taylor 2002/06/13 23:00:11
Modified: build Tag: security_14 build.xml
build/torque/schema Tag: security_14 security-schema.xml
src/java/org/apache/jetspeed/om/security Tag: security_14
Role.java
src/java/org/apache/jetspeed/services Tag: security_14
JetspeedSecurity.java
src/java/org/apache/jetspeed/services/security Tag:
security_14 RoleManagement.java
TestUserManagement.java
webapp/WEB-INF/conf Tag: security_14
JetspeedSecurity.default
JetspeedSecurity.properties
JetspeedSecurity.template
webapp/WEB-INF/db Tag: security_14 jetspeed.properties
jetspeed.script
Added: src/java/org/apache/jetspeed/om/security Tag: security_14
BaseJetspeedRole.java
src/java/org/apache/jetspeed/om/security/turbine Tag:
security_14 TurbineRole.java
src/java/org/apache/jetspeed/services/security Tag:
security_14 RoleException.java
TestRoleManagement.java
src/java/org/apache/jetspeed/services/security/turbine Tag:
security_14 TurbineRoleManagement.java
Log:
RoleManagement implementation and unit tests, 90% completed.
Remaining: 1. role->TUGR,TRP cascade deletes
2. PSML integration with add/remove Role
3. Caching algorithm, always cache logged on user TR, TUGR, and TRP
4. integrate with PortalAccessController
Submitted by: David
Reviewed by: Busby and apprentice (Bluesy)
Revision Changes Path
No revision
No revision
1.142.2.10 +3 -1 jakarta-jetspeed/build/build.xml
Index: build.xml
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/build/build.xml,v
retrieving revision 1.142.2.9
retrieving revision 1.142.2.10
diff -u -r1.142.2.9 -r1.142.2.10
--- build.xml 5 Jun 2002 01:20:07 -0000 1.142.2.9
+++ build.xml 14 Jun 2002 06:00:08 -0000 1.142.2.10
@@ -901,8 +901,10 @@
<formatter type="plain" usefile="false"/>
<!-- JUnit unit tests -->
- <test name="org.apache.jetspeed.services.security.TestUserManagement"/>
+<!-- <test
name="org.apache.jetspeed.services.security.TestUserManagement"/>
<test
name="org.apache.jetspeed.services.security.TestPortalAuthentication"/>
+-->
+ <test name="org.apache.jetspeed.services.security.TestRoleManagement"/>
</junit>
</target>
No revision
No revision
1.1.2.6 +19 -16 jakarta-jetspeed/build/torque/schema/Attic/security-schema.xml
Index: security-schema.xml
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/build/torque/schema/Attic/security-schema.xml,v
retrieving revision 1.1.2.5
retrieving revision 1.1.2.6
diff -u -r1.1.2.5 -r1.1.2.6
--- security-schema.xml 30 May 2002 07:04:09 -0000 1.1.2.5
+++ security-schema.xml 14 Jun 2002 06:00:09 -0000 1.1.2.6
@@ -38,21 +38,6 @@
</table>
- <table name="JETSPEED_ACL">
- <column name="ACL_ID" required="true" primaryKey="true" type="INTEGER"/>
- <column name="SECURITY_ID" required="true" type="INTEGER"/>
- <column name="RESOURCE" required="true" size="99" type="VARCHAR"/>
- <column name="RESOURCE_TYPE" required="true" size="32" type="VARCHAR"/>
- <column name="ACTION" required="true" size="32" type="VARCHAR"/>
- <column name="ALLOW_TYPE" required="true" size="32" type="VARCHAR"/>
- <column name="PRINCIPAL" required="true" size="32" type="VARCHAR"/>
-
- <index>
- <index-column name="SECURITY_ID"/>
- </index>
-
- </table>
-
<table name="TURBINE_ROLE" idMethod="idbroker" >
<column name="ROLE_ID" required="true" primaryKey="true" type="INTEGER"/>
<column name="ROLE_NAME" required="true" size="99" type="VARCHAR"/>
@@ -86,5 +71,23 @@
</table>
+ <table name="TURBINE_USER_GROUP_ROLE" idMethod="idbroker">
+ <column name="USER_ID" required="true" primaryKey="true" type="INTEGER"/>
+ <column name="GROUP_ID" required="true" primaryKey="true" type="INTEGER"/>
+ <column name="ROLE_ID" required="true" primaryKey="true" type="INTEGER"/>
+
+ <foreign-key foreignTable="TURBINE_USER">
+ <reference local="USER_ID" foreign="USER_ID"/>
+ </foreign-key>
+
+ <foreign-key foreignTable="TURBINE_GROUP">
+ <reference local="GROUP_ID" foreign="GROUP_ID"/>
+ </foreign-key>
+
+ <foreign-key foreignTable="TURBINE_ROLE">
+ <reference local="ROLE_ID" foreign="ROLE_ID"/>
+ </foreign-key>
+ </table>
+
</database>
No revision
No revision
1.1.2.2 +24 -4
jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/Attic/Role.java
Index: Role.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/Attic/Role.java,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- Role.java 13 Jun 2002 08:12:12 -0000 1.1.2.1
+++ Role.java 14 Jun 2002 06:00:09 -0000 1.1.2.2
@@ -63,12 +63,32 @@
public interface Role
{
/**
- * Returns the disabled status for the user
+ * Get the name of the Role
*
- * @return True when the account is disabled
+ * @return the name of the role.
