ozeigermann 2003/11/27 01:36:00
Modified: src/share/org/apache/slide/security ACLSecurityImpl.java
Log:
Overloaded hasRole from SecurityImpl to match the new ACL-12 implementation using
properties for members of groups(=roles).
getRoles still is a TODO
Revision Changes Path
1.4 +41 -5
jakarta-slide/src/share/org/apache/slide/security/ACLSecurityImpl.java
Index: ACLSecurityImpl.java
===================================================================
RCS file:
/home/cvs/jakarta-slide/src/share/org/apache/slide/security/ACLSecurityImpl.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ACLSecurityImpl.java 21 Nov 2003 11:39:07 -0000 1.3
+++ ACLSecurityImpl.java 27 Nov 2003 09:36:00 -0000 1.4
@@ -68,6 +68,7 @@
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
+
import org.apache.slide.common.Namespace;
import org.apache.slide.common.NamespaceConfig;
import org.apache.slide.common.ServiceAccessException;
@@ -78,7 +79,6 @@
import org.apache.slide.content.NodeRevisionDescriptor;
import org.apache.slide.content.NodeRevisionNumber;
import org.apache.slide.content.RevisionDescriptorNotFoundException;
-import org.apache.slide.security.SecurityImpl;
import org.apache.slide.store.Store;
import org.apache.slide.structure.ActionNode;
import org.apache.slide.structure.ObjectNode;
@@ -239,6 +239,42 @@
return evaluateAcl(token, objectNode, actionNode, permissions);
}
+
+ public boolean hasRole(SlideToken token, String role) throws
ServiceAccessException, ObjectNotFoundException {
+
+ ObjectNode subject = getPrincipal(token);
+
+ if (role.equals(NamespaceConfig.NOBODY)) {
+ return true;
+ } else {
+ try {
+ Uri roleUri = namespace.getUri(token,
namespaceConfig.getRolesPath() + "/" + role);
+
+ NodeRevisionDescriptor nrd =
+ roleUri.getStore().retrieveRevisionDescriptor(roleUri, new
NodeRevisionNumber());
+ NodeProperty membersetProp = nrd.getProperty("group-member-set");
+ if (membersetProp != null && membersetProp.getValue() != null) {
+ XMLValue xmlVal = new XMLValue((String)
membersetProp.getValue());
+ return xmlVal.getHrefNodes().contains(subject);
+ } else {
+ return false;
+ }
+ } catch (RevisionDescriptorNotFoundException e) {
+ return false;
+ } catch (ServiceAccessException e) {
+ throw e;
+ } catch (JDOMException e) {
+ e.printStackTrace();
+ return false;
+ }
+ }
+ }
+
+ public boolean hasRole(ObjectNode object, String role) throws
ServiceAccessException, ObjectNotFoundException {
+
+ throw new UnsupportedOperationException("Please use alternate signature:
hasRole(SlideToken token, String role)");
+ }
+
/**
* Evaluates speified ACL by first-match principle
*/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
