[jboss-svn-commits] JBL Code SVN: r18665 - in labs/jbosslabs/labs-3.0-build: core/core-api/src/main/java/org/jboss/labs/auth/custom and 5 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Mon Mar 3 14:14:36 EST 2008
Author: szimano
Date: 2008-03-03 14:14:36 -0500 (Mon, 03 Mar 2008)
New Revision: 18665
Added:
labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/exception/auth/NoSuchCustomIDException.java
labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/RoleBinderAndAuthTest.java
Removed:
labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/SuperUsers.java
Modified:
labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/RoleBinderService.java
labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/UserService.java
labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/custom/CustomIDHandler.java
labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/custom/CustomIDProvider.java
labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/CustomID.java
labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/ProjectID.java
labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/Service.java
labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/ServiceRole.java
labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/User.java
labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/UserRole.java
labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/AuthenticationServiceImpl.java
labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/CustomIDServiceImpl.java
labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/RoleBinderServiceImpl.java
labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/UserServiceImpl.java
labs/jbosslabs/labs-3.0-build/services/credential/src/main/resources/META-INF/persistence.xml
labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/CredentialTest.java
labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/UserServiceTest.java
Log:
JBLAB-901 most of the service fixed, still custom id to test
Modified: labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/RoleBinderService.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/RoleBinderService.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/RoleBinderService.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -32,7 +32,7 @@
import org.jboss.labs.core.model.auth.ServiceRole;
import org.jboss.labs.core.model.auth.UserRole;
import org.jboss.labs.exception.auth.BindingAlreadyExistsException;
-import org.jboss.labs.exception.auth.NoSuchServiceRoleException;
+import org.jboss.labs.exception.auth.NoSuchCustomIDException;
import org.jboss.labs.exception.auth.NoSuchSuperUserException;
import org.jboss.labs.exception.auth.NoSuchUserException;
import org.jboss.labs.exception.auth.NoSuchUserRoleException;
@@ -104,12 +104,13 @@
* If user role doesn't exist
* @throws BindingAlreadyExistsException
* If binding already exists
+ * @throws NoSuchCustomIDException If custom id doesn't exist
* @see org.jboss.labs.core.model.auth.CustomID
* @see org.jboss.labs.auth.custom.CustomIDProvider
*/
public <E extends Enum<E>> void bindRolesWithId(E serviceRole,
UserRole role, CustomID customId) throws NoSuchUserRoleException,
- BindingAlreadyExistsException;
+ BindingAlreadyExistsException, NoSuchCustomIDException;
/**
* Binds service role to a user role globally. This means that members of
@@ -148,7 +149,8 @@
* User to revoke
* @throws NoSuchUserException
* When specified user doesn't exist
- * @throws NoSuchSuperUserException If the user doesn't have privileges
+ * @throws NoSuchSuperUserException
+ * If the user doesn't have privileges
*/
public void revokeUserProjectSuperrole(Principal user, String projectId)
throws NoSuchUserException, NoSuchSuperUserException;
@@ -172,9 +174,11 @@
* User to revoke from.
* @throws NoSuchUserException
* When specified user doesn't exist
- * @throws NoSuchSuperUserException If the user doesn't have privileges
+ * @throws NoSuchSuperUserException
+ * If the user doesn't have privileges
*/
- public void revokeUserSuperrole(Principal user) throws NoSuchUserException, NoSuchSuperUserException;
+ public void revokeUserSuperrole(Principal user) throws NoSuchUserException,
+ NoSuchSuperUserException;
/**
* Returns service role object.
@@ -203,4 +207,49 @@
* @return Object of global project id.
*/
public ProjectID getGlobalProjectID();
+
+ /**
+ * Removes project-type binding
+ *
+ * @param serviceRole
+ * Service role
+ * @param role
+ * User role
+ * @param projectId
+ * Project id
+ * @throws NoSuchUserRoleException
+ */
+ public <E extends Enum<E>> void removeBindingWithProject(E serviceRole,
+ UserRole role, String projectId) throws NoSuchUserRoleException;
+
+ /**
+ * Removes id-type binding
+ *
+ * @param serviceRole
+ * Service role
+ * @param role
+ * User role
+ * @param customId
+ * custom id
+ * @throws NoSuchUserRoleException
+ */
+ public <E extends Enum<E>> void removeBindingWithId(E serviceRole,
+ UserRole role, CustomID customId) throws NoSuchUserRoleException;
+
+ /**
+ * Removes global binding
+ *
+ * @param serviceRole
+ * Service role
+ * @param role
+ * User role
+ * @throws NoSuchUserRoleException
+ */
+ public <E extends Enum<E>> void removeBindingGlobal(E serviceRole,
+ UserRole role) throws NoSuchUserRoleException;
+
+ /** Removes all bindings bound to giver user role
+ * @param role User role
+ */
+ public void removeAllBindingsForUserRole(UserRole role);
}
Modified: labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/UserService.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/UserService.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/UserService.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -220,4 +220,11 @@
* @return UserRole object for a project. Will get created if needed.
*/
public UserRole getCommonRoleForProject(String projectID);
+
+ /** Gets all members of a role
+ * @param role Role to get from
+ * @return Set of users
+ * @throws NoSuchUserRoleException If this role doesn't exist in database
+ */
+ public Set<User> getUsersFromUserRole(UserRole role) throws NoSuchUserRoleException;
}
Modified: labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/custom/CustomIDHandler.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/custom/CustomIDHandler.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/custom/CustomIDHandler.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -25,9 +25,8 @@
*/
package org.jboss.labs.auth.custom;
-import java.util.Set;
-
import org.jboss.labs.core.model.auth.CustomID;
+import org.jboss.labs.exception.auth.NoSuchCustomIDException;
/**
* @author tomaszszymanski
@@ -38,7 +37,7 @@
/**
* @param newIds
*/
- public void addCustomIDs(CustomIDProvider provider, Set<CustomID> newIds);
+ public void addCustomIDs(CustomIDProvider provider, CustomID... newIds);
- public void removeCustomIDs(CustomIDProvider provider, Set<CustomID> ids);
+ public void removeCustomIDs(CustomIDProvider provider, CustomID... ids) throws NoSuchCustomIDException;
}
Modified: labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/custom/CustomIDProvider.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/custom/CustomIDProvider.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/core/core-api/src/main/java/org/jboss/labs/auth/custom/CustomIDProvider.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -26,6 +26,7 @@
import java.util.Set;
import org.jboss.labs.core.model.auth.CustomID;
+import org.jboss.labs.exception.auth.NoSuchCustomIDException;
/**
* Base for providing custom IDs from a service
@@ -55,7 +56,7 @@
* @param newIds
* New IDs available in in current service.
