincipalName grantee;
- private String grantor;
- private AuthorizationActions allowedActions;
- // Identity
- private String identifier;
-
- /**
- * <br>ctor.</br>
- * Used when creating in the Authorization JDBC layer.
- * @param grantee
- * @param grantor
- * @param alloweActions
- */
- public GranteeEntitlementEntry(MetaMatrixPrincipalName grantee, String grantor, int
allowedActions) {
- this.grantee = grantee;
- this.grantor = grantor;
- this.allowedActions =
StandardAuthorizationActions.getAuthorizationActions(allowedActions);
- this.generateIdentity();
- }
-
- /**
- * <br>ctor.</br>
- * Uses another GranteeEntitlementEntry as a pattern to clone only changing the
<i>Grantee</i>.
- * Used specifically when <i>clone</i> is a user group and grantee was
determined to be one of
- * the group members.
- * @param grantee The new principal this object will represent.
- * @param clone All other inforamtion comes from this clone.
- */
- public GranteeEntitlementEntry(MetaMatrixPrincipalName grantee,
GranteeEntitlementEntry clone) {
- this.grantee = grantee;
- this.grantor = clone.grantor;
- this.allowedActions = clone.allowedActions;
- this.generateIdentity();
- }
-
- /**
- * Get the <i>Grantee</i>.
- * @return The <i>Grantee</i>.
- */
- public String getGrantee() {
- return grantee.getName();
- }
-
- /**
- * Does this <i>Grantee</i> represent a user group? If not, it's a
user.
- * @return <code>true</code> if the <i>Grantee</i> represents
a user group,
- * <code>false</code> if it's of type user.
- */
- public boolean isUserGroup() {
- return grantee.getType() == MetaMatrixPrincipal.TYPE_GROUP;
- }
-
- /**
- * Get the <i>Grantor</i>.
- * @return The <i>Grantor</i>.
- */
- public String getGrantor() {
- return grantor;
- }
-
- /**
- * Get the <i>Allowed Actions</i>.
- * @return The <i>Allowed Actions</i>.
- */
- public String[] getAllowedActions() {
- return allowedActions.getLabels();
- }
-
- /**
- * Overrides Object method of the same name
- */
- public int hashCode() {
- return this.identifier.hashCode();
- }
-
- /**
- * Returns true if the specified object is semantically equal to this instance.
- * Note: this method is consistent with <code>compareTo()</code>.
- * <p>
- * @param obj the object that this instance is to be compared to.
- * @return whether the object is equal to this object.
- */
- public boolean equals(Object obj) {
- // Check if instances are identical ...
- if (this == obj) {
- return true;
- }
-
- // Check if object can be compared to this one
- // (this includes checking for null ) ...
- if (obj instanceof GranteeEntitlementEntry) {
- GranteeEntitlementEntry that = (GranteeEntitlementEntry) obj;
-
- return compare(this, that) == 0;
- }
-
- // Otherwise not comparable ...
- return false;
- }
-
- /**
- * Compares this GranteeEntitlementEntry to another Object. If the Object is an
GranteeEntitlementEntry,
- * this function compares the name. Otherwise, it throws a
- * ClassCastException (as GranteeEntitlementEntry instances are comparable only to
- * other GranteeEntitlementEntry instances). Note: this method is consistent with
- * <code>equals()</code>.
- * <p>
- * @param obj the object that this instance is to be compared to.
- * @return a negative integer, zero, or a positive integer as this object
- * is less than, equal to, or greater than the specified object, respectively.
- * @throws ClassCastException if the specified object's type prevents it
- * from being compared to this GranteeEntitlementEntry.
- */
- public int compareTo(Object o) throws ClassCastException {
- // Check if instances are identical ...
- if (this == o) {
- return 0;
- }
- if (o == null) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0045));
- }
-
- // Check if object cannot be compared to this one
- // (this includes checking for null ) ...
- if (!(o instanceof GranteeEntitlementEntry)) {
- throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0046,
o.getClass()));
- }
-
- // Check if everything else is equal ...
- return compare(this, (GranteeEntitlementEntry)o);
- }
-
- /**
- * String representation of object.
- */
- public String toString() {
- StringBuffer buff = new StringBuffer(this.grantee.getName());
- buff.append(", "); //$NON-NLS-1$
- buff.append(this.grantor);
- buff.append(", {"); //$NON-NLS-1$
- String[] actions = this.allowedActions.getLabels();
- for ( int i=0; i<actions.length; i++ ) {
- buff.append(actions[i] + ", "); //$NON-NLS-1$
- }
- buff.setLength(buff.length() -2);
- buff.append("}"); //$NON-NLS-1$
- return buff.toString();
- }
-
- /**
- * Possibly replace actions with the logical OR of these actions
- * already in place and the given actions.
- * @param newActions The <code>AuthorizationActions</code> that may be
added.
- */
- void addActions(AuthorizationActions newActions) {
- if (! this.allowedActions.implies(newActions) ) {
- this.allowedActions = StandardAuthorizationActions.getORedActions(newActions,
this.allowedActions);
- this.generateIdentity();
- }
- }
-
- /**
- * Get the <i>Allowed Actions</i>.
- * @return The <i>Allowed Actions</i>.
- */
- AuthorizationActions getActions() {
- return allowedActions;
- }
-
- /**
- * Utility method to compare two GranteeEntitlementEntries. Returns a negative
integer, zero,
- * or a positive integer as this object is less than, equal to, or greater than
- * the specified object. <p>
- *
- * The comparison is based on the names of the user groups.<p>
- *
- * This method assumes that all type-checking has already been performed. <p>
- *
- * @param obj1 the first GranteeEntitlementEntry to be compared
- * @param obj2 the second GranteeEntitlementEntry to be compared
- * @return -1, 0, +1 based on whether obj1 is less than, equal to, or
- * greater than obj2
- */
- static int compare(GranteeEntitlementEntry obj1, GranteeEntitlementEntry obj2) {
- return obj1.identifier.compareTo(obj2.identifier);
- }
-
- /**
- * Generate and set the immutable hashCode and the String identifier for this
object.
- */
- private void generateIdentity() {
- // Gen ID String for comparing
- StringBuffer idBuff = new StringBuffer(this.grantee.getName());
- idBuff.append(this.grantor);
- String[] actions = this.allowedActions.getLabels();
- for ( int i=0; i<actions.length; i++ ) {
- idBuff.append(actions[i]);
- }
- this.identifier = idBuff.toString();
- }
-}
Copied: trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java (from rev 1941,
trunk/common-internal/src/main/java/org/teiid/SecurityHelper.java)
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java
(rev 0)
+++ trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java 2010-03-09 14:31:12
UTC (rev 1943)
@@ -0,0 +1,39 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
+public interface SecurityHelper {
+
+ boolean assosiateSecurityContext(String securityDomain, Object context);
+
+ void clearSecurityContext(String securityDomain);
+
+ Object getSecurityContext(String securityDomain);
+
+ Object createSecurityContext(String securityDomain, Principal p, Object credentials,
Subject subject);
+
+}
Property changes on: trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Deleted: trunk/engine/src/main/java/org/teiid/security/SecurityMessagesKeys.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/SecurityMessagesKeys.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/SecurityMessagesKeys.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,119 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-
-public interface SecurityMessagesKeys {
-
- /** security.api package (107) */
- public static final String SEC_API_0001 = "ERR.014.107.0001";
//$NON-NLS-1$
- public static final String SEC_API_0002 = "ERR.014.107.0002";
//$NON-NLS-1$
- public static final String SEC_API_0003 = "ERR.014.107.0003";
//$NON-NLS-1$
- public static final String SEC_API_0004 = "ERR.014.107.0004";
//$NON-NLS-1$
- public static final String SEC_API_0005 = "ERR.014.107.0005";
//$NON-NLS-1$
- public static final String SEC_API_0006 = "ERR.014.107.0006";
//$NON-NLS-1$
- public static final String SEC_API_0007 = "ERR.014.107.0007";
//$NON-NLS-1$
- public static final String SEC_API_0008 = "ERR.014.107.0008";
//$NON-NLS-1$
- public static final String SEC_API_0009 = "ERR.014.107.0009";
//$NON-NLS-1$
- public static final String SEC_API_0010 = "ERR.014.107.0010";
//$NON-NLS-1$
- public static final String SEC_API_0011 = "ERR.014.107.0011";
//$NON-NLS-1$
- public static final String SEC_API_0012 = "ERR.014.107.0012";
//$NON-NLS-1$
- public static final String SEC_API_0013 = "ERR.014.107.0013";
//$NON-NLS-1$
- public static final String SEC_API_0014 = "ERR.014.107.0014";
//$NON-NLS-1$
- public static final String SEC_API_0015 = "ERR.014.107.0015";
//$NON-NLS-1$
- public static final String SEC_API_0016 = "ERR.014.107.0016";
//$NON-NLS-1$
- public static final String SEC_API_0017 = "ERR.014.107.0017";
//$NON-NLS-1$
- public static final String SEC_API_0018 = "ERR.014.107.0018";
//$NON-NLS-1$
- public static final String SEC_API_0019 = "ERR.014.107.0019";
//$NON-NLS-1$
- public static final String SEC_API_0020 = "ERR.014.107.0020";
//$NON-NLS-1$
- public static final String SEC_API_0021 = "ERR.014.107.0021";
//$NON-NLS-1$
- public static final String SEC_API_0022 = "ERR.014.107.0022";
//$NON-NLS-1$
- public static final String SEC_API_0023 = "ERR.014.107.0023";
//$NON-NLS-1$
- public static final String SEC_API_0024 = "ERR.014.107.0024";
//$NON-NLS-1$
- public static final String SEC_API_0025 = "ERR.014.107.0025";
//$NON-NLS-1$
- public static final String SEC_API_0026 = "ERR.014.107.0026";
//$NON-NLS-1$
- public static final String SEC_API_0027 = "ERR.014.107.0027";
//$NON-NLS-1$
- public static final String SEC_API_0028 = "ERR.014.107.0028";
//$NON-NLS-1$
- public static final String SEC_API_0029 = "ERR.014.107.0029";
//$NON-NLS-1$
- public static final String SEC_API_0030 = "ERR.014.107.0030";
//$NON-NLS-1$
- public static final String SEC_API_0031 = "ERR.014.107.0031";
//$NON-NLS-1$
- public static final String SEC_API_0032 = "ERR.014.107.0032";
//$NON-NLS-1$
- public static final String SEC_API_0033 = "ERR.014.107.0033";
//$NON-NLS-1$
- public static final String SEC_API_0034 = "ERR.014.107.0034";
//$NON-NLS-1$
- public static final String SEC_API_0035 = "ERR.014.107.0035";
//$NON-NLS-1$
- public static final String SEC_API_0036 = "ERR.014.107.0036";
//$NON-NLS-1$
- public static final String SEC_API_0037 = "ERR.014.107.0037";
//$NON-NLS-1$
- public static final String SEC_API_0038 = "ERR.014.107.0038";
//$NON-NLS-1$
- public static final String SEC_API_0043 = "ERR.014.107.0043";
//$NON-NLS-1$
- public static final String SEC_API_0044 = "ERR.014.107.0044";
//$NON-NLS-1$
- public static final String SEC_API_0045 = "ERR.014.107.0045";
//$NON-NLS-1$
- public static final String SEC_API_0046 = "ERR.014.107.0046";
//$NON-NLS-1$
- public static final String SEC_API_0047 = "ERR.014.107.0047";
//$NON-NLS-1$
- public static final String SEC_API_0048 = "ERR.014.107.0048";
//$NON-NLS-1$
- public static final String SEC_API_0049 = "ERR.014.107.0049";
//$NON-NLS-1$
- public static final String SEC_API_0050 = "ERR.014.107.0050";
//$NON-NLS-1$
- public static final String SEC_API_0051 = "ERR.014.107.0051";
//$NON-NLS-1$
- public static final String SEC_API_0052 = "ERR.014.107.0052";
//$NON-NLS-1$
- public static final String SEC_API_0053 = "ERR.014.107.0053";
//$NON-NLS-1$
- public static final String SEC_API_0054 = "ERR.014.107.0054";
//$NON-NLS-1$
- public static final String SEC_API_0055 = "ERR.014.107.0055";
//$NON-NLS-1$
- public static final String SEC_API_0056 = "ERR.014.107.0056";
//$NON-NLS-1$
- public static final String SEC_API_0057 = "ERR.014.107.0057";
//$NON-NLS-1$
- public static final String SEC_API_0058 = "ERR.014.107.0058";
//$NON-NLS-1$
- public static final String SEC_API_0059 = "ERR.014.107.0059";
//$NON-NLS-1$
- public static final String SEC_API_0060 = "ERR.014.107.0060";
//$NON-NLS-1$
- public static final String SEC_API_0061 = "ERR.014.107.0061";
//$NON-NLS-1$
- public static final String SEC_API_0062 = "ERR.014.107.0062";
//$NON-NLS-1$
- public static final String SEC_API_0063 = "ERR.014.107.0063";
//$NON-NLS-1$
- public static final String SEC_API_0064 = "ERR.014.107.0064";
//$NON-NLS-1$
- public static final String SEC_API_0065 = "ERR.014.107.0065";
//$NON-NLS-1$
- public static final String SEC_API_0066 = "ERR.014.107.0066";
//$NON-NLS-1$
- public static final String SEC_API_0067 = "ERR.014.107.0067";
//$NON-NLS-1$
- public static final String SEC_API_0068 = "ERR.014.107.0068";
//$NON-NLS-1$
- public static final String SEC_API_0069 = "ERR.014.107.0069";
//$NON-NLS-1$
- public static final String SEC_API_0070 = "ERR.014.107.0070";
//$NON-NLS-1$
- public static final String SEC_API_0071 = "ERR.014.107.0071";
//$NON-NLS-1$
- public static final String SEC_API_0072 = "ERR.014.107.0072";
//$NON-NLS-1$
- public static final String SEC_API_0073 = "ERR.014.107.0073";
//$NON-NLS-1$
- public static final String SEC_API_0074 = "ERR.014.107.0074";
//$NON-NLS-1$
- public static final String SEC_API_0075 = "ERR.014.107.0075";
//$NON-NLS-1$
- public static final String SEC_API_0076 = "ERR.014.107.0076";
//$NON-NLS-1$
- public static final String SEC_API_0077 = "ERR.014.107.0077";
//$NON-NLS-1$
- public static final String SEC_API_0078 = "ERR.014.107.0078";
//$NON-NLS-1$
- public static final String SEC_API_0079 = "ERR.014.107.0079";
//$NON-NLS-1$
- public static final String SEC_API_0080 = "ERR.014.107.0080";
//$NON-NLS-1$
- public static final String SEC_API_0081 = "ERR.014.107.0081";
//$NON-NLS-1$
- public static final String SEC_API_0082 = "ERR.014.107.0082";
//$NON-NLS-1$
- public static final String SEC_API_0083 = "ERR.014.107.0083";
//$NON-NLS-1$
- public static final String SEC_API_0084 = "ERR.014.107.0084";
//$NON-NLS-1$
- public static final String SEC_API_0085 = "ERR.014.107.0085";
//$NON-NLS-1$
- public static final String SEC_API_0086 = "ERR.014.107.0086";
//$NON-NLS-1$
- public static final String SEC_API_0087 = "ERR.014.107.0087";
//$NON-NLS-1$
- public static final String SEC_API_0088 = "ERR.014.107.0088";
//$NON-NLS-1$
- public static final String SEC_API_0089 = "ERR.014.107.0089";
//$NON-NLS-1$
-
- /** security.util package (607) */
- public static final String SEC_UTIL_0001 = "ERR.014.607.0001";
//$NON-NLS-1$
- public static final String SEC_UTIL_0002 = "ERR.014.607.0002";
//$NON-NLS-1$
- public static final String SEC_UTIL_0003 = "ERR.014.607.0003";
//$NON-NLS-1$
-}
\ No newline at end of file
Modified: trunk/engine/src/main/java/org/teiid/security/SecurityPlugin.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/SecurityPlugin.java 2010-03-08
22:13:59 UTC (rev 1941)
+++ trunk/engine/src/main/java/org/teiid/security/SecurityPlugin.java 2010-03-09 14:31:12
UTC (rev 1943)
@@ -20,7 +20,7 @@
* 02110-1301 USA.
*/
-package com.metamatrix.platform.security.api;
+package org.teiid.security;
import java.util.ResourceBundle;
import com.metamatrix.core.BundleUtil;
@@ -36,7 +36,7 @@
* The plug-in identifier of this plugin
* (value <code>"com.metamatrix.platform"</code>).
*/
- public static final String PLUGIN_ID =
"com.metamatrix.platform.security.api" ; //$NON-NLS-1$
+ public static final String PLUGIN_ID = "org.teiid.security" ;
//$NON-NLS-1$
public static final BundleUtil Util = new BundleUtil(PLUGIN_ID,
PLUGIN_ID + ".i18n",
ResourceBundle.getBundle(PLUGIN_ID + ".i18n")); //$NON-NLS-1$ //$NON-NLS-2$
Deleted: trunk/engine/src/main/java/org/teiid/security/StandardAuthorizationActions.java
===================================================================
---
trunk/common-internal/src/main/java/com/metamatrix/platform/security/api/StandardAuthorizationActions.java 2010-03-08
22:13:59 UTC (rev 1941)
+++
trunk/engine/src/main/java/org/teiid/security/StandardAuthorizationActions.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -1,498 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source.
- * See the COPYRIGHT.txt file distributed with this work for information
- * regarding copyright ownership. Some portions may be licensed
- * to Red Hat, Inc. under one or more contributor license agreements.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301 USA.
- */
-
-package com.metamatrix.platform.security.api;
-
-import java.io.Serializable;
-import java.util.*;
-
-
-/**
- * The static and closed set of basic authorization actions. Actions include
"create", "read",
- * "update", and "delete".
- * <p>
- * The instances are static to both close the set and minimize VM resource requirements.
- * @see AuthorizationActions
- */
-public class StandardAuthorizationActions implements Serializable, AuthorizationActions
{
-
- public static final int NONE_VALUE = 0;
- public static final int DATA_CREATE_VALUE = 1;
- public static final int DATA_READ_VALUE = 2;
- public static final int DATA_UPDATE_VALUE = 4;
- public static final int DATA_DELETE_VALUE = 8;
- public static final int ALL_VALUE = DATA_CREATE_VALUE | DATA_READ_VALUE |
DATA_UPDATE_VALUE | DATA_DELETE_VALUE;
-
- public static final String NONE_LABEL = "None"; //$NON-NLS-1$
- public static final String DATA_CREATE_LABEL = "Create"; //$NON-NLS-1$
- public static final String DATA_READ_LABEL = "Read"; //$NON-NLS-1$
- public static final String DATA_UPDATE_LABEL = "Update"; //$NON-NLS-1$
- public static final String DATA_DELETE_LABEL = "Delete"; //$NON-NLS-1$
-
- public static final AuthorizationActions NONE = new
StandardAuthorizationActions(NONE_VALUE, new String[]{NONE_LABEL});
- public static final AuthorizationActions DATA_CREATE = new
StandardAuthorizationActions(DATA_CREATE_VALUE, new String[]{DATA_CREATE_LABEL});
- public static final AuthorizationActions DATA_UPDATE = new
StandardAuthorizationActions(DATA_UPDATE_VALUE, new String[]{DATA_UPDATE_LABEL});
- public static final AuthorizationActions DATA_READ = new
StandardAuthorizationActions(DATA_READ_VALUE, new String[]{DATA_READ_LABEL});
- public static final AuthorizationActions DATA_DELETE = new
StandardAuthorizationActions(DATA_DELETE_VALUE, new String[]{DATA_DELETE_LABEL});
- public static final AuthorizationActions ALL = new
StandardAuthorizationActions(ALL_VALUE, new
String[]{DATA_CREATE_LABEL,DATA_READ_LABEL,DATA_UPDATE_LABEL,DATA_DELETE_LABEL});
-
- private static final int LABELS_COUNT = 6;
- private static Map actionSet = new HashMap();
-
- private int actions;
- private String label;
- private String[] labels;
- private Collection labelCollection;
-
- static {
- addAction( NONE_VALUE, new String[] {NONE_LABEL} );
-
- addAction( DATA_CREATE_VALUE, new String[] {DATA_CREATE_LABEL} );
-
- addAction( DATA_READ_VALUE, new String[] {DATA_READ_LABEL}
);
- addAction( DATA_CREATE_VALUE | DATA_READ_VALUE, new String[]
{DATA_CREATE_LABEL,DATA_READ_LABEL} );
-
- addAction( DATA_UPDATE_VALUE,
new String[] {DATA_UPDATE_LABEL} );
- addAction( DATA_CREATE_VALUE | DATA_UPDATE_VALUE,
new String[] {DATA_CREATE_LABEL,DATA_UPDATE_LABEL} );
- addAction( DATA_READ_VALUE | DATA_UPDATE_VALUE,
new String[] {DATA_READ_LABEL,DATA_UPDATE_LABEL} );
- addAction( DATA_CREATE_VALUE | DATA_READ_VALUE | DATA_UPDATE_VALUE,
new String[] {DATA_CREATE_LABEL,DATA_READ_LABEL,DATA_UPDATE_LABEL} );
-
- addAction( DATA_DELETE_VALUE,
new String[] {DATA_DELETE_LABEL} );
- addAction( DATA_CREATE_VALUE | DATA_DELETE_VALUE,
new String[] {DATA_CREATE_LABEL,DATA_DELETE_LABEL} );
- addAction( DATA_READ_VALUE | DATA_DELETE_VALUE,
new String[] {DATA_READ_LABEL,DATA_DELETE_LABEL} );
- addAction( DATA_CREATE_VALUE | DATA_READ_VALUE | DATA_DELETE_VALUE,
new String[]
{DATA_CREATE_LABEL,DATA_READ_LABEL,DATA_DELETE_LABEL} );
- addAction( DATA_UPDATE_VALUE | DATA_DELETE_VALUE,
new String[] {DATA_UPDATE_LABEL,DATA_DELETE_LABEL} );
- addAction( DATA_CREATE_VALUE | DATA_UPDATE_VALUE | DATA_DELETE_VALUE,
new String[]
{DATA_CREATE_LABEL,DATA_UPDATE_LABEL,DATA_DELETE_LABEL} );
- addAction( DATA_READ_VALUE | DATA_UPDATE_VALUE | DATA_DELETE_VALUE,
new String[]
{DATA_READ_LABEL,DATA_UPDATE_LABEL,DATA_DELETE_LABEL} );
- addAction( ALL_VALUE, new String[]
{DATA_CREATE_LABEL,DATA_READ_LABEL,DATA_UPDATE_LABEL,DATA_DELETE_LABEL} );
- }
-
- private static void addAction( int values, String[] labels ) {
- actionSet.put( new Integer(values), new
StandardAuthorizationActions(values,labels) );
- }
-
- /**
- * Constructor that is used to instantiate the an instances of this class
- * with the specified actions. This method assumes that the action
- * value is in the correct range.
- * @param actions the set of actions (logical inclusive OR)
- * @param labels the strings that make up the individual labels for this
authorization
- * @throws IllegalArgumentException if the specified value is not correct.
- */
- private StandardAuthorizationActions(int actions, String[] labels) {
- this.actions = actions;
- this.labels = labels;
- this.label = ""; //$NON-NLS-1$
- this.labelCollection = new ArrayList( LABELS_COUNT );
- for (int i=0; i!= this.labels.length; ++i ) {
- if ( i!=0 ) {
- this.label = this.label + ","; //$NON-NLS-1$
- }
- this.label = this.label + this.labels[i];
- this.labelCollection.add(this.labels[i]);
- }
- }
-
- /**
- * Obtain the AuthorizationActions instance that is associated with the specified
- * set of actions.
- * @param actions the set of actions (logical inclusive OR)
- * @return the instance associated with the set of action, or null if the
- * actions do not correspond to an existing instance
- * @throws IllegalArgumentException if the specified set of actions is
- * invalid.
- */
- public static AuthorizationActions getAuthorizationActions(int actions) {
- if (actions > ALL_VALUE || actions < 0 ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0066));
- }
- AuthorizationActions results = (AuthorizationActions) actionSet.get( new
Integer(actions) );
- if (results == null) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0067,
actions));
- }
- return (AuthorizationActions) actionSet.get( new Integer(actions) );
- }
-
- /**
- * Obtain the AuthorizationActions instance that is associated with the specified
- * set of labels.
- * @param labels the set of labels
- * @return the instance associated with the set of labels, or null if the
- * labels do not correspond to an existing instance
- * @throws IllegalArgumentException if the specified set of actions is
- * invalid.
- */
- public static AuthorizationActions getAuthorizationActions(String[] labels) {
- if (labels == null || labels.length == 0 || labels.length > LABELS_COUNT ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0068,
(Object[])labels));
- }
- Iterator iter = actionSet.values().iterator();
- while ( iter.hasNext() ) {
- AuthorizationActions action = (AuthorizationActions) iter.next();
- if ( action.containsLabels(labels) ) {
- return action;
- }
- }
- return null;
- }
-
- /**
- * Obtain the AuthorizationActions instance that is associated with the specified
- * set of labels.
- * @param labels the set of labels, with labels all being separated by commas,
- * and must correspond exactly to the <code>getLabel</code> of one of the
actions.
- * @return the instance associated with the set of labels, or null if the
- * labels do not correspond to an existing instance
- * @throws IllegalArgumentException if the specified set of actions is
- * invalid.
- */
- public static AuthorizationActions getAuthorizationActions(String labels) {
- if (labels == null || labels.length() == 0 ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0068,
labels));
- }
- Iterator iter = actionSet.values().iterator();
- while ( iter.hasNext() ) {
- AuthorizationActions action = (AuthorizationActions) iter.next();
- if ( action.getLabel().equals(labels) ) {
- return action;
- }
- }
- return null;
- }
-
- /**
- * Obtain the AuthorizationActions instance that is associated with the specified
- * set of labels.
- * @param labels the set of labels
- * @return the instance associated with the set of labels, or null if the
- * labels do not correspond to an existing instance
- * @throws IllegalArgumentException if the specified set of actions is
- * invalid.
- */
- public static AuthorizationActions getAuthorizationActions(Collection labels) {
- if (labels == null ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0068,
labels));
- }
- int labelCount = labels.size();
- if (labelCount == 0 || labelCount > LABELS_COUNT ) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0068,
labels));
- }
- Iterator iter = actionSet.values().iterator();
- while ( iter.hasNext() ) {
- AuthorizationActions action = (AuthorizationActions) iter.next();
- if ( action.containsLabels(labels) && labels.size() ==
action.getLabelCount() ) {
- return action;
- }
- }
- return null;
- }
-
- /**
- * Get the <code>AuthorizationActions</code> that or in
<code>actions</code> <i>OR</i> are in
- * <code>otherActions</code>. May be
<code>StandardAuthorizationActions.NONE</code> if there
- * are no actions in either argument.
- * @param actions
- * @param otherActions
- * @return The logical OR of the <code>AuthorizationActions<code> in both
args or
- * <code>StandardAuthorizationActions.NONE</code> if none exist.
- */
- public static AuthorizationActions getORedActions(AuthorizationActions actions,
- AuthorizationActions otherActions)
{
- int oredValue = (actions.getValue() | otherActions.getValue());
- AuthorizationActions oredActions =
- StandardAuthorizationActions.getAuthorizationActions(oredValue);
- return oredActions;
- }
-
- /**
- * Get the <code>AuthorizationActions</code> in
<code>actions</code> that are also in
- * <code>sharedActions</code>. May be
<code>StandardAuthorizationActions.NONE</code> if there
- * are no common actions.
- * @param actions
- * @param sharedActions
- * @return The <code>AuthorizationActions<code> common to both args or
- * <code>StandardAuthorizationActions.NONE</code> if none exist.
- */
- public static AuthorizationActions getCommonActions(AuthorizationActions actions,
- AuthorizationActions
sharedActions) {
- int commonValue = (actions.getValue() & sharedActions.getValue());
- AuthorizationActions commonActions =
- StandardAuthorizationActions.getAuthorizationActions(commonValue);
- return commonActions;
- }
-
- /**
- * Get the <code>AuthorizationActions</code> in
<code>actions</code> that are also in
- * <code>sharedActions</code>. May be
<code>StandardAuthorizationActions.NONE</code> if there
- * are no common actions.
- * @param actions
- * @param sharedActions
- * @return The <code>AuthorizationActions<code> common to both args or
- * <code>StandardAuthorizationActions.NONE</code> if none exist.
- */
- public static AuthorizationActions getCommonActions(int actions,
- int sharedActions) {
- int commonValue = actions & sharedActions;
- AuthorizationActions commonActions =
- StandardAuthorizationActions.getAuthorizationActions(commonValue);
- return commonActions;
- }
-
- /**
- * Get the <code>AuthorizationActions</code> in
<code>actions</code> that are <i>NOT</i> in
- * <code>sharedActions</code>. May be <code>actions</code> if
there are no common actions.
- * @param actions
- * @param sharedActions
- * @return The <code>AuthorizationActions<code> in
<code>actions</code> that are <i>NOT</i> in
- * <code>sharedActions</code>.
- */
- public static AuthorizationActions getIndependantActions(AuthorizationActions
actions,
- AuthorizationActions
sharedActions) {
- int independantValue = (actions.getValue() ^ sharedActions.getValue());
- AuthorizationActions independantActions =
- StandardAuthorizationActions.getAuthorizationActions(independantValue);
- return independantActions;
- }
-
- /**
- * Get the <code>AuthorizationActions</code> in
<code>actions</code> that are <i>NOT</i> in
- * <code>sharedActions</code>. May be <code>actions</code> if
there are no common actions.
