[Carbon-commits] [Carbon] svn commit r44753 - in trunk/carbon: distribution/carbon-home/conf org.wso2.carbon.registry.core/src/main/java/org/wso2/carbon/registry/core/jdbc/realm org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/authorization org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/jdbc org.wso2.carbon.user.core/src/test/java/org/wso2/carbon/user/core/jdbc
dimuthul at wso2.com
dimuthul at wso2.com
Wed Sep 2 02:12:39 PDT 2009
Author: dimuthul
Date: Wed Sep 2 02:12:39 2009
New Revision: 44753
URL: http://wso2.org/svn/browse/wso2?view=rev&revision=44753
Log:
Adding a few changes required by registry. And the external JDBC userstore.
Modified:
trunk/carbon/distribution/carbon-home/conf/user-mgt.xml
trunk/carbon/org.wso2.carbon.registry.core/src/main/java/org/wso2/carbon/registry/core/jdbc/realm/RegistryAccessControlAdmin.java
trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/AuthorizationManager.java
trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/UserCoreConstants.java
trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/authorization/JDBCAuthorizationManager.java
trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/authorization/PermissionTree.java
trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/jdbc/JDBCUserStoreManager.java
trunk/carbon/org.wso2.carbon.user.core/src/test/java/org/wso2/carbon/user/core/jdbc/JDBCRealmTest.java
trunk/carbon/org.wso2.carbon.user.core/src/test/java/org/wso2/carbon/user/core/jdbc/ReadOnlyJDBCRealmTest.java
Modified: trunk/carbon/distribution/carbon-home/conf/user-mgt.xml
URL: http://wso2.org/svn/browse/wso2/trunk/carbon/distribution/carbon-home/conf/user-mgt.xml?rev=44753&r1=44752&r2=44753&view=diff
==============================================================================
--- trunk/carbon/distribution/carbon-home/conf/user-mgt.xml (original)
+++ trunk/carbon/distribution/carbon-home/conf/user-mgt.xml Wed Sep 2 02:12:39 2009
@@ -34,10 +34,10 @@
<Property name="GetUserPropertiesForProfileSQL">SELECT UM_ATTR_NAME, UM_ATTR_VALUE FROM UM_USER_ATTRIBUTE, UM_USER WHERE UM_USER.UM_ID = UM_USER_ATTRIBUTE.UM_USER_ID AND UM_USER.UM_USER_NAME=? AND UM_PROFILE_ID=? AND UM_USER_ATTRIBUTE.UM_TENANT_ID=? AND UM_USER.UM_TENANT_ID=?</Property>
<Property name="GetProfileNamesSQL">SELECT DISTINCT UM_PROFILE_ID FROM UM_USER_ATTRIBUTE WHERE UM_TENANT_ID=?</Property>
<Property name="GetUserProfileNamesSQL">SELECT DISTINCT UM_PROFILE_ID FROM UM_USER_ATTRIBUTE WHERE UM_USER_ID=(SELECT UM_USER_ID FROM UM_USER WHERE UM_USER_NAME=? AND UM_TENANT_ID=?) AND UM_TENANT_ID=?</Property>
+ <Property name="PasswordDigest">MD5</Property>
+ <!-- writing sqls follow-->
<Property name="AddUserSQL">INSERT INTO UM_USER (UM_USER_NAME, UM_USER_PASSWORD, UM_TENANT_ID) VALUES (?, ?, ?)</Property>
- <!-- Property name="AddUserPermission">INSERT INTO UM_USER_PERMISSION (UM_PERMISSION_ID, UM_USER_ID, UM_IS_ALLOWED, UM_TENANT_ID) VALUES (?, (SELECT UM_ID FROM UM_USER WHERE UM_USER_NAME=? AND UM_TENANT_ID=?, ?, ?)</Property-->
<Property name="AddRoleSQL">INSERT INTO UM_ROLE (UM_ROLE_NAME, UM_TENANT_ID) VALUES (?, ?)</Property>
- <!-- Property name="AddRolePermissionSQL">INSERT INTO UM_ROLE_PERMISSION (UM_PERMISSION_ID, UM_ROLE_ID, UM_IS_ALLOWED, UM_TENANT_ID) VALUES (?, (SELECT UM_ID FROM UM_ROLE WHERE UM_ROLE_NAME=? AND UM_TENANT_ID=?), ?, ?)</Property -->
<Property name="AddUserToRoleSQL">INSERT INTO UM_USER_ROLE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID) VALUES ((SELECT UM_ID FROM UM_USER WHERE UM_USER_NAME=? AND UM_TENANT_ID=?),(SELECT UM_ID FROM UM_ROLE WHERE UM_ROLE_NAME=? AND UM_TENANT_ID=?), ?)</Property>
