On Sun, Feb 13, 2011 at 12:12 AM, Danushka Menikkumbura <[email protected]>wrote:
> What I meant was SEND instead of SQS_SEND_MESSAGE, RECEIVE instead of > SQS_RECEIVE_MESSAGE, DELETE instead of SQS_DELETE_MESSAGE for an example. > +1. thanks, Amila. > > Danushka > > > On Sat, Feb 12, 2011 at 11:55 AM, Amila Suriarachchi <[email protected]>wrote: > >> >> >> On Sat, Feb 12, 2011 at 8:52 AM, Danushka Menikkumbura <[email protected] >> > wrote: >> >>> I think its better if we could mange with existing actions and add >>> something if you really need it. >> >> >> SQS Queue as its own set of actions. So there is need to add them. >> >> >>> Also try to use generic actions rather than making them SQS specific as >>> much as possible so that they could be reusable. >>> >> >> Here we implement the SQS Specification. we need to support the action >> defined there. >> >> thanks, >> Amila. >> >>> >>> Danushka >>> >>> >>> On Fri, Feb 11, 2011 at 1:32 PM, Manjula Rathnayake >>> <[email protected]>wrote: >>> >>>> Hi, >>>> >>>> I have to add some operations in authorization TreeNode.java class to >>>> set SQS permissions. >>>> >>>> Following is the svn diff. >>>> >>>> Index: >>>> src/main/java/org/wso2/carbon/user/core/authorization/TreeNode.java >>>> =================================================================== >>>> --- >>>> src/main/java/org/wso2/carbon/user/core/authorization/TreeNode.java >>>> (revision 87092) >>>> +++ >>>> src/main/java/org/wso2/carbon/user/core/authorization/TreeNode.java >>>> (working copy) >>>> @@ -28,28 +28,43 @@ >>>> * A node in the Tree structure used to maintain hierarchical security >>>> permissions. The growth >>>> * of the tree is on the order of explicit permission statements, and >>>> not on the number of >>>> * resources whose permissions are maintained. >>>> - * >>>> */ >>>> public class TreeNode { >>>> >>>> - public static enum Permission { GET, ADD, DELETE, EDIT, LOGIN, >>>> MAN_CONFIG, MAN_LC_CONFIG, MAN_SEC, UP_SERV, >>>> - MAN_SERV, MAN_MEDIA, MON_SYS, DEL_ID, AUTHORIZE, INV_SER, >>>> UI_EXECUTE, SUBSCRIBE, PUBLISH, CONSUME, BROWSE} >>>> + public static enum Permission { >>>> + GET, ADD, DELETE, EDIT, LOGIN, MAN_CONFIG, MAN_LC_CONFIG, >>>> MAN_SEC, UP_SERV, >>>> + MAN_SERV, MAN_MEDIA, MON_SYS, DEL_ID, AUTHORIZE, INV_SER, >>>> UI_EXECUTE, SUBSCRIBE, PUBLISH, CONSUME, BROWSE, >>>> + SQS_SEND_MESSAGE, SQS_RECEIVE_MESSAGE, SQS_DELETE_MESSAGE, >>>> SQS_CHANGE_MESSAGE_VISIBILITY, SQS_GET_QUEUE_ATTRIBUTES >>>> + } >>>> >>>> - /** The name of the node - For the Registry, this would be the name >>>> of a Collection/Rsource */ >>>> + /** >>>> + * The name of the node - For the Registry, this would be the name >>>> of a Collection/Rsource >>>> + */ >>>> private String name; >>>> - /** The children of this node - maintained on a Map by the names */ >>>> + /** >>>> + * The children of this node - maintained on a Map by the names >>>> + */ >>>> private Map<String, TreeNode> children = new HashMap<String, >>>> TreeNode>(); >>>> - /** Explicit allow permission for specific users */ >>>> + /** >>>> + * Explicit allow permission for specific users >>>> + */ >>>> private Map<String, BitSet> userAllowPermissions = new >>>> HashMap<String, BitSet>(); >>>> - /** Explicit deny permission for specific users */ >>>> - private Map<String, BitSet> userDenyPermissions = new >>>> HashMap<String, BitSet>(); >>>> - /** Explicit allow permission for specific roles */ >>>> + /** >>>> + * Explicit deny permission for specific users >>>> + */ >>>> + private Map<String, BitSet> userDenyPermissions = new >>>> HashMap<String, BitSet>(); >>>> + /** >>>> + * Explicit allow permission for specific roles >>>> + */ >>>> private Map<String, BitSet> roleAllowPermissions = new >>>> HashMap<String, BitSet>(); >>>> - /** Explicit deny permission for specific roles */ >>>> - private Map<String, BitSet> roleDenyPermissions = new >>>> HashMap<String, BitSet>(); >>>> + /** >>>> + * Explicit deny permission for specific roles >>>> + */ >>>> + private Map<String, BitSet> roleDenyPermissions = new >>>> HashMap<String, BitSet>(); >>>> >>>> /** >>>> * Constructor >>>> + * >>>> * @param name the name of the TreeNode >>>> */ >>>> TreeNode(String name) { >>>> @@ -58,6 +73,7 @@ >>>> >>>> /** >>>> * Get the child by the given name >>>> + * >>>> * @param name name of the child node >>>> * @return the child with the given name, or null >>>> */ >>>> @@ -67,8 +83,9 @@ >>>> >>>> /** >>>> * Is the 'user' authorized for the given permission p on this >>>> node? >>>> + * >>>> * @param user the name of the user >>>> - * @param p the permission >>>> + * @param p the permission >>>> * @return Boolean.TRUE if authorized, Boolean.FALSE if not >>>> */ >>>> public Boolean isUserAuthorized(String user, Permission p) { >>>> @@ -81,14 +98,15 @@ >>>> } else if (bsAlow != null && bsAlow.get(p.ordinal())) { >>>> return Boolean.TRUE; >>>> } >>>> - >>>> + >>>> return null; >>>> } >>>> >>>> /** >>>> * Is the 'role' authorized for the given permission p on this >>>> node? >>>> + * >>>> * @param role the name of the role >>>> - * @param p the permission >>>> + * @param p the permission >>>> * @return Boolean.TRUE if authorized, Boolean.FALSE if not >>>> */ >>>> public Boolean isRoleAuthorized(String role, Permission p) { >>>> @@ -107,8 +125,9 @@ >>>> >>>> /** >>>> * Grant explicit authorization to the 'user' on this node for >>>> permission p >>>> + * >>>> * @param user the user who is granted authorization >>>> - * @param p the permission granted >>>> + * @param p the permission granted >>>> */ >>>> public void authorizeUser(String user, Permission p) { >>>> BitSet bsAllow = userAllowPermissions.get(user); >>>> @@ -128,8 +147,9 @@ >>>> >>>> /** >>>> * Grant explicit authorization to the 'role' on this node for >>>> permission p >>>> + * >>>> * @param role the role that is granted authorization >>>> - * @param p the permission granted >>>> + * @param p the permission granted >>>> */ >>>> public void authorizeRole(String role, Permission p) { >>>> BitSet bsAllow = roleAllowPermissions.get(role); >>>> @@ -149,8 +169,9 @@ >>>> >>>> /** >>>> * Deny explicit authorization to the 'user' on this node for >>>> permission p >>>> + * >>>> * @param user the user that is denied authorization >>>> - * @param p the permission denied >>>> + * @param p the permission denied >>>> */ >>>> public void denyUser(String user, Permission p) { >>>> BitSet bsDeny = userDenyPermissions.get(user); >>>> @@ -170,8 +191,9 @@ >>>> >>>> /** >>>> * Deny explicit authorization to the 'role' on this node for >>>> permission p >>>> + * >>>> * @param role the role that is denied authorization >>>> - * @param p the permission denied >>>> + * @param p the permission