What I meant was SEND instead of SQS_SEND_MESSAGE, RECEIVE instead of SQS_RECEIVE_MESSAGE, DELETE instead of SQS_DELETE_MESSAGE for an example.
Danushka On Sat, Feb 12, 2011 at 11:55 AM, Amila Suriarachchi <[email protected]> wrote: > > > On Sat, Feb 12, 2011 at 8:52 AM, Danushka Menikkumbura > <[email protected]>wrote: > >> I think its better if we could mange with existing actions and add >> something if you really need it. > > > SQS Queue as its own set of actions. So there is need to add them. > > >> Also try to use generic actions rather than making them SQS specific as >> much as possible so that they could be reusable. >> > > Here we implement the SQS Specification. we need to support the action > defined there. > > thanks, > Amila. > >> >> Danushka >> >> >> On Fri, Feb 11, 2011 at 1:32 PM, Manjula Rathnayake <[email protected]>wrote: >> >>> Hi, >>> >>> I have to add some operations in authorization TreeNode.java class to set >>> SQS permissions. >>> >>> Following is the svn diff. >>> >>> Index: >>> src/main/java/org/wso2/carbon/user/core/authorization/TreeNode.java >>> =================================================================== >>> --- >>> src/main/java/org/wso2/carbon/user/core/authorization/TreeNode.java >>> (revision 87092) >>> +++ >>> src/main/java/org/wso2/carbon/user/core/authorization/TreeNode.java >>> (working copy) >>> @@ -28,28 +28,43 @@ >>> * A node in the Tree structure used to maintain hierarchical security >>> permissions. The growth >>> * of the tree is on the order of explicit permission statements, and >>> not on the number of >>> * resources whose permissions are maintained. >>> - * >>> */ >>> public class TreeNode { >>> >>> - public static enum Permission { GET, ADD, DELETE, EDIT, LOGIN, >>> MAN_CONFIG, MAN_LC_CONFIG, MAN_SEC, UP_SERV, >>> - MAN_SERV, MAN_MEDIA, MON_SYS, DEL_ID, AUTHORIZE, INV_SER, >>> UI_EXECUTE, SUBSCRIBE, PUBLISH, CONSUME, BROWSE} >>> + public static enum Permission { >>> + GET, ADD, DELETE, EDIT, LOGIN, MAN_CONFIG, MAN_LC_CONFIG, >>> MAN_SEC, UP_SERV, >>> + MAN_SERV, MAN_MEDIA, MON_SYS, DEL_ID, AUTHORIZE, INV_SER, >>> UI_EXECUTE, SUBSCRIBE, PUBLISH, CONSUME, BROWSE, >>> + SQS_SEND_MESSAGE, SQS_RECEIVE_MESSAGE, SQS_DELETE_MESSAGE, >>> SQS_CHANGE_MESSAGE_VISIBILITY, SQS_GET_QUEUE_ATTRIBUTES >>> + } >>> >>> - /** The name of the node - For the Registry, this would be the name >>> of a Collection/Rsource */ >>> + /** >>> + * The name of the node - For the Registry, this would be the name >>> of a Collection/Rsource >>> + */ >>> private String name; >>> - /** The children of this node - maintained on a Map by the names */ >>> + /** >>> + * The children of this node - maintained on a Map by the names >>> + */ >>> private Map<String, TreeNode> children = new HashMap<String, >>> TreeNode>(); >>> - /** Explicit allow permission for specific users */ >>> + /** >>> + * Explicit allow permission for specific users >>> + */ >>> private Map<String, BitSet> userAllowPermissions = new >>> HashMap<String, BitSet>(); >>> - /** Explicit deny permission for specific users */ >>> - private Map<String, BitSet> userDenyPermissions = new >>> HashMap<String, BitSet>(); >>> - /** Explicit allow permission for specific roles */ >>> + /** >>> + * Explicit deny permission for specific users >>> + */ >>> + private Map<String, BitSet> userDenyPermissions = new >>> HashMap<String, BitSet>(); >>> + /** >>> + * Explicit allow permission for specific roles >>> + */ >>> private Map<String, BitSet> roleAllowPermissions = new >>> HashMap<String, BitSet>(); >>> - /** Explicit deny permission for specific roles */ >>> - private Map<String, BitSet> roleDenyPermissions = new >>> HashMap<String, BitSet>(); >>> + /** >>> + * Explicit deny permission for specific roles >>> + */ >>> + private Map<String, BitSet> roleDenyPermissions = new >>> HashMap<String, BitSet>(); >>> >>> /** >>> * Constructor >>> + * >>> * @param name the name of the TreeNode >>> */ >>> TreeNode(String name) { >>> @@ -58,6 +73,7 @@ >>> >>> /** >>> * Get the child by the given name >>> + * >>> * @param name name of the child node >>> * @return the child with the given name, or null >>> */ >>> @@ -67,8 +83,9 @@ >>> >>> /** >>> * Is the 'user' authorized for the given permission p on this node? >>> + * >>> * @param user the name of the user >>> - * @param p the permission >>> + * @param p the permission >>> * @return Boolean.TRUE if authorized, Boolean.FALSE if not >>> */ >>> public Boolean isUserAuthorized(String user, Permission p) { >>> @@ -81,14 +98,15 @@ >>> } else if (bsAlow != null && bsAlow.get(p.ordinal())) { >>> return Boolean.TRUE; >>> } >>> - >>> + >>> return null; >>> } >>> >>> /** >>> * Is the 'role' authorized for the given permission p on this node? >>> + * >>> * @param role the name