*/
- public final void addCustomIDs(Set<CustomID> newIds) {
+ public final void addCustomIDs(CustomID... newIds) {
// execute method that user can place same logic to
addCustomIDsOps(newIds);
@@ -71,7 +72,7 @@
* @param newIds
* Passed Id's.
*/
- protected void addCustomIDsOps(Set<CustomID> newIds) {
+ protected void addCustomIDsOps(CustomID... newIds) {
// by default it does nothing
}
@@ -81,8 +82,9 @@
*
* @param ids
* IDs that are no longer available.
+ * @throws NoSuchCustomIDException If customId doesn't exist
*/
- public final void removeCustomIDs(Set<CustomID> ids) {
+ public final void removeCustomIDs(CustomID... ids) throws NoSuchCustomIDException {
// execute logic method
removeCustomIDsOps(ids);
@@ -97,7 +99,7 @@
* @param ids
* Passed Id's
*/
- protected void removeCustomIDsOps(Set<CustomID> ids) {
+ protected void removeCustomIDsOps(CustomID... ids) {
// by default it does nothing
}
Modified: labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/CustomID.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/CustomID.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/CustomID.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -45,15 +45,13 @@
private static final long serialVersionUID = 1L;
private String description;
+
- private Class<? extends Enum<?>> enumClass;
-
public CustomID() { }
- public <E extends Enum<E>> CustomID(String customID, String description, E serviceRole) {
+ public <E extends Enum<E>> CustomID(String customID, String description) {
this.authId = customID;
this.description = description;
- enumClass = serviceRole.getDeclaringClass();
}
public String getDescription() {
@@ -64,14 +62,6 @@
return this.description.compareTo(o.getDescription());
}
- public Class<? extends Enum<?>> getEnumClass() {
- return enumClass;
- }
-
- public void setEnumClass(Class<? extends Enum<?>> enumClass) {
- this.enumClass = enumClass;
- }
-
public void setDescription(String description) {
this.description = description;
}
Modified: labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/ProjectID.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/ProjectID.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/ProjectID.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -23,10 +23,16 @@
package org.jboss.labs.core.model.auth;
import java.io.Serializable;
+import java.util.Set;
+import java.util.TreeSet;
import javax.persistence.DiscriminatorValue;
import javax.persistence.Entity;
+import javax.persistence.FetchType;
+import javax.persistence.ManyToMany;
+import org.jboss.labs.exception.auth.NoSuchSuperUserException;
+
/**
*
*
@@ -45,4 +51,31 @@
public ProjectID(String projectID) {
this.authId = projectID;
}
+
+ @ManyToMany(fetch=FetchType.EAGER)
+ private Set<User> superUsers;
+
+ public Set<User> getSuperUsers() {
+ return superUsers;
+ }
+
+ public void setSuperUsers(Set<User> superUsers) {
+ this.superUsers = superUsers;
+ }
+
+ public void removeSuperUser(User userEn) throws NoSuchSuperUserException {
+ if (superUsers == null || !superUsers.contains(userEn)) {
+ throw new NoSuchSuperUserException("ProjectID = "+authId+" doesn't have a user "+userEn);
+ }
+
+ superUsers.remove(userEn);
+ }
+
+ public void addSuperUser(User user) {
+ if (superUsers == null) {
+ superUsers = new TreeSet<User>();
+ }
+
+ superUsers.add(user);
+ }
}
Modified: labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/Service.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/Service.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/Service.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -66,6 +66,10 @@
@PostLoad
public void refreshRoleMap() {
+ if (rolesMap == null) {
+ rolesMap = new HashMap<String, ServiceRole>();
+ }
+
rolesMap.clear();
for (ServiceRole sr : serviceRoles) {
@@ -91,9 +95,10 @@
rolesMap = new HashMap<String, ServiceRole>();
}
}
-
- public Service() { }
+ public Service() {
+ }
+
public Service(String id) {
this.id = id;
}
@@ -128,7 +133,8 @@
@Transient
public <E extends Enum<E>> ServiceRole getServiceRole(E role) {
- return rolesMap.get(role.name());
+ return rolesMap.get(role.getDeclaringClass().getCanonicalName() + "."