denied >>>> */ >>>> public void denyRole(String role, Permission p) { >>>> BitSet bsDeny = roleDenyPermissions.get(role); >>>> @@ -191,6 +213,7 @@ >>>> >>>> /** >>>> * Create the tree structure for the given paths array of nodes >>>> + * >>>> * @param paths an array of hierarchical nodes to be created, >>>> in-order >>>> * @return the reference to the lowest decendent created >>>> */ >>>> @@ -212,6 +235,7 @@ >>>> >>>> /** >>>> * The name of the node >>>> + * >>>> * @return node name >>>> */ >>>> public String getName() { >>>> @@ -220,6 +244,7 @@ >>>> >>>> /** >>>> * The children of the node as a Map keyed by the name >>>> + * >>>> * @return the children as a Map >>>> */ >>>> public Map<String, TreeNode> getChildren() { >>>> @@ -227,6 +252,7 @@ >>>> } >>>> >>>> //-------- getters -------- >>>> + >>>> public Map<String, BitSet> getUserAllowPermissions() { >>>> return userAllowPermissions; >>>> } >>>> @@ -255,7 +281,7 @@ >>>> >>>> Map<String, TreeNode> children = this.getChildren(); >>>> if (null != children) { >>>> - for (Map.Entry<String, TreeNode> entry : >>>> children.entrySet()){ >>>> + for (Map.Entry<String, TreeNode> entry : >>>> children.entrySet()) { >>>> TreeNode node = entry.getValue(); >>>> if (null != node) { >>>> node.clearNodes(); >>>> @@ -266,7 +292,7 @@ >>>> } >>>> } >>>> >>>> - public int hashCode () { >>>> + public int hashCode() { >>>> int hash = 7; >>>> hash = 31 * hash + (null == this.name ? 0 : >>>> this.name.hashCode()); >>>> hash = 31 * hash + (null == this.children ? 0 : >>>> this.children.hashCode()); >>>> @@ -276,6 +302,6 @@ >>>> hash = 31 * hash + (null == this.roleDenyPermissions ? 0 : >>>> this.roleDenyPermissions.hashCode()); >>>> hash = 31 * hash + (null == this.roleDenyPermissions ? 0 : >>>> this.roleDenyPermissions.hashCode()); >>>> return hash; >>>> - } >>>> + } >>>> >>>> } >>>> Index: >>>> src/main/java/org/wso2/carbon/user/core/authorization/PermissionTreeUtil.java >>>> =================================================================== >>>> --- >>>> src/main/java/org/wso2/carbon/user/core/authorization/PermissionTreeUtil.java >>>> (revision 87092) >>>> +++ >>>> src/main/java/org/wso2/carbon/user/core/authorization/PermissionTreeUtil.java >>>> (working copy) >>>> @@ -99,6 +99,16 @@ >>>> return TreeNode.Permission.BROWSE; >>>> } else if ("consume".equals(action)) { >>>> return TreeNode.Permission.CONSUME; >>>> + }else if ("SendMessage".equals(action)) { >>>> + return TreeNode.Permission.SQS_SEND_MESSAGE; >>>> + }else if ("ReceiveMessage".equals(action)) { >>>> + return TreeNode.Permission.SQS_RECEIVE_MESSAGE; >>>> + }else if ("DeleteMessage".equals(action)) { >>>> + return TreeNode.Permission.SQS_DELETE_MESSAGE; >>>> + }else if ("ChangeMessageVisibility".equals(action)) { >>>> + return TreeNode.Permission.SQS_CHANGE_MESSAGE_VISIBILITY; >>>> + }else if ("GetQueueAttributes".equals(action)) { >>>> + return TreeNode.Permission.SQS_GET_QUEUE_ATTRIBUTES; >>>> } >>>> >>>> throw new IllegalArgumentException("Invalid action : " + >>>> action); >>>> >>>> May I commit these changes to carbon user core module? >>>> >>>> >>>> Thank you. >>>> -- >>>> Manjula Rathnayaka >>>> Software Engineer >>>> WSO2, Inc. >>>> Mobile:+94 77 743 1987 >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> [email protected] >>>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