*/
public String getName();
- public String setName(String roleName);
+ /**
+ * Set the name of the Role
+ *
+ * @param roleName the name of the Role.
+ */
+ public void setName(String roleName);
+
+ /**
+ * Get the id of the Role
+ *
+ * @return the id of the role.
+ */
+ public String getId();
+
+ /**
+ * Set the id of the Role
+ *
+ * @param id the new id for the role
+ */
+ public void setId(String id);
+
}
No revision
No revision
1.1.2.1 +122 -0
jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/Attic/BaseJetspeedRole.java
No revision
No revision
1.1.2.1 +38 -0
jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/turbine/Attic/TurbineRole.java
No revision
No revision
1.10.2.9 +3 -1
jakarta-jetspeed/src/java/org/apache/jetspeed/services/JetspeedSecurity.java
Index: JetspeedSecurity.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/JetspeedSecurity.java,v
retrieving revision 1.10.2.8
retrieving revision 1.10.2.9
diff -u -r1.10.2.8 -r1.10.2.9
--- JetspeedSecurity.java 11 Jun 2002 18:09:30 -0000 1.10.2.8
+++ JetspeedSecurity.java 14 Jun 2002 06:00:10 -0000 1.10.2.9
@@ -115,6 +115,8 @@
// Access Control checks are only role-based.
// If a user has the specified role for the resource, then the user can access
that resource
public static final String JETSPEED_GROUP = "Jetspeed";
+ public static final String JETSPEED_GROUP_ID = "1";
+
public static final String JETSPEED_ROLE_USER = "user";
public static final String JETSPEED_ROLE_ADMIN = "admin";
No revision
No revision
1.1.2.2 +22 -15
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/Attic/RoleManagement.java
Index: RoleManagement.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/Attic/RoleManagement.java,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- RoleManagement.java 13 Jun 2002 08:12:12 -0000 1.1.2.1
+++ RoleManagement.java 14 Jun 2002 06:00:10 -0000 1.1.2.2
@@ -81,9 +81,7 @@
*
* @param username a user principal identity to be retrieved.
* @return Iterator over all roles associated to the user principal.
- * @exception JetspeedSecurityException when the security provider has a
general failure.
- * @exception UnknownEntityException when the security provider cannot match
- * the principal identity to a user.
+ * @exception RoleException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due
to insufficient privilege
*/
Iterator getRoles(String username)
@@ -96,7 +94,7 @@
* to determine if the requestor has permission to perform this action.
*
* @return Iterator over all roles.
- * @exception JetspeedSecurityException when the security provider has a
general failure.
+ * @exception RoleException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due
to insufficient privilege
*/
Iterator getRoles()
@@ -110,7 +108,7 @@
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
- * @exception JetspeedSecurityException when the security provider has a
general failure.
+ * @exception RoleException when the security provider has a general failure.
* @exception NotUniqueEntityException when the public credentials fail to meet
* the security provider-specific unique
constraints.
* @exception InsufficientPrivilegeException when the requestor is denied due
to insufficient privilege
@@ -125,9 +123,7 @@
* to determine if the requestor has permission to perform this action.
*
* @param rolename the principal identity of the role to be retrieved.
- * @exception JetspeedSecurityException when the security provider has a
general failure.
- * @exception UnknownEntityException when the security provider cannot match
- * the principal identity to a role.
+ * @exception RoleException when the security provider has a general failure.
* @exception InsufficientPrivilegeException when the requestor is denied due
to insufficient privilege
*/
void removeRole(String rolename)
@@ -139,8 +135,7 @@
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
- * @exception JetspeedSecurityException when the security provider has a
general failure retrieving users.
- * @exception UnknownEntityException if the username or rolename cannot be
matched.