+ + role.toString());
}
public void addServiceRole(ServiceRole sr) {
@@ -139,13 +145,15 @@
this.globalRoles = globalRoles;
}
- /* (non-Javadoc)
+ /*
+ * (non-Javadoc)
+ *
* @see java.lang.Comparable#compareTo(java.lang.Object)
*/
public int compareTo(Service o) {
return id.compareTo(o.getId());
}
-
+
public boolean equals(Object o) {
if (o == null)
return false;
Modified: labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/ServiceRole.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/ServiceRole.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/ServiceRole.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -23,9 +23,12 @@
package org.jboss.labs.core.model.auth;
import java.io.Serializable;
+import java.util.HashSet;
+import java.util.Set;
import javax.persistence.Entity;
import javax.persistence.Id;
+import javax.persistence.ManyToMany;
import javax.persistence.ManyToOne;
/**
@@ -48,10 +51,13 @@
@ManyToOne
private Service service;
+ @ManyToMany
+ private Set<UserRole> globalRoles;
+
public String getId() {
return id;
}
-
+
public void setId(String id) {
this.id = id;
}
@@ -60,7 +66,8 @@
this.service = service;
}
- public ServiceRole() { }
+ public ServiceRole() {
+ }
public ServiceRole(String id, Service service) {
this.id = id;
@@ -95,11 +102,39 @@
public int hashCode() {
return id.hashCode();
}
-
+
/**
* @return
*/
public Service getService() {
return service;
}
+
+ public Set<UserRole> getGlobalRoles() {
+ return globalRoles;
+ }
+
+ public void setGlobalRoles(Set<UserRole> globalRoles) {
+ this.globalRoles = globalRoles;
+ }
+
+ /**
+ * @param userRoleEn
+ */
+ public void addGlobalRole(UserRole userRole) {
+ if (globalRoles == null) {
+ globalRoles = new HashSet<UserRole>();
+ }
+
+ globalRoles.add(userRole);
+ }
+
+ /**
+ * @param roleEn
+ */
+ public void removeGlobalRole(UserRole roleEn) {
+ if (globalRoles != null)
+ globalRoles.remove(roleEn);
+ }
+
}
Deleted: labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/SuperUsers.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/SuperUsers.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/SuperUsers.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -1,109 +0,0 @@
-/*
- * JBoss Labs. http://labs.jboss.com/jbosslabs
- *
- * Copyright © 2008 Red Hat Middleware, LLC. All rights reserved.
- *
- * This copyrighted material is made available to anyone wishing to use,
- * modify, copy, or redistribute it subject to the terms and conditions
- * of the GNU Lesser General Public License, v. 2.1.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT A WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License, v.2.1 along with this distribution; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- * 02110-1301, USA.
- *
- * Red Hat Author(s): Bob McWhirter, Przemyslaw Dej, Ryszard Kozmik,
- * Tomasz Szymanski, Adam Warski, Pawel Wrzeszcz
- */
-/**
- *
- */
-package org.jboss.labs.core.model.auth;
-
-import java.io.Serializable;
-import java.util.Set;
-import java.util.TreeSet;
-
-import javax.persistence.Entity;
-import javax.persistence.Id;
-import javax.persistence.OneToMany;
-
-import org.jboss.labs.exception.auth.NoSuchSuperUserException;
-
-/**
- * @author tomaszszymanski
- *
- */
-
- at Entity
-public class SuperUsers implements Serializable {
-
- /**
- *
- */
- private static final long serialVersionUID = 1L;
-
- @Id
- private String id;
-
- @OneToMany
- private Set<User> superUsers;
-
- public SuperUsers() { }
-
- public SuperUsers(AuthID id) {
- this.id = id.getAuthId();
- }
-
- public Set<User> getSuperUsers() {
- return superUsers;
- }
-
- public void addSuperUser(User user) {
- if (superUsers == null) {
- superUsers = new TreeSet<User>();
- }
-
- superUsers.add(user);
- }
-
- public String getId() {
- return id;
- }
-
- public void setId(String id) {
- this.id = id;
- }
-
- public void setSuperUsers(Set<User> superUsers) {
- this.superUsers = superUsers;
- }
-
- public boolean equals(Object o) {
- if (o == null)
- return false;
-
- if (o instanceof SuperUsers) {
- return id.equals(((SuperUsers) o).getId());
- }
-
- return false;
- }
-
- /**
- * @param userEn
- * @throws NoSuchSuperUserException
- */
- public void removeSuperUser(User userEn) throws NoSuchSuperUserException {
- if (superUsers == null || !superUsers.contains(userEn)) {
- throw new NoSuchSuperUserException("SuperUsers = "+id+" don't have a user "+userEn);
- }
-
- superUsers.remove(userEn);
- }
-}
Modified: labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/User.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/User.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/User.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -27,7 +27,7 @@
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.Id;
-import javax.persistence.OneToMany;
+import javax.persistence.ManyToMany;
import javax.persistence.Version;
import java.io.Serializable;
@@ -58,7 +58,7 @@
private String password;
- @OneToMany(fetch=FetchType.EAGER)
+ @ManyToMany(fetch=FetchType.EAGER)
private Set<UserRole> userRoles = new TreeSet<UserRole>();
public User() {
Modified: labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/UserRole.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/UserRole.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/core/model/auth/UserRole.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -23,9 +23,12 @@
package org.jboss.labs.core.model.auth;
import java.io.Serializable;
+import java.util.HashSet;
+import java.util.Set;
import javax.persistence.Entity;
import javax.persistence.Id;
+import javax.persistence.ManyToMany;
@Entity
public class UserRole implements Comparable<UserRole>, Serializable {
@@ -39,6 +42,12 @@
private String description;
+ @ManyToMany(mappedBy = "userRoles")
+ private Set<User> users;
+
+ @ManyToMany(mappedBy = "globalRoles")
+ private Set<ServiceRole> serviceRoles;
+
public UserRole() {
}
@@ -87,4 +96,59 @@
return id.hashCode();
}
+ public Set<User> getUsers() {
+ return users;
+ }
+
+ public void setUsers(Set<User> users) {
+ this.users = users;
+ }
+
+ /**
+ * @param userEn
+ */
+ public void addUser(User userEn) {
+ if (users == null) {
+ users = new HashSet<User>();
+ }
+
+ users.add(userEn);
+ }
+
+ /**
+ * @param userEn
+ */
+ public void removeUser(User userEn) {
+ if (users != null) {
+ users.remove(userEn);
+ }
+ }
+
+ public Set<ServiceRole> getServiceRoles() {
+ return serviceRoles;
+ }
+
+ public void setServiceRoles(Set<ServiceRole> serviceRoles) {
+ this.serviceRoles = serviceRoles;
+ }
+
+ /**
+ * @param serviceRoleEn
+ */
+ public void addServiceRole(ServiceRole serviceRole) {
+ if (serviceRoles == null) {
+ serviceRoles = new HashSet<ServiceRole>();
+ }
+
+ serviceRoles.add(serviceRole);
+ }
+
+ /**
+ * @param srEn
+ */
+ public void removeServiceRole(ServiceRole srEn) {
+ if (serviceRoles != null)
+ serviceRoles.remove(srEn);
+ }
+
}
Added: labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/exception/auth/NoSuchCustomIDException.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/exception/auth/NoSuchCustomIDException.java (rev 0)
+++ labs/jbosslabs/labs-3.0-build/core/core-model/src/main/java/org/jboss/labs/exception/auth/NoSuchCustomIDException.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -0,0 +1,44 @@
+/**
+ *
+ */
+package org.jboss.labs.exception.auth;
+
+import org.jboss.labs.exception.LabsException;
+
+/*
+ * JBoss Labs. http://labs.jboss.com/jbosslabs
+ *
+ * Copyright © 2008 Red Hat Middleware, LLC. All rights reserved.