- * @param actions
- * @param sharedActions
- * @return The <code>AuthorizationActions<code> in
<code>actions</code> that are <i>NOT</i> in
- * <code>sharedActions</code>.
- */
- public static AuthorizationActions getIndependantActions(int actions,
- int sharedActions) {
- int independantValue = actions ^ sharedActions;
- AuthorizationActions independantActions =
- StandardAuthorizationActions.getAuthorizationActions(independantValue);
- return independantActions;
- }
-
- /**
- * Obtain the formatted String[] version of the given
<code>actionsValue</code>.
- * @param actionsValue The set of actions to determiine labels.
- * @return The String[] of labels associated with the set of actions.
- * @throws IllegalArgumentException if the specified set of actions is
- * invalid.
- */
- public static String[] getActionsLabels(int actionsValue) {
- AuthorizationActions actions =
StandardAuthorizationActions.getAuthorizationActions(actionsValue);
- String[] actionLabels = new String[] {};
- if ( actions != null ) {
- actionLabels = actions.getLabels();
- }
- return actionLabels;
- }
-
- /**
- * Obtain the formatted String version of the given
<code>actionsValue</code>.
- * @param actionsValue The set of actions to determiine labels.
- * @return The formatted action string associated with the set of actions.
- * @throws IllegalArgumentException if the specified set of actions is
- * invalid.
- */
- public static String getActionsString(int actionsValue) {
- StringBuffer actionBuf = new StringBuffer();
- AuthorizationActions actions =
StandardAuthorizationActions.getAuthorizationActions(actionsValue);
- if ( actions != null ) {
- String[] actionLables = actions.getLabels();
- actionBuf.append("{"); //$NON-NLS-1$
- for ( int i=0; i<actionLables.length; i++ ) {
- actionBuf.append(actionLables[i] + ", "); //$NON-NLS-1$
- }
- actionBuf.replace(actionBuf.length() - 2, actionBuf.length(), "}");
//$NON-NLS-1$
- }
- return actionBuf.toString();
- }
-
- /**
- * Return the value of this action.
- * @return the value of this action.
- */
- public int getValue() {
- return this.actions;
- }
-
- /**
- * Return the number of actions.
- * @return the number of actions.
- */
- public int getLabelCount() {
- return this.labelCollection.size();
- }
-
- /**
- * Return the label of this action.
- * @return the label of this action.
- */
- public String getLabel() {
- return this.label;
- }
-
- /**
- * Return the set of labels of this action.
- * @return the set of labels of this action.
- */
- public String[] getLabels() {
- return this.labels;
- }
-
- /**
- * Return whether this instance contains the specified label
- * @param label the single label that is to be checked
- * @return true if this instance contains the specified label, or false otherwise
- */
- public boolean containsLabel( String label ) {
- return this.labelCollection.contains( label );
- }
-
- /**
- * Return whether this instance contains all of the specified labels
- * @param labels the array of labels that are to be checked
- * @return true if this instance contains all of the specified labels, or false
otherwise
- */
- public boolean containsLabels( String[] labels ) {
- return this.labelCollection.containsAll( Arrays.asList(labels) );
- }
-
- /**
- * Return whether this instance contains all of the specified labels
- * @param labels the set of labels that are to be checked
- * @return true if this instance contains all of the specified labels, or false
otherwise
- */
- public boolean containsLabels(Collection labels){
- return this.labelCollection.containsAll(labels);
- }
-
- /**
- * Returns the stringified representation for this user ID. This is in the form
<I>username@domain</I>.
- * <br>
- * @return the string representation
- */
- public String toString() {
- return this.label;
- }
-
-
- /**
- * Returns true if the specified object is semantically equal to this instance.
- * Note: this method is consistent with <code>compareTo()</code>.
- * <p>
- * @param obj the object that this instance is to be compared to.
- * @return whether the object is equal to this object.
- */
- public boolean equals(Object obj) {
- // Check if instances are identical ...
- if (this == obj) {
- return true;
- }
-
- // Check if object can be compared to this one
- // (this includes checking for null ) ...
- if (obj instanceof StandardAuthorizationActions) {
- return compareFields((StandardAuthorizationActions)obj) == 0;
- }
-
- // Otherwise not comparable ...
- return false;
- }
-
- /**
- * Returns the hashCode for the object.
- * <p>
- * @return the hashCode for the object
- */
- public int hashCode() {
- return this.actions;
- }
-
- /**
- * Compares this AuthorizationActions to another Object. If the Object is a
AuthorizationActions,
- * this function compares the attributes. Otherwise, it throws a ClassCastException
- * (as AuthorizationActions instances are comparable only to other
AuthorizationActions instances).
- * Note: this method is consistent with <code>equals()</code>.
- * <p>
- * @param obj the authorization to compare this instance against.
- * @return a negative integer, zero, or a positive integer as this object is less
than, equal to, or greater than the specified object, respectively.
- * @throws ClassCastException if the specified object's type prevents it from
being compared to this AuthorizationActions.
- */
- public int compareTo(Object obj) {
- // Check if instances are identical...
- if (this == obj) {
- return 0;
- }
- if (obj == null) {
- throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0069));
- }
-
- // Check if object can be compared to this one...
- if (obj instanceof StandardAuthorizationActions) {
- return compareFields((StandardAuthorizationActions)obj);
- }
-
- // Otherwise not comparable ...
- throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0070,
obj.getClass()));
- }
-
- /**
- * Checks if the specified authorization's actions are "implied by"
this object's actions.
- * <P>
- * More specifically, this method returns true if:<p>
- * <ul>
- * <li> <i>action</i> is an instanceof
StandardAuthorizationActions, and <p>
- * <li> <i>action</i> is a proper subset of this
- * object's actions
- * </ul>
- * @param that the authorization action to check against.
- * @return true if the specified authorization action is implied by this object,
false if not
- */
- public boolean implies(AuthorizationActions that) {
- if (that == null || !( that instanceof StandardAuthorizationActions ) ) {
- return false;
- }
-
- return ( this.getValue() & that.getValue() ) == that.getValue();
- }
-
- /**
- * Compares this object with the specified object for order. Returns a
- * negative integer, zero, or a positive integer as this object is less
- * than, equal to, or greater than the specified object. <p>
- *
- * This method assumes that all type-checking has already been performed,
- * and compares the action portion of this object with <i>obj</i>.
<p>
- *
- * @param obj the object that this instance is to be compared to.
- * @return A negative integer, zero, or a positive integer as this object
- * is less than, equal to, or greater than the specified object
- */
- int compareFields(StandardAuthorizationActions obj) {
- return (obj.getValue() < this.getValue()) ? -1 : (obj.getValue() ==
this.getValue()) ? 0 : 1;
- }
-}
-
-
-
-
-
Added: trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationActions.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationActions.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationActions.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,93 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.util.Collection;
+
+/**
+ * The EntitlementAction interface encapsulates the methods that are required to identify
the
+ * set of actions associated with an entitlement. This interface may be implemented by
classes
+ * (such as BasicEntitlementAction) that contain a closed set of entitlement actions
instances.
+ * Thus, specialized implementations of EntitlementAction can be provided, extending
+ * the capabilities of the Authorization framework.
+ * @see BasicEntitlementAction
+ */
+public interface AuthorizationActions extends Comparable {
+
+ /**
+ * Checks if the specified entitlement's actions are "implied by" this
object's actions.
+ * <p>
+ * Essentially, the specified entitlement action is implied by this entitlement
action
+ * if all of the actions of <code>entitlement</code> are also actions of
this object's set.
+ * @param entitlement the entitlement to check against.
+ * @returns true if the specified entitlement is implied by this object, false if
not
+ */
+ public boolean implies(AuthorizationActions entitlement);
+
+ /**
+ * Return the value of this action.
+ * @return the value of this action.
+ */
+ public int getValue();
+
+ /**
+ * Return the label of this action.
+ * @return the label of this action.
+ */
+ public String getLabel();
+
+ /**
+ * Return the number of actions.
+ * @return the number of actions.
+ */
+ public int getLabelCount();
+
+ /**
+ * Return the set of labels of this action.
+ * @return the set of labels of this action.
+ */
+ public String[] getLabels();
+
+ /**
+ * Return whether this instance contains the specified label
+ * @return true if this instance contains the specified label, or false otherwise
+ */
+ public boolean containsLabel(String label);
+
+ /**
+ * Return whether this instance contains all of the specified labels
+ * @return true if this instance contains all of the specified labels, or false
otherwise
+ */
+ public boolean containsLabels(String[] labels);
+
+ /**
+ * Return whether this instance contains all of the specified labels
+ * @return true if this instance contains all of the specified labels, or false
otherwise
+ */
+ public boolean containsLabels(Collection labels);
+
+}
+
+
+
+
Added: trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermission.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermission.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermission.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,364 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.io.Serializable;
+
+import org.teiid.security.SecurityPlugin;
+
+/**
+ * An authorization permission defines access permissions for a particular resource. A
rule determines what
+ * action or actions can be performed on a resource, and is comprised of the resource,
+ * the actions allowed, and an optional content modifier (which defines an additional
criteria
+ * that is to be placed upon the usage of the resource).
+ */
+public abstract class AuthorizationPermission implements Comparable, Serializable {
+
+ /**
+ * The default action for rules is NONE.
+ */
+ public static final AuthorizationActions DEFAULT_ACTIONS =
StandardAuthorizationActions.NONE;
+
+ /**
+ * The resource of this permission; generally the name of the resource to which this
rule applies.
+ * This is a required attributed.
+ */
+ protected AuthorizationResource resource;
+
+ /**
+ * The realm in which this permission belongs.
+ */
+ private AuthorizationRealm realm;
+
+ /**
+ * The name of the factory that can create this permission.
+ */
+ private String factoryClassName;
+
+ /**
+ * The optional content modifier that should be used as an additional criteria for
queries to this resource.
+ */
+ private String contentModifier;
+
+ /**
+ * The cached value of the hash code for this object.
+ */
+ protected int hashCode;
+ protected int PRIME = 1000003;
+
+ private AuthorizationActions actions;
+
+ /**
+ * Create a new authorization rule for the specified resource.
+ * @param resource the resource to which this permission applies.
+ * @param realm the name of the realm for this rule (may not be null, but may be
empty)
+ * @param actions the actions to apply to the resource
+ * @param contentModifier the content modifier (may be null)
+ * @param factoryClassName The factory class name that can instantiate this
permission (may not be null)
+ */
+ protected AuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realm, AuthorizationActions actions, String contentModifier, String factoryClassName) {
+ if ( factoryClassName == null || factoryClassName.trim().length() == 0 ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0013));
+ }
+ if ( resource == null ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0014));
+ }
+ this.resource = resource;
+ this.realm = realm;
+ this.contentModifier = contentModifier;
+ this.actions = ( actions != null ? actions : DEFAULT_ACTIONS );
+ this.factoryClassName = factoryClassName;
+ this.hashCode = this.computeHashCode();
+ }
+
+ /**
+ * Create a new authorization rule for the specified resource.
+ * @param resource The new resource
+ * @param realm the name of the realm for this rule (may not be null, but may be
empty)
+ * @param factoryClassName The factory class name that can instantiate this
permission (may not be null)
+ */
+ protected AuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realm, String factoryClassName) {
+ this(resource, realm, DEFAULT_ACTIONS, null, factoryClassName);
+ }
+
+ /**
+ * Create a new authorization rule for the specified resource.
+ * @param resource The new resource
+ * @param realm the name of the realm for this rule (may not be null, but may be
empty)
+ * @param actions the actions for the resource
+ * @param factoryClassName The factory class name that can instantiate this
permission (may not be null)
+ */
+ protected AuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realm, AuthorizationActions actions, String factoryClassName) {
+ this(resource, realm, actions, null, factoryClassName);
+ }
+
+ /**
+ * Make a deep copy of this object.
+ * @return The newly copied object.
+ */
+ protected abstract Object clone() throws CloneNotSupportedException;
+
+ /**
+ * Obtain the name of the factory class for this rule.
+ * @return the factory class name
+ */
+ public String getFactoryClassName() {
+ return factoryClassName;
+ }
+
+ /**
+ * Determin if this permission applies to all subnode resources.
+ * @return <code>true</code> if this permission's resource is a node
in
+ * a subtree and the allowed Action applies to all subnodes,
<code>false</code>
+ * otherwise.
+ */
+ public boolean resourceIsRecursive() {
+ return resource.isRecursive();
+ }
+
+ /**
+ * Obtain the name of the resource for this rule.
+ * @return the resource name
+ */
+ public String getResourceName() {
+ return resource.getID();
+ }
+
+ /**
+ * Obtain the resource object for this rule.
+ * @return the resource
+ */
+ public AuthorizationResource getResource() {
+ return resource;
+ }
+
+ /**
+ * Determine whether this rule has a content modifier that should be used upon access
to the resource.
+ * @return true if this rule has a content modifier
+ */
+ public boolean hasContentModifier() {
+ return this.contentModifier != null;
+ }
+
+ /**
+ * Get the content modifier for this rule. The content modifier should be used upon
access to the resource.
+ * @return the content modifier
+ */
+ public String getContentModifier() {
+ return contentModifier;
+ }
+
+ /**
+ * Get the name of the realm in which this permission belongs.
+ * @return The realm name for this permission
+ */
+ public String getRealmName() {
+ return realm.getRealmName();
+ }
+
+ /**
+ * Get the <code>AuthorizationRealm</code> in which this permission
belongs.
+ * @return The realm for this permission
+ */
+ public AuthorizationRealm getRealm() {
+ return realm;
+ }
+
+ /**
+ * Set the realm in which this permission belongs.
+ * @param realm The realm in which this permission should belong.
+ */
+ void setRealm(AuthorizationRealm realm) {
+ this.realm = realm;
+ }
+
+ /**
+ * Get the operations that the user may perform on the resource, as defined by this
rule.
+ * @return this rule's actions
+ */
+ public AuthorizationActions getActions() {
+ return actions;
+ }
+
+ /**
+ * Checks if the specified resource is ipmlied by this resource instance.
+ * @param resource the AuthorizationPermission instance to be checked
+ * @return true if the specified resource is implied by this object, false if not
+ * @throws IllegalArgumentException if the specified resource is null or incomplete.
+ */
+ public abstract boolean implies(AuthorizationPermission resource);
+
+ /**
+ * Returns a string representing the current state of the object.
+ */
+ public String toString() {
+ StringBuffer sb = new StringBuffer();
+ sb.append("[Realm=<"); //$NON-NLS-1$
+ sb.append(this.realm);
+ sb.append("> Resource=<"); //$NON-NLS-1$
+ sb.append(this.resource.getID());
+ sb.append("> Actions=<"); //$NON-NLS-1$
+ sb.append(this.actions);
+ sb.append("> Factory=<"); //$NON-NLS-1$
+ sb.append(this.factoryClassName);
+ sb.append(">]"); //$NON-NLS-1$
+ return sb.toString();
+ }
+
+ /**
+ * Overrides Object hashCode method.
+ * @return a hash code value for this object.
+ * @see Object#hashCode()
+ * @see Object#equals(Object)
+ */
+ public int hashCode() {
+ return this.hashCode;
+ }
+
+ /**
+ * Returns true if the specified object is semantically equal to this instance.
+ * Note: this method is consistent with <code>compareTo()</code>.
+ * <p>
+ * @param obj the object that this instance is to be compared to.
+ * @return whether the object is equal to this object.
+ */
+ public boolean equals(Object obj) {
+ // Check if instances are identical ...
+ if (this == obj) {
+ return true;
+ }
+ // Check if object can be compared to this one
+ // (this includes checking for null ) ...
+ if(obj instanceof AuthorizationPermission){
+ return compare(this, (AuthorizationPermission)obj) == 0;
+ }
+
+ // Otherwise not comparable ...
+ return false;
+ }
+
+ /**
+ * Compares this AuthorizationPermission to another Object. If the Object is an
AuthorizationPermission,
+ * this function compares the name. Otherwise, it throws a
+ * ClassCastException (as policyID instances are comparable only to
+ * other AuthorizationPermission instances). Note: this method is consistent with
+ * <code>equals()</code>.
+ * <p>
+ * @param o the object that this instance is to be compared to.
+ * @return a negative integer, zero, or a positive integer as this object
+ * is less than, equal to, or greater than the specified object, respectively.
+ * @throws ClassCastException if the specified object's type prevents it
+ * from being compared to this AuthorizationPermission.
+ */
+ public int compareTo(Object o) throws ClassCastException {
+ // Check if instances are identical ...
+ if (this == o) {
+ return 0;
+ }
+ if (o == null) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0015));
+ }
+
+ // Check if object cannot be compared to this one
+ // (this includes checking for null ) ...
+ if (!(o instanceof AuthorizationPermission)) {
+ throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0016));
+ }
+
+ // Check if everything else is equal ...
+ return compare(this, (AuthorizationPermission)o);
+ }
+
+ /**
+ * Utility method to compare two AuthorizationPermission instances. Returns a
negative integer, zero,
+ * or a positive integer as this object is less than, equal to, or greater than
+ * the specified object. <p>
+ *
+ * Subclasses may not override this method because it is designed to enforce a
+ * constraint placed on <emph>all</emph>
<code>AuthorizationPermission</code>s.<p>
+ *
+ * This method assumes that all type-checking has already been performed. <p>
+ *
+ * @param obj1 the first policyID to be compared
+ * @param obj2 the second policyID to be compared
+ * @return -1, 0, +1 based on whether obj1 is less than, equal to, or
+ * greater than obj2
+ */
+ public static final int compare(AuthorizationPermission obj1, AuthorizationPermission
obj2) {
+ // Because the hash codes were computed using the attributes,
+ // returning the difference in the hash code values will give a
+ // consistent (but NOT lexicographical) ordering for both equals and compareTo.
+
+ // If the hash codes are different, then simply return the difference
+ // (this will probably be the case in most invocations) ...
+ if (obj1.hashCode != obj2.hashCode ) {
+ return obj1.hashCode - obj2.hashCode;
+ }
+
+ // If the hash codes are the same, then the resource names should be the same,
so
+ // so start comparing the rest of the attributes, starting with the most
simplistic
+ int resourceDiff = obj1.resource.compareTo(obj2.resource);
+ if ( resourceDiff != 0 ) {
+ return resourceDiff;
+ }
+
+ int actionDiff = obj1.actions.compareTo(obj2.actions);
+ if ( actionDiff != 0) {
+ return actionDiff;
+ }
+
+ int realmDiff = obj1.realm.compareTo(obj2.realm);
+ if ( realmDiff != 0) {
+ return realmDiff;
+ }
+
+ if (obj1.contentModifier == null && obj2.contentModifier == null ) {
+ return 0; // must compare both to return '0'
+ }
+
+ if ( obj1.contentModifier != null ) {
+ return obj1.contentModifier.compareTo(obj2.contentModifier);
+ }
+ return obj2.contentModifier.compareTo(obj1.contentModifier);
+ }
+
+ /**
+ * Compute the hash code value.
+ */
+ private int computeHashCode() {
+ int result = 0;
+ result = PRIME * result + this.actions.hashCode();
+ result = PRIME * result + this.resource.hashCode();
+ result = PRIME * result + this.realm.hashCode();
+ if ( this.contentModifier != null ) {
+ result = PRIME * result + this.contentModifier.hashCode();
+ }
+ return result;
+ }
+
+}
+
+
+
+
+
Added:
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissionFactory.java
===================================================================
---
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissionFactory.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissionFactory.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,74 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+
+
+/**
+ * This interface is implemented by classes that are able to create
AuthorizationPermission
+ * instances, and is invoked by the service providers during loading and saving of
policies from and to
+ * data storage.
+ */
+public interface AuthorizationPermissionFactory {
+
+ /**
+ * Get the class that this factory creates instances of.
+ * @return the class of the instances returned by this factory's
<code>create</code> methods.
+ */
+ Class getPermissionClass();
+
+ /**
+ * Create the AuthorizationResource type for the permission type that this factory
creates instances of.
+ * @return A new resource instance of the appropriate type.
+ */
+ AuthorizationResource createResource(String name);
+
+ /**
+ * Create a new authorization permission for the specified resource.
+ * @param resource the resource identifier
+ * @param realm the realm into which this resource belongs
+ * @param actions the actions for the resource
+ * @param contentModifier the content modifier (may be null)
+ */
+ AuthorizationPermission create(AuthorizationResource resource, AuthorizationRealm
realm, AuthorizationActions actions, String contentModifier);
+
+ /**
+ * Create a new authorization permission for the specified resource.
+ * @param resource the resource identifier
+ * @param realm the realm into which this resource belongs
+ */
+ AuthorizationPermission create(String resource, AuthorizationRealm realm);
+
+ /**
+ * Create a new authorization permission for the specified resource with the given
actions.
+ * @param resource the resource identifier
+ * @param realm the realm into which this resource belongs
+ * @param actions the actions for the resource
+ */
+ AuthorizationPermission create(String resource, AuthorizationRealm realm,
AuthorizationActions actions);
+}
+
+
+
+
+
Added: trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissions.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissions.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissions.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,149 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+/*
+ * Date: Apr 24, 2003
+ * Time: 12:51:40 PM
+ */
+package org.teiid.security.roles;
+
+import java.io.Serializable;
+import java.util.Iterator;
+import java.util.Set;
+
+import org.teiid.security.roles.AuthorizationPermission;
+
+
+/**
+ * Interface AuthorizationPermissions.
+ *
+ * <p>This interface represents a collection of
<code>AuthorizationPermission</code>s.</p>
+ */
+public interface AuthorizationPermissions extends Serializable {
+ /**
+ * Marks this AuthorizationPermissionCollection object as "readonly".
After
+ * a AuthorizationPermissionCollection object is marked as readonly, no new
AuthorizationPermission
+ * objects can be added to it using the {@link #add} method.
+ */
+ void setReadOnly();
+
+ /**
+ * Determine whether this AuthorizationPermissionCollection object is
"readonly". If it
+ * is readonly, no new AuthorizationPermission objects can be added to it using the
{@link #add} method.
+ */
+ boolean isReadOnly();
+
+ /**
+ * Adds a permission object to this object by adding it to the
AuthorizationPermissionCollection
+ * for the class the AuthorizationPermission belongs to.
+ * This method creates
+ * a new AuthorizationPermissionCollection object (and adds the permission to it)
+ * if an appropriate collection does not yet exist. <p>
+ *
+ * @param permission the AuthorizationPermission object to add.
+ * @return true if this collection changed as a result of the addition.
+ * @throws java.lang.SecurityException if this AuthorizationPermission object is
marked as readonly.
+ * @see #isReadOnly()
+ * @see #add(AuthorizationPermissions)
+ * @see #add(Set)
+ */
+ boolean add(AuthorizationPermission permission);
+
+ /**
+ * Convenience method to add <code>AuthorizationPermissionsImpl</code> to
this object by adding each
+ * one to the AuthorizationPermissionCollection for the class that
AuthorizationPermission instance belongs to.
+ * This method creates new AuthorizationPermissionCollection object as required.
+ *
+ * @param permissions the set of AuthorizationPermission objects to add.
+ * @return true if this collection changed as a result of the addition.
+ * @throws java.lang.SecurityException if this AuthorizationPermission object is
marked as readonly.
+ * @see #isReadOnly()
+ * @see #add(AuthorizationPermission)
+ * @see #add(Set)
+ */
+ boolean add(AuthorizationPermissions permissions);
+
+ /**
+ * Convenience method to add a <code>Set</code> of permission objects to
this object by adding each
+ * one to the AuthorizationPermissionCollection for the class that
AuthorizationPermission instance belongs to.
+ * This method creates new AuthorizationPermissionCollection object as required.
+ *
+ * @param permissions the set of AuthorizationPermission objects to add.
+ * @return true if this collection changed as a result of the addition.
+ * @throws java.lang.SecurityException if this AuthorizationPermission object is
marked as readonly.
+ * @see #isReadOnly()
+ * @see #add(AuthorizationPermission)
+ * @see #add(AuthorizationPermissions)
+ */
+ boolean add(Set permissions);
+
+ /**
+ * Remove from this collection's set of existing permissions the specified
permission. If the permission is not
+ * currently in this collection, this method simply returns without performing any
operation.
+ * @param permission the permission that is to be removed from this policy.
+ */
+ boolean remove(AuthorizationPermission permission);
+
+ /**
+ * Remove from this collection's set of existing permissions all of the
+ * set of specified permissions. If any of the permissions are not
+ * currently in this collection, that permission is ignored.
+ * @param permissions the set of permissions that are to be removed from this
policy.
+ */
+ boolean removeAll(Set permissions);
+
+ /**
+ * Remove from this collection's set of existing permissions all of the
+ * set of specified permissions. If any of the permissions are not
+ * currently in this collection, that permission is ignored.
+ * @param permissions The AuthorizationPermissionsImpl that are to be removed from
this policy.
+ */
+ boolean removeAll(AuthorizationPermissions permissions);
+
+ /**
+ * Remove from this collection the entire set of existing permissions.
+ */
+ void clear();
+
+ /**
+ * Obtain an iterator over the AuthorizationPermission instances in this collection.
+ * @return an iterator that can be used to access each of the instances in this
+ * collection.
+ */
+ Iterator iterator();
+
+ /**
+ * Checks to see if the AuthorizationPermissionCollection in this object that
corresponds
+ * to the specified permission's type contains permissions that imply access to
the
+ * resouces in the <i>permission</i> object.
+ * @param permission the AuthorizationPermission object to check.
+ * @return true if <i>permission</i> is implied by the permissions in the
AuthorizationPermissionCollection it
+ * belongs to, false if not.
+ */
+ boolean implies(AuthorizationPermission permission);
+
+ /**
+ * Determine the number of AuthorizationPermission instances represented by this
object.
+ * @return the number of permissions within this object.
+ */
+ int size();
+}
Added:
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissionsImpl.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissionsImpl.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPermissionsImpl.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,347 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.NoSuchElementException;
+import java.util.Set;
+import java.util.concurrent.locks.ReentrantLock;
+
+import org.teiid.security.SecurityPlugin;
+
+import com.metamatrix.common.log.LogManager;
+import com.metamatrix.common.util.LogConstants;
+
+/**
+ * This class represents a heterogeneous set of AuthorizationPermission instances. Like
the AuthorizationPermission
+ * class, this class (and all AuthorizationPermissionCollection classes) also has an
<code>implies</code>
+ * method that can be used to determine whether a particular AuthorizationPermission is
allowed by the
+ * permissions contained within an AuthorizationPermissionsImpl instance.
+ * <p>
+ * The different AuthorizationPermission instances contained by an
AuthorizationPermissionsImpl instance are
+ * organized into homogeneous AuthorizationPermissionCollection objects contained in the
AuthorizationPermissionsImpl
+ * object; an AuthorizationPermission object added to the AuthorizationPermissionsImpl
object is automatically
+ * placed into the appropriate AuthorizationPermissionCollection object for that type (or
realm) of permission
+ * (as prescribed by the result of the
<code>newAuthorizationPermissionCollection()</code> method on the
AuthorizationPermission
+ * subclass). If no special container is specified, a default container (which has some
optimizations for the
+ * <code>implies</code> method, based upon the AuthorizationPermission
object's <code>hashCode()</code> method) is used.
+ */
+public final class AuthorizationPermissionsImpl implements AuthorizationPermissions {
+
+ private static final long serialVersionUID = -5223347499647193459L;
+
+ private Set<AuthorizationPermission> thePermissions = new
HashSet<AuthorizationPermission>();
+ // Used to provide permissions collection synchronization
+ private ReentrantLock lockObj = new ReentrantLock();
+
+ private boolean readOnly = false;
+
+ public AuthorizationPermissionsImpl() {
+
+ }
+ /**
+ * Create a new AuthorizationPermissionsImpl object that is a copy of the original.
+ * Make a deep copy of the orig.
+ * @param orig The original to be copied.
+ */
+ public AuthorizationPermissionsImpl( AuthorizationPermissions orig ) {
+
+ lockObj.lock();
+ try {
+ Iterator permItr = orig.iterator();
+ while ( permItr.hasNext() ) {
+ AuthorizationPermission aPerm = (AuthorizationPermission)
permItr.next();
+ if ( aPerm != null ) {
+ try {
+ this.thePermissions.add((AuthorizationPermission)aPerm.clone());
+ } catch ( CloneNotSupportedException e ) {
+ // They're all clonable but log anyway
+ final Object[] params = { aPerm };
+ final String msg =
SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0005, params);
+
//I18nLogManager.logError(LogSecurityConstants.CTX_AUTHORIZATION,SecurityMessagesKeys.SEC_API_0005,e,aPerm);
+ LogManager.logError(LogConstants.CTX_AUTHORIZATION, e, msg);
+ }
+ }
+ }
+ } finally {
+ lockObj.unlock();
+ }
+ }
+
+ /**
+ * Marks this AuthorizationPermissionCollection object as "readonly".
After
+ * a AuthorizationPermissionCollection object is marked as readonly, no new
AuthorizationPermission
+ * objects can be added to it using the <code>add</code>.
+ */
+ public void setReadOnly() {
+ this.readOnly = true;
+ }
+
+ /**
+ * Determine whether this AuthorizationPermissionCollection object is
"readonly". If it
+ * is readonly, no new AuthorizationPermission objects can be added to it using the
<code>add</code>.
