Author: dimuthul
Date: Sat Jan 19 03:05:58 2008
New Revision: 12511
Log:
Always should check whether Admin behavior is enabled.
Modified:
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLAdminChecker.java
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLUserStoreAdmin.java
Modified:
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLAdminChecker.java
==============================================================================
---
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLAdminChecker.java
(original)
+++
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLAdminChecker.java
Sat Jan 19 03:05:58 2008
@@ -10,14 +10,14 @@
private static List adminUsers = new ArrayList();
- public static void loadAdminUsers(String adminRole, Realm realm) throws
UserManagerException{
+ static void loadAdminUsers(String adminRole, Realm realm) throws
UserManagerException{
String[] users = realm.getUserStoreReader().getUsersInRole(adminRole);
for(int i=0;i<users.length;i++){
adminUsers.add(users[i]);
}
}
- public static boolean isAdminUser(String username){
+ static boolean isAdminUser(String username){
return adminUsers.contains(username);
}
}
Modified:
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLUserStoreAdmin.java
==============================================================================
---
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLUserStoreAdmin.java
(original)
+++
trunk/commons/usermanager/modules/core/src/main/java/org/wso2/usermanager/acl/realm/ACLUserStoreAdmin.java
Sat Jan 19 03:05:58 2008
@@ -17,8 +17,8 @@
private UserStoreAdmin usAdmin = null;
-
- public ACLUserStoreAdmin(Authorizer athzr, UserStoreAdmin admin,
AuthorizingRealmConfig authConfig) {
+ public ACLUserStoreAdmin(Authorizer athzr, UserStoreAdmin admin,
+ AuthorizingRealmConfig authConfig) {
super(athzr, admin, authConfig);
this.authorizer = athzr;
this.usAdmin = admin;
@@ -29,9 +29,10 @@
*/
public void addUser(String userName, Object credential)
throws UserManagerException {
- if(config.isEnableAdminBehavior() && isAdmin){
- //authorized
- } else if
(!authorizer.isUserAuthorized(config.getAuthenticatedUserName(),
+ if (config.isEnableAdminBehavior() && isAdmin) {
+ // authorized
+ } else if (!authorizer.isUserAuthorized(config
+ .getAuthenticatedUserName(),
UserManagerConstants.USER_RESOURCE, UserManagerConstants.ADD))
{
throw new UnauthorizedException("unAuthorized", new String[] {
@@ -46,10 +47,11 @@
*/
public void updateUser(String userName, Object newCredential,
Object oldCredential) throws UserManagerException {
-
- if(config.isEnableAdminBehavior() && isAdmin){
- //authorized
- } else if
(!authorizer.isUserAuthorized(config.getAuthenticatedUserName(),
+
+ if (config.isEnableAdminBehavior() && isAdmin) {
+ // authorized
+ } else if (!authorizer.isUserAuthorized(config
+ .getAuthenticatedUserName(),
UserManagerConstants.USER_RESOURCE,
UserManagerConstants.EDIT)) {
throw new UnauthorizedException("unAuthorized", new String[] {
@@ -61,9 +63,10 @@
public void updateUser(String userName, Object newCredential)
throws UserManagerException {
- if(config.isEnableAdminBehavior() && isAdmin){
- //authorized
- } else if
(!authorizer.isUserAuthorized(config.getAuthenticatedUserName(),
+ if (config.isEnableAdminBehavior() && isAdmin) {
+ // authorized
+ } else if (!authorizer.isUserAuthorized(config
+ .getAuthenticatedUserName(),
UserManagerConstants.USER_RESOURCE,
UserManagerConstants.EDIT)) {
throw new UnauthorizedException("unAuthorized", new String[] {
@@ -77,16 +80,16 @@
* Delete user from user store
*/
public void deleteUser(String userName) throws UserManagerException {
- if(config.getAuthenticatedUserName().equals(userName)){
+ if (config.getAuthenticatedUserName().equals(userName)) {
return;
- }else if(ACLAdminChecker.isAdminUser(userName)){
+ } else if (ACLAdminChecker.isAdminUser(userName)) {
/*
- TODO : Is there a requirement to delete the user
- if the caller is a Admin
- */
+ * TODO : Is there a requirement to delete the user if the caller
is
+ * a Admin
+ */
return;
- }else if(config.isEnableAdminBehavior() && isAdmin){
- //authorized
+ } else if (config.isEnableAdminBehavior() && isAdmin) {
+ // authorized
} else if (!authorizer
.isUserAuthorized(config.getAuthenticatedUserName(),