+ *
+ * This copyrighted material is made available to anyone wishing to use,
+ * modify, copy, or redistribute it subject to the terms and conditions
+ * of the GNU Lesser General Public License, v. 2.1.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT A WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License, v.2.1 along with this distribution; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * Red Hat Author(s): Bob McWhirter, Przemyslaw Dej, Ryszard Kozmik,
+ * Tomasz Szymanski, Adam Warski, Pawel Wrzeszcz
+ */
+
+/**
+ * @author tomaszszymanski
+ *
+ */
+public class NoSuchCustomIDException extends LabsException {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
+
+ public NoSuchCustomIDException(String msg) {
+ super(msg);
+ }
+}
Modified: labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/AuthenticationServiceImpl.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/AuthenticationServiceImpl.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/AuthenticationServiceImpl.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -84,19 +84,27 @@
// check project superusers if this is a project
if (id instanceof ProjectID
- && userService.getSuperusersForProject(id.getAuthId()).contains(
- user)) {
+ && userService.getSuperusersForProject(id.getAuthId())
+ .contains(user)) {
return true;
}
+ // check global bindings
+ boolean allowedGlobal = !Collections.disjoint(user.getUserRoles(), serviceRole.getGlobalRoles());
+
+ // if allowed here just return true
+ if (allowedGlobal) {
+ return true;
+ }
+
// check bindings
- List<UserRole> results = (List<UserRole>)manager
+ List<UserRole> results = (List<UserRole>) manager
.createQuery(
"SELECT userRole FROM Binding b WHERE b.authId = :id AND b.serviceRole = :serviceRole AND b.service = :service")
.setParameter("id", id)
.setParameter("serviceRole", serviceRole).setParameter(
"service", service).getResultList();
-
+
return !Collections.disjoint(user.getUserRoles(), results);
}
}
Modified: labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/CustomIDServiceImpl.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/CustomIDServiceImpl.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/CustomIDServiceImpl.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -1,5 +1,7 @@
package org.jboss.labs.auth.impl;
+import java.util.Arrays;
+import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
@@ -14,13 +16,14 @@
import org.jboss.labs.auth.custom.CustomIDHandler;
import org.jboss.labs.auth.custom.CustomIDProvider;
import org.jboss.labs.core.model.auth.CustomID;
+import org.jboss.labs.exception.auth.NoSuchCustomIDException;
@Service
public class CustomIDServiceImpl implements CustomIDService, CustomIDHandler {
@PersistenceContext(name = "auth_model")
private EntityManager manager;
-
+
private static final Logger log = Logger
.getLogger(CustomIDServiceImpl.class);
@@ -35,13 +38,13 @@
if (provider.isBuffered()) {
customIDs.put(provider, new HashSet<CustomID>(provider
.getCustomIDs()));
-
+
for (CustomID id : customIDs.get(provider)) {
checkAndPersist(id);
}
}
}
-
+
private void checkAndPersist(CustomID id) {
if (manager.find(CustomID.class, id.getAuthId()) == null) {
manager.persist(id);
@@ -53,14 +56,14 @@
*
* @see org.jboss.labs.auth.custom.CustomIDHandler#addCustomIDs(java.util.Set)
*/
- public void addCustomIDs(CustomIDProvider provider, Set<CustomID> newIds) {
+ public void addCustomIDs(CustomIDProvider provider, CustomID... newIds) {
if (!provider.isBuffered()) {
log
.warn("You're using addCustomIDs method, even tho provider is not buffered ! Provider: "
+ provider);
} else {
- customIDs.get(provider).addAll(newIds);
-
+ customIDs.get(provider).addAll(Arrays.asList(newIds));
+
for (CustomID id : newIds) {
manager.persist(id);
}
@@ -72,16 +75,19 @@
*
* @see org.jboss.labs.auth.custom.CustomIDHandler#removeCustomIDs(java.util.Set)
*/
- public void removeCustomIDs(CustomIDProvider provider, Set<CustomID> ids) {
+ public void removeCustomIDs(CustomIDProvider provider, CustomID... ids)
+ throws NoSuchCustomIDException {
if (!provider.isBuffered()) {
log
.warn("You're using removeCustomIDs method, even tho provider is not buffered ! Provider: "
+ provider);
} else {
- customIDs.get(provider).removeAll(ids);
-
+ customIDs.get(provider).removeAll(Arrays.asList(ids));
+
for (CustomID id : ids) {
- manager.remove(id);
+ if (manager.find(CustomID.class, id) != null) {
+ manager.remove(id);
+ }
}
}
}
Modified: labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/RoleBinderServiceImpl.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/RoleBinderServiceImpl.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/RoleBinderServiceImpl.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -23,6 +23,7 @@
package org.jboss.labs.auth.impl;
import java.security.Principal;
+import java.util.List;
import java.util.Set;
import java.util.TreeSet;
@@ -43,10 +44,10 @@
import org.jboss.labs.core.model.auth.ProjectID;
import org.jboss.labs.core.model.auth.Service;
import org.jboss.labs.core.model.auth.ServiceRole;
-import org.jboss.labs.core.model.auth.SuperUsers;