+ */
+ public boolean isReadOnly() {
+ return this.readOnly;
+ }
+
+ /**
+ * Adds a permission object to this object by adding it to the
AuthorizationPermissionCollection
+ * for the class the AuthorizationPermission belongs to.
+ * This method creates
+ * a new AuthorizationPermissionCollection object (and adds the permission to it)
+ * if an appropriate collection does not yet exist. <p>
+ *
+ * @param permission the AuthorizationPermission object to add.
+ * @return true if this collection changed as a result of the addition.
+ * @throws SecurityException if this AuthorizationPermission object is marked as
readonly.
+ */
+ public boolean add(AuthorizationPermission permission) {
+ if ( this.isReadOnly() ) {
+ throw new
SecurityException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0017));
+ }
+ boolean result = false;
+ if ( permission != null ) {
+ lockObj.lock();
+ try {
+ result = this.thePermissions.add(permission);
+ } finally {
+ lockObj.unlock();
+ }
+ }
+ return result;
+ }
+
+ /**
+ * Convenience method to add <code>AuthorizationPermissionsImpl</code> to
this object by adding each
+ * one to the AuthorizationPermissionCollection for the class that
AuthorizationPermission instance belongs to.
+ * This method creates new AuthorizationPermissionCollection object as required.
+ *
+ * @param permissions the set of AuthorizationPermission objects to add.
+ * @return true if this collection changed as a result of the addition.
+ * @throws SecurityException if this AuthorizationPermission object is marked as
readonly.
+ * @see #isReadOnly()
+ */
+ public boolean add(AuthorizationPermissions permissions) {
+ if ( isReadOnly() ) {
+ throw new
SecurityException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0017));
+ }
+ boolean result = false;
+ if ( permissions != null ) {
+ result = this.addPermissions(permissions.iterator());
+ }
+ return result;
+ }
+
+ /**
+ * Convenience method to add a <code>Set</code> of permission objects to
this object by adding each
+ * one to the AuthorizationPermissionCollection for the class that
AuthorizationPermission instance belongs to.
+ * This method creates new AuthorizationPermissionCollection object as required.
+ *
+ * @param permissions the set of AuthorizationPermission objects to add.
+ * @return true if this collection changed as a result of the addition.
+ * @throws SecurityException if this AuthorizationPermission object is marked as
readonly.
+ * @see #isReadOnly()
+ */
+ public boolean add(Set permissions) {
+ if ( isReadOnly() ) {
+ throw new
SecurityException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0017));
+ }
+ boolean result = false;
+ if ( permissions != null ) {
+ result = this.addPermissions(permissions.iterator());
+ }
+ return result;
+ }
+
+ /**
+ * Remove from this collection's set of existing permissions the specified
permission. If the permission is not
+ * currently in this collection, this method simply returns without performing any
operation.
+ * @param permission the permission that is to be removed from this policy.
+ */
+ public boolean remove(AuthorizationPermission permission) {
+ boolean result = false;
+ lockObj.lock();
+ try {
+ result = this.thePermissions.remove(permission);
+ } finally {
+ lockObj.unlock();
+ }
+ return result;
+ }
+
+ /**
+ * Remove from this collection's set of existing permissions all of the
+ * set of specified permissions. If any of the permissions are not
+ * currently in this collection, that permission is ignored.
+ * @param permissions the set of permissions that are to be removed from this
policy.
+ */
+ public boolean removeAll(Set permissions) {
+ boolean result = false;
+ if ( permissions != null ) {
+ result = this.removePermissions(permissions.iterator());
+ }
+ return result;
+ }
+
+ /**
+ * Remove from this collection's set of existing permissions all of the
+ * set of specified permissions. If any of the permissions are not
+ * currently in this collection, that permission is ignored.
+ * @param permissions The AuthorizationPermissionsImpl that are to be removed from
this policy.
+ */
+ public boolean removeAll(AuthorizationPermissions permissions) {
+ boolean result = false;
+ if ( permissions != null ) {
+ result = this.removePermissions(permissions.iterator());
+ }
+ return result;
+ }
+
+ /**
+ * Remove from this collection the entire set of existing permissions.
+ */
+ public void clear() {
+ this.thePermissions.clear();
+ }
+
+ /**
+ * Obtain an iterator over the AuthorizationPermission instances in this collection.
+ * @return an iterator that can be used to access each of the instances in this
+ * collection.
+ */
+ public Iterator iterator() {
+ Iterator permItr = Collections.EMPTY_SET.iterator();
+ lockObj.lock();
+ try {
+ permItr = this.thePermissions.iterator();
+ } finally {
+ lockObj.unlock();
+ }
+ return permItr;
+ }
+
+ /**
+ * Checks to see if the AuthorizationPermissionCollection in this object that
corresponds
+ * to the specified permission's type contains permissions that imply access to
the
+ * resouces in the <i>permission</i> object.
+ * @param permission the AuthorizationPermission object to check.
+ * @return true if <i>permission</i> is implied by the permissions in the
AuthorizationPermissionCollection it
+ * belongs to, false if not.
+ */
+ public boolean implies(AuthorizationPermission permission) {
+ if ( permission == null ) {
+ return false;
+ }
+ Iterator permIter = thePermissions.iterator();
+ while ( permIter.hasNext() ) {
+ AuthorizationPermission aPerm = (AuthorizationPermission) permIter.next();
+ if ( aPerm.implies(permission) ) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ /**
+ * Determine the number of AuthorizationPermission instances represented by this
object.
+ * @return the number of permissions within this object.
+ */
+ public int size() {
+ return this.thePermissions.size();
+ }
+
+ /**
+ * Returns a string representation of the object. In general, the
+ * <code>toString</code> method returns a string that
+ * "textually represents" this object. The result should
+ * be a concise but informative representation that is easy for a
+ * person to read.
+ * @return a string representation of the object.
+ */
+ public String toString() {
+ StringBuffer sb = new StringBuffer();
+ Iterator iter = this.iterator();
+ while ( iter.hasNext() ) {
+ try {
+ sb.append(iter.next().toString() + ',');
+ } catch ( NoSuchElementException e ) {
+ // ignore
+ }
+ }
+ // Chop last ','
+ int sbLen = sb.length();
+ if ( sbLen > 0 ) {
+ sb.setLength(sb.length() - 1);
+ }
+ return sb.toString();
+ }
+
+ /**
+ * Add the <code>AuthorizationPermission</code>s from the given
iterator.
+ * <br><code>null</code> permissions are ignored.</br>
+ * @param permIter The Iterator that contains permissions to add.
+ * @return <code>true</code> if the permissions were changed as a result
+ * of adding the permisions.
+ */
+ private boolean addPermissions(Iterator permIter) {
+ boolean result = false;
+ lockObj.lock();
+ try {
+ while ( permIter.hasNext() ) {
+ AuthorizationPermission aPerm = (AuthorizationPermission)
permIter.next();
+ if ( aPerm != null && this.thePermissions.add(aPerm) &&
!result ) {
+ result = true;
+ }
+ }
+ } finally {
+ lockObj.unlock();
+ }
+ return result;
+ }
+
+ /**
+ * Remove the <code>AuthorizationPermission</code>s in the given
iterator.
+ * <br><code>null</code> permissions are ignored.</br>
+ * @param permIter The Iterator that contains permissions to remove.
+ * @return <code>true</code> if the permissions were changed as a result
+ * of removing the permisions.
+ */
+ private boolean removePermissions(Iterator permIter) {
+ boolean result = false;
+ lockObj.lock();
+ try {
+ while ( permIter.hasNext() ) {
+ AuthorizationPermission aPerm = (AuthorizationPermission)
permIter.next();
+ if ( aPerm != null && this.thePermissions.remove(aPerm)
&& !result ) {
+ result = true;
+ }
+ }
+ } finally {
+ lockObj.unlock();
+ }
+ return result;
+ }
+}
Added:
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPoliciesHolder.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPoliciesHolder.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPoliciesHolder.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,36 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+package org.teiid.security.roles;
+
+import java.util.Collection;
+
+public class AuthorizationPoliciesHolder {
+ private Collection<AuthorizationPolicy> policies;
+
+ public void setAuthorizationPolicies(Collection<AuthorizationPolicy> policies) {
+ this.policies = policies;
+ }
+
+ public Collection<AuthorizationPolicy> getAuthorizationPolicies(){
+ return this.policies;
+ }
+}
Added: trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicy.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicy.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicy.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,551 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.LinkedHashSet;
+import java.util.NoSuchElementException;
+import java.util.Set;
+
+import org.teiid.security.SecurityPlugin;
+
+import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
+
+/**
+ * The AuthorizationPolicy class defines a set of permissions (i.e., permissions) that
apply to a
+ * set of principals (@see MetaMatrixPrincipalName). Each permission defines a resource
(or set of resources) that are to be
+ * controlled, what actions are allowed, and possibly any additional restrictions that
should
+ * be placed upon the resource to limit content (i.e., content modifiers).
+ */
+public class AuthorizationPolicy implements Comparable, Serializable {
+
+ private static final long serialVersionUID = -4542635173812413914L;
+
+ /**
+ * Contains principal name
+ */
+ private Set<MetaMatrixPrincipalName> principals;
+
+ private AuthorizationPermissions permissions;
+
+ private AuthorizationPolicyID authorizationPolicyID;
+
+ /**
+ * Create an instance of an AuthorizationPolicy that has the specified ID.
+ * @param id the ID of the policy
+ */
+ public AuthorizationPolicy( AuthorizationPolicyID id ) {
+ if( id == null){
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0001));
+ }
+ this.authorizationPolicyID = id;
+ this.principals = new LinkedHashSet<MetaMatrixPrincipalName>();
+ this.permissions = new AuthorizationPermissionsImpl();
+ }
+
+ /**
+ * Create an instance of an AuthorizationPolicy that has the specified ID,
+ * principal set and permissions.
+ * @param id the ID of the policy
+ * @param principals the set of <code>MetaMatrixPrincipalName</code>s to
which this policy applies.
+ * @param permissions the permissions that define the resource access for this
policy.
+ */
+ public AuthorizationPolicy( AuthorizationPolicyID id,
Set<MetaMatrixPrincipalName> principals, Set permissions ) {
+ this.authorizationPolicyID = id;
+ if ( principals != null ) {
+ this.principals = new
LinkedHashSet<MetaMatrixPrincipalName>(principals);
+ } else {
+ this.principals = new LinkedHashSet<MetaMatrixPrincipalName>();
+ }
+ this.permissions = new AuthorizationPermissionsImpl();
+ this.permissions.add(permissions);
+ }
+
+ /**
+ * Create an instance of an AuthorizationPolicy from a copy of another.
+ * @param orig the original policy that this new instance is to be based upon
+ */
+ public AuthorizationPolicy( AuthorizationPolicy orig ) {
+ this.authorizationPolicyID = orig.authorizationPolicyID;
+ this.principals = new LinkedHashSet<MetaMatrixPrincipalName>(
orig.principals );
+ this.permissions = new AuthorizationPermissionsImpl();
+ Iterator iter = orig.iterator();
+ while ( iter.hasNext() ) {
+ this.permissions.add( (AuthorizationPermission) iter.next() );
+ }
+ }
+
+ /**
+ * Get the AuthorizationPermissionsImpl of this policy.
+ * @return The AuthorizationPermissionsImpl.
+ */
+ AuthorizationPermissions getAuthorizationPermissions() {
+ return this.permissions;
+ }
+
+ /**
+ * Get the given AuthorizationPermission.
+ * @param permission The requested AuthorizationPermission.
+ * @return The requested AuthorizationPermission (may be null if not found).
+ */
+ AuthorizationPermission getPermission(AuthorizationPermission permission) {
+ AuthorizationPermission oldPermission = null;
+ Iterator permItr = this.permissions.iterator();
+ while ( permItr.hasNext() ) {
+ oldPermission = (AuthorizationPermission) permItr.next();
+ if ( oldPermission.equals(permission) ) {
+ return oldPermission;
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Given an <code>AuthorizationResource</code>, find the
<code>AuthorizationPermission</code>,
+ * if any, that supplies an <code>AuthorizationAction</code> for that
resource.
+ * @param resource The resource for which to find a permission.
+ * @return The requested AuthorizationPermission (may be null if not found).
+ */
+ public AuthorizationPermission findPermissionWithResource(AuthorizationResource
resource) {
+ AuthorizationPermission permission = null;
+ Iterator permItr = this.permissions.iterator();
+ while ( permItr.hasNext() ) {
+ permission = (AuthorizationPermission) permItr.next();
+ AuthorizationResource theResource = permission.getResource();
+ if ( theResource.isCannonicallyEquivalent(resource) ) {
+ return permission;
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Given an <code>AuthorizationResource</code>, find the
<code>AuthorizationPermission</code>s,
+ * if any, that are dependant on that resource. An
<code>AuthorizationPermission</code> is
+ * dependant on a resource if it has any
<code>AuthorizationAction</code>s on that resource
+ * or if it is part of a recursive permission involving the resource.
+ * @param resource The resource for which to find a permission.
+ * @return The Collections AuthorizationPermission (may be empty but not null).
+ */
+ public Collection getDependantPermissions(AuthorizationResource resource) {
+ Collection dependantPerms = new ArrayList();
+// boolean recursive = resource.isRecursive();
+ AuthorizationPermission permission = null;
+ Iterator permItr = this.permissions.iterator();
+ while ( permItr.hasNext() ) {
+ permission = (AuthorizationPermission) permItr.next();
+ AuthorizationResource theResource = permission.getResource();
+ if ( theResource.isCannonicallyEquivalent(resource) ) {
+ dependantPerms.add( permission );
+ }
+ }
+ return dependantPerms;
+ }
+
+ /**
+ * Obtain the identifier for this policy.
+ * @return the policy's identifier.
+ */
+ public AuthorizationPolicyID getAuthorizationPolicyID() {
+ return authorizationPolicyID;
+ }
+
+ /**
+ * Obtain the set of principal names that this policy applies to.
+ * @return the set of <code>MetaMatrixPrincipalName</code>s to which
this
+ * policy applies; never null but possibly empty
+ */
+ public Set<MetaMatrixPrincipalName> getPrincipals() {
+ return principals;
+ }
+
+ /**
+ * Obtain the number of principals that this policy applies to.
+ * @return the number of principals instances in this policy.
+ */
+ public int getPrincipalCount() {
+ return principals.size();
+ }
+
+ /**
+ * Obtain the number of permissions that this policy applies.
+ * @return the number of permissions instances in this policy.
+ */
+ public int getPermissionCount() {
+ return permissions.size();
+ }
+
+ /**
+ * Obtain the permissions that this policy applies as a Set.
+ * @return the permission instances in this policy.
+ */
+ public Set getPermissions() {
+ Set perms = new LinkedHashSet();
+ Iterator permItr = permissions.iterator();
+ while ( permItr.hasNext() ) {
+ perms.add(permItr.next());
+ }
+ return perms;
+ }
+
+ /**
+ * Return whether this policy currently has at least one permission instance.
+ * @return true if this policy contains at least one AuthorizationPermission
instance
+ * that it applies.
+ */
+ public boolean hasPermissions() {
+ return permissions.size() > 0;
+ }
+
+ /**
+ * Obtain the description for this policy which may be null.
+ * @return the description. May be null.
+ */
+ public String getDescription() {
+ return authorizationPolicyID.getDescription();
+ }
+
+ /**
+ * Obtain an iterator over the AuthorizationPermission instances that this policy
applies.
+ * @return an iterator that can be used to access each of the AuthorizationPermission
instances
+ */
+ public Iterator iterator() {
+ return permissions.iterator();
+ }
+
+ /**
+ * Return whether this policy currently has at least one principal reference.
+ * @return true if this policy contains at least one principal instance
+ * to which this policy is to be applied.
+ */
+ public boolean hasPrincipal() {
+ return ! principals.isEmpty();
+ }
+
+ /**
+ * Checks to see if any of the AuthorizationPermission instances in this policy
+ * imply access to the resouces in the <i>permission</i> object.
+ * @param permission the AuthorizationPermission object to check.
+ * @return true if <i>permission</i> is implied by the
AuthorizationPermission
+ * instances in this policy, or false otherwise
+ */
+ public boolean implies(AuthorizationPermission permission) {
+ return permissions.implies(permission);
+ }
+
+ /**
+ * Returns a string describing this policy object.
+ * The format is:
+ * <pre>
+ * super.toString() (
+ * // the authorization policy ID of the policy ...
+ * // the description of the policy ...
+ * // enumerate all the Principal
+ * // objects and call toString() on them,
+ * // one per line..
+ * // enumerate all the AuthorizationPermission
+ * // objects and call toString() on them,
+ * // one per line..
+ * )</pre>
+ *
+ * <code>super.toString</code> is a call to the
<code>toString</code>
+ * method of this
+ * object's superclass, which is Object. The result is
+ * this object's type name followed by this object's
+ * hashcode, thus enabling clients to differentiate different
+ * AuthorizationPolicy objects, even if they contain the same permissions.
+ */
+ public String toString() {
+ StringBuffer sb = new StringBuffer();
+ sb.append('{');
+ sb.append("ID=["); //$NON-NLS-1$
+ sb.append(this.authorizationPolicyID);
+ sb.append("] Principals=["); //$NON-NLS-1$
+ Iterator iter = this.principals.iterator();
+ while (iter.hasNext()) {
+ try {
+ sb.append(iter.next().toString() + ',');
+ } catch (NoSuchElementException e){
+ // ignore
+ }
+ }
+ // Chop last ','
+ if ( this.principals.size() > 0 ) {
+ sb.setLength(sb.length()-1);
+ }
+ sb.append("] Permissions=["); //$NON-NLS-1$
+ sb.append(this.permissions);
+ sb.append("]}"); //$NON-NLS-1$
+ return sb.toString();
+ }
+
+ /**
+ * Overrides Object hashCode method.
+ * @return a hash code value for this object.
+ * @see Object#hashCode()
+ * @see Object#equals(Object)
+ */
+ public int hashCode() {
+ return this.authorizationPolicyID.hashCode();
+ }
+
+ /**
+ * Returns true if the specified object is semantically equal to this instance.
+ * Note: this method is consistent with <code>compareTo()</code>.
+ * <p>
+ * @param obj the object that this instance is to be compared to.
+ * @return whether the object is equal to this object.
+ */
+ public boolean equals(Object obj) {
+ // Check if instances are identical ...
+ if (this == obj) {
+ return true;
+ }
+
+ // Check if object can be compared to this one
+ // (this includes checking for null ) ...
+ if (this.getClass().isInstance(obj)) {
+
+ // fail fast on different hash codes
+ if (this.hashCode() != obj.hashCode()) {
+ return false;
+ }
+
+ // slower comparison
+ return compare(this, (AuthorizationPolicy)obj) == 0;
+ }
+
+ // Otherwise not comparable ...
+ return false;
+ }
+
+ /**
+ * Compares this AuthorizationPolicy to another Object. If the Object is an
AuthorizationPolicy,
+ * this function compares the name. Otherwise, it throws a
+ * ClassCastException (as AuthorizationPolicy instances are comparable only to
+ * other AuthorizationPolicy instances). Note: this method is consistent with
+ * <code>equals()</code>.
+ * <p>
+ * @param o the object that this instance is to be compared to.
+ * @return a negative integer, zero, or a positive integer as this object
+ * is less than, equal to, or greater than the specified object, respectively.
+ * @throws ClassCastException if the specified object's type prevents it
+ * from being compared to this AuthorizationPolicy.
+ */
+ public int compareTo(Object o) throws ClassCastException {
+ // Check if instances are identical ...
+ if (this == o) {
+ return 0;
+ }
+ if (o == null) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0018));
+ }
+
+ // Check if object cannot be compared to this one
+ // (this includes checking for null ) ...
+ if (!(this.getClass().isInstance(o))) {
+ throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0019,
o.getClass()));
+ }
+
+ // Check if everything else is equal ...
+ return compare(this, (AuthorizationPolicy)o);
+ }
+
+ /**
+ * Utility method to compare two AuthorizationPolicy instances. Returns a negative
integer, zero,
+ * or a positive integer as this object is less than, equal to, or greater than
+ * the specified object. <p>
+ *
+ * The comparison is based on the names of the user groups.<p>
+ *
+ * This method assumes that all type-checking has already been performed. <p>
+ *
+ * @param obj1 the first policyID to be compared
+ * @param obj2 the second policyID to be compared
+ * @return -1, 0, +1 based on whether obj1 is less than, equal to, or
+ * greater than obj2
+ */
+ static int compare(AuthorizationPolicy obj1, AuthorizationPolicy obj2) {
+
+ // Compare policy IDs
+ return (obj1.hashCode() == obj2.hashCode()) ? 0 :
+ obj1.authorizationPolicyID.compareTo(obj2.authorizationPolicyID);
+ }
+
+ // =========================================================================
+ // M O D I F I E R M E T H O D S
+ // =========================================================================
+
+ /**
+ * Define the set of description for this policy.
+ * @param desc the new description for this policy.
+ */
+ public void setDescription(String desc) {
+ this.authorizationPolicyID.setDescription(desc);
+ }
+
+ /**
+ * Define the set of permissions that this policy is to apply. Any existing
+ * permissions are removed from the policy. If the specified set is null,
+ * this policy will have no governing permissions.
+ * @param permissions the new permissions that this policy applies.
+ */
+ public void setPermissions(AuthorizationPermissions permissions) {
+ if ( permissions != null ) {
+ this.permissions = permissions;
+ } else {
+ this.permissions.clear();
+ }
+ }
+
+ /**
+ * Define the set of <code>MetaMatrixPrincipalName</code>s that this
policy applies to. Any existing
+ * <code>MetaMatrixPrincipalName</code>s are removed from the policy. If
the specified set is null or empty,
+ * this policy will apply to no principals.
+ * @param principals the new set of <code>MetaMatrixPrincipalName</code>s
to which this policy applies.
+ */
+ public void setPrincipals(Set<MetaMatrixPrincipalName> principals) {
+ if ( principals != null ) {
+ this.principals = new
LinkedHashSet<MetaMatrixPrincipalName>(principals);
+ } else {
+ this.principals.clear();
+ }
+ }
+
+ /**
+ * Add to this policy's set of existing permissions a new permission that is to
be applied by the policy.
+ * @param permission the new permission that is to be added to this policy. May not
be null.
+ * @return true if this policy changed as a result of the addition.
+ * @throws IllegalArgumentException if the specified permission is null.
+ */
+ public boolean addPermission(AuthorizationPermission permission) {
+ if ( permission == null ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0020));
+ }
+ return this.permissions.add(permission);
+ }
+
+ /**
+ * Add to this policy's set of existing permissions a new set of permissions
+ * that are to be applied by the policy.
+ * @param permissions the new permissions that are to be added to this policy. May
not be null.
+ * @return true if this policy changed as a result of the addition.
+ * @throws IllegalArgumentException if the specified permission is null.
+ */
+ public boolean addAllPermissions(AuthorizationPermissions permissions) {
+ if ( permissions == null || permissions.size() == 0 ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0020));
+ }
+ return this.permissions.add(permissions);
+ }
+
+ /**
+ * Add to this policy's set of existing permissions a set of additional
permissions that are to be applied by the policy.
+ * Any permission that is added that has the same resource name as an existing
permission overwrites the existing
+ * permission.
+ * @param permissions the set of new permissions that are to be added to this policy.
May not be null.
+ * @return true if this policy changed as a result of the additions.
+ * @throws IllegalArgumentException if the specified set of permissions is null or if
the set contains a null value.
+ */
+ public boolean addAllPermissions(Set permissions) {
+ if ( permissions == null ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0020));
+ }
+ if ( permissions.contains(null) ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0021));
+ }
+ return this.permissions.add(permissions);
+ }
+
+ /**
+ * Remove from this policy's set of existing permissions the specified
permission. If the permission is not
+ * currently in this policy, this method simply returns without performing any
operation.
+ * @param permission the permission that is to be removed from this policy.
+ */
+ public void removePermission(AuthorizationPermission permission) {
+ this.permissions.remove(permission);
+ }
+
+ /**
+ * Remove all of this policy's existing permissions.
+ */
+ public void removePermissions() {
+ this.permissions.clear();
+ this.permissions = new AuthorizationPermissionsImpl();
+ }
+
+ /**
+ * Add to this policy's set of existing principals a new
<code>MetaMatrixPrincipalName</code> name to whom this policy is to apply.
+ * @param principal the new <code>MetaMatrixPrincipalName</code> that is
to be added to this policy. May not be null.
+ * @return true if this policy changed as a result of the addition.
+ * @throws IllegalArgumentException if the specified principal is null.
+ */
+ public boolean addPrincipal(MetaMatrixPrincipalName principal) {
+ if ( principal == null ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0022));
+ }
+ return this.principals.add(principal);
+ }
+
+ /**
+ * Add to this policy's set of existing principals a set of new
<code>MetaMatrixPrincipalName</code> to whom this policy is to apply.
+ * @param newPrincipals the set of new
<code>MetaMatrixPrincipalName</code> that are to be added to this policy. May
not be null.
+ * @return true if this policy changed as a result of the additions.
+ * @throws IllegalArgumentException if the specified set of principals is null or if
the set contains a null value.
+ */
+ public boolean addAllPrincipals(Set<MetaMatrixPrincipalName> newPrincipals) {
+ if ( newPrincipals == null ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0022));
+ }
+ if ( newPrincipals.contains(null) ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0023));
+ }
+ return this.principals.addAll(newPrincipals);
+ }
+
+ /**
+ * Remove from this policy's set of existing principals the specified
<code>MetaMatrixPrincipalName</code>.
+ * If the principal is not in the existing set of principal names for this policy,
+ * this method simply does nothing for that principal.
+ * @param principal the <code>MetaMatrixPrincipalName</code> that is to
be removed from this policy.
+ */
+ public void removePrincipal(MetaMatrixPrincipalName principal) {
+ this.principals.remove(principal);
+ }
+
+ /**
+ * Remove from this policy the entire set of existing
<code>MetaMatrixPrincipalName</code> references.