of the role >>> - * @param p the permission >>> + * @param p the permission >>> * @return Boolean.TRUE if authorized, Boolean.FALSE if not >>> */ >>> public Boolean isRoleAuthorized(String role, Permission p) { >>> @@ -107,8 +125,9 @@ >>> >>> /** >>> * Grant explicit authorization to the 'user' on this node for >>> permission p >>> + * >>> * @param user the user who is granted authorization >>> - * @param p the permission granted >>> + * @param p the permission granted >>> */ >>> public void authorizeUser(String user, Permission p) { >>> BitSet bsAllow = userAllowPermissions.get(user); >>> @@ -128,8 +147,9 @@ >>> >>> /** >>> * Grant explicit authorization to the 'role' on this node for >>> permission p >>> + * >>> * @param role the role that is granted authorization >>> - * @param p the permission granted >>> + * @param p the permission granted >>> */ >>> public void authorizeRole(String role, Permission p) { >>> BitSet bsAllow = roleAllowPermissions.get(role); >>> @@ -149,8 +169,9 @@ >>> >>> /** >>> * Deny explicit authorization to the 'user' on this node for >>> permission p >>> + * >>> * @param user the user that is denied authorization >>> - * @param p the permission denied >>> + * @param p the permission denied >>> */ >>> public void denyUser(String user, Permission p) { >>> BitSet bsDeny = userDenyPermissions.get(user); >>> @@ -170,8 +191,9 @@ >>> >>> /** >>> * Deny explicit authorization to the 'role' on this node for >>> permission p >>> + * >>> * @param role the role that is denied authorization >>> - * @param p the permission denied >>> + * @param p the permission denied >>> */ >>> public void denyRole(String role, Permission p) { >>> BitSet bsDeny = roleDenyPermissions.get(role); >>> @@ -191,6 +213,7 @@ >>> >>> /** >>> * Create the tree structure for the given paths array of nodes >>> + * >>> * @param paths an array of hierarchical nodes to be created, >>> in-order >>> * @return the reference to the lowest decendent created >>> */ >>> @@ -212,6 +235,7 @@ >>> >>> /** >>> * The name of the node >>> + * >>> * @return node name >>> */ >>> public String getName() { >>> @@ -220,6 +244,7 @@ >>> >>> /** >>> * The children of the node as a Map keyed by the name >>> + * >>> * @return the children as a Map >>> */ >>> public Map<String, TreeNode> getChildren() { >>> @@ -227,6 +252,7 @@ >>> } >>> >>> //-------- getters -------- >>> + >>> public Map<String, BitSet> getUserAllowPermissions() { >>> return userAllowPermissions; >>> } >>> @@ -255,7 +281,7 @@ >>> >>> Map<String, TreeNode> children = this.getChildren(); >>> if (null != children) { >>> - for (Map.Entry<String, TreeNode> entry : >>> children.entrySet()){ >>> + for (Map.Entry<String, TreeNode> entry : >>> children.entrySet()) { >>> TreeNode node = entry.getValue(); >>> if (null != node) { >>> node.clearNodes(); >>> @@ -266,7 +292,7 @@ >>> } >>> } >>> >>> - public int hashCode () { >>> + public int hashCode() { >>> int hash = 7; >>> hash = 31 * hash + (null == this.name ? 0 : >>> this.name.hashCode()); >>> hash = 31 * hash + (null == this.children ? 0 : >>> this.children.hashCode()); >>> @@ -276,6 +302,6 @@ >>> hash = 31 * hash + (null == this.roleDenyPermissions ? 0 : >>> this.roleDenyPermissions.hashCode()); >>> hash = 31 * hash + (null == this.roleDenyPermissions ? 0 : >>> this.roleDenyPermissions.hashCode()); >>> return hash; >>> - } >>> + } >>> >>> } >>> Index: >>> src/main/java/org/wso2/carbon/user/core/authorization/PermissionTreeUtil.java >>> =================================================================== >>> --- >>> src/main/java/org/wso2/carbon/user/core/authorization/PermissionTreeUtil.java >>> (revision 87092) >>> +++ >>> src/main/java/org/wso2/carbon/user/core/authorization/PermissionTreeUtil.java >>> (working copy) >>> @@ -99,6 +99,16 @@ >>> return TreeNode.Permission.BROWSE; >>> } else if ("consume".equals(action)) { >>> return TreeNode.Permission.CONSUME; >>> + }else if ("SendMessage".equals(action)) { >>> + return TreeNode.Permission.SQS_SEND_MESSAGE; >>> + }else if ("ReceiveMessage".equals(action)) { >>> + return TreeNode.Permission.SQS_RECEIVE_MESSAGE; >>> + }else if ("DeleteMessage".equals(action)) { >>> + return TreeNode.Permission.SQS_DELETE_MESSAGE; >>> + }else if ("ChangeMessageVisibility".equals(action)) { >>> + return TreeNode.Permission.SQS_CHANGE_MESSAGE_VISIBILITY; >>> + }else if ("GetQueueAttributes".equals(action)) { >>> + return TreeNode.Permission.SQS_GET_QUEUE_ATTRIBUTES; >>> } >>> >>> throw new IllegalArgumentException("Invalid action : " + >>> action); >>> >>> May I commit these changes to carbon user core module? >>> >>> >>> Thank you. >>> -- >>> Manjula Rathnayaka >>> Software Engineer >>> WSO2, Inc. >>> Mobile:+94 77 743 1987 >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