import org.jboss.labs.core.model.auth.User;
import org.jboss.labs.core.model.auth.UserRole;
import org.jboss.labs.exception.auth.BindingAlreadyExistsException;
+import org.jboss.labs.exception.auth.NoSuchCustomIDException;
import org.jboss.labs.exception.auth.NoSuchServiceRoleException;
import org.jboss.labs.exception.auth.NoSuchSuperUserException;
import org.jboss.labs.exception.auth.NoSuchUserException;
@@ -69,7 +70,15 @@
public <E extends Enum<E>> void bindRolesWithId(E serviceRole,
UserRole role, CustomID customId) throws NoSuchUserRoleException,
- BindingAlreadyExistsException {
+ BindingAlreadyExistsException, NoSuchCustomIDException {
+
+ CustomID cidEn = manager.find(CustomID.class, customId.getAuthId());
+
+ if (cidEn == null) {
+ throw new NoSuchCustomIDException("CustomID with an id: "
+ + customId.getAuthId() + " doesn't exist");
+ }
+
bindRolesWith(serviceRole, role, customId);
}
@@ -92,12 +101,7 @@
Service service = getService(serviceRole);
- if (manager
- .createQuery(
- "SELECT b FROM Binding b where b.authId = :id and b.userRole = :userRole and b.serviceRole = :serviceRole and b.service = :service")
- .setParameter("id", authID).setParameter("userRole", roleEn)
- .setParameter("serviceRole", srEn).setParameter("service",
- service).getResultList().size() > 1) {
+ if (getBinding(srEn, roleEn, authID, service) != null) {
throw new BindingAlreadyExistsException("Binding for servicerole: "
+ serviceRole + ", role: " + role + " and id: " + authID
+ " already exists");
@@ -112,6 +116,30 @@
manager.persist(b);
}
+ @SuppressWarnings("unchecked")
+ private Binding getBinding(ServiceRole serviceRole, UserRole userRole,
+ AuthID authID, Service service) {
+ List<Binding> q = manager
+ .createQuery(
+ "SELECT b FROM Binding b where b.authId = :id and b.userRole = :userRole and b.serviceRole = :serviceRole and b.service = :service")
+ .setParameter("id", authID).setParameter("userRole", userRole)
+ .setParameter("serviceRole", serviceRole).setParameter(
+ "service", service).getResultList();
+
+ if (q.size() == 0) {
+ return null;
+ }
+
+ if (q.size() == 1) {
+ return q.get(0);
+ } else {
+ throw new RuntimeException(
+ "More then one binding for service role " + serviceRole
+ + " user role " + userRole + " authid " + authID
+ + " and service " + service);
+ }
+ }
+
public <E extends Enum<E>> void exposeServiceRoles(E[] serviceRoleList) {
Service service = getService(serviceRoleList);
@@ -151,10 +179,16 @@
.getServiceID(serviceRoleList[0]));
}
- public <E extends Enum<E>> void bindRolesGlobal(E serviceRole, UserRole role) {
- // TODO Auto-generated method stub
- throw new RuntimeException(
- "bindRolesGlobal(...) is not implemented yet");
+ public <E extends Enum<E>> void bindRolesGlobal(E serviceRole, UserRole role)
+ throws NoSuchUserRoleException {
+ ServiceRole serviceRoleEn = getServiceRole(serviceRole);
+ UserRole userRoleEn = userService.getUserRole(role);
+
+ serviceRoleEn.addGlobalRole(userRoleEn);
+ userRoleEn.addServiceRole(serviceRoleEn);
+
+ manager.merge(serviceRoleEn);
+ manager.merge(userRoleEn);
}
public void grantUserProjectSuperrole(Principal user, String projectId)
@@ -162,16 +196,9 @@
User userEn = userService.getUserByLogin(user.getName());
ProjectID pid = getProjectID(projectId);
- SuperUsers su = manager.find(SuperUsers.class, pid.getAuthId());
+ pid.addSuperUser(userEn);
- if (su == null) {
- su = new SuperUsers(pid);
- manager.persist(su);
- }
-
- su.addSuperUser(userEn);
-
- manager.merge(su);
+ manager.merge(pid);
}
public void grantUserSuperrole(Principal user) throws NoSuchUserException {
@@ -199,8 +226,8 @@
"Service role list has to have at least one role");
}
- Service service = manager.find(Service.class, serviceRoleList[0]
- .getDeclaringClass().getName());
+ Service service = manager.find(Service.class, AuthHelper
+ .getServiceID(serviceRoleList[0]));
if (service == null) {
service = new Service(serviceRoleList[0].getDeclaringClass()
@@ -243,16 +270,9 @@
User userEn = userService.getUserByLogin(user.getName());
ProjectID pid = getProjectID(projectId);
- SuperUsers su = manager.find(SuperUsers.class, pid.getAuthId());
+ pid.removeSuperUser(userEn);
- if (su == null) {
- su = new SuperUsers(pid);
- manager.persist(su);
- }
-
- su.removeSuperUser(userEn);
-
- manager.merge(su);
+ manager.merge(pid);
}
/*
@@ -265,4 +285,72 @@
revokeUserProjectSuperrole(user, AuthHelper.GLOBAL_PROJECT);
}
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.labs.auth.RoleBinderService#removeBindingGlobal(java.lang.Enum,
+ * org.jboss.labs.core.model.auth.UserRole)
+ */
+ public <E extends Enum<E>> void removeBindingGlobal(E serviceRole,
+ UserRole role) throws NoSuchUserRoleException {
+ ServiceRole srEn = getServiceRole(serviceRole);
+ UserRole roleEn = userService.getUserRole(role);
+
+ srEn.removeGlobalRole(roleEn);
+ roleEn.removeServiceRole(srEn);
+
+ manager.merge(srEn);
+ manager.merge(roleEn);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.labs.auth.RoleBinderService#removeBindingWithId(java.lang.Enum,
+ * org.jboss.labs.core.model.auth.UserRole,
+ * org.jboss.labs.core.model.auth.CustomID)