+ */
+ public void clearPrincipals() {
+ this.principals.clear();
+ }
+
+
+}
+
+
+
+
Added:
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicyFactory.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicyFactory.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicyFactory.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,285 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.io.ByteArrayOutputStream;
+import java.io.CharArrayReader;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Properties;
+import java.util.Set;
+import java.util.StringTokenizer;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.jdom.Document;
+import org.jdom.Element;
+import org.jdom.input.DOMBuilder;
+import org.jdom.output.Format;
+import org.jdom.output.XMLOutputter;
+import org.teiid.adminapi.AdminRoles;
+import org.teiid.security.SecurityPlugin;
+import org.xml.sax.ErrorHandler;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+import org.xml.sax.SAXParseException;
+
+import com.metamatrix.common.log.LogManager;
+import com.metamatrix.common.util.LogConstants;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipal;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
+
+/**
+ * The class build the Policies from the xml file or converts the policies to xml file
for importing and exporting of the policy
+ * files from one server to another. look in the authorizations.xsd in this package for
the format of the XML being imported and
+ * exported
+ */
+public class AuthorizationPolicyFactory {
+
+ private static final String ROLE = "role"; //$NON-NLS-1$
+ private static final String PRINCIPALS = "principals"; //$NON-NLS-1$
+ private static final String ALLOW = "allow-"; //$NON-NLS-1$
+ private static final String RESOURCE_NAME = "resource-name"; //$NON-NLS-1$
+ private static final String PERMISSION = "permission"; //$NON-NLS-1$
+ private static final String PERMISSIONS = "permissions"; //$NON-NLS-1$
+ private static final String DESCRIPTION = "description"; //$NON-NLS-1$
+ private static final String VDB_VERSION = "vdb-version"; //$NON-NLS-1$
+ private static final String VDB_NAME = "vdb-name"; //$NON-NLS-1$
+ private static final String NAME = "name"; //$NON-NLS-1$
+ private static final String DATA_ROLE = "data-role"; //$NON-NLS-1$
+ private static final String ROLES = "roles"; //$NON-NLS-1$
+ private static final String REALM = "realm"; //$NON-NLS-1$
+
+ static final String JAXP_SCHEMA_SOURCE =
"http://java.sun.com/xml/jaxp/properties/schemaSource"; //$NON-NLS-1$
+ static final String JAXP_SCHEMA_LANGUAGE =
"http://java.sun.com/xml/jaxp/properties/schemaLanguage"; //$NON-NLS-1$
+ static final String W3C_XML_SCHEMA = "http://www.w3.org/2001/XMLSchema";
//$NON-NLS-1$
+
+ private static String[] ALLOW_TYPES = new String[] {
+ StandardAuthorizationActions.DATA_CREATE_LABEL,
+ StandardAuthorizationActions.DATA_DELETE_LABEL,
+ StandardAuthorizationActions.DATA_UPDATE_LABEL,
+ StandardAuthorizationActions.DATA_READ_LABEL,
+ };
+
+ public static Collection<AuthorizationPolicy> buildPolicies(String vdbName,
String vdbVersion, char[] xmlContents)
+ throws SAXException, IOException, ParserConfigurationException {
+
+ DOMBuilder builder = new DOMBuilder();
+
+ DocumentBuilderFactory documentBuilderFactory =
DocumentBuilderFactory.newInstance();
+ documentBuilderFactory.setAttribute(JAXP_SCHEMA_LANGUAGE, W3C_XML_SCHEMA);
+ documentBuilderFactory.setAttribute(JAXP_SCHEMA_SOURCE,
AuthorizationPolicyFactory.class.getResourceAsStream("authorizations.xsd"));
//$NON-NLS-1$
+ documentBuilderFactory.setValidating(true);
+ DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();
+ docBuilder.setErrorHandler(new ErrorHandler() {
+
+ public void warning(SAXParseException arg0) throws SAXException {
+
LogManager.logWarning(LogConstants.CTX_AUTHORIZATION,arg0,SecurityPlugin.Util.getString("AuthorizationPolicyFactory.parsing_warning",
arg0.getMessage())); //$NON-NLS-1$
+ }
+
+ public void error(SAXParseException arg0) throws SAXException {
+ throw new
SAXException(SecurityPlugin.Util.getString("AuthorizationPolicyFactory.parsing_error",
arg0.getMessage()), arg0); //$NON-NLS-1$
+ }
+
+ public void fatalError(SAXParseException arg0) throws SAXException {
+ throw new
SAXException(SecurityPlugin.Util.getString("AuthorizationPolicyFactory.parsing_error",
arg0.getMessage()), arg0); //$NON-NLS-1$
+ }
+ });
+
+ Document doc = builder.build(docBuilder.parse(new InputSource(new
CharArrayReader(xmlContents))));
+
+ Element root = doc.getRootElement();
+ Element roles = root.getChild(ROLES);
+ List dataRoles = roles.getChildren(DATA_ROLE);
+
+ AuthorizationRealm realm = new AuthorizationRealm(vdbName, vdbVersion);
+ BasicAuthorizationPermissionFactory bapf = new
BasicAuthorizationPermissionFactory();
+
+ List<AuthorizationPolicy> result = new
ArrayList<AuthorizationPolicy>();
+
+ for (final Iterator iter = dataRoles.iterator(); iter.hasNext();) {
+ final Element role = (Element)iter.next();
+
+ Element name = role.getChild(NAME);
+
+ AuthorizationPolicyID policyID = new AuthorizationPolicyID(name.getText(),
vdbName, vdbVersion);
+ AuthorizationPolicy policy = new AuthorizationPolicy(policyID);
+
+ result.add(policy);
+
+ Element description = role.getChild(DESCRIPTION);
+ if (description != null) {
+ policy.setDescription(description.getText());
+ }
+
+ Element permsElem = role.getChild(PERMISSIONS);
+
+ if (permsElem != null) {
+
+ List perms = permsElem.getChildren(PERMISSION);
+
+ for (final Iterator permIter = perms.iterator(); permIter.hasNext();) {
+ final Element perm = (Element)permIter.next();
+
+ Element resourceElem = perm.getChild(RESOURCE_NAME);
+
+ String resourceName = resourceElem.getText();
+
+ int actionsValue = StandardAuthorizationActions.NONE_VALUE;
+ for (int i = 0; i < ALLOW_TYPES.length; i++) {
+ if (perm.getChild(ALLOW+ALLOW_TYPES[i].toLowerCase()) == null) {
+ continue;
+ }
+ AuthorizationActions action =
StandardAuthorizationActions.getAuthorizationActions(ALLOW_TYPES[i]);
+ actionsValue |= action.getValue();
+ }
+ AuthorizationPermission permission = bapf.create(resourceName, realm,
StandardAuthorizationActions.getAuthorizationActions(actionsValue));
+ policy.addPermission(permission);
+ }
+ }
+
+ Element principalsElem = role.getChild(PRINCIPALS);
+
+ if (principalsElem != null) {
+
+ List groups = principalsElem.getChildren(ROLE);
+
+ for (final Iterator groupsIter = groups.iterator();
groupsIter.hasNext();) {
+ final Element group = (Element)groupsIter.next();
+
+ policy.addPrincipal(new MetaMatrixPrincipalName(group.getText(),
MetaMatrixPrincipal.TYPE_GROUP));
+ }
+ }
+ }
+
+ return result;
+ }
+
+ public static char[] exportPolicies(Collection<AuthorizationPolicy> roles)
throws IOException {
+ Document doc = new Document(new Element(REALM));
+
+ Element rolesElement = new Element(ROLES);
+
+ doc.getRootElement().addContent(rolesElement);
+
+ for (AuthorizationPolicy policy : roles) {
+ AuthorizationPolicyID policyId = policy.getAuthorizationPolicyID();
+
+ Element roleElement = new Element(DATA_ROLE);
+ rolesElement.addContent(roleElement);
+
+ roleElement.addContent(new
Element(NAME).setText(policyId.getDisplayName()));
+
+ AuthorizationRealm realm = policyId.getRealm();
+ roleElement.addContent(new
Element(VDB_NAME).setText(realm.getSuperRealmName()));
+ roleElement.addContent(new
Element(VDB_VERSION).setText(realm.getSubRealmName()));
+
+ roleElement.addContent(new
Element(DESCRIPTION).setText(policy.getDescription()));
+
+ // Now add each individual role
+ Set permissions = policy.getPermissions();
+
+ if (!permissions.isEmpty()) {
+ Element permissionsElement = new Element(PERMISSIONS);
+ roleElement.addContent(permissionsElement);
+
+ for (final Iterator permissionIter = permissions.iterator();
permissionIter.hasNext();) {
+ BasicAuthorizationPermission permission =
(BasicAuthorizationPermission)permissionIter.next();
+ Element permissionElement = new Element(PERMISSION);
+ permissionsElement.addContent(permissionElement);
+
+ permissionElement.addContent(new
Element(RESOURCE_NAME).setText(permission.getResourceName()));
+
+ String[] labels = permission.getActions().getLabels();
+ for (int i = 0; i < labels.length; i++) {
+ permissionElement.addContent(new Element(ALLOW +
labels[i].toLowerCase()));
+ }
+ }
+ }
+
+ Set principals = policy.getPrincipals();
+
+ if (!principals.isEmpty()) {
+ Element principalsElement = new Element(PRINCIPALS);
+ roleElement.addContent(principalsElement);
+
+ for (final Iterator principalsIter = principals.iterator();
principalsIter.hasNext();) {
+ MetaMatrixPrincipalName principal =
(MetaMatrixPrincipalName)principalsIter.next();
+ principalsElement.addContent(new
Element(ROLE).setText(principal.getName()));
+ }
+ }
+ } // for
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+ XMLOutputter outputter = new XMLOutputter();
+ outputter.setFormat(Format.getPrettyFormat());
+ outputter.output(doc, baos);
+
+ return baos.toString().toCharArray();
+ }
+
+ /**
+ * The properties will have format of
+ * role1 = group1, group2
+ * role2 = group3
+ *
+ * @param roles
+ * @return
+ */
+ public static Collection<AuthorizationPolicy> buildAdminPolicies(Properties
roleMap) {
+ List<AuthorizationPolicy> result = new ArrayList<AuthorizationPolicy>();
+ Set keys = roleMap.keySet();
+
+ for(Object key:keys) {
+ String role = (String)key;
+ AuthorizationPolicyID policyID = new AuthorizationPolicyID(role, role);
+ AuthorizationPolicy policy = new AuthorizationPolicy(policyID);
+
+ // allowed groups
+ StringTokenizer st = new StringTokenizer(roleMap.getProperty(role),
","); //$NON-NLS-1$
+ while (st.hasMoreTokens()) {
+ String group = st.nextToken();
+ MetaMatrixPrincipalName member = new MetaMatrixPrincipalName(group,
MetaMatrixPrincipal.TYPE_GROUP);
+ policy.addPrincipal(member);
+ }
+ result.add(policy);
+ }
+ return result;
+ }
+
+ public static Collection<AuthorizationPolicy> buildDefaultAdminPolicies() {
+ Properties p = new Properties();
+ for (String role:AdminRoles.getAllRoleNames()) {
+ p.setProperty(role, role);
+ }
+ return buildAdminPolicies(p);
+
+ }
+
+}
Added: trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicyID.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicyID.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationPolicyID.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,370 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.io.Serializable;
+
+import org.teiid.security.SecurityPlugin;
+
+
+public class AuthorizationPolicyID implements Comparable, Serializable {
+ public final static char DELIMITER= '!';
+
+ public final static int DESCRIPTION_LEN = 250;
+
+ /**
+ * The immutable name for the policy.
+ */
+ private String name;
+
+ /**
+ * The policy description.
+ */
+ private String description;
+
+ /**
+ * Console display name for this policy.
+ */
+ private String displayName;
+
+ /**
+ * Get the <code>AuthorizationRealm</code> this policy
+ * belongs in.
+ * @return the policy's realm.
+ */
+ public AuthorizationRealm getRealm() {
+ return realm;
+ }
+
+ /**
+ * The AuthorizationRealm that this policy belongs in
+ * (usually - but not limited to - a VDB version).
+ */
+ private AuthorizationRealm realm;
+
+ /**
+ * ctor
+ * Meant to be used only by <code>JDBCAuthorizationTransaction</code> to
+ * populate <code>AuthorizationPolicyID</code>s when retrieving
+ * them from the authorization store.
+ * Construct a policy ID with the specified name and description.
+ * @param name the identifier (name) for the policy composed of
+ * @param description the policy description.
+ */
+ public AuthorizationPolicyID(String name, String description) {
+ parseAndSetName(name);
+ this.setDescription(description);
+ }
+
+ /**
+ * Construct a policy ID that is tied to an
<code>AuthorizationRealm</code>.
+ * @param theDisplayName the identifier that the Console will display.
+ * @param description The policy description - may be <code>null</code>.
+ * @param theRealm The <code>AuthorizationRealm</code> this policy
should
+ * be tied to - may <i>not</i> be <code>null</code>.
+ */
+ public AuthorizationPolicyID(String theDisplayName, String description,
AuthorizationRealm theRealm) {
+ if ( theDisplayName == null || theDisplayName.trim().length() == 0 ) {
+ throw new IllegalArgumentException(
+ SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0024));
+ }
+ if ( theDisplayName.indexOf(DELIMITER) >= 0 ) {
+ // The display name cannot contain any DELIMETERS
+ throw new IllegalArgumentException(
+ SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0025,
DELIMITER));
+ }
+ if ( theRealm == null ) {
+ throw new IllegalArgumentException(
+ SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0026));
+ }
+ if ( theRealm.equals(RolePermissionFactory.getRealm()) ) {
+ this.name = theDisplayName;
+ } else {
+ this.name = formName(theDisplayName, theRealm.getSuperRealmName(),
theRealm.getSubRealmName());
+ }
+ this.realm = theRealm;
+ this.displayName = theDisplayName;
+ this.setDescription(description);
+ }
+
+ /**
+ * Construct a policy ID that is tied to a VDB.
+ * @param theDisplayName the identifier that the Console will display.
+ * @param vdbName The name of the VDB this policy should be tied to.
+ * @param vdbVersion The version of the VDB this policy should be tied to.
+ */
+ public AuthorizationPolicyID(String theDisplayName, String vdbName, int vdbVersion)
{
+ this(theDisplayName, vdbName, Integer.toString(vdbVersion));
+ }
+
+ /**
+ * Construct a policy ID that is tied to a VDB.
+ * @param theDisplayName the identifier that the Console will display.
+ * @param vdbName The name of the VDB this policy should be tied to.
+ * @param vdbVersion The version of the VDB this policy should be tied to.
+ */
+ public AuthorizationPolicyID(String theDisplayName, String vdbName, String
vdbVersion) {
+ if (theDisplayName == null || theDisplayName.trim().length() == 0) {
+ throw new IllegalArgumentException(
+ SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0024));
+ }
+ if (vdbName == null || vdbName.trim().length() == 0) {
+ throw new IllegalArgumentException(
+ SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0027));
+ }
+ this.displayName = theDisplayName;
+ this.realm = new AuthorizationRealm(vdbName, vdbVersion);
+ this.name = formName(theDisplayName, vdbName, vdbVersion);
+ this.description = ""; //$NON-NLS-1$
+ }
+
+ /**
+ * Returns the name for the policy.
+ * @return the policy's name
+ */
+ public String getName() {
+ return this.name;
+ }
+
+ /**
+ * Obtain the description for this policy which may be null.
+ * @return the description. May be null.
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * Returns the Console display name for the policy. May return the same as
+ * <code>getName()</code>.
+ * @return the Console display name
+ */
+ public String getDisplayName() {
+ return this.displayName;
+ }
+
+ /**
+ * Returns the Console's VDB name for the policy. (Console limits policy to one
version of one VDB.)
+ * May be <code>null</code>.
+ * @return The VDB name or <code>null</code> if the policy that this ID
represents
+ * is not tied to a VDB.
+ */
+ public String getVDBName() {
+ return this.realm.getSuperRealmName();
+ }
+
+ /**
+ * Return the Console's VDB version for the policy. (Console limits policy to
one version of one VDB.)
+ * @return The VDB version or <code>-1</code> if the policy that this ID
represents
+ * is not tied to a VDB.
+ */
+ public int getVDBVersion() {
+ String vdbVersion = this.realm.getSubRealmName();
+ return (vdbVersion == null ? -1 : Integer.parseInt(vdbVersion));
+ }
+
+ /**
+ * Return the Stringified Console's VDB version for the policy. (Console limits
policy to one
+ * version of one VDB.)
+ * @return The VDB version or <code>-1</code> if the policy that this ID
represents
+ * is not tied to a VDB.
+ */
+ public String getVDBVersionString() {
+ String vdbVersion = this.realm.getSubRealmName();
+ return (vdbVersion == null ? "-1" : vdbVersion); //$NON-NLS-1$
+ }
+
+ /**
+ * Define the set of description for this policy.
+ * @param desc the new description for this policy.
+ */
+ public void setDescription(String desc) {
+ if ( desc != null ) {
+ if (desc.length() > DESCRIPTION_LEN) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0028,
DESCRIPTION_LEN));
+ }
+ this.description = desc;
+ } else {
+ this.description = ""; //$NON-NLS-1$
+ }
+ }
+
+ /**
+ * Returns a string representing the current state of the object.
+ */
+ public String toString() {
+ StringBuffer buf = new StringBuffer("Name=<" + this.name);
//$NON-NLS-1$
+ buf.append("> Realm=<" + this.realm + '>');
//$NON-NLS-1$
+ buf.append("> Desc=<" + this.description); //$NON-NLS-1$
+ return buf.toString();
+ }
+
+ /**
+ * Overrides Object hashCode method.
+ * @return a hash code value for this object.
+ * @see Object#hashCode()
+ * @see Object#equals(Object)
+ */
+ public int hashCode() {
+ return this.name.hashCode();
+ }
+
+ /**
+ * Returns true if the specified object is semantically equal to this instance.
+ * Note: this method is consistent with <code>compareTo()</code>.
+ * <p>
+ * @param obj the object that this instance is to be compared to.
+ * @return whether the object is equal to this object.
+ */
+ public boolean equals(Object obj) {
+ // Check if instances are identical ...
+ if (this == obj) {
+ return true;
+ }
+
+ // Check if object can be compared to this one
+ // (this includes checking for null ) ...
+ if (obj instanceof AuthorizationPolicyID) {
+
+ // fail fast on different hash codes
+ if (this.hashCode() != obj.hashCode()) {
+ return false;
+ }
+
+ // slower comparison
+ return compare(this, (AuthorizationPolicyID)obj) == 0;
+ }
+
+ // Otherwise not comparable ...
+ return false;
+ }
+
+ /**
+ * Compares this AuthorizationPolicyID to another Object. If the Object is an
AuthorizationPolicyID,
+ * this function compares the name. Otherwise, it throws a
+ * ClassCastException (as policyID instances are comparable only to
+ * other policyID instances). Note: this method is consistent with
+ * <code>equals()</code>.
+ * <p>
+ * @param o the object that this instance is to be compared to.
+ * @return a negative integer, zero, or a positive integer as this object
+ * is less than, equal to, or greater than the specified object, respectively.
+ * @throws ClassCastException if the specified object's type prevents it
+ * from being compared to this AuthorizationPolicyID.
+ */
+ public int compareTo(Object o) throws ClassCastException {
+ // Check if instances are identical ...
+ if (this == o) {
+ return 0;
+ }
+ if (o == null) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0029));
+ }
+
+ // Check if object cannot be compared to this one
+ // (this includes checking for null ) ...
+ if (!(o instanceof AuthorizationPolicyID)) {
+ throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0030,
o.getClass()));
+ }
+
+ // Check if everything else is equal ...
+ return compare(this, (AuthorizationPolicyID)o);
+ }
+
+ /**
+ * Utility method to compare two policyIDs. Returns a negative integer, zero,
+ * or a positive integer as this object is less than, equal to, or greater than
+ * the specified object. <p>
+ *
+ * The comparison is based on the names of the user groups.<p>
+ *
+ * This method assumes that all type-checking has already been performed. <p>
+ *
+ * @param obj1 the first policyID to be compared
+ * @param obj2 the second policyID to be compared
+ * @return -1, 0, +1 based on whether obj1 is less than, equal to, or
+ * greater than obj2
+ */
+ static int compare(AuthorizationPolicyID obj1, AuthorizationPolicyID obj2) {
+ return (obj1.hashCode() == obj2.hashCode()) ? 0 :
obj1.name.compareTo(obj2.name);
+ }
+
+ public static String parseRealm(AuthorizationRealm aRealm) {
+ String superRealmName = aRealm.getSuperRealmName();
+ String subRealmName = aRealm.getSubRealmName();
+ if ( subRealmName == null ) {
+ return superRealmName;
+ }
+ return formName("", superRealmName, subRealmName); //$NON-NLS-1$
+ }
+
+ public static String formName(String displayName, String vdbName, String vdbVersion)
{
+ String delimiterString = new String(new char[] {DELIMITER});
+ StringBuffer name = new StringBuffer();
+ if ( displayName != null && displayName.trim().length() > 0 ) {
+ name.append(displayName);
+ }
+ if ( displayName.indexOf('.') < 0 ) {
+ if ( vdbName != null && vdbName.trim().length() > 0 ) {
+ name.append(delimiterString);
+ name.append(vdbName);
+ }
+ if ( vdbVersion != null && vdbVersion.trim().length() > 0 ) {
+ String versionString = vdbVersion;
+ // left pad with zeros if needed
+ while (versionString.length() < 3) {
+ versionString = "0" + versionString; //$NON-NLS-1$
+ }
+ name.append(delimiterString);
+ name.append(versionString);
+ }
+ }
+ return name.toString();
+ }
+
+ /**
+ *
+ */
+ private void parseAndSetName(String idName) {
+ this.name = idName;
+ int firstDelimiterLoc = idName.indexOf(DELIMITER);
+ String superRealmName = ""; //$NON-NLS-1$
+ String subRealmName = ""; //$NON-NLS-1$
+ if ( firstDelimiterLoc > 0 ) {
+ this.displayName = idName.substring(0, firstDelimiterLoc);
+ int secondDelimiterLoc = idName.lastIndexOf(DELIMITER);
+ if ( secondDelimiterLoc > firstDelimiterLoc + 1 ) {
+ superRealmName = idName.substring(firstDelimiterLoc + 1,
secondDelimiterLoc);
+ if ( secondDelimiterLoc < idName.length() ) {
+ subRealmName = idName.substring(secondDelimiterLoc + 1);
+ }
+ }
+ this.realm = new AuthorizationRealm(superRealmName, subRealmName);
+ } else {
+ this.displayName = idName;
+ this.realm = RolePermissionFactory.getRealm();
+ }
+ }
+}
+
+
Added: trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationRealm.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationRealm.java
(rev 0)
+++ trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationRealm.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,288 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.io.Serializable;
+import java.util.List;
+
+import org.teiid.security.SecurityPlugin;
+
+import com.metamatrix.core.util.StringUtil;
+
+/**
+ * This class contains the realm and sub realm for an
<code>AuthorizationPermission</code>.<br>
+ * It may be composed of two divisions - a super realm and a sub realm. The super
+ * realm is required and is a major grouping for
<code>AuthorizationPermission</code>s.
+ * The sub realm is an optional and arbitrary tag that subdivides the super
realm.<br>
+ * This object will not change during the life of an
<code>AuthorizationPermission</code>.
+ */
+public class AuthorizationRealm implements Comparable, Serializable {
+
+ private static final String REALM_DELIMITER = "."; //$NON-NLS-1$
+ private static final int NUMBER_OF_REALM_COMPONENTS = 2;
+
+ // The Realm
+ private String superRealmName;
+
+ // The Sub Realm
+ private String subRealmName;
+
+ // Realm description
+ private String description;
+
+ /** Largest allowable description. Descriptions longer will be truncated. */
+ public static final int MAX_DESCRIPTION_LEN = 550;
+
+ /**
+ * The cached value of the hash code for this object.
+ */
+ private int hashCode;
+
+ /**
+ * ctor
+ * Meant to be used only by <code>JDBCAuthorizationTransaction</code> to
+ * populate <code>AuthorizationPermission</code>s with their realm when
retrieving
+ * them from the database.
+ * @param realmName The name of the realm to which an AuthorizationPermission
+ * belongs - May not be null. May be the combined super and sub realm names,
+ * in which case it will be parsed correctly. Must contain no more than 2
+ * realm components.
+ * @throws IllegalArgumentException if <code>realmName</code> contains
too many
+ * components.
+ */
+ public AuthorizationRealm(String realmName) {
+ if ( realmName == null || realmName.trim().length() == 0 ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0031));
+ }
+ if ( realmName.indexOf(REALM_DELIMITER) >= 0 ) {
+ List realms = StringUtil.split(realmName, REALM_DELIMITER);
+ if ( realms.size() > NUMBER_OF_REALM_COMPONENTS ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0032,
realmName));
+ }
+
+ init((String)realms.get(0), (String)realms.get(1), null);
+ } else {
+ init(realmName, null, null);
+ }
+ }
+
+ /**
+ * ctor
+ * Must have at least a superRealmName and may have a subRealmName.
+ * @param superRealmName The name of the realm to which an AuthorizationPermission
+ * belongs - May not be null.
+ * @param subRealmName An arbitrary subdivision of the given realm - May be null.
+ * @throws IllegalArgumentException if <code>realmName</code> contains
too many
+ * components.
+ */
+ public AuthorizationRealm(String superRealmName, String subRealmName) {
+ this(superRealmName, subRealmName, null);
+ }
+
+ /**
+ * ctor
+ * Must have at least a superRealmName and may have a subRealmName.
+ * @param superRealmName The name of the realm to which an AuthorizationPermission
+ * belongs - May not be null.
+ * @param subRealmName An arbitrary subdivision of the given realm - May be null.
+ * @param description May be null.
+ * @throws IllegalArgumentException if <code>superRelamName</code> is
null or empty
+ * or if either superRealmName or subRealmName contain a realm delimeter char
'.'.
+ */
+ public AuthorizationRealm(String superRealmName, String subRealmName, String
description) {
+ if ( superRealmName == null || superRealmName.trim().length() == 0 ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0031));
+ }
+ if ( superRealmName.indexOf(REALM_DELIMITER) >= 0 ||
+ (subRealmName != null && subRealmName.indexOf(REALM_DELIMITER) >=
0) ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0033,
+ new Object[] {superRealmName, subRealmName}));
+ }
+ init(superRealmName, subRealmName, description);
+ }
+
+ /**
+ * Must have at least a realmName and may have a subRealmName.
+ * @param superRealmName The name of the realm to which an AuthorizationPermission
+ * belongs - May not be null.
+ * @param subRealmName An arbitrary subdivision of the given realm - May be null.
+ */
+ private void init(String superRealmName, String subRealmName, String description) {
+ this.superRealmName = superRealmName;
+
+ if ( subRealmName != null && subRealmName.trim().length() > 0 ) {
+ // Remove left zero padding if needed
+ char[] chars = subRealmName.toCharArray();
+ int nonZeroIndex = 0;
+ while ( chars[nonZeroIndex] == '0' && nonZeroIndex <
chars.length ) {
+ nonZeroIndex++;
+ }
+ if ( nonZeroIndex >= chars.length ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0034));
+ }
+ this.subRealmName = subRealmName.substring(nonZeroIndex);
+ }
+
+ setDescription(description);
+
+ hashCode = getRealmName().hashCode();
+ }
+
+ /**
+ * Get the full realm name.
+ * @return The full realm name.
+ */
+ public String getRealmName() {
+ StringBuffer realm = new StringBuffer(this.superRealmName);
+ if ( this.subRealmName != null ) {
+ realm.append(REALM_DELIMITER);
+ realm.append(this.subRealmName);
+ }
+ return realm.toString();
+ }
+
+ /**
+ * Get the super realm name.
+ * @return The realm name.
+ */
+ public String getSuperRealmName() {
+ return this.superRealmName;
+ }
+
+ /**
+ * Get the sub realm name.
+ * @return The sub realm name - <strong>May be null</strong>.
+ */
+ public String getSubRealmName() {
+ return this.subRealmName;
+ }
+
+ /**
+ * Get the realm description.
+ * @return The realm description.
+ */
+ public String getDescription() {
+ return this.description;
+ }
+
+ /**
+ * Set the realm description. The description argument will be ignored if
+ * it's null or empty.
+ * @param description The realm description.
+ */
+ public void setDescription(String description) {
+ if ( description != null && description.trim().length() > 0 ) {
+ this.description = StringUtil.truncString(description, MAX_DESCRIPTION_LEN);
+ }
+ }
+
+ /**
+ * Override Object method.
+ */
+ public String toString() {
+ return getRealmName();
+ }
+
+ /**
+ * Overrides Object hashCode method.
+ * @return a hash code value for this object.
+ * @see Object#hashCode()
+ * @see Object#equals(Object)
+ */
+ public int hashCode() {
+ return this.hashCode;
+ }
+
+ /**
+ * Returns true if the specified object is semantically equal to this instance.
+ * Note: this method is consistent with <code>compareTo()</code>.
+ * <p>
+ * @param obj the object that this instance is to be compared to.
+ * @return whether the object is equal to this object.
+ */
+ public boolean equals(Object obj) {
+ // Check if instances are identical ...
+ if (this == obj) {
+ return true;
+ }
+ // Check if object can be compared to this one
+ // (this includes checking for null ) ...
+ if(obj instanceof AuthorizationRealm){
+ return compare(this, (AuthorizationRealm)obj) == 0;
+ }
+
+ // Otherwise not comparable ...
+ return false;
+ }
+
+ /**
+ * Compares this AuthorizationRealm to another Object. If the Object is an
AuthorizationRealm,
+ * this function compares the name. Otherwise, it throws a
+ * ClassCastException (as AuthorizationRealm instances are comparable only to
+ * other AuthorizationRealm instances). Note: this method is consistent with
+ * <code>equals()</code>.
+ * <p>
+ * @param o the object that this instance is to be compared to.
+ * @return a negative integer, zero, or a positive integer as this object
+ * is less than, equal to, or greater than the specified object, respectively.
+ * @throws ClassCastException if the specified object's type prevents it
+ * from being compared to this AuthorizationRealm.
+ */
+ public int compareTo(Object o) throws ClassCastException {
+ // Check if instances are identical ...
+ if (this == o) {
+ return 0;
+ }
+ if (o == null) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0035));
+ }
+
+ // Check if object cannot be compared to this one
+ // (this includes checking for null ) ...
+ if (!(o instanceof AuthorizationRealm)) {
+ throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0036,
o.getClass()));
+ }
+
+ // Check if everything else is equal ...
+ return compare(this, (AuthorizationRealm)o);
+ }
+
+ /**
+ * Utility method to compare two AuthorizationRealm instances. Returns a negative
integer, zero,
+ * or a positive integer as this object is less than, equal to, or greater than
+ * the specified object. <p>
+ *
+ * Subclasses may not override this method because it is designed to enforce a
+ * constraint placed on <emph>all</emph>
<code>AuthorizationRealm</code>s.<p>
+ *
+ * This method assumes that all type-checking has already been performed. <p>
+ *
+ * @param obj1 the first policyID to be compared
+ * @param obj2 the second policyID to be compared
+ * @return -1, 0, +1 based on whether obj1 is less than, equal to, or
+ * greater than obj2
+ */
+ static public final int compare(AuthorizationRealm obj1, AuthorizationRealm obj2) {
+ return
obj1.getRealmName().toLowerCase().compareTo(obj2.getRealmName().toLowerCase());
+ }
+}
Added: trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationResource.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationResource.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/AuthorizationResource.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,83 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+
+/**
+ * This interface defines a Resource on which can be granted one or more
+ * {@link org.teiid.security.roles.AuthorizationActions Actions}.
+ * Together these form an
+ * {@link org.teiid.security.roles.AuthorizationPermission AuthorizationPermission}.
+ */
+public interface AuthorizationResource extends Comparable {
+ /**
+ * Get the name of this resource. May be <code>null</code>
+ * if the resorce's ID has not been resolved.
+ * @return The resource name.
+ */
+ String getName();
+
+ /**
+ * Get the identifier of this resource. <i>Will not</i> be
<code>null</code>.
+ * This is the identifier used to store and retrieve this resource from
+ * the Authorization store.
+ * @return The resource identifier.
+ */
+ String getID();
+
+ /**
+ * Get the UUID of this resource. May be <code>null</code>.
+ * This is a payload of UUID for MetaBase authorization code.
+ * @return The resource's UUID, if present, else <code>null</code>.
+ */
+ String getUUID();
+
+ /**
+ * Get the canonical name of this resource used for comparing.
+ * May be <code>null</code> if the resource's ID has not been
resolved.
+ * @return The canonical resource name.
+ */
+ String getCanonicalName();
+
+ /**
+ * Determine if the Actions applies to this resource should be
+ * applied recursively to sub resources.