<Property name="RemoveUserFromRoleSQL">DELETE FROM UM_USER_ROLE WHERE UM_USER_ID=(SELECT UM_ID FROM UM_USER WHERE UM_USER_NAME=? AND UM_TENANT_ID=?) AND UM_ROLE_ID=(SELECT UM_ID FROM UM_ROLE WHERE UM_ROLE_NAME=? AND UM_TENANT_ID=?) AND UM_TENANT_ID=?</Property>
<Property name="AddRoleToUserSQL">INSERT INTO UM_USER_ROLE (UM_ROLE_ID, UM_USER_ID, UM_TENANT_ID) VALUES ((SELECT UM_ID FROM UM_ROLE WHERE UM_ROLE_NAME=? AND UM_TENANT_ID=?),(SELECT UM_ID FROM UM_USER WHERE UM_USER_NAME=? AND UM_TENANT_ID=?), ?)</Property>
@@ -53,7 +53,6 @@
<Property name="AddUserPropertySQL">INSERT INTO UM_USER_ATTRIBUTE (UM_USER_ID, UM_ATTR_NAME, UM_ATTR_VALUE, UM_PROFILE_ID, UM_TENANT_ID) VALUES ((SELECT UM_ID FROM UM_USER WHERE UM_USER_NAME=? AND UM_TENANT_ID=?), ?, ?, ?, ?)</Property>
<Property name="UpdateUserPropertySQL">UPDATE UM_USER_ATTRIBUTE SET UM_ATTR_VALUE=? WHERE UM_USER_ID=(SELECT UM_ID FROM UM_USER WHERE UM_USER_NAME=? AND UM_TENANT_ID=?) AND UM_ATTR_NAME=? AND UM_PROFILE_ID=? AND UM_TENANT_ID=?</Property>
<Property name="DeleteUserPropertySQL">DELETE FROM UM_USER_ATTRIBUTE WHERE UM_USER_ID=(SELECT UM_ID FROM UM_USER WHERE UM_USER_NAME=? AND UM_TENANT_ID=?) AND UM_ATTR_NAME=? AND UM_PROFILE_ID=? AND UM_TENANT_ID=?</Property>
- <Property name="PasswordDigest">MD5</Property>
</UserStoreManager>
<!-- <UserStoreManager
class="org.wso2.carbon.user.core.actdir.ActDirUserStoreManager">
Modified: trunk/carbon/org.wso2.carbon.registry.core/src/main/java/org/wso2/carbon/registry/core/jdbc/realm/RegistryAccessControlAdmin.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon/org.wso2.carbon.registry.core/src/main/java/org/wso2/carbon/registry/core/jdbc/realm/RegistryAccessControlAdmin.java?rev=44753&r1=44752&r2=44753&view=diff
==============================================================================
--- trunk/carbon/org.wso2.carbon.registry.core/src/main/java/org/wso2/carbon/registry/core/jdbc/realm/RegistryAccessControlAdmin.java (original)
+++ trunk/carbon/org.wso2.carbon.registry.core/src/main/java/org/wso2/carbon/registry/core/jdbc/realm/RegistryAccessControlAdmin.java Wed Sep 2 02:12:39 2009
@@ -87,11 +87,6 @@
return getAuthorizationManager().isRoleAuthorized(roleName, resourceId, action);
}
- public String[] getAllowedUsersForResource(String resourceId, String action)
- throws UserStoreException {
- return getAuthorizationManager().getAllowedUsersForResource(resourceId, action);
- }
-
public String[] getAllowedRolesForResource(String resourceId, String action)
throws UserStoreException {
return getAuthorizationManager().getAllowedRolesForResource(resourceId, action);
@@ -106,6 +101,21 @@
throws UserStoreException {
getAuthorizationManager().denyRole(userName, resourceId, action);
}
+
+ public String[] getDeniedRolesForResource(String resourceId, String action)
+ throws UserStoreException {
+ return getAuthorizationManager().getDeniedRolesForResource(resourceId, action);
+ }
+
+ public String[] getDirectlyAllowedUsersForResource(String resourceId, String action)
+ throws UserStoreException {
+ return getAuthorizationManager().getDirectlyAllowedUsersForResource(resourceId, action);
+ }
+
+ public String[] getDirectlyDeniedUsersForResource(String resourceId, String action)
+ throws UserStoreException {
+ return getAuthorizationManager().getDirectlyDeniedUsersForResource(resourceId, action);
+ }
private AuthorizationManager getAuthorizationManager() throws UserStoreException {
return coreRealm.getAuthorizationManager();
Modified: trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/AuthorizationManager.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/AuthorizationManager.java?rev=44753&r1=44752&r2=44753&view=diff