+ */
+ public <E extends Enum<E>> void removeBindingWithId(E serviceRole,
+ UserRole role, CustomID customId) throws NoSuchUserRoleException {
+ removeBindingWith(serviceRole, role, customId);
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.labs.auth.RoleBinderService#removeBindingWithProject(java.lang.Enum,
+ * org.jboss.labs.core.model.auth.UserRole, java.lang.String)
+ */
+ public <E extends Enum<E>> void removeBindingWithProject(E serviceRole,
+ UserRole role, String projectId) throws NoSuchUserRoleException {
+ removeBindingWith(serviceRole, role, getProjectID(projectId));
+ }
+
+ private <E extends Enum<E>> void removeBindingWith(E serviceRole,
+ UserRole role, AuthID authID) throws NoSuchUserRoleException {
+ ServiceRole srEn = getServiceRole(serviceRole);
+ UserRole roleEn = userService.getUserRole(role);
+ Service service = getService(serviceRole);
+
+ manager.remove(getBinding(srEn, roleEn, authID, service));
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.labs.auth.RoleBinderService#removeAllBindingsForUserRole(org.jboss.labs.core.model.auth.UserRole)
+ */
+ @SuppressWarnings("unchecked")
+ public void removeAllBindingsForUserRole(UserRole role) {
+ List<Binding> bl = manager.createQuery(
+ "SELECT b from Binding b WHERE b.userRole = :role")
+ .setParameter("role", role).getResultList();
+
+ if (bl.size() > 0) {
+ for (Binding b : bl) {
+ manager.remove(b);
+ }
+ }
+ }
+
}
Modified: labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/UserServiceImpl.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/UserServiceImpl.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/services/credential/src/main/java/org/jboss/labs/auth/impl/UserServiceImpl.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -25,13 +25,11 @@
import java.security.Principal;
import java.util.HashSet;
+import java.util.List;
import java.util.Set;
import java.util.TreeSet;
-import javax.annotation.PostConstruct;
import javax.ejb.Stateless;
-import javax.ejb.TransactionAttribute;
-import javax.ejb.TransactionAttributeType;
import javax.interceptor.AroundInvoke;
import javax.interceptor.Interceptors;
import javax.interceptor.InvocationContext;
@@ -42,12 +40,13 @@
import org.jboss.labs.auth.AuthHelper;
import org.jboss.labs.auth.RoleBinderService;
import org.jboss.labs.auth.UserService;
+import org.jboss.labs.core.model.auth.ProjectID;
import org.jboss.labs.core.model.auth.User;
import org.jboss.labs.core.model.auth.UserRole;
import org.jboss.labs.exception.LabsException;
import org.jboss.labs.exception.auth.NoSuchRoleForUserException;
+import org.jboss.labs.exception.auth.NoSuchUserException;
import org.jboss.labs.exception.auth.NoSuchUserRoleException;
-import org.jboss.labs.exception.auth.NoSuchUserException;
import org.jboss.labs.exception.auth.RoleExistsException;
import org.jboss.labs.exception.auth.UserExistsException;
import org.jboss.labs.injection.ejb3.LabsInjectionInterceptor;
@@ -55,7 +54,7 @@
import com.google.inject.Inject;
@Stateless
- at Interceptors({LabsInjectionInterceptor.class})
+ at Interceptors( { LabsInjectionInterceptor.class })
public class UserServiceImpl implements UserService {
@PersistenceContext(name = "auth_model")
@@ -99,7 +98,7 @@
log.error(e1);
}
}
-
+
try {
addUserRoleToUser(admin, adminRole);
} catch (LabsException e2) {
@@ -117,7 +116,6 @@
log.error(e1);
}
}
-
try {
addUserRoleToUser(user, userRole);
@@ -127,7 +125,7 @@
}
}
-
+
return ctx.proceed();
}
@@ -150,6 +148,10 @@
userEn.addRole(roleEn);
manager.merge(userEn);
+
+ roleEn.addUser(userEn);
+
+ manager.merge(roleEn);
}
public Set<UserRole> getRolesForUser(Principal user)
@@ -199,7 +201,7 @@
if (user == null) {
throw new NoSuchUserException("User cannot be null");
}
-
+
return getUser(user.getName());
}
@@ -207,7 +209,7 @@
if (login == null) {
throw new NoSuchUserException("User login cannot be null");
}
-
+
User userEn = manager.find(User.class, login);
if (userEn == null) {
@@ -256,6 +258,8 @@
public void removeUserRole(UserRole role) throws NoSuchUserRoleException {
UserRole roleEn = getUserRole(role);
+ binderService.removeAllBindingsForUserRole(roleEn);
+
manager.remove(roleEn);
}
@@ -264,18 +268,8 @@
*
* @see org.jboss.labs.auth.UserService#getSuperusers()
*/
- @SuppressWarnings("unchecked")
public Set<User> getSuperusers() {
- Set<User> usrs = (Set<User>) manager.createQuery(
- "SELECT superUsers FROM SuperUsers su WHERE su.id = :project")
- .setParameter("project", binderService.getGlobalProjectID().getAuthId())
- .getSingleResult();
-
- if (usrs != null) {
- return new TreeSet<User>(usrs);
- } else {
- return new TreeSet<User>();
- }
+ return getSuperusersForProject(binderService.getGlobalProjectID());
}
/*
@@ -283,15 +277,13 @@
*
* @see org.jboss.labs.auth.UserService#getSuperusersForProject(java.lang.String)
*/
- @SuppressWarnings("unchecked")
public Set<User> getSuperusersForProject(String projectId) {
- Set<User> usrs = (Set<User>) manager.createQuery(
- "SELECT superUsers FROM SuperUsers su WHERE su.id = :project")
- .setParameter("project", binderService.getProjectID(projectId).getAuthId())
- .getSingleResult();