+ * @exception RoleException when the security provider has a general failure
retrieving users.
* @exception InsufficientPrivilegeException when the requestor is denied due
to insufficient privilege
*/
void grantRole(String username, String rolename)
@@ -152,8 +147,7 @@
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
- * @exception JetspeedSecurityException when the security provider has a
general failure retrieving users.
- * @exception UnknownEntityException if the username or rolename cannot be
matched.
+ * @exception RoleException when the security provider has a general failure
retrieving users.
* @exception InsufficientPrivilegeException when the requestor is denied due
to insufficient privilege
*/
void revokeRole(String username, String rolename)
@@ -165,11 +159,24 @@
* The security service may optionally check the current user context
* to determine if the requestor has permission to perform this action.
*
- * @exception JetspeedSecurityException when the security provider has a
general failure retrieving users.
- * @exception UnknownEntityException if the username or rolename cannot be
matched.
+ * @exception RoleException when the security provider has a general failure
retrieving users.
* @exception InsufficientPrivilegeException when the requestor is denied due
to insufficient privilege
*/
boolean hasRole(String username, String rolename)
+ throws JetspeedSecurityException;
+
+ /**
+ * Retrieves a single <code>Role</code> for a given rolename principal.
+ *
+ * The security service may optionally check the current user context
+ * to determine if the requestor has permission to perform this action.
+ *
+ * @param rolename a role principal identity to be retrieved.
+ * @return Role the role record retrieved.
+ * @exception RoleException when the security provider has a general failure.
+ * @exception InsufficientPrivilegeException when the requestor is denied due
to insufficient privilege
+ */
+ Role getRole(String rolename)
throws JetspeedSecurityException;
}
1.1.2.4 +6 -6
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/Attic/TestUserManagement.java
Index: TestUserManagement.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/Attic/TestUserManagement.java,v
retrieving revision 1.1.2.3
retrieving revision 1.1.2.4
diff -u -r1.1.2.3 -r1.1.2.4
--- TestUserManagement.java 5 Jun 2002 01:21:53 -0000 1.1.2.3
+++ TestUserManagement.java 14 Jun 2002 06:00:10 -0000 1.1.2.4
@@ -163,7 +163,7 @@
assertTrue(e instanceof UnknownUserException);
}
- System.out.println("Completed getUser Test OK for Turbine");
+ System.out.println("Completed getUser Test OK ");
}
@@ -203,7 +203,7 @@
fail(StringUtils.stackTrace(e));
}
- System.out.println("Completed getUsers Test OK for Turbine");
+ System.out.println("Completed getUsers Test OK ");
}
@@ -282,7 +282,7 @@
fail(StringUtils.stackTrace(e));
}
- System.out.println("Completed saveUser Test OK for Turbine");
+ System.out.println("Completed saveUser Test OK ");
}
@@ -342,7 +342,7 @@
fail(StringUtils.stackTrace(e));
}
- System.out.println("Completed saveUser Test OK for Turbine");
+ System.out.println("Completed saveUser Test OK ");
}
@@ -389,7 +389,7 @@
fail(StringUtils.stackTrace(e));
}
- System.out.println("Completed saveUser Test OK for Turbine");
+ System.out.println("Completed saveUser Test OK ");
}
No revision
No revision
1.1.2.1 +100 -0
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/Attic/RoleException.java
1.1.2.1 +428 -0
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/Attic/TestRoleManagement.java
No revision
No revision
1.1.2.1 +489 -0
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/Attic/TurbineRoleManagement.java
No revision
No revision
1.1.2.4 +7 -1
jakarta-jetspeed/webapp/WEB-INF/conf/Attic/JetspeedSecurity.default
Index: JetspeedSecurity.default
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/Attic/JetspeedSecurity.default,v
retrieving revision 1.1.2.3
retrieving revision 1.1.2.4
diff -u -r1.1.2.3 -r1.1.2.4
--- JetspeedSecurity.default 11 Jun 2002 16:36:01 -0000 1.1.2.3
+++ JetspeedSecurity.default 14 Jun 2002 06:00:11 -0000 1.1.2.4
@@ -26,3 +26,9 @@