+ * @return Whether the actions are to be applied recursivly.
+ */
+ boolean isRecursive();
+
+ /**
+ * Does this resource imply another?
+ * @param resource The other resource
+ * @throws MetaBaseResourceNotResolvedException if implies is called bfore
+ * the resource's ID has been resolved to a path.
+ */
+ boolean implies(AuthorizationResource resource);
+
+ /**
+ * Are these resources equal exception for recursion?
+ * @param resource The resource to compare with this one disregarding recursion.
+ * @return <code>true</code> if these two resources differ only be
recursion.
+ */
+ boolean isCannonicallyEquivalent(AuthorizationResource resource);
+}
Added:
trunk/engine/src/main/java/org/teiid/security/roles/BasicAuthorizationPermission.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/BasicAuthorizationPermission.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/BasicAuthorizationPermission.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,210 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import org.teiid.security.SecurityPlugin;
+
+import com.metamatrix.common.log.LogManager;
+import com.metamatrix.common.util.LogConstants;
+
+/**
+ * A BasicAuthorizationPermission defines access permissions for Metadata resources
(i.e., MetadataID instances).
+ * This class extends the AuthorizationPermission abstract class and provides
specialized
+ * <code>implies</code>, <code>equals</code>, and
<code>compareTo</code> method implementations.
+ * <p>
+ */
+public class BasicAuthorizationPermission extends AuthorizationPermission implements
Cloneable {
+
+ public static final String RECURSIVE = DataAccessResource.RECURSIVE;
+ public static final String SEPARATOR_WITH_RECURSIVE =
DataAccessResource.SEPARATOR_WITH_RECURSIVE;
+
+ /**
+ * Create a new Metadata authorization permission for the specified resource.
+ * @param resource the resource
+ * @param realm the name of the realm for this rule (may not be null, but may be
empty)
+ * @param actions the actions for the resource
+ * @param contentModifier the content modifier (may be null)
+ */
+ BasicAuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realm, AuthorizationActions actions, String contentModifier, String factoryClassName) {
+ super( resource, realm, actions, contentModifier, factoryClassName);
+ }
+
+ /**
+ * Create a new Metadata authorization permission for the specified resource.
+ * @param resource the new resource
+ * @param realmName the name of the realm for this rule (may not be null, but may be
empty)
+ * @param factoryClassName the name of the factory class used to create this
permissions (may not be null, but may be empty)
+ */
+ BasicAuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realmName, String factoryClassName) {
+ super( resource, realmName, factoryClassName);
+ }
+
+ /**
+ * Create a new Metadata authorization permission for the specified resource.
+ * @param resource the new resource name
+ * @param realm the name of the realm for this rule (may not be null, but may be
empty)
+ * @param actions the actions for the resource
+ */
+ BasicAuthorizationPermission(AuthorizationResource resource, AuthorizationRealm
realm, AuthorizationActions actions, String factoryClassName) {
+ super( resource, realm, actions, factoryClassName);
+ }
+
+ /**
+ * Make a deep copy of this object.
+ * @return The newly copied object.
+ */
+ protected Object clone() throws CloneNotSupportedException {
+ return new BasicAuthorizationPermission(this.getResource(),
+ this.getRealm(),
+ this.getActions(),
+ this.getContentModifier(),
+ this.getFactoryClassName());
+ }
+
+ /**
+ * Determine whether this <i>official</i>
<code>AuthorizationPermission</code> instance <i>implies</i>
+ * the access requested by the <code>request</code>
<code>AuthorizationPermission</code> instance. This
+ * <i>official</i> permission is stored by the Authorization subsystem
and is owned by a given
+ * <code>Principal</code>. The <code>request</code>
permission has been created by a software component
+ * on behalf of the given <code>Principal</code> wishing access to a
resource controlled by the component.
+ * <p>
+ * The requested permission is implied by the official permission if
<b><i>all</i></b> of the following
+ * conditions are satisfied:</p>
+ *
+ * <li>The <code>request</code> permission must be of the same type
(evaluated using
+ * <code>instanceof</code>);</li>
+ * <li>The {@link AuthorizationRealm} of each permission instance must be
equivalent;</li>
+ * <li>All of the actions of the requested permission must be included in the
actions
+ * of the official permission. See {@link AuthorizationActions#implies};</li>
+ * <li>if there is a recursive parameter in both resource names, and the
+ * requested resource name is more restrictive than the official resource
name;</li>
+ * <li>if there is a recursive parameter in the official resource but not the
+ * requested resource or neither resource contains a recursive parameter, and
+ * the requested resource is contained in its entirety within the official resource
+ * name (starting at the beginning of the official resource).</li>
+ * Note: the content modifier of the permissions is not used in this algorithm.
+ *
+ * @param request The permission that is being requested or attempted, and which is
in question
+ * by the caller
+ * @return <code>true</code> if the official permission does imply access
to the resource(s) specified
+ * by the request
+ */
+ public boolean implies( AuthorizationPermission request ) {
+// LogManager.logTrace( LogSecurityConstants.CTX_AUTHORIZATION,
"BasicAuthorizationPermission.implies(): this [" +
+// this.toString() + "] => that [" + request +
"]");
+ if (!(request instanceof BasicAuthorizationPermission)) {
+// LogManager.logDetail( LogSecurityConstants.CTX_AUTHORIZATION,
"implies(): Permission not an instance of BasicAuthorizationPermission");
+ return false;
+ }
+
+ // --------------------------------------
+ // Actions NONE does not imply anything!
+ // --------------------------------------
+ if ( this.getActions().equals(StandardAuthorizationActions.NONE) ||
+ request.getActions().equals(StandardAuthorizationActions.NONE) ) {
+ return false;
+ }
+
+ // -----------------------
+ // Compare the Realms ...
+ // -----------------------
+ if ( ! this.getRealm().equals(request.getRealm()) ) {
+// LogManager.logTrace( LogSecurityConstants.CTX_AUTHORIZATION,
"implies(): Realms not equal: this [" +
+// this.getRealm() + "] != that [" + request.getRealm() +
"]");
+ return false;
+ }
+ LogManager.logTrace( LogConstants.CTX_AUTHORIZATION, "implies(): Realms are
equal"); //$NON-NLS-1$
+
+ // -----------------------
+ // Compare the actions ...
+ // -----------------------
+ if ( ! this.getActions().implies(request.getActions()) ) {
+// LogManager.logTrace( LogSecurityConstants.CTX_AUTHORIZATION,
"implies(): Actions not implied: this [" +
+// this.getActions() + "] != that [" + request.getActions()
+ "]");
+ return false;
+ }
+ LogManager.logTrace( LogConstants.CTX_AUTHORIZATION, "implies(): Actions are
implied"); //$NON-NLS-1$
+
+ BasicAuthorizationPermission that = (BasicAuthorizationPermission) request;
+ // ---------------------------
+ // Compare the resource(s) ...
+ // ---------------------------
+ DataAccessResource thisResource = (DataAccessResource) getResource();
+ return thisResource.implies(that.getResource());
+ }
+
+ public boolean equals(Object obj) {
+ // Check if instances are identical ...
+ if (this == obj) {
+ return true;
+ }
+ // Check if object can be compared to this one
+ // (this includes checking for null ) ...
+ if(obj instanceof BasicAuthorizationPermission){
+ return compare(this, (BasicAuthorizationPermission)obj) == 0;
+ }
+
+ // Otherwise not comparable ...
+ return false;
+ }
+
+ public int compareTo(Object o) throws ClassCastException {
+ // Check if instances are identical ...
+ if (this == o) {
+ return 0;
+ }
+ if (o == null) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0037));
+ }
+
+ // Check if object cannot be compared to this one
+ // (this includes checking for null ) ...
+ if (!(o instanceof BasicAuthorizationPermission)) {
+ throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0038,
o.getClass()));
+ }
+
+ // Check if everything else is equal ...
+ return compare(this, (BasicAuthorizationPermission)o);
+ }
+
+ /**
+ * Remove recursive attribute.
+ * @param resourceName The resource name from which to remove recursion.
+ * @return The non recursive resource name.
+ */
+ public static String removeRecursion(String resourceName) {
+ return resourceName.substring(0,
resourceName.indexOf(SEPARATOR_WITH_RECURSIVE));
+ }
+
+ /**
+ * Does this resource have the recursive attribute.
+ * @param resourceName The resource name to check for recursion.
+ * @return <code>true</code> if the resource is recursive.
+ */
+ public static boolean isRecursiveResource(String resourceName) {
+ return resourceName.endsWith(SEPARATOR_WITH_RECURSIVE);
+ }
+
+}
+
+
Added:
trunk/engine/src/main/java/org/teiid/security/roles/BasicAuthorizationPermissionFactory.java
===================================================================
---
trunk/engine/src/main/java/org/teiid/security/roles/BasicAuthorizationPermissionFactory.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/BasicAuthorizationPermissionFactory.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,78 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.io.Serializable;
+
+/**
+ * This class is the factory for BasicAuthorizationPermission instances.
+ */
+public class BasicAuthorizationPermissionFactory implements
AuthorizationPermissionFactory, Serializable {
+
+ /**
+ * Get the class that this factory creates instances of.
+ * @return the class of the instances returned by this factory's
<code>create</code> methods.
+ */
+ public Class getPermissionClass() { return BasicAuthorizationPermission.class; }
+
+ /**
+ * Create the AuthorizationResource type for the permission type that this factory
creates instances of.
+ * @return A new resource instance of the appropriate type.
+ */
+ public AuthorizationResource createResource(String name) {
+ return new DataAccessResource(name);
+ }
+
+ /**
+ * Create a new authorization permission for the specified resource.
+ * @param resource the resource
+ * @param realm the realm into which this resource belongs
+ * @param actions the actions for the resource
+ * @param contentModifier the content modifier (may be null)
+ */
+ public AuthorizationPermission create(AuthorizationResource resource,
AuthorizationRealm realm, AuthorizationActions actions, String contentModifier) {
+ String factoryClassName = this.getClass().getName();
+ return new BasicAuthorizationPermission(resource,realm,actions,contentModifier,
factoryClassName);
+ }
+
+ /**
+ * Create a new authorization permission for the specified resource.
+ * @param resource the resource
+ * @param realm the realm into which this resource belongs
+ */
+ public AuthorizationPermission create(String resource, AuthorizationRealm realm) {
+ return new BasicAuthorizationPermission(new DataAccessResource(resource),realm,
this.getClass().getName());
+ }
+
+ /**
+ * Create a new authorization permission for the specified resource.
+ * @param resource the resource
+ * @param realm the realm into which this resource belongs
+ * @param actions the actions for the resource
+ */
+ public AuthorizationPermission create(String resource, AuthorizationRealm realm,
AuthorizationActions actions) {
+ return new BasicAuthorizationPermission(new
DataAccessResource(resource),realm,actions, this.getClass().getName());
+ }
+}
+
+
Added: trunk/engine/src/main/java/org/teiid/security/roles/DataAccessResource.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/DataAccessResource.java
(rev 0)
+++ trunk/engine/src/main/java/org/teiid/security/roles/DataAccessResource.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,258 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.io.Serializable;
+
+import org.teiid.security.SecurityPlugin;
+
+//import com.metamatrix.common.log.LogManager;
+
+//import com.metamatrix.platform.security.util.LogSecurityConstants;
+
+/**
+ * Defines a resource associated with a
+ * {@link org.teiid.security.roles.BasicAuthorizationPermission
BasicAuthorizationPermission}.
+ */
+public class DataAccessResource implements AuthorizationResource, Serializable {
+
+ // --------------------------------------------------
+ // Static constants related to the naming lexicon ...
+ // --------------------------------------------------
+// private static final boolean IGNORE_CASE = false;
+ private static final String SEPARATOR = "."; //$NON-NLS-1$
+ public static final String RECURSIVE = "*"; //$NON-NLS-1$
+ private static final String ALL_NODES = RECURSIVE;
+ public static final String SEPARATOR_WITH_RECURSIVE = SEPARATOR + RECURSIVE;
+
+ // The resource name
+ private String name;
+ // The resource's canonical name
+ private String canonicalName;
+ // Is this a recursive resource?
+ private boolean isRecursive;
+
+ /**
+ * ctor
+ * @param name The resource name
+ */
+ public DataAccessResource(String name) {
+ this.name = name;
+ init(name);
+ }
+
+ /**
+ * Overrides method defined in <code>Object</code>.
+ * @return The hashCode of this object.
+ */
+ public int hashCode() {
+ return name.hashCode();
+ }
+
+ /**
+ * Overrides method defined in <code>Object</code>.
+ * Note: this method is consistent with <code>compareTo()</code>.
+ * @param obj The <code>Object</code> to compare.
+ * @return <code>true</code> if two DataAccessResource instances are
semantically equal.
+ */
+ public boolean equals(Object obj) {
+ // Check if instances are identical ...
+ if (this == obj) {
+ return true;
+ }
+
+ // Check if object can be compared to this one
+ // (this includes checking for null ) ...
+ if (obj instanceof DataAccessResource) {
+ return this.name.equals(((DataAccessResource)obj).name);
+ }
+ return false;
+ }
+
+ /**
+ * Are these resources equal exception for recursion?
+ * @param resource The resource to compare with this one disregarding recursion.
+ * @return <code>true</code> if these two resources differ only be
recursion.
+ */
+ public boolean isCannonicallyEquivalent(AuthorizationResource resource) {
+ if (resource instanceof DataAccessResource) {
+ return
this.canonicalName.equals(((DataAccessResource)resource).canonicalName);
+ }
+ return false;
+ }
+
+ /**
+ * Get the resource name.
+ * @return The resource name.
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Get the identifier of this resource. <i>Will not</i> be
<code>null</code>.
+ * This is the identifier used to store and retrieve this resource from
+ * the Authorization store.
+ * @return The resource identifier.
+ */
+ public String getID() {
+ return name;
+ }
+
+ /**
+ * Get the UUID of this resource. May be <code>null</code>.
+ * This is a payload of UUID for MetaBase authorization code.
+ * @return The resource's UUID, if present, else <code>null</code>.
+ */
+ public String getUUID() {
+ return null;
+ }
+
+ /**
+ * Get the canonical name for this resource - used internally for comparing.
+ * @return The resource's canonical name.
+ */
+ public String getCanonicalName() {
+ return canonicalName;
+ }
+
+ /**
+ * Determine if the Actions applies to this resource should be
+ * applied recursively to sub resources.
+ * @return Whether the actions are to be applied recursivly.
+ */
+ public boolean isRecursive() {
+ return isRecursive;
+ }
+
+ /**
+ * Package level method for use by the permission instance to
+ * specify wheather this resoruce is recursive.
+ * @param recursive
+ */
+ void setRecursive(boolean recursive) {
+ isRecursive = recursive;
+ }
+
+ /**
+ * Compares this DataAccessResource to another Object. If the Object is an
DataAccessResource,
+ * this function compares the name. Otherwise, it throws a
+ * ClassCastException (as DataAccessResource instances are comparable only to
+ * other DataAccessResource instances). Note: this method is consistent with
+ * <code>equals()</code>.
+ * <p>
+ * @param o the object that this instance is to be compared to.
+ * @return a negative integer, zero, or a positive integer as this object
+ * is less than, equal to, or greater than the specified object, respectively.
+ * @throws ClassCastException if the specified object's type prevents it
+ * from being compared to this DataAccessResource.
+ */
+ public int compareTo(Object o) throws ClassCastException {
+ // Check if instances are identical ...
+ if (this == o) {
+ return 0;
+ }
+ if (o == null) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0043));
+ }
+
+ // Check if object cannot be compared to this one
+ // (this includes checking for null ) ...
+ if (!(o instanceof DataAccessResource)) {
+ throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0044,
o.getClass()));
+ }
+
+ // Check if everything else is equal ...
+ return this.name.compareTo(((DataAccessResource)o).name);
+ }
+
+ /**
+ * Does this resource <i>"imply"</i> another?
+ */
+ public boolean implies(AuthorizationResource thatResource) {
+ if ( !(thatResource instanceof DataAccessResource) ) {
+ return false;
+ }
+ DataAccessResource that = (DataAccessResource) thatResource;
+// DEBUG:
+//System.out.println(" *** implies: Permission is recursive? " +
this.isRecursive);
+ if ( isRecursive ) {
+ // A recursive group implies access to its element
+ if ( that.canonicalName.startsWith(this.canonicalName) ) {
+// DEBUG:
+//System.out.println(" *** implies: Permission is recursive and implied.");
+// LogManager.logTrace( LogSecurityConstants.CTX_AUTHORIZATION,
"implies(): Recursive perm implies that: this [" +
+// this.canonicalName + "] => that [" +
that.canonicalName + "]");
+ return true;
+ }
+ } else if ( ! that.isRecursive ) {
+// DEBUG:
+//System.out.println(" *** implies: Permission is NOT recursive.");
+ // If this perms resource is an element of the requested perms resource (a
group),
+ // enforce policy that ANY element entitles its group.
+ int lastSepIndex = this.canonicalName.lastIndexOf(SEPARATOR);
+ if ( lastSepIndex > 0 && this.canonicalName.substring(0,
lastSepIndex).equals(that.canonicalName) ) {
+// DEBUG:
+//System.out.println(" *** implies: Permission is NOT recursive and is
implied.");
+ return true;
+ }
+ }
+
+// LogManager.logTrace( LogSecurityConstants.CTX_AUTHORIZATION, "implies():
These resources equal? this [" +
+// this.canonicalName + "] == that [" + that.canonicalName +
"]");
+ return this.canonicalName.equals(that.canonicalName);
+ }
+
+ /**
+ * This method is invoked by the constructors that take a string resource name, and
is
+ * to strip out any recursive or wildcard characters and return simple the name of
the
+ * node.
+ */
+ private void init( String resourceName ) {
+
+ // If the resource name is the ALL_NODES resource ...
+ if ( resourceName.equals(ALL_NODES) ) {
+ isRecursive = true;
+ this.canonicalName = ""; // resource name should be nothing
//$NON-NLS-1$
+ }
+
+ // If the resource name includes the recursive parameter ...
+ if ( resourceName.endsWith(SEPARATOR_WITH_RECURSIVE) ) {
+ isRecursive = true;
+ this.canonicalName = resourceName.substring(0, resourceName.length()-2);
+ } else if ( resourceName.endsWith(RECURSIVE) ) {
+ isRecursive = true;
+ this.canonicalName = resourceName.substring(0, resourceName.length()-1);
+ } else {
+ // overkill since it is initialized to false, but
+ // commented out here to remind us...
+ //isRecursive = false;
+ this.canonicalName = resourceName;
+ }
+ this.canonicalName = this.canonicalName.toLowerCase();
+ }
+
+ public String toString() {
+ return name;
+ }
+}
Added: trunk/engine/src/main/java/org/teiid/security/roles/GranteeEntitlementEntry.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/GranteeEntitlementEntry.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/GranteeEntitlementEntry.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,244 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.io.Serializable;
+
+import org.teiid.security.SecurityPlugin;
+
+import com.metamatrix.platform.security.api.MetaMatrixPrincipal;
+import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
+
+
+/**
+ * This object contains one entry for an entitlement entry in {@link
UserEntitlementInfo}.
+ * It comprises the triplet of <i>Grantee</i> the <i>Grantor</i>
that assigned him the
+ * <i>Allowed Actions</i> and the <i>Allowed Actions</i> on the
<i>Resource</i> of the
+ * entitlement.
+ *
+ * <p>This is not a standalone object. These objects are returned as elements of
+ * {@link UserEntitlementInfo#iterator}. Specifically, the <i>Resource</i>
and VDB name and
+ * version are constant over iteration and are contained in {@link
UserEntitlementInfo}.</p>
+ */
+public final class GranteeEntitlementEntry implements Serializable, Comparable {
+ private MetaMatrixPrincipalName grantee;
+ private String grantor;
+ private AuthorizationActions allowedActions;
+ // Identity
+ private String identifier;
+
+ /**
+ * <br>ctor.</br>
+ * Used when creating in the Authorization JDBC layer.
+ * @param grantee
+ * @param grantor
+ * @param alloweActions
+ */
+ public GranteeEntitlementEntry(MetaMatrixPrincipalName grantee, String grantor, int
allowedActions) {
+ this.grantee = grantee;
+ this.grantor = grantor;
+ this.allowedActions =
StandardAuthorizationActions.getAuthorizationActions(allowedActions);
+ this.generateIdentity();
+ }
+
+ /**
+ * <br>ctor.</br>
+ * Uses another GranteeEntitlementEntry as a pattern to clone only changing the
<i>Grantee</i>.
+ * Used specifically when <i>clone</i> is a user group and grantee was
determined to be one of
+ * the group members.
+ * @param grantee The new principal this object will represent.
+ * @param clone All other inforamtion comes from this clone.
+ */
+ public GranteeEntitlementEntry(MetaMatrixPrincipalName grantee,
GranteeEntitlementEntry clone) {
+ this.grantee = grantee;
+ this.grantor = clone.grantor;
+ this.allowedActions = clone.allowedActions;
+ this.generateIdentity();
+ }
+
+ /**
+ * Get the <i>Grantee</i>.
+ * @return The <i>Grantee</i>.
+ */
+ public String getGrantee() {
+ return grantee.getName();
+ }
+
+ /**
+ * Does this <i>Grantee</i> represent a user group? If not, it's a
user.
+ * @return <code>true</code> if the <i>Grantee</i> represents
a user group,
+ * <code>false</code> if it's of type user.
+ */
+ public boolean isUserGroup() {
+ return grantee.getType() == MetaMatrixPrincipal.TYPE_GROUP;
+ }
+
+ /**
+ * Get the <i>Grantor</i>.
+ * @return The <i>Grantor</i>.
+ */
+ public String getGrantor() {
+ return grantor;
+ }
+
+ /**
+ * Get the <i>Allowed Actions</i>.
+ * @return The <i>Allowed Actions</i>.
+ */
+ public String[] getAllowedActions() {
+ return allowedActions.getLabels();
+ }
+
+ /**
+ * Overrides Object method of the same name
+ */
+ public int hashCode() {
+ return this.identifier.hashCode();
+ }
+
+ /**
+ * Returns true if the specified object is semantically equal to this instance.
+ * Note: this method is consistent with <code>compareTo()</code>.
+ * <p>
+ * @param obj the object that this instance is to be compared to.
+ * @return whether the object is equal to this object.
+ */
+ public boolean equals(Object obj) {
+ // Check if instances are identical ...
+ if (this == obj) {
+ return true;
+ }
+
+ // Check if object can be compared to this one
+ // (this includes checking for null ) ...
+ if (obj instanceof GranteeEntitlementEntry) {
+ GranteeEntitlementEntry that = (GranteeEntitlementEntry) obj;
+
+ return compare(this, that) == 0;
+ }
+
+ // Otherwise not comparable ...
+ return false;
+ }
+
+ /**
+ * Compares this GranteeEntitlementEntry to another Object. If the Object is an
GranteeEntitlementEntry,
+ * this function compares the name. Otherwise, it throws a
+ * ClassCastException (as GranteeEntitlementEntry instances are comparable only to
+ * other GranteeEntitlementEntry instances). Note: this method is consistent with
+ * <code>equals()</code>.
+ * <p>
+ * @param obj the object that this instance is to be compared to.
+ * @return a negative integer, zero, or a positive integer as this object
+ * is less than, equal to, or greater than the specified object, respectively.
+ * @throws ClassCastException if the specified object's type prevents it
+ * from being compared to this GranteeEntitlementEntry.
+ */
+ public int compareTo(Object o) throws ClassCastException {
+ // Check if instances are identical ...
+ if (this == o) {
+ return 0;
+ }
+ if (o == null) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0045));
+ }
+
+ // Check if object cannot be compared to this one
+ // (this includes checking for null ) ...
+ if (!(o instanceof GranteeEntitlementEntry)) {
+ throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0046,
o.getClass()));
+ }
+
+ // Check if everything else is equal ...
+ return compare(this, (GranteeEntitlementEntry)o);
+ }
+
+ /**
+ * String representation of object.
+ */
+ public String toString() {
+ StringBuffer buff = new StringBuffer(this.grantee.getName());
+ buff.append(", "); //$NON-NLS-1$
+ buff.append(this.grantor);
+ buff.append(", {"); //$NON-NLS-1$
+ String[] actions = this.allowedActions.getLabels();
+ for ( int i=0; i<actions.length; i++ ) {
+ buff.append(actions[i] + ", "); //$NON-NLS-1$
+ }
+ buff.setLength(buff.length() -2);
+ buff.append("}"); //$NON-NLS-1$
+ return buff.toString();
+ }
+
+ /**
+ * Possibly replace actions with the logical OR of these actions
+ * already in place and the given actions.
+ * @param newActions The <code>AuthorizationActions</code> that may be
added.
+ */
+ void addActions(AuthorizationActions newActions) {
+ if (! this.allowedActions.implies(newActions) ) {
+ this.allowedActions = StandardAuthorizationActions.getORedActions(newActions,
this.allowedActions);
+ this.generateIdentity();
+ }
+ }
+
+ /**
+ * Get the <i>Allowed Actions</i>.
+ * @return The <i>Allowed Actions</i>.
+ */
+ AuthorizationActions getActions() {
+ return allowedActions;
+ }
+
+ /**
+ * Utility method to compare two GranteeEntitlementEntries. Returns a negative
integer, zero,
+ * or a positive integer as this object is less than, equal to, or greater than
+ * the specified object. <p>
+ *
+ * The comparison is based on the names of the user groups.<p>
+ *
+ * This method assumes that all type-checking has already been performed. <p>
+ *
+ * @param obj1 the first GranteeEntitlementEntry to be compared
+ * @param obj2 the second GranteeEntitlementEntry to be compared
+ * @return -1, 0, +1 based on whether obj1 is less than, equal to, or
+ * greater than obj2
+ */
+ static int compare(GranteeEntitlementEntry obj1, GranteeEntitlementEntry obj2) {
+ return obj1.identifier.compareTo(obj2.identifier);
+ }
+
+ /**
+ * Generate and set the immutable hashCode and the String identifier for this
object.
+ */
+ private void generateIdentity() {
+ // Gen ID String for comparing
+ StringBuffer idBuff = new StringBuffer(this.grantee.getName());
+ idBuff.append(this.grantor);
+ String[] actions = this.allowedActions.getLabels();
+ for ( int i=0; i<actions.length; i++ ) {
+ idBuff.append(actions[i]);
+ }
+ this.identifier = idBuff.toString();
+ }
+}
Copied: trunk/engine/src/main/java/org/teiid/security/roles/RolePermission.java (from rev
1941,
trunk/common-internal/src/main/java/com/metamatrix/platform/security/util/RolePermission.java)
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/RolePermission.java
(rev 0)
+++ trunk/engine/src/main/java/org/teiid/security/roles/RolePermission.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,153 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import org.teiid.security.SecurityPlugin;
+
+
+/**
+ * A RolePermission defines access permissions for Metadata resources (i.e., MetadataID
instances).
+ * This class extends the AuthorizationPermission abstract class and provides
specialized
+ * <code>implies</code>, <code>equals</code>, and
<code>compareTo</code> method implementations.
+ * <p>
+ */
+public class RolePermission extends AuthorizationPermission implements Cloneable {
+
+ // -------------------------------------------------------------------
+ // Public actions commonly associated with RolePermission instances ...
+ // -------------------------------------------------------------------
+
+ /**
+ * Constant AuthorizationAction that allows management-related privileges to the
Metadata resource(s)
+ * (i.e., create, read, update and delete of the Metadata metadata resources)
<i>and</i>
+ * access to the data in the corresponding data source.
+ */
+ private static final AuthorizationActions ALL = StandardAuthorizationActions.ALL;
+
+ /**
+ * Create a new Metadata authorization permission for the specified resource.
+ * @param resource the new resource name
+ * @param realm the realm into which this role belongs
+ */
+ RolePermission(AuthorizationResource resource, AuthorizationRealm realm, String
factoryClassName) {
+ super( resource, realm, ALL, factoryClassName);
+ }
+
+ /**
+ * Make a deep copy of this object.
+ * @return The newly copied object.
+ */
+ protected Object clone() throws CloneNotSupportedException {
+ return new RolePermission(this.getResource(),
+ this.getRealm(),
+ this.getFactoryClassName());
+ }
+
+ /**
+ * Roles are not recursive.
+ * @return <code>false</code> allways.
+ */
+ public boolean resourceIsRecursive() {
+ return false;
+ }
+
+ /**
+ * Determine whether the <code>official</code> AuthorizationPermission
instance <i>implies</i>
+ * the access requested by the <code>request</code>
AuthorizationPermission instance.
+ * <p>
+ * The requested request is implied by the official request if
<b><i>all</i></b> of the following
+ * conditions are satisfied:
+ * <p>
+ * <li>the realm name of each request instance must be equivalent (since the
realm
+ * names are String instances, this is evaluated using the
<code>String.equals()</code> method);</li>
+ * <li>all of the actions of the requested request must be included in the
actions
+ * of the official request (@see AuthorizationActions.implies);</li>
+ * <li>the number of atomic names in the official resource must be equal to or
greater
+ * than the number of atomic names in the requested resource;</li>
+ * <li>if there is a recursive parameter in both resource names, and the
+ * requested resource name is more restrictive than the official resource
name;</li>
+ * <li>if there is a recursive parameter in the official resource but not the
+ * requested resource or neither resource contains a recursive parameter, and
+ * the requested resource is contained in its entirety within the official resource
+ * name (starting at the beginning of the official resource).</li>
+ * Note: the content modifier of the permissions is not used in this algorithm.
