Author: reto
Date: Thu Jun 17 22:33:10 2010
New Revision: 955771
URL: http://svn.apache.org/viewvc?rev=955771&view=rev
Log:
CLEREZZA-172: BaseRoles cannot be added or removed, they just comprise
permissions that every user has
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/UserAwarePolicy.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager.webinterface/src/main/java/org/apache/clerezza/platform/usermanager/webinterface/UserManagerWeb.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManager.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/UserAwarePolicy.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/UserAwarePolicy.java?rev=955771&r1=955770&r2=955771&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/UserAwarePolicy.java
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.security/src/main/java/org/apache/clerezza/platform/security/UserAwarePolicy.java
Thu Jun 17 22:33:10 2010
@@ -44,9 +44,11 @@ import org.apache.clerezza.rdf.core.BNod
import org.apache.clerezza.rdf.core.MGraph;
import org.apache.clerezza.rdf.core.NonLiteral;
import org.apache.clerezza.rdf.core.Triple;
+import org.apache.clerezza.rdf.core.UriRef;
import org.apache.clerezza.rdf.core.impl.PlainLiteralImpl;
import org.apache.clerezza.rdf.ontologies.PERMISSION;
import org.apache.clerezza.rdf.ontologies.PLATFORM;
+import org.apache.clerezza.rdf.ontologies.RDF;
import org.apache.clerezza.rdf.ontologies.SIOC;
/**
@@ -194,6 +196,10 @@ public class UserAwarePolicy extends Pol
.getObject();
result.addAll(getPermissionEntriesOfARole(anotherRole,
userName));
}
+ Iterator<NonLiteral> baseRoles =
getResourcesOfType(PERMISSION.BaseRole);
+ while(baseRoles.hasNext()) {
+
result.addAll(getPermissionEntriesOfARole(baseRoles.next(), userName));
+ }
return result;
}
@@ -229,4 +235,27 @@ public class UserAwarePolicy extends Pol
}
return result;
}
+
+ private Iterator<NonLiteral> getResourcesOfType(UriRef type) {
+ final Iterator<Triple> triples =
+ systemGraph.filter(null, RDF.type, type);
+ return new Iterator<NonLiteral>() {
+
+ @Override
+ public boolean hasNext() {
+ return triples.hasNext();
+ }
+
+ @Override
+ public NonLiteral next() {
+ return triples.next().getSubject();
+ }
+
+ @Override
+ public void remove() {
+ throw new UnsupportedOperationException("Not
supported yet.");
+ }
+ };
+ }
+
}
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager.webinterface/src/main/java/org/apache/clerezza/platform/usermanager/webinterface/UserManagerWeb.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager.webinterface/src/main/java/org/apache/clerezza/platform/usermanager/webinterface/UserManagerWeb.java?rev=955771&r1=955770&r2=955771&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager.webinterface/src/main/java/org/apache/clerezza/platform/usermanager/webinterface/UserManagerWeb.java
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager.webinterface/src/main/java/org/apache/clerezza/platform/usermanager/webinterface/UserManagerWeb.java
Thu Jun 17 22:33:10 2010
@@ -27,6 +27,8 @@ import java.net.URLEncoder;
import java.security.AccessControlException;
import java.security.AccessController;
import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
@@ -281,11 +283,6 @@ public class UserManagerWeb implements G
resultGraph.add(new TripleImpl(addUserPage, RDF.type,
PLATFORM.HeadedPage));
- Iterator<NonLiteral> roles = userManager.getRoles();
- while (roles.hasNext()) {
- resultGraph.add(new TripleImpl(addUserPage,
USERMANAGER.role, roles
- .next()));
- }
MGraph contentGraph = cgProvider.getContentGraph();
Iterator<Triple> formFields = contentGraph.filter(null,
RDF.type,
USERMANAGER.UserFormField);