services.UserManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineUserManagement
+#########################################
+# Role Management Service #
+#########################################
+
+services.RoleManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineRoleManagement
+
1.1.2.11 +6 -0
jakarta-jetspeed/webapp/WEB-INF/conf/Attic/JetspeedSecurity.properties
Index: JetspeedSecurity.properties
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/Attic/JetspeedSecurity.properties,v
retrieving revision 1.1.2.10
retrieving revision 1.1.2.11
diff -u -r1.1.2.10 -r1.1.2.11
--- JetspeedSecurity.properties 11 Jun 2002 18:09:30 -0000 1.1.2.10
+++ JetspeedSecurity.properties 14 Jun 2002 06:00:11 -0000 1.1.2.11
@@ -27,6 +27,12 @@
services.UserManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineUserManagement
+#########################################
+# Role Management Service #
+#########################################
+
+services.RoleManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineRoleManagement
+
# -------------------------------------------------------------------
#
# UserManagement Services
1.1.2.5 +7 -1
jakarta-jetspeed/webapp/WEB-INF/conf/Attic/JetspeedSecurity.template
Index: JetspeedSecurity.template
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/Attic/JetspeedSecurity.template,v
retrieving revision 1.1.2.4
retrieving revision 1.1.2.5
diff -u -r1.1.2.4 -r1.1.2.5
--- JetspeedSecurity.template 7 Jun 2002 10:02:07 -0000 1.1.2.4
+++ JetspeedSecurity.template 14 Jun 2002 06:00:11 -0000 1.1.2.5
@@ -27,6 +27,12 @@
services.UserManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineUserManagement
+#########################################
+# Role Management Service #
+#########################################
+
+services.RoleManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineRoleManagement
+
# -------------------------------------------------------------------
#
# UserManagement Services
No revision
No revision
1.11.2.6 +1 -1 jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.properties
Index: jetspeed.properties
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.properties,v
retrieving revision 1.11.2.5
retrieving revision 1.11.2.6
diff -u -r1.11.2.5 -r1.11.2.6
--- jetspeed.properties 11 Jun 2002 18:09:30 -0000 1.11.2.5
+++ jetspeed.properties 14 Jun 2002 06:00:11 -0000 1.11.2.6
@@ -1,4 +1,4 @@
#Hypersonic SQL database
-#Tue Jun 11 11:06:44 PDT 2002
+#Thu Jun 13 22:51:03 PDT 2002
version=1.4
modified=yes
1.13.2.6 +14 -1 jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.script
Index: jetspeed.script
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.script,v
retrieving revision 1.13.2.5
retrieving revision 1.13.2.6
diff -u -r1.13.2.5 -r1.13.2.6
--- jetspeed.script 11 Jun 2002 18:09:30 -0000 1.13.2.5
+++ jetspeed.script 14 Jun 2002 06:00:11 -0000 1.13.2.6
@@ -118,7 +118,7 @@
INSERT INTO TURBINE_USER_GROUP_ROLE VALUES(1,1,1)
INSERT INTO TURBINE_USER_GROUP_ROLE VALUES(1,1,2)
INSERT INTO ID_TABLE VALUES(1,'TURBINE_PERMISSION',100,10)
-INSERT INTO ID_TABLE VALUES(2,'TURBINE_ROLE',120,10)
+INSERT INTO ID_TABLE VALUES(2,'TURBINE_ROLE',210,10)
INSERT INTO ID_TABLE VALUES(3,'TURBINE_GROUP',100,10)
INSERT INTO ID_TABLE VALUES(4,'TURBINE_USER',330,10)
INSERT INTO ID_TABLE VALUES(5,'TURBINE_SCHEDULED_JOB',100,10)
@@ -140,3 +140,16 @@
INSERT INTO COFFEES VALUES('JoeGrade',3,7.99,1,2)
INSERT INTO COFFEES VALUES('CantThinkOfAnymoreGrade',4,7.99,1,2)
/*C1*/CONNECT USER sa PASSWORD ""
+/*C2*/CONNECT USER sa PASSWORD ""
+SET AUTOCOMMIT FALSE
+/*C3*/CONNECT USER sa PASSWORD ""
+/*C2*/DELETE FROM ID_TABLE WHERE ID_TABLE_ID=2
+INSERT INTO ID_TABLE VALUES(2,'TURBINE_ROLE',210,10)
+DELETE FROM ID_TABLE WHERE ID_TABLE_ID=2
+INSERT INTO ID_TABLE VALUES(2,'TURBINE_ROLE',220,10)
+COMMIT
+SET AUTOCOMMIT TRUE
+/*C1*/INSERT INTO TURBINE_ROLE VALUES(210,'bogus',NULL)
+DELETE FROM TURBINE_ROLE WHERE ROLE_ID=210
+INSERT INTO TURBINE_USER_GROUP_ROLE VALUES(0,1,2)
+DELETE FROM TURBINE_USER_GROUP_ROLE WHERE USER_ID=0 AND GROUP_ID=1 AND ROLE_ID=2
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