==============================================================================
--- trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/AuthorizationManager.java (original)
+++ trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/AuthorizationManager.java Wed Sep 2 02:12:39 2009
@@ -48,7 +48,7 @@
* the resource
* @throws UserStoreException
*/
- public String[] getAllowedUsersForResource(String resourceId, String action)
+ public String[] getDirectlyAllowedUsersForResource(String resourceId, String action)
throws UserStoreException;
/**
@@ -67,6 +67,12 @@
public String[] getAllowedRolesForResource(String resourceId, String action)
throws UserStoreException;
+ public String[] getDeniedRolesForResource(String resourceId, String action)
+ throws UserStoreException;
+
+ public String[] getDirectlyDeniedUsersForResource(String resourceId, String action)
+ throws UserStoreException;
+
/**
* Grants authorizations to a user to perform an action on a resource.
*
Modified: trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/UserCoreConstants.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/UserCoreConstants.java?rev=44753&r1=44752&r2=44753&view=diff
==============================================================================
--- trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/UserCoreConstants.java (original)
+++ trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/UserCoreConstants.java Wed Sep 2 02:12:39 2009
@@ -22,6 +22,8 @@
public static short DENY = 0;
public static short ALLOW = 1;
+
+ public static String UM_TENANT_COLUMN = "UM_TENANT_ID";
public static final String SYSTEM_RESOURCE = "System";
Modified: trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/authorization/JDBCAuthorizationManager.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/authorization/JDBCAuthorizationManager.java?rev=44753&r1=44752&r2=44753&view=diff
==============================================================================
--- trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/authorization/JDBCAuthorizationManager.java (original)
+++ trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/authorization/JDBCAuthorizationManager.java Wed Sep 2 02:12:39 2009
@@ -31,7 +31,6 @@
private PermissionTree permissionTree = null;
private CacheManager cacheManager = null;
private String systemUserName = null;
- private RealmConfiguration realmConfig = null;
private UserRealm userRealm = null;
private int tenantId;
/**
@@ -39,7 +38,7 @@
*/
private static Log log = LogFactory.getLog(JDBCAuthorizationManager.class);
- public JDBCAuthorizationManager(RealmConfiguration realmConfig, Map properties,
+ public JDBCAuthorizationManager(RealmConfiguration realmConfig, Map<String, Object> properties,
ClaimManager claimManager, ProfileConfigurationManager profileManager, UserRealm realm,
Integer tenantId) throws UserStoreException {
cacheManager = new CacheManager();
@@ -54,7 +53,7 @@
}
this.systemUserName = realmConfig.getSystemUserName();
this.permissionTree = new PermissionTree();
- this.realmConfig = realmConfig;
+ //this.realmConfig = realmConfig;
this.userRealm = realm;
this.tenantId = tenantId;
if (log.isDebugEnabled()) {
@@ -96,6 +95,7 @@
if (sr.getLastNodeAllowedAccess() == Boolean.TRUE) {
return true;
}
+
String[] userRoles = userRealm.getUserStoreManager().getRoleListOfUser(userName);
boolean userAllowed = false;
List<String> allowedRoles = Arrays.asList(getAllowedRolesForResource(resourceId, action));
@@ -106,7 +106,6 @@
break;
}
}
-
return userAllowed;
}
@@ -119,7 +118,7 @@
return sr.getAllowedEntities().toArray(new String[sr.getAllowedEntities().size()]);
}