+ * <P>
+ * @param request the request that is being requested or attempted, and which is in
question
+ * by the caller
+ * @return true if the official request does imply access to the resource(s)
specified
+ * by the request
+ */
+ public boolean implies( AuthorizationPermission request ) {
+ if (!(request instanceof RolePermission)) {
+ return false;
+ }
+
+ // No actions to compare ...
+
+ // ---------------------------
+ // Compare the resource(s) ...
+ // ---------------------------
+ RolePermission that = (RolePermission) request;
+ return this.getResourceName().equals(that.getResourceName());
+ }
+
+ public boolean equals(Object obj) {
+ // Check if instances are identical ...
+ if (this == obj) {
+ return true;
+ }
+
+ // Check if object can be compared to this one
+ // (this includes checking for null ) ...
+ if (obj instanceof RolePermission) {
+
+ // slower comparison
+ return compare(this, (RolePermission)obj) == 0;
+ }
+
+ // Otherwise not comparable ...
+ return false;
+ }
+
+ public int compareTo(Object o) throws ClassCastException {
+ // Check if instances are identical ...
+ if (this == o) {
+ return 0;
+ }
+ if (o == null) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_UTIL_0001));
+ }
+
+ // Check if object cannot be compared to this one
+ // (this includes checking for null ) ...
+ if (!(o instanceof RolePermission)) {
+ throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_UTIL_0002,
o.getClass()));
+ }
+
+ // Check if everything else is equal ...
+ return compare(this, (RolePermission)o);
+ }
+
+}
+
+
Copied: trunk/engine/src/main/java/org/teiid/security/roles/RolePermissionFactory.java
(from rev 1941,
trunk/common-internal/src/main/java/com/metamatrix/platform/security/util/RolePermissionFactory.java)
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/RolePermissionFactory.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/RolePermissionFactory.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,109 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.io.Serializable;
+
+
+/**
+ * This class is the factory for RolePermission instances.
+ */
+public class RolePermissionFactory implements AuthorizationPermissionFactory,
Serializable {
+
+ // Administrative Roles know their realm. Roles come with the installation
+ // and are not to be created.
+ private static final String ROLE_REALM_NAME = "AdminRoleRealm";
//$NON-NLS-1$
+
+ // And niether are their realms
+ private static final AuthorizationRealm ROLE_REALM;
+
+ static {
+ ROLE_REALM = new AuthorizationRealm(ROLE_REALM_NAME);
+ ROLE_REALM.setDescription("The administrative role realm.");
//$NON-NLS-1$
+ }
+
+ /**
+ * Get the class that this factory creates instances of.
+ * @return the class of the instances returned by this factory's
<code>create</code> methods.
+ */
+ public Class getPermissionClass() { return RolePermission.class; }
+
+ /**
+ * Create the AuthorizationResource type for the permission type that this factory
creates instances of.
+ * @return A new resource instance of the appropriate type.
+ */
+ public AuthorizationResource createResource(String name) {
+ return new DataAccessResource(name);
+ }
+
+ /**
+ * Create a new authorization permission for the specified role.
+ * @param roleName the new role name
+ * @param realm the realm is thrown away. The
<code>RolePermissionFactory</code>
+ * knows the realm that roles belong.
+ */
+ public AuthorizationPermission create(String roleName, AuthorizationRealm realm) {
+ return new RolePermission(new DataAccessResource(roleName), ROLE_REALM,
this.getClass().getName());
+ }
+
+ /**
+ * Create a new authorization permission for the specified resource.
+ * @param roleName the name for the resource.
+ * @param realm the realm is thrown away. The
<code>RolePermissionFactory</code>
+ * knows the realm that roles belong.
+ * @param actions the actions for the resource - ignored in this factory.
+ * @param contentModifier the content modifier (may be null) - ignored in this
factory.
+ */
+ public AuthorizationPermission create(AuthorizationResource role, AuthorizationRealm
realm, AuthorizationActions actions, String contentModifier) {
+ return new RolePermission(role, ROLE_REALM,this.getClass().getName());
+ }
+
+ /**
+ * Create a new authorization permission for the specified resource.
+ * @param roleName the new resource name
+ * @param realm the realm is thrown away. The
<code>RolePermissionFactory</code>
+ * knows the realm that roles belong.
+ * @param actions the actions for the resource - ignored in this factory.
+ */
+ public AuthorizationPermission create(String roleName, AuthorizationRealm realm,
AuthorizationActions actions) {
+ return new RolePermission(new
DataAccessResource(roleName),ROLE_REALM,this.getClass().getName());
+ }
+
+ /**
+ * Get the name of the Realm under which the factory creates its roles.
+ * @return the name of this role's realm.
+ */
+ public static String getRealmName() {
+ return ROLE_REALM_NAME;
+ }
+
+ /**
+ * Get the Realm under which the factory creates its roles.
+ * @return this role's realm.
+ */
+ public static AuthorizationRealm getRealm() {
+ return ROLE_REALM;
+ }
+}
+
+
Added: trunk/engine/src/main/java/org/teiid/security/roles/SecurityMessagesKeys.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/SecurityMessagesKeys.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/SecurityMessagesKeys.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,119 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+
+public interface SecurityMessagesKeys {
+
+ /** security.api package (107) */
+ public static final String SEC_API_0001 = "ERR.014.107.0001";
//$NON-NLS-1$
+ public static final String SEC_API_0002 = "ERR.014.107.0002";
//$NON-NLS-1$
+ public static final String SEC_API_0003 = "ERR.014.107.0003";
//$NON-NLS-1$
+ public static final String SEC_API_0004 = "ERR.014.107.0004";
//$NON-NLS-1$
+ public static final String SEC_API_0005 = "ERR.014.107.0005";
//$NON-NLS-1$
+ public static final String SEC_API_0006 = "ERR.014.107.0006";
//$NON-NLS-1$
+ public static final String SEC_API_0007 = "ERR.014.107.0007";
//$NON-NLS-1$
+ public static final String SEC_API_0008 = "ERR.014.107.0008";
//$NON-NLS-1$
+ public static final String SEC_API_0009 = "ERR.014.107.0009";
//$NON-NLS-1$
+ public static final String SEC_API_0010 = "ERR.014.107.0010";
//$NON-NLS-1$
+ public static final String SEC_API_0011 = "ERR.014.107.0011";
//$NON-NLS-1$
+ public static final String SEC_API_0012 = "ERR.014.107.0012";
//$NON-NLS-1$
+ public static final String SEC_API_0013 = "ERR.014.107.0013";
//$NON-NLS-1$
+ public static final String SEC_API_0014 = "ERR.014.107.0014";
//$NON-NLS-1$
+ public static final String SEC_API_0015 = "ERR.014.107.0015";
//$NON-NLS-1$
+ public static final String SEC_API_0016 = "ERR.014.107.0016";
//$NON-NLS-1$
+ public static final String SEC_API_0017 = "ERR.014.107.0017";
//$NON-NLS-1$
+ public static final String SEC_API_0018 = "ERR.014.107.0018";
//$NON-NLS-1$
+ public static final String SEC_API_0019 = "ERR.014.107.0019";
//$NON-NLS-1$
+ public static final String SEC_API_0020 = "ERR.014.107.0020";
//$NON-NLS-1$
+ public static final String SEC_API_0021 = "ERR.014.107.0021";
//$NON-NLS-1$
+ public static final String SEC_API_0022 = "ERR.014.107.0022";
//$NON-NLS-1$
+ public static final String SEC_API_0023 = "ERR.014.107.0023";
//$NON-NLS-1$
+ public static final String SEC_API_0024 = "ERR.014.107.0024";
//$NON-NLS-1$
+ public static final String SEC_API_0025 = "ERR.014.107.0025";
//$NON-NLS-1$
+ public static final String SEC_API_0026 = "ERR.014.107.0026";
//$NON-NLS-1$
+ public static final String SEC_API_0027 = "ERR.014.107.0027";
//$NON-NLS-1$
+ public static final String SEC_API_0028 = "ERR.014.107.0028";
//$NON-NLS-1$
+ public static final String SEC_API_0029 = "ERR.014.107.0029";
//$NON-NLS-1$
+ public static final String SEC_API_0030 = "ERR.014.107.0030";
//$NON-NLS-1$
+ public static final String SEC_API_0031 = "ERR.014.107.0031";
//$NON-NLS-1$
+ public static final String SEC_API_0032 = "ERR.014.107.0032";
//$NON-NLS-1$
+ public static final String SEC_API_0033 = "ERR.014.107.0033";
//$NON-NLS-1$
+ public static final String SEC_API_0034 = "ERR.014.107.0034";
//$NON-NLS-1$
+ public static final String SEC_API_0035 = "ERR.014.107.0035";
//$NON-NLS-1$
+ public static final String SEC_API_0036 = "ERR.014.107.0036";
//$NON-NLS-1$
+ public static final String SEC_API_0037 = "ERR.014.107.0037";
//$NON-NLS-1$
+ public static final String SEC_API_0038 = "ERR.014.107.0038";
//$NON-NLS-1$
+ public static final String SEC_API_0043 = "ERR.014.107.0043";
//$NON-NLS-1$
+ public static final String SEC_API_0044 = "ERR.014.107.0044";
//$NON-NLS-1$
+ public static final String SEC_API_0045 = "ERR.014.107.0045";
//$NON-NLS-1$
+ public static final String SEC_API_0046 = "ERR.014.107.0046";
//$NON-NLS-1$
+ public static final String SEC_API_0047 = "ERR.014.107.0047";
//$NON-NLS-1$
+ public static final String SEC_API_0048 = "ERR.014.107.0048";
//$NON-NLS-1$
+ public static final String SEC_API_0049 = "ERR.014.107.0049";
//$NON-NLS-1$
+ public static final String SEC_API_0050 = "ERR.014.107.0050";
//$NON-NLS-1$
+ public static final String SEC_API_0051 = "ERR.014.107.0051";
//$NON-NLS-1$
+ public static final String SEC_API_0052 = "ERR.014.107.0052";
//$NON-NLS-1$
+ public static final String SEC_API_0053 = "ERR.014.107.0053";
//$NON-NLS-1$
+ public static final String SEC_API_0054 = "ERR.014.107.0054";
//$NON-NLS-1$
+ public static final String SEC_API_0055 = "ERR.014.107.0055";
//$NON-NLS-1$
+ public static final String SEC_API_0056 = "ERR.014.107.0056";
//$NON-NLS-1$
+ public static final String SEC_API_0057 = "ERR.014.107.0057";
//$NON-NLS-1$
+ public static final String SEC_API_0058 = "ERR.014.107.0058";
//$NON-NLS-1$
+ public static final String SEC_API_0059 = "ERR.014.107.0059";
//$NON-NLS-1$
+ public static final String SEC_API_0060 = "ERR.014.107.0060";
//$NON-NLS-1$
+ public static final String SEC_API_0061 = "ERR.014.107.0061";
//$NON-NLS-1$
+ public static final String SEC_API_0062 = "ERR.014.107.0062";
//$NON-NLS-1$
+ public static final String SEC_API_0063 = "ERR.014.107.0063";
//$NON-NLS-1$
+ public static final String SEC_API_0064 = "ERR.014.107.0064";
//$NON-NLS-1$
+ public static final String SEC_API_0065 = "ERR.014.107.0065";
//$NON-NLS-1$
+ public static final String SEC_API_0066 = "ERR.014.107.0066";
//$NON-NLS-1$
+ public static final String SEC_API_0067 = "ERR.014.107.0067";
//$NON-NLS-1$
+ public static final String SEC_API_0068 = "ERR.014.107.0068";
//$NON-NLS-1$
+ public static final String SEC_API_0069 = "ERR.014.107.0069";
//$NON-NLS-1$
+ public static final String SEC_API_0070 = "ERR.014.107.0070";
//$NON-NLS-1$
+ public static final String SEC_API_0071 = "ERR.014.107.0071";
//$NON-NLS-1$
+ public static final String SEC_API_0072 = "ERR.014.107.0072";
//$NON-NLS-1$
+ public static final String SEC_API_0073 = "ERR.014.107.0073";
//$NON-NLS-1$
+ public static final String SEC_API_0074 = "ERR.014.107.0074";
//$NON-NLS-1$
+ public static final String SEC_API_0075 = "ERR.014.107.0075";
//$NON-NLS-1$
+ public static final String SEC_API_0076 = "ERR.014.107.0076";
//$NON-NLS-1$
+ public static final String SEC_API_0077 = "ERR.014.107.0077";
//$NON-NLS-1$
+ public static final String SEC_API_0078 = "ERR.014.107.0078";
//$NON-NLS-1$
+ public static final String SEC_API_0079 = "ERR.014.107.0079";
//$NON-NLS-1$
+ public static final String SEC_API_0080 = "ERR.014.107.0080";
//$NON-NLS-1$
+ public static final String SEC_API_0081 = "ERR.014.107.0081";
//$NON-NLS-1$
+ public static final String SEC_API_0082 = "ERR.014.107.0082";
//$NON-NLS-1$
+ public static final String SEC_API_0083 = "ERR.014.107.0083";
//$NON-NLS-1$
+ public static final String SEC_API_0084 = "ERR.014.107.0084";
//$NON-NLS-1$
+ public static final String SEC_API_0085 = "ERR.014.107.0085";
//$NON-NLS-1$
+ public static final String SEC_API_0086 = "ERR.014.107.0086";
//$NON-NLS-1$
+ public static final String SEC_API_0087 = "ERR.014.107.0087";
//$NON-NLS-1$
+ public static final String SEC_API_0088 = "ERR.014.107.0088";
//$NON-NLS-1$
+ public static final String SEC_API_0089 = "ERR.014.107.0089";
//$NON-NLS-1$
+
+ /** security.util package (607) */
+ public static final String SEC_UTIL_0001 = "ERR.014.607.0001";
//$NON-NLS-1$
+ public static final String SEC_UTIL_0002 = "ERR.014.607.0002";
//$NON-NLS-1$
+ public static final String SEC_UTIL_0003 = "ERR.014.607.0003";
//$NON-NLS-1$
+}
\ No newline at end of file
Added:
trunk/engine/src/main/java/org/teiid/security/roles/StandardAuthorizationActions.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/StandardAuthorizationActions.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/StandardAuthorizationActions.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,500 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.io.Serializable;
+import java.util.*;
+
+import org.teiid.security.SecurityPlugin;
+
+
+/**
+ * The static and closed set of basic authorization actions. Actions include
"create", "read",
+ * "update", and "delete".
+ * <p>
+ * The instances are static to both close the set and minimize VM resource requirements.
+ * @see AuthorizationActions
+ */
+public class StandardAuthorizationActions implements Serializable, AuthorizationActions
{
+
+ public static final int NONE_VALUE = 0;
+ public static final int DATA_CREATE_VALUE = 1;
+ public static final int DATA_READ_VALUE = 2;
+ public static final int DATA_UPDATE_VALUE = 4;
+ public static final int DATA_DELETE_VALUE = 8;
+ public static final int ALL_VALUE = DATA_CREATE_VALUE | DATA_READ_VALUE |
DATA_UPDATE_VALUE | DATA_DELETE_VALUE;
+
+ public static final String NONE_LABEL = "None"; //$NON-NLS-1$
+ public static final String DATA_CREATE_LABEL = "Create"; //$NON-NLS-1$
+ public static final String DATA_READ_LABEL = "Read"; //$NON-NLS-1$
+ public static final String DATA_UPDATE_LABEL = "Update"; //$NON-NLS-1$
+ public static final String DATA_DELETE_LABEL = "Delete"; //$NON-NLS-1$
+
+ public static final AuthorizationActions NONE = new
StandardAuthorizationActions(NONE_VALUE, new String[]{NONE_LABEL});
+ public static final AuthorizationActions DATA_CREATE = new
StandardAuthorizationActions(DATA_CREATE_VALUE, new String[]{DATA_CREATE_LABEL});
+ public static final AuthorizationActions DATA_UPDATE = new
StandardAuthorizationActions(DATA_UPDATE_VALUE, new String[]{DATA_UPDATE_LABEL});
+ public static final AuthorizationActions DATA_READ = new
StandardAuthorizationActions(DATA_READ_VALUE, new String[]{DATA_READ_LABEL});
+ public static final AuthorizationActions DATA_DELETE = new
StandardAuthorizationActions(DATA_DELETE_VALUE, new String[]{DATA_DELETE_LABEL});
+ public static final AuthorizationActions ALL = new
StandardAuthorizationActions(ALL_VALUE, new
String[]{DATA_CREATE_LABEL,DATA_READ_LABEL,DATA_UPDATE_LABEL,DATA_DELETE_LABEL});
+
+ private static final int LABELS_COUNT = 6;
+ private static Map actionSet = new HashMap();
+
+ private int actions;
+ private String label;
+ private String[] labels;
+ private Collection labelCollection;
+
+ static {
+ addAction( NONE_VALUE, new String[] {NONE_LABEL} );
+
+ addAction( DATA_CREATE_VALUE, new String[] {DATA_CREATE_LABEL} );
+
+ addAction( DATA_READ_VALUE, new String[] {DATA_READ_LABEL}
);
+ addAction( DATA_CREATE_VALUE | DATA_READ_VALUE, new String[]
{DATA_CREATE_LABEL,DATA_READ_LABEL} );
+
+ addAction( DATA_UPDATE_VALUE,
new String[] {DATA_UPDATE_LABEL} );
+ addAction( DATA_CREATE_VALUE | DATA_UPDATE_VALUE,
new String[] {DATA_CREATE_LABEL,DATA_UPDATE_LABEL} );
+ addAction( DATA_READ_VALUE | DATA_UPDATE_VALUE,
new String[] {DATA_READ_LABEL,DATA_UPDATE_LABEL} );
+ addAction( DATA_CREATE_VALUE | DATA_READ_VALUE | DATA_UPDATE_VALUE,
new String[] {DATA_CREATE_LABEL,DATA_READ_LABEL,DATA_UPDATE_LABEL} );
+
+ addAction( DATA_DELETE_VALUE,
new String[] {DATA_DELETE_LABEL} );
+ addAction( DATA_CREATE_VALUE | DATA_DELETE_VALUE,
new String[] {DATA_CREATE_LABEL,DATA_DELETE_LABEL} );
+ addAction( DATA_READ_VALUE | DATA_DELETE_VALUE,
new String[] {DATA_READ_LABEL,DATA_DELETE_LABEL} );
+ addAction( DATA_CREATE_VALUE | DATA_READ_VALUE | DATA_DELETE_VALUE,
new String[]
{DATA_CREATE_LABEL,DATA_READ_LABEL,DATA_DELETE_LABEL} );
+ addAction( DATA_UPDATE_VALUE | DATA_DELETE_VALUE,
new String[] {DATA_UPDATE_LABEL,DATA_DELETE_LABEL} );
+ addAction( DATA_CREATE_VALUE | DATA_UPDATE_VALUE | DATA_DELETE_VALUE,
new String[]
{DATA_CREATE_LABEL,DATA_UPDATE_LABEL,DATA_DELETE_LABEL} );
+ addAction( DATA_READ_VALUE | DATA_UPDATE_VALUE | DATA_DELETE_VALUE,
new String[]
{DATA_READ_LABEL,DATA_UPDATE_LABEL,DATA_DELETE_LABEL} );
+ addAction( ALL_VALUE, new String[]
{DATA_CREATE_LABEL,DATA_READ_LABEL,DATA_UPDATE_LABEL,DATA_DELETE_LABEL} );
+ }
+
+ private static void addAction( int values, String[] labels ) {
+ actionSet.put( new Integer(values), new
StandardAuthorizationActions(values,labels) );
+ }
+
+ /**
+ * Constructor that is used to instantiate the an instances of this class
+ * with the specified actions. This method assumes that the action
+ * value is in the correct range.
+ * @param actions the set of actions (logical inclusive OR)
+ * @param labels the strings that make up the individual labels for this
authorization
+ * @throws IllegalArgumentException if the specified value is not correct.
+ */
+ private StandardAuthorizationActions(int actions, String[] labels) {
+ this.actions = actions;
+ this.labels = labels;
+ this.label = ""; //$NON-NLS-1$
+ this.labelCollection = new ArrayList( LABELS_COUNT );
+ for (int i=0; i!= this.labels.length; ++i ) {
+ if ( i!=0 ) {
+ this.label = this.label + ","; //$NON-NLS-1$
+ }
+ this.label = this.label + this.labels[i];
+ this.labelCollection.add(this.labels[i]);
+ }
+ }
+
+ /**
+ * Obtain the AuthorizationActions instance that is associated with the specified
+ * set of actions.
+ * @param actions the set of actions (logical inclusive OR)
+ * @return the instance associated with the set of action, or null if the
+ * actions do not correspond to an existing instance
+ * @throws IllegalArgumentException if the specified set of actions is
+ * invalid.
+ */
+ public static AuthorizationActions getAuthorizationActions(int actions) {
+ if (actions > ALL_VALUE || actions < 0 ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0066));
+ }
+ AuthorizationActions results = (AuthorizationActions) actionSet.get( new
Integer(actions) );
+ if (results == null) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0067,
actions));
+ }
+ return (AuthorizationActions) actionSet.get( new Integer(actions) );
+ }
+
+ /**
+ * Obtain the AuthorizationActions instance that is associated with the specified
+ * set of labels.
+ * @param labels the set of labels
+ * @return the instance associated with the set of labels, or null if the
+ * labels do not correspond to an existing instance
+ * @throws IllegalArgumentException if the specified set of actions is
+ * invalid.
+ */
+ public static AuthorizationActions getAuthorizationActions(String[] labels) {
+ if (labels == null || labels.length == 0 || labels.length > LABELS_COUNT ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0068,
(Object[])labels));
+ }
+ Iterator iter = actionSet.values().iterator();
+ while ( iter.hasNext() ) {
+ AuthorizationActions action = (AuthorizationActions) iter.next();
+ if ( action.containsLabels(labels) ) {
+ return action;
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Obtain the AuthorizationActions instance that is associated with the specified
+ * set of labels.
+ * @param labels the set of labels, with labels all being separated by commas,
+ * and must correspond exactly to the <code>getLabel</code> of one of the
actions.
+ * @return the instance associated with the set of labels, or null if the
+ * labels do not correspond to an existing instance
+ * @throws IllegalArgumentException if the specified set of actions is
+ * invalid.
+ */
+ public static AuthorizationActions getAuthorizationActions(String labels) {
+ if (labels == null || labels.length() == 0 ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0068,
labels));
+ }
+ Iterator iter = actionSet.values().iterator();
+ while ( iter.hasNext() ) {
+ AuthorizationActions action = (AuthorizationActions) iter.next();
+ if ( action.getLabel().equals(labels) ) {
+ return action;
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Obtain the AuthorizationActions instance that is associated with the specified
+ * set of labels.
+ * @param labels the set of labels
+ * @return the instance associated with the set of labels, or null if the
+ * labels do not correspond to an existing instance
+ * @throws IllegalArgumentException if the specified set of actions is
+ * invalid.
+ */
+ public static AuthorizationActions getAuthorizationActions(Collection labels) {
+ if (labels == null ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0068,
labels));
+ }
+ int labelCount = labels.size();
+ if (labelCount == 0 || labelCount > LABELS_COUNT ) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0068,
labels));
+ }
+ Iterator iter = actionSet.values().iterator();
+ while ( iter.hasNext() ) {
+ AuthorizationActions action = (AuthorizationActions) iter.next();
+ if ( action.containsLabels(labels) && labels.size() ==
action.getLabelCount() ) {
+ return action;
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Get the <code>AuthorizationActions</code> that or in
<code>actions</code> <i>OR</i> are in
+ * <code>otherActions</code>. May be
<code>StandardAuthorizationActions.NONE</code> if there
+ * are no actions in either argument.
+ * @param actions
+ * @param otherActions
+ * @return The logical OR of the <code>AuthorizationActions<code> in both
args or
+ * <code>StandardAuthorizationActions.NONE</code> if none exist.
+ */
+ public static AuthorizationActions getORedActions(AuthorizationActions actions,
+ AuthorizationActions otherActions)
{
+ int oredValue = (actions.getValue() | otherActions.getValue());
+ AuthorizationActions oredActions =
+ StandardAuthorizationActions.getAuthorizationActions(oredValue);
+ return oredActions;
+ }
+
+ /**
+ * Get the <code>AuthorizationActions</code> in
<code>actions</code> that are also in
+ * <code>sharedActions</code>. May be
<code>StandardAuthorizationActions.NONE</code> if there
+ * are no common actions.
+ * @param actions
+ * @param sharedActions
+ * @return The <code>AuthorizationActions<code> common to both args or
+ * <code>StandardAuthorizationActions.NONE</code> if none exist.
+ */
+ public static AuthorizationActions getCommonActions(AuthorizationActions actions,
+ AuthorizationActions
sharedActions) {
+ int commonValue = (actions.getValue() & sharedActions.getValue());
+ AuthorizationActions commonActions =
+ StandardAuthorizationActions.getAuthorizationActions(commonValue);
+ return commonActions;
+ }
+
+ /**
+ * Get the <code>AuthorizationActions</code> in
<code>actions</code> that are also in
+ * <code>sharedActions</code>. May be
<code>StandardAuthorizationActions.NONE</code> if there
+ * are no common actions.
+ * @param actions
+ * @param sharedActions
+ * @return The <code>AuthorizationActions<code> common to both args or
+ * <code>StandardAuthorizationActions.NONE</code> if none exist.
+ */
+ public static AuthorizationActions getCommonActions(int actions,
+ int sharedActions) {
+ int commonValue = actions & sharedActions;
+ AuthorizationActions commonActions =
+ StandardAuthorizationActions.getAuthorizationActions(commonValue);
+ return commonActions;
+ }
+
+ /**
+ * Get the <code>AuthorizationActions</code> in
<code>actions</code> that are <i>NOT</i> in
+ * <code>sharedActions</code>. May be <code>actions</code> if
there are no common actions.
+ * @param actions
+ * @param sharedActions
+ * @return The <code>AuthorizationActions<code> in
<code>actions</code> that are <i>NOT</i> in
+ * <code>sharedActions</code>.
+ */
+ public static AuthorizationActions getIndependantActions(AuthorizationActions
actions,
+ AuthorizationActions
sharedActions) {
+ int independantValue = (actions.getValue() ^ sharedActions.getValue());
+ AuthorizationActions independantActions =
+ StandardAuthorizationActions.getAuthorizationActions(independantValue);
+ return independantActions;
+ }
+
+ /**
+ * Get the <code>AuthorizationActions</code> in
<code>actions</code> that are <i>NOT</i> in
+ * <code>sharedActions</code>. May be <code>actions</code> if
there are no common actions.
+ * @param actions
+ * @param sharedActions
+ * @return The <code>AuthorizationActions<code> in
<code>actions</code> that are <i>NOT</i> in
+ * <code>sharedActions</code>.
+ */
+ public static AuthorizationActions getIndependantActions(int actions,
+ int sharedActions) {
+ int independantValue = actions ^ sharedActions;
+ AuthorizationActions independantActions =
+ StandardAuthorizationActions.getAuthorizationActions(independantValue);
+ return independantActions;
+ }
+
+ /**
+ * Obtain the formatted String[] version of the given
<code>actionsValue</code>.
+ * @param actionsValue The set of actions to determiine labels.
+ * @return The String[] of labels associated with the set of actions.
+ * @throws IllegalArgumentException if the specified set of actions is
+ * invalid.
+ */
+ public static String[] getActionsLabels(int actionsValue) {
+ AuthorizationActions actions =
StandardAuthorizationActions.getAuthorizationActions(actionsValue);
+ String[] actionLabels = new String[] {};
+ if ( actions != null ) {
+ actionLabels = actions.getLabels();
+ }
+ return actionLabels;
+ }
+
+ /**
+ * Obtain the formatted String version of the given
<code>actionsValue</code>.
+ * @param actionsValue The set of actions to determiine labels.
+ * @return The formatted action string associated with the set of actions.
+ * @throws IllegalArgumentException if the specified set of actions is
+ * invalid.
+ */
+ public static String getActionsString(int actionsValue) {
+ StringBuffer actionBuf = new StringBuffer();
+ AuthorizationActions actions =
StandardAuthorizationActions.getAuthorizationActions(actionsValue);
+ if ( actions != null ) {
+ String[] actionLables = actions.getLabels();
+ actionBuf.append("{"); //$NON-NLS-1$
+ for ( int i=0; i<actionLables.length; i++ ) {
+ actionBuf.append(actionLables[i] + ", "); //$NON-NLS-1$
+ }
+ actionBuf.replace(actionBuf.length() - 2, actionBuf.length(), "}");
//$NON-NLS-1$
+ }
+ return actionBuf.toString();
+ }
+
+ /**
+ * Return the value of this action.
+ * @return the value of this action.
+ */
+ public int getValue() {
+ return this.actions;
+ }
+
+ /**
+ * Return the number of actions.
+ * @return the number of actions.
+ */
+ public int getLabelCount() {
+ return this.labelCollection.size();
+ }
+
+ /**
+ * Return the label of this action.
+ * @return the label of this action.
+ */
+ public String getLabel() {
+ return this.label;
+ }
+
+ /**
+ * Return the set of labels of this action.
+ * @return the set of labels of this action.