+ return getSuperusersForProject(binderService.getProjectID(projectId));
+ }
- if (usrs != null) {
- return new TreeSet<User>(usrs);
+ private Set<User> getSuperusersForProject(ProjectID projectID) {
+ if (projectID.getSuperUsers() != null) {
+ return new TreeSet<User>(projectID.getSuperUsers());
} else {
return new TreeSet<User>();
}
@@ -333,33 +325,52 @@
manager.persist(userEn);
}
- /* (non-Javadoc)
+ /*
+ * (non-Javadoc)
+ *
* @see org.jboss.labs.auth.UserService#removeUser(java.security.Principal)
*/
public void removeUser(Principal user) throws NoSuchUserException {
User userEn = getUser(user);
+ for (UserRole ur : userEn.getUserRoles()) {
+ ur.removeUser(userEn);
+ manager.merge(ur);
+ }
+
manager.remove(userEn);
}
- /* (non-Javadoc)
+ /*
+ * (non-Javadoc)
+ *
* @see org.jboss.labs.auth.UserService#getCommonRoleForProject(java.lang.String)
*/
public UserRole getCommonRoleForProject(String projectId) {
UserRole u = null;
-
+
try {
u = getUserRole(AuthHelper.getCommonProjectId(projectId));
} catch (NoSuchUserRoleException e) {
- u = new UserRole(AuthHelper.getCommonProjectId(projectId), "Common role for project: "+projectId);
+ u = new UserRole(AuthHelper.getCommonProjectId(projectId),
+ "Common role for project: " + projectId);
try {
addUserRole(u);
} catch (RoleExistsException e1) {
// not going to happen
}
}
-
+
return u;
}
-
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.labs.auth.UserService#getUsersFromUserRole(org.jboss.labs.core.model.auth.UserRole)
+ */
+ public Set<User> getUsersFromUserRole(UserRole role) throws NoSuchUserRoleException {
+ return new TreeSet<User>(getUserRole(role.getId()).getUsers());
+ }
+
}
Modified: labs/jbosslabs/labs-3.0-build/services/credential/src/main/resources/META-INF/persistence.xml
===================================================================
--- labs/jbosslabs/labs-3.0-build/services/credential/src/main/resources/META-INF/persistence.xml 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/services/credential/src/main/resources/META-INF/persistence.xml 2008-03-03 19:14:36 UTC (rev 18665)
@@ -13,7 +13,6 @@
<class>org.jboss.labs.core.model.auth.ProjectID</class>
<class>org.jboss.labs.core.model.auth.Service</class>
<class>org.jboss.labs.core.model.auth.ServiceRole</class>
- <class>org.jboss.labs.core.model.auth.SuperUsers</class>
<class>org.jboss.labs.core.model.auth.UserRole</class>
<class>org.jboss.labs.core.model.auth.User</class>
</persistence-unit>
Modified: labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/CredentialTest.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/CredentialTest.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/CredentialTest.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -9,6 +9,7 @@
import org.jboss.labs.auth.AuthenticationService;
import org.jboss.labs.auth.RoleBinderService;
import org.jboss.labs.auth.UserService;
+import org.jboss.labs.core.model.auth.Service;
import org.jboss.labs.core.model.auth.User;
import org.jboss.labs.core.model.auth.UserRole;
import org.jboss.labs.exception.auth.NoSuchUserException;
@@ -63,8 +64,11 @@
protected final static String TEST_PROJECT = "TEST_PROJECT";
+ protected final static String TEST_PROJECT_2 = "TEST_PROJECT_2";
+
private Set<User> usersToDelete;
private Set<UserRole> rolesToDelete;
+ private Set<Service> servicesToDelete;
protected String getUniqueUserID() {
return getUniqueUserID(USER_ID);
@@ -143,5 +147,6 @@
usersToDelete = new HashSet<User>();
rolesToDelete = new HashSet<UserRole>();
+ servicesToDelete = new HashSet<Service>();
}
}
Added: labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/RoleBinderAndAuthTest.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/RoleBinderAndAuthTest.java (rev 0)
+++ labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/RoleBinderAndAuthTest.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -0,0 +1,184 @@
+/**
+ *
+ */
+package org.jboss.labs.test.credential;
+
+import java.util.Collections;
+import java.util.Set;
+
+import org.jboss.labs.auth.custom.CustomIDProvider;
+import org.jboss.labs.core.model.auth.*;
+import org.jboss.labs.exception.LabsException;
+import org.jboss.labs.exception.auth.BindingAlreadyExistsException;
+import org.jboss.labs.exception.auth.NoSuchCustomIDException;
+import org.jboss.labs.exception.auth.NoSuchUserException;
+import org.jboss.labs.exception.auth.NoSuchUserRoleException;
+import org.jboss.labs.exception.auth.RoleExistsException;
+import org.jboss.labs.exception.auth.UserExistsException;
+
+/*
+ * JBoss Labs. http://labs.jboss.com/jbosslabs
+ *
+ * Copyright © 2008 Red Hat Middleware, LLC. All rights reserved.
+ *
+ * This copyrighted material is made available to anyone wishing to use, modify,
+ * copy, or redistribute it subject to the terms and conditions of the GNU
+ * Lesser General Public License, v. 2.1.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT A
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ * A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License,
+ * v.2.1 along with this distribution; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
+ * USA.