- public String[] getAllowedUsersForResource(String resourceId, String action)
+ public String[] getDirectlyAllowedUsersForResource(String resourceId, String action)
throws UserStoreException {
TreeNode.Permission p = PermissionTreeUtil.actionToPermission(action);
SearchResult sr = permissionTree.getAllowedUsersForResource(null, null, p,
@@ -128,6 +127,22 @@
return sr.getAllowedEntities().toArray(new String[sr.getAllowedEntities().size()]);
}
+ public String[] getDeniedRolesForResource(String resourceId, String action)
+ throws UserStoreException {
+ TreeNode.Permission p = PermissionTreeUtil.actionToPermission(action);
+ SearchResult sr = permissionTree.getDeniedRolesForResource(null, null, p,
+ PermissionTreeUtil.toComponenets(resourceId));
+ return sr.getDeniedEntities().toArray(new String[sr.getAllowedEntities().size()]);
+ }
+
+ public String[] getDirectlyDeniedUsersForResource(String resourceId, String action)
+ throws UserStoreException {
+ TreeNode.Permission p = PermissionTreeUtil.actionToPermission(action);
+ SearchResult sr = permissionTree.getDeniedUsersForResource(null, null, p,
+ PermissionTreeUtil.toComponenets(resourceId));
+ return sr.getDeniedEntities().toArray(new String[sr.getAllowedEntities().size()]);
+ }
+
public void authorizeRole(String roleName, String resourceId, String action)
throws UserStoreException {
addAuthorizationForRole(roleName, resourceId, action, UserCoreConstants.ALLOW);
Modified: trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/authorization/PermissionTree.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/authorization/PermissionTree.java?rev=44753&r1=44752&r2=44753&view=diff
==============================================================================
--- trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/authorization/PermissionTree.java (original)
+++ trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/authorization/PermissionTree.java Wed Sep 2 02:12:39 2009
@@ -314,6 +314,134 @@
}
/**
+ * Find the denied Roles for a given resource by traversing the whole
+ * pemission tree.
+ *
+ * @param sr
+ * - search result to contain denied roles
+ * @param node
+ * - current node
+ * @param p
+ * - permission
+ * @param pathParts
+ * - list of path segments to traverse
+ * @return - search result with denied roles
+ */
+ SearchResult getDeniedRolesForResource(SearchResult sr, TreeNode node, TreeNode.Permission p,
+ List<String> pathParts) {
+ if (sr == null) {
+ sr = new SearchResult();
+ }
+
+ if (node == null) {
+ node = root;
+ }
+
+ /**
+ * Add denied roles of the current node to our list in the sr
+ */
+ Map<String, BitSet> denyRoles = node.getRoleDenyPermissions();
+ for (String role : denyRoles.keySet()) {
+ BitSet bs = denyRoles.get(role);
+ if (bs.get(p.ordinal())) {
+ sr.getDeniedEntities().add(role);
+ }
+ }
+
+ /**
+ * Remove allowed roles of the current node from our list in the sr
+ */
+ Map<String, BitSet> allowRoles = node.getRoleAllowPermissions();
+ for (String role : allowRoles.keySet()) {
+ BitSet bs = allowRoles.get(role);
+ if (bs.get(p.ordinal()) && sr.getDeniedEntities().contains(role)) {
+ sr.getDeniedEntities().remove(role);
+ }
+ }
+
+ if (pathParts == null || pathParts.isEmpty()) {
+ sr.setLastNode(node);
+ sr.setUnprocessedPaths(null);
+ return sr;
+ } else {
+ String key = pathParts.get(0);
+ if (key != null && key.length() > 0) {
+ TreeNode child = node.getChild(key);
+ if (child != null) {
+ pathParts.remove(0);
+ return getDeniedRolesForResource(sr, child, p, pathParts);
+ }
+ }
+ sr.setLastNode(node);
+ return sr;
+ }
+ }
+
+ /**
+ * Find the denied users for a given resource by traversing the whole
+ * pemission tree.