+ */
+ public String[] getLabels() {
+ return this.labels;
+ }
+
+ /**
+ * Return whether this instance contains the specified label
+ * @param label the single label that is to be checked
+ * @return true if this instance contains the specified label, or false otherwise
+ */
+ public boolean containsLabel( String label ) {
+ return this.labelCollection.contains( label );
+ }
+
+ /**
+ * Return whether this instance contains all of the specified labels
+ * @param labels the array of labels that are to be checked
+ * @return true if this instance contains all of the specified labels, or false
otherwise
+ */
+ public boolean containsLabels( String[] labels ) {
+ return this.labelCollection.containsAll( Arrays.asList(labels) );
+ }
+
+ /**
+ * Return whether this instance contains all of the specified labels
+ * @param labels the set of labels that are to be checked
+ * @return true if this instance contains all of the specified labels, or false
otherwise
+ */
+ public boolean containsLabels(Collection labels){
+ return this.labelCollection.containsAll(labels);
+ }
+
+ /**
+ * Returns the stringified representation for this user ID. This is in the form
<I>username@domain</I>.
+ * <br>
+ * @return the string representation
+ */
+ public String toString() {
+ return this.label;
+ }
+
+
+ /**
+ * Returns true if the specified object is semantically equal to this instance.
+ * Note: this method is consistent with <code>compareTo()</code>.
+ * <p>
+ * @param obj the object that this instance is to be compared to.
+ * @return whether the object is equal to this object.
+ */
+ public boolean equals(Object obj) {
+ // Check if instances are identical ...
+ if (this == obj) {
+ return true;
+ }
+
+ // Check if object can be compared to this one
+ // (this includes checking for null ) ...
+ if (obj instanceof StandardAuthorizationActions) {
+ return compareFields((StandardAuthorizationActions)obj) == 0;
+ }
+
+ // Otherwise not comparable ...
+ return false;
+ }
+
+ /**
+ * Returns the hashCode for the object.
+ * <p>
+ * @return the hashCode for the object
+ */
+ public int hashCode() {
+ return this.actions;
+ }
+
+ /**
+ * Compares this AuthorizationActions to another Object. If the Object is a
AuthorizationActions,
+ * this function compares the attributes. Otherwise, it throws a ClassCastException
+ * (as AuthorizationActions instances are comparable only to other
AuthorizationActions instances).
+ * Note: this method is consistent with <code>equals()</code>.
+ * <p>
+ * @param obj the authorization to compare this instance against.
+ * @return a negative integer, zero, or a positive integer as this object is less
than, equal to, or greater than the specified object, respectively.
+ * @throws ClassCastException if the specified object's type prevents it from
being compared to this AuthorizationActions.
+ */
+ public int compareTo(Object obj) {
+ // Check if instances are identical...
+ if (this == obj) {
+ return 0;
+ }
+ if (obj == null) {
+ throw new
IllegalArgumentException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0069));
+ }
+
+ // Check if object can be compared to this one...
+ if (obj instanceof StandardAuthorizationActions) {
+ return compareFields((StandardAuthorizationActions)obj);
+ }
+
+ // Otherwise not comparable ...
+ throw new
ClassCastException(SecurityPlugin.Util.getString(SecurityMessagesKeys.SEC_API_0070,
obj.getClass()));
+ }
+
+ /**
+ * Checks if the specified authorization's actions are "implied by"
this object's actions.
+ * <P>
+ * More specifically, this method returns true if:<p>
+ * <ul>
+ * <li> <i>action</i> is an instanceof
StandardAuthorizationActions, and <p>
+ * <li> <i>action</i> is a proper subset of this
+ * object's actions
+ * </ul>
+ * @param that the authorization action to check against.
+ * @return true if the specified authorization action is implied by this object,
false if not
+ */
+ public boolean implies(AuthorizationActions that) {
+ if (that == null || !( that instanceof StandardAuthorizationActions ) ) {
+ return false;
+ }
+
+ return ( this.getValue() & that.getValue() ) == that.getValue();
+ }
+
+ /**
+ * Compares this object with the specified object for order. Returns a
+ * negative integer, zero, or a positive integer as this object is less
+ * than, equal to, or greater than the specified object. <p>
+ *
+ * This method assumes that all type-checking has already been performed,
+ * and compares the action portion of this object with <i>obj</i>.
<p>
+ *
+ * @param obj the object that this instance is to be compared to.
+ * @return A negative integer, zero, or a positive integer as this object
+ * is less than, equal to, or greater than the specified object
+ */
+ int compareFields(StandardAuthorizationActions obj) {
+ return (obj.getValue() < this.getValue()) ? -1 : (obj.getValue() ==
this.getValue()) ? 0 : 1;
+ }
+}
+
+
+
+
+
Copied: trunk/engine/src/main/java/org/teiid/security/roles/UserEntitlementInfo.java (from
rev 1941,
trunk/engine/src/main/java/com/metamatrix/platform/security/api/UserEntitlementInfo.java)
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/roles/UserEntitlementInfo.java
(rev 0)
+++
trunk/engine/src/main/java/org/teiid/security/roles/UserEntitlementInfo.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,250 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.security.roles;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
+
+/**
+ * Information about a particular entitled <i>Resource</i> (Group or table,
Element or column),
+ * this class specifies a collection of <i>Principals</i> (users or user
groups) - <i>Grantee</i>s
+ * that have been granted certain <i>Allowed Actions</i> (one or more of
{CREATE, READ, UPDATE, DELETE})
+ * on the given <i>Resource</i> by one or more <i>Grantor</i>s
(granting authority).
+ *
+ * <p>There may be multiple <i>Grantee</i>s that have multiple
<i>Allowed Actions</i> they are entitled
+ * to perform on this Group or Element by multiple <i>Grantor</i>s. This
means we have an independantly
+ * varying triplet. We take a user-centered approach so this object contains a
<code>Set</code> of
+ * {@link GranteeEntitlementEntry}s</p>
+ */
+public class UserEntitlementInfo implements Serializable {
+
+ // Invariants
+ private String VDBName;
+ private String VDBVersion;
+ private String groupName;
+ private String eleName;
+
+ // There may be multiple Grantees that have multiple Allowed Actions
+ // entitled to this Group or Element by multiple Grantors.
+ // We have an independantly varying triplet.
+ // Map this triplet by uppercase name of grantee
+ private Map granteeMap;
+
+ /**
+ * ctor
+ */
+ public UserEntitlementInfo(AuthorizationRealm realm, String groupName, String
eleName) {
+ this.VDBName = realm.getSuperRealmName();
+ this.VDBVersion = realm.getSubRealmName();
+ this.groupName = groupName;
+ this.eleName = eleName;
+ }
+
+ /**
+ * Does this represent a group or an element entitlement?
+ * @return <code>true</code> if this object pertains to a group
entitlement,
+ * <code>false</code> if it's an element entitlement.
+ */
+ public boolean isGroupEntitlement() {
+ return eleName == null;
+ }
+
+ /**
+ * Get the name of the VDB this entitlement falls under.
+ * @return The VDB name.
+ */
+ public String getVDBName() {
+ return this.VDBName;
+ }
+
+ /**
+ * Get the version of the VDB this entitlement falls under.
+ * @return The VDB version.
+ */
+ public String getVDBVersion() {
+ return this.VDBVersion;
+ }
+
+ /**
+ * Get the group (table) of this entitlement.
+ * @return The group name this entitlement pertains to.
+ */
+ public String getGroupName() {
+ return this.groupName;
+ }
+
+ /**
+ * Get the element (column) of this entitlement.
+ * <p><i><b>Note</b></i>: Will be
<code>null</code> if this is a group entitlement.
+ * @return The element name this entitlement pertains to.
+ */
+ public String getElementName() {
+ return this.eleName;
+ }
+
+ /**
+ * Get the number of <i>Grantee</i>s in this entitlement.
+ * @return The number of <i>Grantee</i>s this entitlement pertains to.
+ */
+ public int size() {
+ return this.granteeMap.size();
+ }
+
+ /**
+ * Is the given <i>grantee</i> entitled to perform
<i><b>any</b></i>
+ * action on the <i>Resource</i> represented by this object?
+ * @param grantee The user (or user group) name of inquery.
+ * @return <code>true</code> if the <i>grantee</i> can
perform one or
+ * more actions on this <i>Resource</i>, <code>false</code>
if he can
+ * perform none.
+ */
+ public boolean contains(String grantee) {
+ if ( this.granteeMap != null && this.granteeMap.containsKey(
grantee.toUpperCase()) ) {
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * Get the collection of <i>Grantee</i> names possessing this
entitlement.
+ *
+ * <p>Elements of the collection are of type {@link GranteeEntitlementEntry}
+ * and are sorted.</p>
+ * @return The collection of <i>Grantee</i> names.
+ */
+ public Collection getGrantees() {
+ List granteeList = new ArrayList();
+ if ( this.granteeMap != null && this.granteeMap.size() > 0 ) {
+ Iterator granteeItr = this.granteeMap.keySet().iterator();
+ while ( granteeItr.hasNext() ) {
+ Set granteeEntries = (Set) granteeMap.get(granteeItr.next());
+ granteeList.addAll(granteeEntries);
+ }
+ Collections.sort(granteeList);
+ }
+ return granteeList;
+ }
+
+ /**
+ * Get an iterator over the <i>Grantee</i>s possessing this entitlement.
+ * <br>Note that when iterating over elements, sort order is not
guaranteed.</br>
+ *
+ * <p>Elements of the iterator are of type {@link
GranteeEntitlementEntry}.</p>
+ * @return The Iterator of <i>Grantee</i>s.
+ */
+ public Iterator iterator() {
+ if ( this.granteeMap == null || this.granteeMap.size() == 0 ) {
+ return Collections.EMPTY_SET.iterator();
+ }
+ return this.getGrantees().iterator();
+ }
+
+ /**
+ * Add a <i>Grantee</i> -> <i>Grantor</i> ->
<i>Allowed Actions</i> triplet.
+ * @param grantee A <i>Grantee</i>.
+ * @param grantor A <i>Grantor</i>.
+ * @param allowedActions The <i>Allowed Actions</i> on the resource
granted
+ * by the <i>Grantor</i> to the <i>Grantee</i>.
+ */
+ public void addTriplet(MetaMatrixPrincipalName grantee, String grantor, int
allowedActions) {
+ GranteeEntitlementEntry anEntry = new GranteeEntitlementEntry(grantee, grantor,
allowedActions);
+ this.addTriplet(anEntry);
+ }
+
+ /**
+ * Add a {@link GranteeEntitlementEntry} object.
+ * @param newEntry A new entry.
+ */
+ public void addTriplet(GranteeEntitlementEntry newEntry) {
+ if ( this.granteeMap == null ) {
+ this.granteeMap = new HashMap();
+ }
+
+ String granteeName = newEntry.getGrantee().toUpperCase();
+
+ Set granteeEntries = (Set) this.granteeMap.get(granteeName);
+ if ( granteeEntries == null ) {
+ // This grantee (principal) has not had a an entry
+ // (grantor, actions) added for this resource yet
+ granteeEntries = new HashSet();
+ } else {
+ // This grantee (principal) has at least one entry
+ // (grantor, actions) added for this resource already
+ Iterator granteeEntryItr = granteeEntries.iterator();
+ while ( granteeEntryItr.hasNext() ) {
+ GranteeEntitlementEntry aCurrentEntry = (GranteeEntitlementEntry)
granteeEntryItr.next();
+ // Resource and grantee must be the same (or we wouldn't be here) so
+ // only need to check that grantor is the same before adding (unioning)
+ // the actions
+ if ( newEntry.getGrantor().equalsIgnoreCase(aCurrentEntry.getGrantor()) )
{
+ // We need to ultimately return the union of all
+ // allowed actions (CRUD) granted to this grantee,
+ // by this grantor, on this resource
+ granteeEntries.remove(aCurrentEntry);
+ newEntry.addActions(aCurrentEntry.getActions());
+ break;
+ }
+ }
+ }
+ granteeEntries.add(newEntry);
+ this.granteeMap.put(granteeName, granteeEntries);
+ }
+
+ /**
+ * Pretty print this Object to a String.
+ * <ol>
+ * <li value=1>VDB Name, VDB Version</li>
+ * <li>Group Name (fully qualified)</li>
+ * <li>Element Name (fully qualified)</li>
+ * <ul>
+ * <li>Grantee Name; Grantor Name; Allowed Actions (A
<code>String[]</code> of one or more of {CREATE, READ, UPDATE,
DELETE})</li>
+ * <li> ... </li>
+ * </ul>
+ * </ol>
+ */
+ public String toString() {
+ StringBuffer buf = new StringBuffer();
+ buf.append(this.VDBName + ", "); //$NON-NLS-1$
+ buf.append(this.VDBVersion + "\n"); //$NON-NLS-1$
+ buf.append(this.groupName + "\n"); //$NON-NLS-1$
+ if ( this.eleName != null ) {
+ buf.append(" " + this.eleName + "\n"); //$NON-NLS-1$
//$NON-NLS-2$
+ }
+ Iterator granteeItr = this.getGrantees().iterator();
+ while ( granteeItr.hasNext() ) {
+ GranteeEntitlementEntry entry = (GranteeEntitlementEntry) granteeItr.next();
+ buf.append(" " + entry.toString() + "\n"); //$NON-NLS-1$
//$NON-NLS-2$
+ }
+ return buf.toString();
+ }
+}
Property changes on:
trunk/engine/src/main/java/org/teiid/security/roles/UserEntitlementInfo.java
___________________________________________________________________
Name: svn:mime-type
+ text/plain
Modified: trunk/engine/src/main/resources/com/metamatrix/query/i18n.properties
===================================================================
--- trunk/engine/src/main/resources/com/metamatrix/query/i18n.properties 2010-03-09
05:42:40 UTC (rev 1942)
+++ trunk/engine/src/main/resources/com/metamatrix/query/i18n.properties 2010-03-09
14:31:12 UTC (rev 1943)
@@ -880,4 +880,6 @@
QueryUtil.Error_executing_conversion_function_to_convert_value=Error converting parameter
number {0} with value "{1}" to expected type {2}.
InsertResolver.cant_convert_query_type=Cannot convert insert query expression projected
symbol ''{0}'' of type {1} to insert column ''{2}'' of
type {3}
SetClause.resolvingError=Cannot set symbol ''{1}'' with expected type {2}
to expression ''{0}''
-NewCalculateCostUtil.badCost=Unexpected format encountered for max or min value
\ No newline at end of file
+NewCalculateCostUtil.badCost=Unexpected format encountered for max or min value
+
+WorkerPool.Max_thread=Reached maximum thread count "{0}" for worker pool
"{1}" with a queue size of "{2}".
\ No newline at end of file
Added: trunk/engine/src/main/resources/org/teiid/security/i18n.properties
===================================================================
--- trunk/engine/src/main/resources/org/teiid/security/i18n.properties
(rev 0)
+++ trunk/engine/src/main/resources/org/teiid/security/i18n.properties 2010-03-09 14:31:12
UTC (rev 1943)
@@ -0,0 +1,215 @@
+#
+# JBoss, Home of Professional Open Source.
+# See the COPYRIGHT.txt file distributed with this work for information
+# regarding copyright ownership. Some portions may be licensed
+# to Red Hat, Inc. under one or more contributor license agreements.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 USA.
+#
+
+# security (007)
+# security.api (107)
+ERR.014.107.0001 = The target AuthorizationPolicyID may not be null.
+ERR.014.107.0002 = The target AuthorizationPolicy may not be null.
+ERR.014.107.0003 = The target AuthorizationPermission may not be null.
+ERR.014.107.0004 = The destination AuthorizationRealm may not be null.
+ERR.014.107.0005 = Got CloneNotSupportedException while attempting to clone permission:
{0}
+ERR.014.107.0006 = The source AuthorizationPolicy may not be null.
+ERR.014.107.0007 = The resource may not be null or empty.
+ERR.014.107.0008 = The AuthorizationRealm may not be null.
+ERR.014.107.0009 = The specified attribute definition code ({0}) is invalid.
+ERR.014.107.0010 = DELETE action may not be specified on an element: {0}
+ERR.014.107.0011 = This permission''s resource is not an element in the given set
of available resources: {0}
+ERR.014.107.0012 = Unable to modify permissions without a valid AuthorizationPolicy.
+ERR.014.107.0013 = Factory class name may not be null or empty.
+ERR.014.107.0014 = Resource may not be null.
+ERR.014.107.0015 = Attempt to compare null to AuthorizationPermission.
+ERR.014.107.0016 = Attempt to compare {0} to AuthorizationPermission
+ERR.014.107.0017 = Attempt to add a AuthorizationPermission to a readonly
AuthorizationPermissions object
+ERR.014.107.0018 = Attempt to compare null to AuthorizationPolicy
+ERR.014.107.0019 = Attempt to compare {0} to AuthorizationPolicy
+ERR.014.107.0020 = Unable to add a null or empty permission to the policy
+ERR.014.107.0021 = Unable to add a null permission to the policy; a null was contained in
the set of permissions to be added.
+ERR.014.107.0022 = Unable to add a null principal to the policy
+ERR.014.107.0023 = Unable to add a null principal to the policy; a null was contained by
the set of principals to be added.
+ERR.014.107.0024 = The policy display name may not be null or empty.
+ERR.014.107.0025 = The policy display name contains an illegal character:
"{0}".
+ERR.014.107.0026 = The policy''s authorization realm name may not be null.
+ERR.014.107.0027 = The policy VDB name may not be null or empty.
+ERR.014.107.0028 = The policy cannot have a description length greater than {0}
characters.
+ERR.014.107.0029 = Attempt to compare null to AuthorizationPolicyID.
+ERR.014.107.0030 = Attempt to compare {0} to AuthorizationPolicyID.
+ERR.014.107.0031 = The authorization realm name may not be null or empty.
+ERR.014.107.0032 = The authorization realm name <{0}> contains too many
components.
+ERR.014.107.0033 = The authorization realm name <{0}> and the sub realm <{1}>
can contain only one component each.
+ERR.014.107.0034 = SubRealmName may not contain only zeros.
+ERR.014.107.0035 = Attempt to compare null to AuthorizationRealm.
+ERR.014.107.0036 = Attempt to compare {0} to AuthorizationRealm.
+ERR.014.107.0037 = Attempt to compare null to BasicAuthorizationPermission.
+ERR.014.107.0038 = Attempt to compare {0} to BasicAuthorizationPermission.
+ERR.014.107.0043 = Attempt to compare null to DataAccessResource.
+ERR.014.107.0044 = Attempt to compare {0} to DataAccessResource.
+ERR.014.107.0045 = Attempt to compare null to GranteeEntitlementEntry.
+ERR.014.107.0046 = Attempt to compare {0} to GranteeEntitlementEntry.
+ERR.014.107.0047 = The AuthorizationPolicyID may not be null.
+ERR.014.107.0048 = Unable to modify permissions without a valid AuthorizationPolicy.
+ERR.014.107.0049 = Attempt to compare null to MetaBasePermission.
+ERR.014.107.0050 = Attempt to compare {0} to MetaBasePermission
+ERR.014.107.0051 = Cannot create a MetaBaseResource with a null UUID.
+ERR.014.107.0052 = The Resource name may not be null.
+ERR.014.107.0053 = Attempt to compare null to MetaBaseResource.
+ERR.014.107.0054 = Attempt to compare {0} to MetaBaseResource
+ERR.014.107.0055 = Resource path has not been resolved for: {0}
+ERR.014.107.0056 = The name of a principal may not be null or zero-length.
+ERR.014.107.0057 = The name of a principal may not be greater than {0} characters.
+ERR.014.107.0058 = The type of this principal is out of range.
+ERR.014.107.0059 = Unable to make a copy of a null MetaMatrixPrincipalName.
+ERR.014.107.0060 = Attempt to compare null to MetaMatrixPrincipalName.
+ERR.014.107.0061 = The userName for a session token may not be null or zero-length.
+ERR.014.107.0062 = The productInfo for a session token may not be null or have more than
{0} elements.
+ERR.014.107.0063 = The session ID may not be null.
+ERR.014.107.0064 = The productInfo index cannot be greater than {0} or less than 0.
+ERR.014.107.0065 = Attempt to compare null to SessionToken.
+ERR.014.107.0066 = The specified actions ({0}) are invalid.
+ERR.014.107.0067 = ERROR IN AuthorizationActions.getAuthorizationActions(): Could not
retrieve the AuthorizationActions for the specified actions ({0}).
+ERR.014.107.0068 = The specified labels ({0}) are invalid.
+ERR.014.107.0069 = Attempt to compare null to AuthorizationActions.
+ERR.014.107.0070 = Attempt to compare {0} to AuthorizationActions.
+ERR.014.107.0071 = The trusted token for a session token may not be null.
+ERR.014.107.0072 = Error creating LogonAPIBean, Exception: {0}
+ERR.014.107.0073 = Unable to decrypt user password.
+ERR.014.107.0074 = Session "{0}" is not valid
+ERR.014.107.0075 = Unknown Session Service exception.
+ERR.014.107.0076 = Could not connect to a CurrentConfiguration.
+ERR.014.107.0077 = RMI Error with AuthorizationServiceProxy communication with service.
+ERR.014.107.0078 = Authorization service instance not initialized.
+ERR.014.107.0079 = Caught ServiceException. Marking Authorization service instance bad.
+ERR.014.107.0080 = Can''t find instance of Authorization service.
+ERR.014.107.0081 = RMI Error with MembershipServiceProxy communication with service.
+ERR.014.107.0082 = Membership service instance not initialized.
+ERR.014.107.0083 = Caught ServiceException. Marking Membership service instance bad.
+ERR.014.107.0084 = Cannot find instance of Membership service.
+ERR.014.107.0085 = RMI Error with SessionServiceProxy communication with service.
+ERR.014.107.0086 = Session service instance not initialized.
+ERR.014.107.0087 = Caught ServiceException. Marking Session service instance bad.
+ERR.014.107.0088 = Cannot find instance of Session service.
+ERR.014.107.0089 = Cannot find a server instance with the necessary service
"{0}".
+
+
+# security.util (607)
+ERR.014.607.0001 = Attempt to compare null to RolePermission
+ERR.014.607.0002 = Attempt to compare {0} to RolePermission
+ERR.014.607.0003 = There was no suitable encryption algorithm found.
+
+AuthorizationPolicyFactory.parsing_warning=Warning during parsing authorizations: {0}
+AuthorizationPolicyFactory.parsing_error=Error during parsing authorizations: {0}
+
+AbstractAuthorizationObjectEditor.missing_principal=Cannot migrate principal {1} from
policy {0} as it does not exist in this server environment.
+
+ProductNotRegisteredException.Not_registered=The product name {0} is not currently
registered with the MetaMatrix system.
+UnknownProductOrSubsystemException.Product_unknown=The product name {0} is unknown
+UnknownProductOrSubsystemException.Subsystem_unknown=The subsystem name {0} is unknown
for product {1}
+
+
+# admin (001)
+ERR.014.001.0001 = Lost communication with the AdminAPI - the connection has been
closed.
+ERR.014.001.0002 = Lost communication with the AdminAPI.
+ERR.014.001.0003 = Error closing admin connection.
+ERR.014.001.0004 = Cannot initialize AdminHelper: {0}
+ERR.014.001.0005 = Connection cannot be null.
+ERR.014.001.0006 = Pingable cannot be null.
+ERR.014.001.0007 = Pinging server failed after {0} retries
+ERR.014.001.0008 = The client is not authorized to attempt this operation. User: {0}
Role: {1}
+ERR.014.001.0009 = The server was unable to obtain an authorization service to authorize
the client. Unable to check roles for {0}
+ERR.014.001.0010 = The server was unable to obtain a session service instance to validate
session ID.
+ERR.014.001.0011 = Unable to check roles for {0} the session is invalid.
+ERR.014.001.0012 = Session "{0}" is not valid.
+ERR.014.001.0013 = Unknown Session Service exception.
+ERR.014.001.0014 = Lost communication with the Authorization service.
+ERR.014.001.0015 = Error exporting {0} object.
+ERR.014.001.0016 = Unable to generate ObjectID from previously defined MetaBase uuid:
{0}
+ERR.014.001.0017 = Lost communication with the Configuration service.
+ERR.014.001.0018 = The {0} reference may not be null.
+ERR.014.001.0019 = The specified ComponentObject is not an instance of PropertiedObject.
+ERR.014.001.0020 = Could not initialize {0}
+ERR.014.001.0021 = Cannot instantiate {0}
+ERR.014.001.0022 = Error retrieving property definitions from configuration.
+ERR.014.001.0023 = Session is invalid.
+ERR.014.001.0024 = Authorization exception retrieving property definitions from
configuration.
+ERR.014.001.0025 = Component exception retrieving property definitions from
configuration.
+ERR.014.001.0026 = Error retrieving component types from configuration.
+ERR.014.001.0027 = Authorization exception retrieving component types from
configuration.
+ERR.014.001.0028 = Component exception retrieving component types from configuration.
+ERR.014.001.0029 = Property value Object was not a String as expected.
+ERR.014.001.0030 = Transaction has already begun.
+ERR.014.001.0031 = Commit has failed due to exception from ConfigurationAdminAPI.
+ERR.014.001.0032 = The specified PropertiedObject is not an instance of ComponentObject.
+ERR.014.001.0033 = Error retrieving system config IDs from system.
+ERR.014.001.0034 = Authorization exception retrieving system config IDs from system.
+ERR.014.001.0035 = Component exception retrieving system config IDs from system.
+ERR.014.001.0036 = Lost communication with the remote system.
+ERR.014.001.0037 = Lost communication with the Membership service.
+ERR.014.001.0038 = The nodeType <{0}> is out of range.
+ERR.014.001.0039 = Attempt to compare null.
+ERR.014.001.0040 = The Resource <{0}> is not permitted for the Actions <{0}>
+ERR.014.001.0041 = The referenced object is not a {0}.
+ERR.014.001.0042 = Unable to find a data node containing resource: {0}
+ERR.014.001.0043 = Attempt to compare {0} to PrincipalAttributeImpl
+ERR.014.001.0044 = Error retrieving resource pools from configuration.
+ERR.014.001.0045 = Authorization exception retrieving resource pools from configuration.
+ERR.014.001.0046 = Component exception retrieving resource pools from configuration.
+ERR.014.001.0047 = Error applying configuration changes for resources.
+ERR.014.001.0048 = Lost communication with RuntimeState Admin implementation.
+ERR.014.001.0049 = host parameter must not be null or empty.
+ERR.014.001.0050 = process parameter must not be null or empty.
+ERR.014.001.0051 = Error getting the state of the system.
+ERR.014.001.0052 = Error shutting down server.
+ERR.014.001.0053 = Could not restart server.
+ERR.014.001.0054 = 1 or more error occurred while attempting to synchronize the server:
{0}
+ERR.014.001.0056 = {0} is not running.
+ERR.014.001.0058 = Error: 1 or more services/processes could not be shutdown.
+ERR.014.001.0067 = {0} is already running.
+ERR.014.001.0068 = Could not start host {0}. Error communicating with HostController.
+ERR.014.001.0069 = PSC {0} cannot be started, Process {1} is not running.
+ERR.014.001.0070 = PSC {0} cannot be started, error accessing {1}
+ERR.014.001.0073 = Error starting 1 or more services in {0}
+ERR.014.001.0074 = Error stopping PSC {0}. error accessing {1}
+ERR.014.001.0076 = Error stopping 1 or more services in {0}
+ERR.014.001.0083 = Error reading server startup time.
+ERR.014.001.0084 = ModificationException while setting log config on configuration: {0}
+ERR.014.001.0086 = RemoteException(s): Log config MAY not have been set in 1 or more
processes: {0}
+ERR.014.001.0088 = Remote exception while getting VMStatistics for: {0}
+ERR.014.001.0090 = Remote exception while getting resource descriptors.
+ERR.014.001.0094 = Lost communication with the Session service.
+ERR.014.001.0095 = Error creating AdminAPIBean, Exception: {0}
+ERR.014.001.0096 = The product {0} has not been licensed.
+ERR.014.001.0097 = Could not create admin API for {0}: {1}
+ERR.014.001.0099 = The user parameter may not be null or empty.
+ERR.014.001.0100 = The user password may not be null or empty.
+ERR.014.001.0101 = NamingException while getting new initialcontext for LogonAPI.
+ERR.014.001.0102 = Error trying to connect to server: {0} at {1}
+ERR.014.001.0103 = CreateException while getting home interface for LogonAPI.
+ERR.014.001.0104 = RemoteException while getting home interface for LogonAPI.
+ERR.014.001.0105 = Unknown error while obtaining a reference to LogonAPI.
+ERR.014.001.0106 = NamingException while getting new initialcontext for AdminAPI.
+ERR.014.001.0107 = NamingException while getting home interface for AdminAPI.
+ERR.014.001.0108 = CreateException while getting home interface for AdminAPI.
+ERR.014.001.0109 = RemoteException while getting home interface for AdminAPI.
+ERR.014.001.0110 = Unknown error while obtaining a reference to AdminAPI for user
<{0}>
+ERR.014.001.0111 = Error while attempting log on for user <{0}>: Unable to encrypt
user password.
+ERR.014.001.0112 = Error while attempting log on for user <{0}>
+ERR.014.001.0113 = Logon attempt failed - session ID is null.
+ERR.014.001.0114 = Unexpected exception while attempting log on for user <{0}>
\ No newline at end of file
Added: trunk/engine/src/main/resources/org/teiid/security/roles/authorizations.xsd
===================================================================
--- trunk/engine/src/main/resources/org/teiid/security/roles/authorizations.xsd
(rev 0)
+++ trunk/engine/src/main/resources/org/teiid/security/roles/authorizations.xsd 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ JBoss, Home of Professional Open Source.