+ *
+ * Red Hat Author(s): Bob McWhirter, Przemyslaw Dej, Ryszard Kozmik, Tomasz
+ * Szymanski, Adam Warski, Pawel Wrzeszcz
+ */
+
+/**
+ * @author tomaszszymanski
+ *
+ */
+public class RoleBinderAndAuthTest extends CredentialTest {
+
+ public void testGlobalBindings() throws UserExistsException,
+ RoleExistsException, NoSuchUserException, NoSuchUserRoleException {
+
+ binderService.exposeServiceRoles(TestRoles.values());
+
+ // create users and role
+ User u1 = getNewUser();
+ User u2 = getNewUser();
+
+ UserRole ur = getNewUserRole();
+
+ // give one user a role
+ userService.bindRoleToUser(u1, ur);
+
+ // bind globally userrole to admin service role
+ binderService.bindRolesGlobal(TestRoles.ADMIN, ur);
+
+ // u1 should be allowed
+ assertTrue(authService.isAllowedProject(u1, TestRoles.ADMIN,
+ TEST_PROJECT));
+
+ // u1 should be also allowed in different project
+ assertTrue(authService.isAllowedProject(u1, TestRoles.ADMIN,
+ TEST_PROJECT_2));
+
+ // u2 should be not allowed
+ assertFalse(authService.isAllowedProject(u2, TestRoles.ADMIN,
+ TEST_PROJECT));
+
+ // try removing a role
+ binderService.removeBindingGlobal(TestRoles.ADMIN, ur);
+
+ // now u1 should not be allowed
+ assertFalse(authService.isAllowedProject(u1, TestRoles.ADMIN,
+ TEST_PROJECT));
+ }
+
+ public void testProjectBindings() throws LabsException {
+ binderService.exposeServiceRoles(TestRoles.values());
+
+ // create users and role
+ User u1 = getNewUser();
+ User u2 = getNewUser();
+
+ UserRole ur = getNewUserRole();
+
+ // give one user a role
+ userService.bindRoleToUser(u1, ur);
+
+ // bind userrole to admin service role for project TEST_PROJECT
+ binderService.bindRolesWithProject(TestRoles.ADMIN, ur, TEST_PROJECT);
+
+ // u1 should be allowed
+ assertTrue(authService.isAllowedProject(u1, TestRoles.ADMIN,
+ TEST_PROJECT));
+
+ // u1 should not be allowed in different project
+ assertFalse(authService.isAllowedProject(u1, TestRoles.ADMIN,
+ TEST_PROJECT_2));
+
+ // u2 should be not allowed at all
+ assertFalse(authService.isAllowedProject(u2, TestRoles.ADMIN,
+ TEST_PROJECT));
+
+ // try removing a role
+ binderService.removeBindingWithProject(TestRoles.ADMIN, ur,
+ TEST_PROJECT);
+
+ // now u1 should not be allowed
+ assertFalse(authService.isAllowedProject(u1, TestRoles.ADMIN,
+ TEST_PROJECT));
+ }
+
+ public void testBufferedCustomIDProviders() throws NoSuchUserRoleException,
+ BindingAlreadyExistsException, NoSuchUserException,
+ RoleExistsException, UserExistsException, NoSuchCustomIDException {
+
+ // create provider
+ CustomIDProvider providerBuf = new CustomIDProvider() {
+
+ @Override
+ public Set<CustomID> getCustomIDs() {
+ return Collections.emptySet();
+ }
+
+ };
+
+ binderService.exposeServiceRolesAndRegisterCustomIDProvider(TestRoles
+ .values(), providerBuf);
+
+ // create users and role
+ User u1 = getNewUser();
+ User u2 = getNewUser();
+
+ UserRole ur = getNewUserRole();
+
+ // give one user a role
+ userService.bindRoleToUser(u1, ur);
+
+ CustomID testCustomID1 = new CustomID("TestCustomID1",
+ "This is test custom id");
+ CustomID testCustomID2 = new CustomID("TestCustomID2",
+ "This is test custom id");
+
+ providerBuf.addCustomIDs(testCustomID1);
+
+ // bind with customID
+ binderService.bindRolesWithId(TestRoles.KOPYTKO, ur, testCustomID1);
+
+ // bind with customID that wasn't registered
+ try {
+ binderService.bindRolesWithId(TestRoles.KOPYTKO, ur, testCustomID2);
+ fail("Bound with an non-existing custom id");
+ } catch (NoSuchCustomIDException e) {
+ // this was expected
+ }
+
+ // check if suer is allowed
+ assertTrue(authService.isAllowedCustom(u1, TestRoles.KOPYTKO, testCustomID1));
+
+ // user 2 shoulnd't be allowed
+ assertFalse(authService.isAllowedCustom(u2, TestRoles.KOPYTKO, testCustomID1));
+
+ // revoke customid1
+ binderService.removeBindingWithId(TestRoles.KOPYTKO, ur, testCustomID1);
+
+ // now user shouldn't be allowed
+ assertFalse(authService.isAllowedCustom(u1, TestRoles.KOPYTKO, testCustomID1));
+
+ // give it again
+ binderService.bindRolesWithId(TestRoles.KOPYTKO, ur, testCustomID1);
+
+ //remove custom id in use
+ providerBuf.removeCustomIDs(testCustomID1);
+
+ }
+}
Modified: labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/UserServiceTest.java
===================================================================
--- labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/UserServiceTest.java 2008-03-03 17:57:06 UTC (rev 18664)
+++ labs/jbosslabs/labs-3.0-build/views/labs-test/src/main/java/org/jboss/labs/test/credential/UserServiceTest.java 2008-03-03 19:14:36 UTC (rev 18665)
@@ -199,6 +199,23 @@
// also if we get him
assertFalse(userService.getUserByLogin(user.getName()).getUserRoles()
.contains(role2));
+
+ // try getting users from role
+ UserRole common = getNewUserRole();
+ User second = getNewUser();
+ User other = getNewUser();
+
+ userService.bindRoleToUser(user, common);
+ userService.bindRoleToUser(second, common);
+
+ Set<User> usrs = userService.getUsersFromUserRole(common);
+
+ // check if they're in a role
+ assertTrue(usrs.contains(user));
+ assertTrue(usrs.contains(second));
+
+ // other shouldn't be here
+ assertFalse(usrs.contains(other));
}
public void testSuperusers() throws UserExistsException,
@@ -224,6 +241,11 @@
// check global
assertFalse(userService.getSuperusers().contains(global));
+
+ // try iteration
+ for (User u : userService.getSuperusers()) {
+ assertNotNull(u.getName());
+ }
// remove prj
binderService.revokeUserProjectSuperrole(prj, TEST_PROJECT);
@@ -231,6 +253,7 @@
// check project
assertFalse(userService.getSuperusersForProject(TEST_PROJECT).contains(
prj));
+
}
}
More information about the jboss-svn-commits
mailing list