+ *
+ * @param sr
+ * - search result to contain denied users
+ * @param node
+ * - current node
+ * @param p
+ * - permission
+ * @param pathParts
+ * - list of path segments to traverse
+ * @return - search result with denied users
+ */
+ SearchResult getDeniedUsersForResource(SearchResult sr, TreeNode node, TreeNode.Permission p,
+ List<String> pathParts) {
+ if (sr == null) {
+ sr = new SearchResult();
+ }
+
+ if (node == null) {
+ node = root;
+ }
+
+ /**
+ * Add denied users of the current node to our list in the sr
+ */
+ Map<String, BitSet> denyUsers = node.getUserDenyPermissions();
+ for (String role : denyUsers.keySet()) {
+ BitSet bs = denyUsers.get(role);
+ if (bs.get(p.ordinal())) {
+ sr.getDeniedEntities().add(role);
+ }
+ }
+
+ /**
+ * Remove allowed users of the current node from our list in the sr
+ */
+ Map<String, BitSet> allowUsers = node.getUserAllowPermissions();
+ for (String role : allowUsers.keySet()) {
+ BitSet bs = allowUsers.get(role);
+ if (bs.get(p.ordinal()) && sr.getDeniedEntities().contains(role)) {
+ sr.getDeniedEntities().remove(role);
+ }
+ }
+
+ if (pathParts == null || pathParts.isEmpty()) {
+ sr.setLastNode(node);
+ sr.setUnprocessedPaths(null);
+ return sr;
+ } else {
+ String key = pathParts.get(0);
+ if (key != null && key.length() > 0) {
+ TreeNode child = node.getChild(key);
+ if (child != null) {
+ pathParts.remove(0);
+ return getDeniedUsersForResource(sr, child, p, pathParts);
+ }
+ }
+ sr.setLastNode(node);
+ return sr;
+ }
+ }
+
+ /**
* Find a node on the tree, starting from the given nodes, and using the
* list of path segments
*
@@ -398,5 +526,4 @@
sr.getLastNode().getRoleDenyPermissions().clear();
}
}
-
}
Modified: trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/jdbc/JDBCUserStoreManager.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/jdbc/JDBCUserStoreManager.java?rev=44753&r1=44752&r2=44753&view=diff
==============================================================================
--- trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/jdbc/JDBCUserStoreManager.java (original)
+++ trunk/carbon/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/jdbc/JDBCUserStoreManager.java Wed Sep 2 02:12:39 2009
@@ -38,10 +38,9 @@
int tenantId;
private static Log log = LogFactory.getLog(JDBCUserStoreManager.class);
- public JDBCUserStoreManager(RealmConfiguration realmConfig, Map properties,
- ClaimManager claimManager, ProfileConfigurationManager profileManager,
- UserRealm realm, Integer tenantId)
- throws UserStoreException {
+ public JDBCUserStoreManager(RealmConfiguration realmConfig, Map<String, Object> properties,
+ ClaimManager claimManager, ProfileConfigurationManager profileManager, UserRealm realm,
+ Integer tenantId) throws UserStoreException {
this.realmConfig = realmConfig;
this.claimManager = claimManager;
this.profileManager = profileManager;
@@ -74,7 +73,13 @@
if (sqlStmt == null) {
throw new UserStoreException("The sql statement for is user existing null");
}
- return isValueExisting(sqlStmt, userName, tenantId);
+ boolean isExisting = false;
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ isExisting = isValueExisting(sqlStmt, userName, tenantId);
+ } else {
+ isExisting = isValueExisting(sqlStmt, userName);
+ }
+ return isExisting;
}
public String[] listUsers(String filter, int maxItemLimit) throws UserStoreException {
@@ -103,7 +108,10 @@
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setString(1, filter);
- prepStmt.setInt(2, tenantId);
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ prepStmt.setInt(2, tenantId);
+ }
+
rs = prepStmt.executeQuery();
List<String> lst = new LinkedList<String>();
@@ -152,7 +160,12 @@