@@ -297,8 +294,10 @@ public class UserManagerWeb implements G
}
- return new GraphNode(addUserPage, new UnionMGraph(
+ GraphNode result = new GraphNode(addUserPage, new UnionMGraph(
resultGraph, systemGraph, contentGraph));
+ addAvailableRoles(result);
+ return result;
}
@POST
@@ -585,11 +584,7 @@ public class UserManagerWeb implements G
USERMANAGER.UpdateUserPage));
resultGraph.add(new TripleImpl(updateUserPage, RDF.type,
PLATFORM.HeadedPage));
- Iterator<NonLiteral> roles = userManager.getRoles();
- while (roles.hasNext()) {
- resultGraph.add(new TripleImpl(updateUserPage,
- USERMANAGER.role,
roles.next()));
- }
+
MGraph contentGraph = cgProvider.getContentGraph();
resultGraph.add(new TripleImpl(updateUserPage,
USERMANAGER.user,
@@ -621,8 +616,10 @@ public class UserManagerWeb implements G
CUSTOMPROPERTY.actualvalues, value));
}
}
- return new GraphNode(updateUserPage,
+ GraphNode result = new GraphNode(updateUserPage,
new UnionMGraph(resultGraph,
systemGraph, contentGraph));
+ addAvailableRoles(result);
+ return result;
}
throw new
WebApplicationException(Response.status(Status.NOT_FOUND)
.entity("User " + userName + "does not exist in
our database")
@@ -636,20 +633,19 @@ public class UserManagerWeb implements G
throws UnsupportedEncodingException {
String userName = getTextParamValueOfForm(form, 0, "userName");
- String email = getTextParamValueOfForm(form, 0, "email");
String pathPrefix = getTextParamValueOfForm(form, 0,
"pathPrefix");
String[] userRole = form.getTextParameterValues("userRoles");
- List<String> userRoles = new ArrayList<String>();
- for (int i = 0; i < userRole.length; i++) {
- userRoles.add(userRole[i]);
+ List<String> userRoleList = Arrays.asList(userRole);
+ String email = getTextParamValueOfForm(form, 0, "email");
+ if (email != null) {
+ email = email.replaceAll("mailto:";, "");
}
- email = email.replaceAll("mailto:";, "");
- NonLiteral user = userManager.getUserByName(userName);
+ NonLiteral user = (NonLiteral)
userManager.getUserInSystemGraph(userName).getNode();
if (user != null) {
- userManager.updateUser(userName, email, null, userRoles,
+ userManager.updateUser(userName, email, null,
userRoleList,
pathPrefix);
MGraph contentGraph = cgProvider.getContentGraph();
- saveCustomUserInformation(contentGraph, userName,
userRoles, form);
+ saveCustomUserInformation(contentGraph, userName,
userRoleList, form);
return
RedirectUtil.createSeeOtherResponse("list-users", uriInfo);
}
return Response.status(Status.NOT_FOUND).entity(
@@ -673,16 +669,12 @@ public class UserManagerWeb implements G
USERMANAGER.RoleOverviewPage));
resultGraph.add(new TripleImpl(roleOverviewPage, RDF.type,
PLATFORM.HeadedPage));
-
- Iterator<NonLiteral> roles = userManager.getRoles();
-
- while (roles.hasNext()) {
- resultGraph.add(new TripleImpl(roleOverviewPage,
USERMANAGER.role,
- roles.next()));
- }
- return new GraphNode(roleOverviewPage,
+ GraphNode result = new GraphNode(roleOverviewPage,
new UnionMGraph(resultGraph, systemGraph));
+ addAvailableRoles(result);
+ return result;
+
}
/**
@@ -945,4 +937,11 @@ public class UserManagerWeb implements G
"Main-Modules"));
return items;
}
+
+ private void addAvailableRoles(GraphNode result) {
+ Iterator<NonLiteral> roles = userManager.getRoles();
+ while (roles.hasNext()) {
+ result.addProperty(USERMANAGER.role, roles.next());
+ }
+ }
}
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManager.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManager.java?rev=955771&r1=955770&r2=955771&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManager.java
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManager.java
Thu Jun 17 22:33:10 2010