UserManagerConstants.USER_RESOURCE,
@@ -103,12 +106,13 @@
*/
public void setUserProperties(String userName, Map properties)
throws UserManagerException {
- if(config.isEnableAdminBehavior() && isAdmin){
- //authorized
- } else if(config.getAuthenticatedUserName().equals(userName) &&
- config.isCurrentUserEditable()){
- //do nothing - authorized
- }else if
(!authorizer.isUserAuthorized(config.getAuthenticatedUserName(),
+ if (config.isEnableAdminBehavior() && isAdmin) {
+ // authorized
+ } else if (config.getAuthenticatedUserName().equals(userName)
+ && config.isCurrentUserEditable()) {
+ // do nothing - authorized
+ } else if (!authorizer.isUserAuthorized(config
+ .getAuthenticatedUserName(),
UserManagerConstants.USER_RESOURCE,
UserManagerConstants.EDIT)) {
throw new UnauthorizedException("unAuthorized", new String[] {
@@ -122,9 +126,10 @@
* Add role to user store
*/
public void addRole(String roleName) throws UserManagerException {
- if(config.isEnableAdminBehavior() && isAdmin){
- //authorized
- } else if
(!authorizer.isUserAuthorized(config.getAuthenticatedUserName(),
+ if (config.isEnableAdminBehavior() && isAdmin) {
+ // authorized
+ } else if (!authorizer.isUserAuthorized(config
+ .getAuthenticatedUserName(),
UserManagerConstants.ROLE_RESOURCE, UserManagerConstants.ADD))
{
throw new UnauthorizedException("unAuthorized", new String[] {
@@ -138,10 +143,11 @@
* Delete role from user store
*/
public void deleteRole(String roleName) throws UserManagerException {
- if(config.getAdminRoleName().equals(roleName)){
+ if (config.isEnableAdminBehavior()
+ && config.getAdminRoleName().equals(roleName)) {
return;
- }else if(config.isEnableAdminBehavior() && isAdmin){
- //authorized
+ } else if (config.isEnableAdminBehavior() && isAdmin) {
+ // authorized
} else if (!authorizer
.isUserAuthorized(config.getAuthenticatedUserName(),
UserManagerConstants.ROLE_RESOURCE,
@@ -159,11 +165,13 @@
*/
public void setRoleProperties(String roleName, Map properties)
throws UserManagerException {
- if(config.getAdminRoleName().equals(roleName)){
+ if (config.isEnableAdminBehavior()
+ && config.getAdminRoleName().equals(roleName)) {
return;
- }else if(config.isEnableAdminBehavior() && isAdmin){
- //authorized
- } else if
(!authorizer.isUserAuthorized(config.getAuthenticatedUserName(),
+ } else if (config.isEnableAdminBehavior() && isAdmin) {
+ // authorized
+ } else if (!authorizer.isUserAuthorized(config
+ .getAuthenticatedUserName(),
UserManagerConstants.ROLE_RESOURCE,
UserManagerConstants.EDIT)) {
throw new UnauthorizedException("unAuthorized", new String[] {
@@ -178,15 +186,17 @@
*/
public void addUserToRole(String userName, String roleName)
throws UserManagerException {
- if(config.getAdminRoleName().equals(roleName)){
+ if (config.isEnableAdminBehavior()
+ && config.getAdminRoleName().equals(roleName)) {
/*
- TODO : is there a requirement to perform this action
- if the caller is a Admin
- */
- return;
- }else if(config.isEnableAdminBehavior() && isAdmin){
- //authorized
- } else if
(!authorizer.isUserAuthorized(config.getAuthenticatedUserName(),
+ * TODO : is there a requirement to perform this action if the
+ * caller is a Admin
+ */
+ return;
+ } else if (config.isEnableAdminBehavior() && isAdmin) {
+ // authorized
+ } else if (!authorizer.isUserAuthorized(config
+ .getAuthenticatedUserName(),
UserManagerConstants.ROLE_RESOURCE, UserManagerConstants.ADD))
{
throw new UnauthorizedException("unAuthorized", new String[] {
@@ -201,14 +211,15 @@
*/
public void removeUserFromRole(String userName, String roleName)
throws UserManagerException {
- if(config.getAdminRoleName().equals(roleName)){
+ if (config.isEnableAdminBehavior()
+ && config.getAdminRoleName().equals(roleName)) {
/*
- TODO : is there a requirement to perform this action
- if the caller is a Admin
+ * TODO : is there a requirement to perform this action if the
+ * caller is a Admin
*/
return;
- }else if(config.isEnableAdminBehavior() && isAdmin){
- //authorized
+ } else if (config.isEnableAdminBehavior() && isAdmin) {
+ // authorized
} else if (!authorizer
.isUserAuthorized(config.getAuthenticatedUserName(),
UserManagerConstants.ROLE_RESOURCE,
_______________________________________________
Commons-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/commons-dev