+ See the COPYRIGHT.txt file distributed with this work for information
+ regarding copyright ownership. Some portions may be licensed
+ to Red Hat, Inc. under one or more contributor license agreements.
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+-->
+
+<xs:schema attributeFormDefault="unqualified"
elementFormDefault="qualified"
xmlns:xs="http://www.w3.org/2001/XMLSchema">
+ <xs:element name="realm">
+ <xs:annotation>
+ <xs:documentation>Comment describing your root element</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="roles">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" name="data-role">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="name" type="xs:string"/>
+ <xs:element minOccurs="0" name="vdb-name"
type="xs:string"/>
+ <xs:element minOccurs="0" name="vdb-version"
type="xs:int"/>
+ <xs:element minOccurs="0" name="description"
type="xs:string"/>
+ <xs:element minOccurs="0" name="permissions">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded"
name="permission">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="resource-name"
type="xs:string"/>
+ <xs:element minOccurs="0"
name="allow-create"/>
+ <xs:element minOccurs="0" name="allow-read"/>
+ <xs:element minOccurs="0"
name="allow-update"/>
+ <xs:element minOccurs="0"
name="allow-delete"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:element minOccurs="0" name="principals">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element maxOccurs="unbounded" name="role"
type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+</xs:schema>
Copied: trunk/engine/src/test/java/com/metamatrix/common/log (from rev 1941,
trunk/common-internal/src/test/java/com/metamatrix/common/log)
Copied: trunk/engine/src/test/java/com/metamatrix/common/util/TestPermutation.java (from
rev 1941,
trunk/common-internal/src/test/java/com/metamatrix/common/util/TestPermutation.java)
===================================================================
--- trunk/engine/src/test/java/com/metamatrix/common/util/TestPermutation.java
(rev 0)
+++ trunk/engine/src/test/java/com/metamatrix/common/util/TestPermutation.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,161 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package com.metamatrix.common.util;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+import java.util.NoSuchElementException;
+
+import junit.framework.TestCase;
+
+/**
+ */
+public class TestPermutation extends TestCase {
+
+ /**
+ * Constructor for TestPermutation.
+ * @param arg0
+ */
+ public TestPermutation(String arg0) {
+ super(arg0);
+ }
+
+ public Object[] exampleItems(int num) {
+ Object[] items = new Object[num];
+ for(int i=0; i<items.length; i++) {
+ items[i] = "" + i; //$NON-NLS-1$
+ }
+ return items;
+ }
+
+ public void compareArrays(Object[] a1, Object[] a2) {
+ assertEquals("Arrays are of differing lengths", a1.length, a2.length);
//$NON-NLS-1$
+ for(int i=0; i<a1.length; i++) {
+ assertEquals("Arrays have differing object at index " + i, a1[i],
a2[i]); //$NON-NLS-1$
+ }
+ }
+
+ public void compareOrders(List expected, List actual) {
+ assertEquals("Number of orders differs", expected.size(),
actual.size()); //$NON-NLS-1$
+ for(int i=0; i<expected.size(); i++) {
+ compareArrays( (Object[]) expected.get(i), (Object[]) actual.get(i) );
+ }
+ }
+
+ public void testNull() {
+ try {
+ new Permutation(null);
+ fail("Expected IllegalArgumentException"); //$NON-NLS-1$
+ } catch(IllegalArgumentException e) {
+ }
+ }
+
+ public void test1() {
+ Permutation perm = new Permutation(exampleItems(0));
+ Iterator iter = perm.generate();
+ assertTrue("Should get no permutations for no items", !
iter.hasNext()); //$NON-NLS-1$
+
+ try {
+ iter.next();
+ fail("Expected NoSuchElementException"); //$NON-NLS-1$
+ } catch(NoSuchElementException e) {
+ }
+ }
+
+ public void test2() {
+ Permutation perm = new Permutation(exampleItems(2));
+ Iterator iter = perm.generate(0);
+ assertTrue("Should get no permutations for no items", !
iter.hasNext()); //$NON-NLS-1$
+ }
+
+ public void test3() {
+ Permutation perm = new Permutation(exampleItems(1));
+ Iterator iter = perm.generate();
+
+ List orders = new ArrayList();
+ while(iter.hasNext()) {
+ orders.add(iter.next());
+ }
+
+ assertEquals("Should get one permutations for one item", 1,
orders.size()); //$NON-NLS-1$
+ compareArrays(exampleItems(1), (Object[]) orders.get(0));
+ }
+
+ public void test4() {
+ Permutation perm = new Permutation(exampleItems(2));
+ Iterator iter = perm.generate();
+
+ List orders = new ArrayList();
+ while(iter.hasNext()) {
+ orders.add(iter.next());
+ }
+
+ List expected = new ArrayList();
+ expected.add(new Object[] { "0", "1" }); //$NON-NLS-1$
//$NON-NLS-2$
+ expected.add(new Object[] { "1", "0" }); //$NON-NLS-1$
//$NON-NLS-2$
+
+ compareOrders(expected, orders);
+
+ }
+
+ public void test5() {
+ Permutation perm = new Permutation(exampleItems(3));
+ Iterator iter = perm.generate();
+
+ List orders = new ArrayList();
+ while(iter.hasNext()) {
+ orders.add(iter.next());
+ }
+
+ List expected = new ArrayList();
+ expected.add(new Object[] { "0", "1", "2" });
//$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ expected.add(new Object[] { "0", "2", "1" });
//$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ expected.add(new Object[] { "1", "0", "2" });
//$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ expected.add(new Object[] { "1", "2", "0" });
//$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ expected.add(new Object[] { "2", "0", "1" });
//$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ expected.add(new Object[] { "2", "1", "0" });
//$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+
+ compareOrders(expected, orders);
+
+ }
+
+ public void test6() {
+ Permutation perm = new Permutation(exampleItems(3));
+ Iterator iter = perm.generate(1);
+
+ List orders = new ArrayList();
+ while(iter.hasNext()) {
+ orders.add(iter.next());
+ }
+
+ List expected = new ArrayList();
+ expected.add(new Object[] { "0" }); //$NON-NLS-1$
+ expected.add(new Object[] { "1" }); //$NON-NLS-1$
+ expected.add(new Object[] { "2" }); //$NON-NLS-1$
+
+ compareOrders(expected, orders);
+
+ }
+
+}
Modified:
trunk/engine/src/test/java/com/metamatrix/dqp/service/FakeAuthorizationService.java
===================================================================
---
trunk/engine/src/test/java/com/metamatrix/dqp/service/FakeAuthorizationService.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/engine/src/test/java/com/metamatrix/dqp/service/FakeAuthorizationService.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -29,11 +29,12 @@
import java.util.List;
import java.util.Set;
+import org.teiid.security.roles.AuthorizationPolicy;
+import org.teiid.security.roles.AuthorizationRealm;
+
import com.metamatrix.api.exception.MetaMatrixComponentException;
import com.metamatrix.api.exception.security.AuthorizationException;
import com.metamatrix.api.exception.security.AuthorizationMgmtException;
-import com.metamatrix.platform.security.api.AuthorizationPolicy;
-import com.metamatrix.platform.security.api.AuthorizationRealm;
/**
*/
Copied: trunk/engine/src/test/java/com/metamatrix/internal/core/xml (from rev 1941,
trunk/common-internal/src/test/java/com/metamatrix/internal/core/xml)
Modified:
trunk/engine/src/test/java/com/metamatrix/query/processor/dynamic/TestSqlEval.java
===================================================================
---
trunk/engine/src/test/java/com/metamatrix/query/processor/dynamic/TestSqlEval.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/engine/src/test/java/com/metamatrix/query/processor/dynamic/TestSqlEval.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -111,6 +111,20 @@
assertEquals("Wrong Results", expected, actual); //$NON-NLS-1$
}
+ public void testEntityInResults() throws Exception {
+ // Create query
+ String sql = "SELECT '&', '<'"; //$NON-NLS-1$
+
+ String expected ="<?xml version=\"1.0\"
encoding=\"UTF-8\"?><results><row><expr>&</expr><expr1><</expr1></row></results>";
//$NON-NLS-1$
+
+ // Construct data manager with data
+ FakeDataManager dataMgr = new FakeDataManager();
+ FakeDataStore.sampleData1(dataMgr);
+
+ String actual = helpProcess(sql, FakeMetadataFactory.example1Cached(), dataMgr);
+ assertEquals("Wrong Results", expected, actual); //$NON-NLS-1$
+ }
+
public void testXMLResult() throws Exception {
String sql = "SELECT * FROM xmltest.doc1"; //$NON-NLS-1$
Copied: trunk/engine/src/test/java/com/metamatrix/vdb/runtime (from rev 1941,
trunk/common-internal/src/test/java/com/metamatrix/vdb/runtime)
Copied: trunk/engine/src/test/resources/testdoc.xml (from rev 1941,
trunk/common-internal/src/test/resources/testdoc.xml)
===================================================================
--- trunk/engine/src/test/resources/testdoc.xml (rev 0)
+++ trunk/engine/src/test/resources/testdoc.xml 2010-03-09 14:31:12 UTC (rev 1943)
@@ -0,0 +1,20 @@
+<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
+ <Header>
+ <RequestID>12345</RequestID>
+ </Header>
+ <shipTo country="US"/>
+ <billTo>
+ <zip>95819</zip>
+ </billTo>
+ <root>
+ <child>
+ <ReadOnly>false</ReadOnly>
+ </child>
+ </root>
+ <item partNum="872-AA">
+ <productName>Lawnmower</productName>
+ </item>
+ <item partNum="926-AA">
+ <productName>Baby Monitor</productName>
+ </item>
+</SOAP-ENV:Envelope>
\ No newline at end of file
Modified: trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
===================================================================
---
trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -28,7 +28,7 @@
import javax.security.auth.Subject;
import org.jboss.security.SecurityContext;
-import org.teiid.SecurityHelper;
+import org.teiid.security.SecurityHelper;
public class JBossSecurityHelper implements SecurityHelper, Serializable {
Modified:
trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/ConnectorBindingDeployer.java
===================================================================
---
trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/ConnectorBindingDeployer.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/ConnectorBindingDeployer.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -34,10 +34,10 @@
import org.jboss.managed.api.factory.ManagedObjectFactory;
import org.jboss.resource.metadata.mcf.ManagedConnectionFactoryDeploymentGroup;
import org.jboss.resource.metadata.mcf.ManagedConnectionFactoryDeploymentMetaData;
-import org.teiid.SecurityHelper;
import org.teiid.connector.api.ConnectorException;
import org.teiid.dqp.internal.datamgr.impl.ConnectorManager;
import org.teiid.dqp.internal.datamgr.impl.ConnectorManagerRepository;
+import org.teiid.security.SecurityHelper;
public class ConnectorBindingDeployer extends
AbstractSimpleRealDeployer<ManagedConnectionFactoryDeploymentGroup> implements
ManagedObjectCreator {
protected Logger log = Logger.getLogger(getClass());
Modified:
trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java
===================================================================
---
trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -42,7 +42,6 @@
import org.jboss.managed.api.annotation.ManagementProperties;
import org.jboss.managed.api.annotation.ManagementProperty;
import org.jboss.managed.api.annotation.ViewUse;
-import org.teiid.SecurityHelper;
import org.teiid.adminapi.Admin;
import org.teiid.adminapi.AdminComponentException;
import org.teiid.adminapi.AdminException;
@@ -60,6 +59,7 @@
import org.teiid.dqp.internal.transaction.XidFactory;
import org.teiid.logging.LogConfigurationProvider;
import org.teiid.logging.LogListernerProvider;
+import org.teiid.security.SecurityHelper;
import org.teiid.transport.ClientServiceRegistry;
import org.teiid.transport.ClientServiceRegistryImpl;
import org.teiid.transport.LogonImpl;
@@ -78,11 +78,11 @@
import com.metamatrix.dqp.embedded.DQPEmbeddedPlugin;
import com.metamatrix.dqp.service.AuthorizationService;
import com.metamatrix.dqp.service.BufferService;
+import com.metamatrix.dqp.service.SessionService;
import com.metamatrix.dqp.service.TransactionService;
import com.metamatrix.dqp.util.LogConstants;
import com.metamatrix.platform.security.api.ILogon;
import com.metamatrix.platform.security.api.SessionToken;
-import com.metamatrix.platform.security.api.service.SessionService;
@ManagementObject(isRuntime=true,
componentType=@ManagementComponent(type="teiid",subtype="dqp"),
properties=ManagementProperties.EXPLICIT)
public class RuntimeEngineDeployer extends DQPConfiguration implements DQPManagement,
Serializable , ClientServiceRegistry {
Modified: trunk/pom.xml
===================================================================
--- trunk/pom.xml 2010-03-09 05:42:40 UTC (rev 1942)
+++ trunk/pom.xml 2010-03-09 14:31:12 UTC (rev 1943)
@@ -241,18 +241,6 @@
</dependency>
<dependency>
<groupId>org.jboss.teiid</groupId>
- <artifactId>teiid-common-internal</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.jboss.teiid</groupId>
- <artifactId>teiid-common-internal</artifactId>
- <type>test-jar</type>
- <version>${project.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.jboss.teiid</groupId>
<artifactId>teiid-connector-api</artifactId>
<version>${project.version}</version>
</dependency>
@@ -485,7 +473,6 @@
<modules>
<module>test-integration</module>
<module>common-core</module>
- <module>common-internal</module>
<module>connector-api</module>
<module>client</module>
<module>client-jdbc</module>
Modified: trunk/runtime/pom.xml
===================================================================
--- trunk/runtime/pom.xml 2010-03-09 05:42:40 UTC (rev 1942)
+++ trunk/runtime/pom.xml 2010-03-09 14:31:12 UTC (rev 1943)
@@ -23,10 +23,6 @@
</dependency>
<dependency>
<groupId>org.jboss.teiid</groupId>
- <artifactId>teiid-common-internal</artifactId>
- </dependency>
- <dependency>
- <groupId>org.jboss.teiid</groupId>
<artifactId>teiid-connector-api</artifactId>
<scope>provided</scope>
</dependency>
Modified: trunk/runtime/src/main/java/org/teiid/deployers/VDBRepository.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/deployers/VDBRepository.java 2010-03-09 05:42:40
UTC (rev 1942)
+++ trunk/runtime/src/main/java/org/teiid/deployers/VDBRepository.java 2010-03-09 14:31:12
UTC (rev 1943)
@@ -39,7 +39,6 @@
import com.metamatrix.common.types.DataTypeManager;
import com.metamatrix.core.CoreConstants;
import com.metamatrix.dqp.embedded.DQPEmbeddedPlugin;
-import com.metamatrix.metadata.runtime.api.VirtualDatabaseException;
import com.metamatrix.vdb.runtime.VDBKey;
/**
Copied: trunk/runtime/src/main/java/org/teiid/deployers/VirtualDatabaseException.java
(from rev 1941,
trunk/common-internal/src/main/java/com/metamatrix/metadata/runtime/api/VirtualDatabaseException.java)
===================================================================
--- trunk/runtime/src/main/java/org/teiid/deployers/VirtualDatabaseException.java
(rev 0)
+++
trunk/runtime/src/main/java/org/teiid/deployers/VirtualDatabaseException.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -0,0 +1,91 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.deployers;
+
+import com.metamatrix.api.exception.MetaMatrixProcessingException;
+/**
+ * The base exception from which all Runtime Metadata Exceptions extend.
+ */
+public class VirtualDatabaseException extends MetaMatrixProcessingException {
+
+ public static final String NO_MODELS = "1"; //$NON-NLS-1$
+ public static final String MODEL_NON_DEPLOYABLE_STATE = "2";
//$NON-NLS-1$
+ public static final String VDB_NON_DEPLOYABLE_STATE = "3"; //$NON-NLS-1$
+
+ /**
+ * No-arg costructor required by Externalizable semantics
+ */
+ public VirtualDatabaseException() {
+ super();
+ }
+
+ /**
+ * Construct an instance with the message specified.
+ *
+ * @param message A message describing the exception
+ */
+ public VirtualDatabaseException( String message ) {
+ super( message );
+ }
+
+ /**
+ * Construct an instance with the message and error code specified.
+ *
+ * @param message A message describing the exception
+ * @param code The error code
+ */
+ public VirtualDatabaseException( String code, String message ) {
+ super( code, message );
+ }
+
+ /**
+ * Construct an instance from an exception to chain to this one.
+ *
+ * @param e An exception to nest within this one
+ */
+ public VirtualDatabaseException(Exception e) {
+ super(e);
+ }
+ /**
+ * Construct an instance from a message and an exception to chain to this one.
+ *
+ * @param code A code denoting the exception
+ * @param e An exception to nest within this one
+ */
+ public VirtualDatabaseException( Exception e, String message ) {
+ super( e, message );
+ }
+
+ /**
+ * Construct an instance from a message and a code and an exception to
+ * chain to this one.
+ *
+ * @param e An exception to nest within this one
+ * @param message A message describing the exception
+ * @param code A code denoting the exception
+ */
+ public VirtualDatabaseException( Exception e, String code, String message ) {
+ super( e, code, message );
+ }
+}
+
Property changes on:
trunk/runtime/src/main/java/org/teiid/deployers/VirtualDatabaseException.java
___________________________________________________________________
Name: svn:mergeinfo
+
Modified: trunk/runtime/src/main/java/org/teiid/services/AuthorizationServiceImpl.java
===================================================================
---
trunk/runtime/src/main/java/org/teiid/services/AuthorizationServiceImpl.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/runtime/src/main/java/org/teiid/services/AuthorizationServiceImpl.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -42,6 +42,16 @@
import org.teiid.adminapi.impl.VDBMetaData;
import org.teiid.deployers.VDBRepository;
import org.teiid.dqp.internal.process.DQPWorkContext;
+import org.teiid.security.roles.AuthorizationActions;
+import org.teiid.security.roles.AuthorizationPermission;
+import org.teiid.security.roles.AuthorizationPoliciesHolder;
+import org.teiid.security.roles.AuthorizationPolicy;
+import org.teiid.security.roles.AuthorizationPolicyFactory;
+import org.teiid.security.roles.AuthorizationRealm;
+import org.teiid.security.roles.BasicAuthorizationPermission;
+import org.teiid.security.roles.BasicAuthorizationPermissionFactory;
+import org.teiid.security.roles.RolePermissionFactory;
+import org.teiid.security.roles.StandardAuthorizationActions;
import com.metamatrix.admin.api.exception.security.InvalidSessionException;
import com.metamatrix.api.exception.MetaMatrixComponentException;
@@ -53,19 +63,9 @@
import com.metamatrix.dqp.service.AuditMessage;
import com.metamatrix.dqp.service.AuthorizationService;
import com.metamatrix.dqp.util.LogConstants;
-import com.metamatrix.platform.security.api.AuthorizationActions;
-import com.metamatrix.platform.security.api.AuthorizationPermission;
-import com.metamatrix.platform.security.api.AuthorizationPoliciesHolder;
-import com.metamatrix.platform.security.api.AuthorizationPolicy;
-import com.metamatrix.platform.security.api.AuthorizationPolicyFactory;
-import com.metamatrix.platform.security.api.AuthorizationRealm;
-import com.metamatrix.platform.security.api.BasicAuthorizationPermission;
-import com.metamatrix.platform.security.api.BasicAuthorizationPermissionFactory;
import com.metamatrix.platform.security.api.MetaMatrixPrincipal;
import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
import com.metamatrix.platform.security.api.SessionToken;
-import com.metamatrix.platform.security.api.StandardAuthorizationActions;
-import com.metamatrix.platform.security.util.RolePermissionFactory;
import com.metamatrix.server.util.ServerAuditContexts;
import com.metamatrix.vdb.runtime.VDBKey;
Modified: trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java 2010-03-09
05:42:40 UTC (rev 1942)
+++ trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -41,11 +41,13 @@
import org.jboss.managed.api.annotation.ManagementObject;
import org.jboss.managed.api.annotation.ManagementProperties;
import org.jboss.managed.api.annotation.ManagementProperty;
-import org.teiid.SecurityHelper;
import org.teiid.adminapi.impl.SessionMetadata;
import org.teiid.adminapi.impl.VDBMetaData;
import org.teiid.deployers.VDBRepository;
+import org.teiid.deployers.VirtualDatabaseException;
import org.teiid.dqp.internal.process.DQPCore;
+import org.teiid.security.Credentials;
+import org.teiid.security.SecurityHelper;
import com.metamatrix.admin.api.exception.security.InvalidSessionException;
import com.metamatrix.api.exception.security.SessionServiceException;
@@ -55,10 +57,8 @@
import com.metamatrix.common.util.LogConstants;
import com.metamatrix.core.util.ArgCheck;
import com.metamatrix.dqp.embedded.DQPEmbeddedPlugin;
-import com.metamatrix.metadata.runtime.api.VirtualDatabaseException;
-import com.metamatrix.platform.security.api.Credentials;
+import com.metamatrix.dqp.service.SessionService;
import com.metamatrix.platform.security.api.SessionToken;
-import com.metamatrix.platform.security.api.service.SessionService;
/**
* This class serves as the primary implementation of the Session Service.
Modified: trunk/runtime/src/main/java/org/teiid/services/TeiidLoginContext.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/services/TeiidLoginContext.java 2010-03-09
05:42:40 UTC (rev 1942)
+++ trunk/runtime/src/main/java/org/teiid/services/TeiidLoginContext.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -38,12 +38,12 @@
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
-import org.teiid.SecurityHelper;
+import org.teiid.security.Credentials;
+import org.teiid.security.SecurityHelper;
import com.metamatrix.common.log.LogManager;
import com.metamatrix.common.util.LogConstants;
import com.metamatrix.dqp.embedded.DQPEmbeddedPlugin;
-import com.metamatrix.platform.security.api.Credentials;
/**
* This class serves as the primary implementation of the
Modified: trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java 2010-03-09 05:42:40 UTC
(rev 1942)
+++ trunk/runtime/src/main/java/org/teiid/transport/LogonImpl.java 2010-03-09 14:31:12 UTC
(rev 1943)
@@ -30,6 +30,7 @@
import org.teiid.adminapi.impl.SessionMetadata;
import org.teiid.adminapi.impl.VDBMetaData;
import org.teiid.dqp.internal.process.DQPWorkContext;
+import org.teiid.security.Credentials;
import com.metamatrix.admin.api.exception.security.InvalidSessionException;
import com.metamatrix.api.exception.ComponentNotFoundException;
@@ -42,11 +43,10 @@
import com.metamatrix.common.util.LogConstants;
import com.metamatrix.core.CoreConstants;
import com.metamatrix.dqp.client.ResultsFuture;
-import com.metamatrix.platform.security.api.Credentials;
+import com.metamatrix.dqp.service.SessionService;
import com.metamatrix.platform.security.api.ILogon;
import com.metamatrix.platform.security.api.LogonResult;
import com.metamatrix.platform.security.api.SessionToken;
-import com.metamatrix.platform.security.api.service.SessionService;
public class LogonImpl implements ILogon {
Modified:
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyFactory.java
===================================================================
---
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyFactory.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyFactory.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -38,6 +38,12 @@
import junit.framework.TestCase;
+import org.teiid.security.roles.AuthorizationPolicy;
+import org.teiid.security.roles.AuthorizationPolicyFactory;
+import org.teiid.security.roles.AuthorizationPolicyID;
+import org.teiid.security.roles.AuthorizationRealm;
+import org.teiid.security.roles.BasicAuthorizationPermissionFactory;
+import org.teiid.security.roles.StandardAuthorizationActions;
import org.xml.sax.SAXException;
import com.metamatrix.core.util.FileUtil;
Modified:
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyID.java
===================================================================
---
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyID.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationPolicyID.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -22,6 +22,9 @@
package com.metamatrix.platform.security.api;
+import org.teiid.security.roles.AuthorizationPolicyID;
+import org.teiid.security.roles.AuthorizationRealm;
+
import junit.framework.TestCase;
/**
Modified:
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationRealm.java
===================================================================
---
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationRealm.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestAuthorizationRealm.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -22,6 +22,8 @@
package com.metamatrix.platform.security.api;
+import org.teiid.security.roles.AuthorizationRealm;
+
import junit.framework.TestCase;
public class TestAuthorizationRealm extends TestCase {
Modified:
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestBasicAuthorizationPermission.java
===================================================================
---
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestBasicAuthorizationPermission.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestBasicAuthorizationPermission.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -22,12 +22,18 @@
package com.metamatrix.platform.security.api;
+import org.teiid.security.roles.AuthorizationPermission;
+import org.teiid.security.roles.AuthorizationRealm;
+import org.teiid.security.roles.BasicAuthorizationPermission;
+import org.teiid.security.roles.BasicAuthorizationPermissionFactory;
+import org.teiid.security.roles.RolePermissionFactory;
+import org.teiid.security.roles.StandardAuthorizationActions;
+
import junit.extensions.TestSetup;
import junit.framework.Test;
import junit.framework.TestCase;
import junit.framework.TestSuite;
-import com.metamatrix.platform.security.util.RolePermissionFactory;
/**
* <p>Test cases for {@link BasicAuthorizationPermission} class. </p>
Modified:
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestStandardAuthorizationActions.java
===================================================================
---
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestStandardAuthorizationActions.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/runtime/src/test/java/com/metamatrix/platform/security/api/TestStandardAuthorizationActions.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -22,6 +22,9 @@
package com.metamatrix.platform.security.api;
+import org.teiid.security.roles.AuthorizationActions;
+import org.teiid.security.roles.StandardAuthorizationActions;
+
import junit.framework.TestCase;
/**
Modified: trunk/runtime/src/test/java/org/teiid/services/TestMembershipServiceImpl.java
===================================================================
---
trunk/runtime/src/test/java/org/teiid/services/TestMembershipServiceImpl.java 2010-03-09
05:42:40 UTC (rev 1942)
+++
trunk/runtime/src/test/java/org/teiid/services/TestMembershipServiceImpl.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -32,9 +32,9 @@
import junit.framework.TestCase;
import org.mockito.Mockito;
+import org.teiid.security.Credentials;
import org.teiid.services.TeiidLoginContext;
-import com.metamatrix.platform.security.api.Credentials;
public class TestMembershipServiceImpl extends TestCase {
Modified: trunk/runtime/src/test/java/org/teiid/services/TestSessionServiceImpl.java
===================================================================
--- trunk/runtime/src/test/java/org/teiid/services/TestSessionServiceImpl.java 2010-03-09
05:42:40 UTC (rev 1942)
+++ trunk/runtime/src/test/java/org/teiid/services/TestSessionServiceImpl.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -13,11 +13,11 @@
import org.junit.Test;
import org.mockito.Mockito;
import org.teiid.adminapi.impl.SessionMetadata;
+import org.teiid.security.Credentials;
import org.teiid.services.TeiidLoginContext;
import org.teiid.services.SessionServiceImpl;
import com.metamatrix.admin.api.exception.security.InvalidSessionException;
-import com.metamatrix.platform.security.api.Credentials;
public class TestSessionServiceImpl {
Modified: trunk/runtime/src/test/java/org/teiid/transport/TestCommSockets.java
===================================================================
--- trunk/runtime/src/test/java/org/teiid/transport/TestCommSockets.java 2010-03-09
05:42:40 UTC (rev 1942)
+++ trunk/runtime/src/test/java/org/teiid/transport/TestCommSockets.java 2010-03-09
14:31:12 UTC (rev 1943)
@@ -43,9 +43,9 @@
import com.metamatrix.common.comm.platform.socket.client.SocketServerConnectionFactory;
import com.metamatrix.common.comm.platform.socket.client.UrlServerDiscovery;
import com.metamatrix.common.util.crypto.NullCryptor;
+import com.metamatrix.dqp.service.SessionService;
import com.metamatrix.platform.security.api.ILogon;
import com.metamatrix.platform.security.api.LogonResult;
-import com.metamatrix.platform.security.api.service.SessionService;
public class TestCommSockets {
Modified: trunk/runtime/src/test/java/org/teiid/transport/TestLogonImpl.java
===================================================================
--- trunk/runtime/src/test/java/org/teiid/transport/TestLogonImpl.java 2010-03-09 05:42:40
UTC (rev 1942)
+++ trunk/runtime/src/test/java/org/teiid/transport/TestLogonImpl.java 2010-03-09 14:31:12
UTC (rev 1943)
@@ -32,9 +32,9 @@
import org.teiid.dqp.internal.process.DQPWorkContext;
import com.metamatrix.common.api.MMURL;
+import com.metamatrix.dqp.service.SessionService;
import com.metamatrix.platform.security.api.LogonResult;
import com.metamatrix.platform.security.api.SessionToken;
-import com.metamatrix.platform.security.api.service.SessionService;
public class TestLogonImpl extends TestCase {
Modified: trunk/test-integration/pom.xml
===================================================================
--- trunk/test-integration/pom.xml 2010-03-09 05:42:40 UTC (rev 1942)
+++ trunk/test-integration/pom.xml 2010-03-09 14:31:12 UTC (rev 1943)
@@ -29,11 +29,6 @@
</dependency>
<dependency>
<groupId>org.jboss.teiid</groupId>
- <artifactId>teiid-common-internal</artifactId>
- <type>test-jar</type>
- </dependency>
- <dependency>
- <groupId>org.jboss.teiid</groupId>
<artifactId>teiid-metadata</artifactId>
</dependency>
<dependency>
5433
days inactive
5433
days old
0 comments
1 participants
participants (1)
-
teiid-commits@lists.jboss.org