@@ -18,6 +18,7 @@
*/
package org.apache.clerezza.platform.usermanager;
+import java.util.Collection;
import java.util.Iterator;
import java.util.List;
@@ -62,7 +63,7 @@ public interface UserManager {
/**
*
- * @return Iterator defining all roles
+ * @return Iterator defining all roles, except base roles
*/
public Iterator<NonLiteral> getRoles();
@@ -130,15 +131,16 @@ public interface UserManager {
List<String> assignedRoles, String pathPrefix);
/**
- *
+ * Updates the user with the specified userName
+ *
* @param name, may not be null
- * @param email
+ * @param email the email address (note that this is not the mailto-uri)
* @param password
* @param assignedRoles
* @param pathPrefix
*/
public void updateUser(String name, String email, String password,
- List<String> assignedRoles, String pathPrefix);
+ Collection<String> assignedRoles, String pathPrefix);
/**
* Checks if the username exists
Modified:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java
URL:
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java?rev=955771&r1=955770&r2=955771&view=diff
==============================================================================
---
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java
(original)
+++
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java
Thu Jun 17 22:33:10 2010
@@ -24,8 +24,11 @@ import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Policy;
import java.security.PrivilegedAction;
+import java.util.Collection;
+import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
+import java.util.Set;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.Service;
@@ -103,11 +106,18 @@ public class UserManagerImpl implements
@Override
public Iterator<NonLiteral> getRoles() {
- final Iterator<NonLiteral> rolesIter =
getResourcesOfType(PERMISSION.Role);
- if (!rolesIter.hasNext()) {
- return rolesIter;
+ final Iterator<NonLiteral> allRolesIter =
getResourcesOfType(PERMISSION.Role);
+ final Set<NonLiteral> allRolesSet = new HashSet<NonLiteral>();
+ while (allRolesIter.hasNext()) {
+ allRolesSet.add(allRolesIter.next());
+ }
+ final Set<NonLiteral> nonBaseRolesSet = new
HashSet<NonLiteral>();
+ for (NonLiteral role : allRolesSet) {
+ if (!systemGraph.filter(role, RDF.type,
PERMISSION.BaseRole).hasNext()) {
+ nonBaseRolesSet.add(role);
+ }
}
- return rolesIter;
+ return nonBaseRolesSet.iterator();
}
@Override
@@ -365,12 +375,11 @@ public class UserManagerImpl implements
@Override
public void updateUser(String name, String email, String password,
- List<String> assignedRoles, String pathPrefix) {
+ Collection<String> assignedRoles, String pathPrefix) {
if (name == null) {
- return;
+ throw new IllegalArgumentException("userName may not be
null");
}
-
NonLiteral user = getUserByUserName(name);
if (user == null) {
throw new UserNotExistsException(name);
@@ -402,7 +411,7 @@ public class UserManagerImpl implements
}
}
- private void addRolesToUser(List<String> assignedRoles, BNode user)
throws RoleUnavailableException {
+ private void addRolesToUser(Collection<String> assignedRoles, BNode
user) throws RoleUnavailableException {
for (String roleTitle : assignedRoles) {
// skip empty strings
if ((roleTitle == null) || (roleTitle.trim().length()
== 0)) {
@@ -414,11 +423,6 @@ public class UserManagerImpl implements
}
systemGraph.add(new TripleImpl(user, SIOC.has_function,
role));
}
- Iterator<NonLiteral> baseRoles =
getResourcesOfType(PERMISSION.BaseRole);
- while (baseRoles.hasNext()) {
- NonLiteral baseRole = baseRoles.next();
- systemGraph.add(new TripleImpl(user, SIOC.has_function,
baseRole));
- }
}
private void updateProperty(GraphNode node, UriRef predicate, Resource
object) {