if (sqlStmt == null) {
throw new UserStoreException("The sql statement for retrieving user roles is null");
}
- String[] names = getStringValuesFromDatabase(sqlStmt, userName, tenantId, tenantId, tenantId);
+ String[] names = new String[0];
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ names = getStringValuesFromDatabase(sqlStmt, userName, tenantId, tenantId, tenantId);
+ } else {
+ names = getStringValuesFromDatabase(sqlStmt, userName);
+ }
if (isReadOnly() == true) {
String[] hybrids = hybridRoleManager.getHybridRoleListOfUser(userName);
@@ -162,15 +175,20 @@
}
public String[] getUserListOfRole(String roleName) throws UserStoreException {
- String[] names = new String[0];
+ String[] names = new String[0];
if (isReadOnly() == true && hybridRoleManager.isExistingRole(roleName)) {
names = hybridRoleManager.getUserListOfHybridRole(roleName);
- }else{
- String sqlStmt = realmConfig.getUserStoreProperty(JDBCRealmConstants.GET_USERS_IN_ROLE_SQL);
+ } else {
+ String sqlStmt = realmConfig
+ .getUserStoreProperty(JDBCRealmConstants.GET_USERS_IN_ROLE_SQL);
if (sqlStmt == null) {
throw new UserStoreException("The sql statement for retrieving user roles is null");
}
- names = getStringValuesFromDatabase(sqlStmt, roleName, tenantId, tenantId, tenantId);
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ names = getStringValuesFromDatabase(sqlStmt, roleName, tenantId, tenantId, tenantId);
+ } else {
+ names = getStringValuesFromDatabase(sqlStmt, roleName);
+ }
}
return names;
@@ -182,7 +200,13 @@
if (sqlStmt == null) {
throw new UserStoreException("The sql statement for is role existing role null");
}
- boolean isExisting = isValueExisting(sqlStmt, roleName, tenantId);
+
+ boolean isExisting = false;
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ isExisting = isValueExisting(sqlStmt, roleName, tenantId);
+ } else {
+ isExisting = isValueExisting(sqlStmt, roleName);
+ }
if (isExisting == false && isReadOnly() == true) {
isExisting = hybridRoleManager.isExistingRole(roleName);
}
@@ -194,7 +218,13 @@
if (sqlStmt == null) {
throw new UserStoreException("The sql statement for retrieving profile names is null");
}
- String[] names = getStringValuesFromDatabase(sqlStmt, tenantId);
+ String[] names = new String[0];
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ names = getStringValuesFromDatabase(sqlStmt, tenantId);
+ } else {
+ names = getStringValuesFromDatabase(sqlStmt);
+ }
+
return names;
}
@@ -204,7 +234,12 @@
if (sqlStmt == null) {
throw new UserStoreException("The sql statement for retrieving is null");
}
- String[] names = getStringValuesFromDatabase(sqlStmt, userName, tenantId, tenantId);
+ String[] names = new String[0];
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ names = getStringValuesFromDatabase(sqlStmt, userName, tenantId, tenantId);
+ } else {
+ names = getStringValuesFromDatabase(sqlStmt, userName);
+ }
return names;
}
@@ -229,8 +264,10 @@
prepStmt = dbConnection.prepareStatement(sqlStmt);
prepStmt.setString(1, userName);
prepStmt.setString(2, profileName);
- prepStmt.setInt(3, tenantId);
- prepStmt.setInt(4, tenantId);
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ prepStmt.setInt(3, tenantId);
+ prepStmt.setInt(4, tenantId);
+ }
rs = prepStmt.executeQuery();
while (rs.next()) {
String name = rs.getString(1);
@@ -265,9 +302,9 @@
if (param == null) {
throw new UserStoreException("Null data provided.");
} else if (param instanceof String) {
- prepStmt.setString(i + 1, (String)param);
+ prepStmt.setString(i + 1, (String) param);
} else if (param instanceof Integer) {
- prepStmt.setInt(i + 1, (Integer)param);
+ prepStmt.setInt(i + 1, (Integer) param);
}
}
}
@@ -311,9 +348,9 @@
if (param == null) {
throw new UserStoreException("Null data provided.");
} else if (param instanceof String) {
- prepStmt.setString(i + 1, (String)param);
+ prepStmt.setString(i + 1, (String) param);
} else if (param instanceof Integer) {
- prepStmt.setInt(i + 1, (Integer)param);
+ prepStmt.setInt(i + 1, (Integer) param);
}
}
}
@@ -358,7 +395,12 @@
String password = (String) credential;
String digestAlgo = realmConfig
.getUserStoreProperty(JDBCRealmConstants.DIGEST_FUNCTION);
- String digestedPassword = UMUtil.digestPassword(password, digestAlgo);
+ String checkPassword = null;
+ if (digestAlgo != null) {
+ checkPassword = UMUtil.digestPassword(password, digestAlgo);
+ } else {
+ checkPassword = password;
+ }
sqlstmt = realmConfig.getUserStoreProperty(JDBCRealmConstants.GET_PASSWORD_SQL);
@@ -368,13 +410,15 @@
prepStmt = dbConnection.prepareStatement(sqlstmt);
prepStmt.setString(1, userName);
- prepStmt.setInt(2, tenantId);
+ if (sqlstmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ prepStmt.setInt(2, tenantId);
+ }
rs = prepStmt.executeQuery();
if (rs.next() == true) {
String value = rs.getString(1);
- if ((value != null) && (value.equals(digestedPassword))) {
+ if ((value != null) && (value.equals(checkPassword))) {
isAuthed = true;
}
}
@@ -423,13 +467,25 @@
String digestAlgo = realmConfig
.getUserStoreProperty(JDBCRealmConstants.DIGEST_FUNCTION);
String digestedPassword = UMUtil.digestPassword((String) credential, digestAlgo);
- this.updateStringValuesToDatabase(dbConnection, sqlStmt, userName, digestedPassword, tenantId);
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt, userName,
+ digestedPassword, tenantId);
+ } else {
+ this
+ .updateStringValuesToDatabase(dbConnection, sqlStmt, userName,
+ digestedPassword);
+ }
if (roleList != null) {
// add user to role.
String sqlStmt2 = realmConfig
.getUserStoreProperty(JDBCRealmConstants.ADD_ROLE_TO_USER_SQL);
- DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2, roleList, tenantId,
- userName, tenantId, tenantId);
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2, roleList,
+ tenantId, userName, tenantId, tenantId);
+ } else {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2, roleList,
+ tenantId, userName);
+ }
}
if (claims != null) {
// add the properties
@@ -462,17 +518,26 @@
Connection dbConnection = null;
try {
dbConnection = getDBConnection();
- String sqlStmt = realmConfig.getUserStoreProperty(JDBCRealmConstants.ADD_ROLE_SQL);
if (isReadOnly() == true) {
hybridRoleManager.addHybridRole(roleName, userList);
} else {
- this.updateStringValuesToDatabase(dbConnection, sqlStmt, roleName, tenantId);
+ String sqlStmt = realmConfig.getUserStoreProperty(JDBCRealmConstants.ADD_ROLE_SQL);
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt, roleName, tenantId);
+ } else {
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt, roleName);
+ }
if (userList != null) {
// add role to user
String sqlStmt2 = realmConfig
.getUserStoreProperty(JDBCRealmConstants.ADD_USER_TO_ROLE_SQL);
- DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2, userList, tenantId,
- roleName, tenantId, tenantId);
+ if (sqlStmt2.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2,
+ userList, tenantId, roleName, tenantId, tenantId);
+ } else {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2,
+ userList, tenantId, roleName);
+ }
}
}
@@ -526,9 +591,16 @@
Connection dbConnection = null;
try {
dbConnection = getDBConnection();
- this.updateStringValuesToDatabase(dbConnection, sqlStmt1, roleName, tenantId, tenantId);
- this.updateStringValuesToDatabase(dbConnection, sqlStmt2, roleName, tenantId);
- this.updateStringValuesToDatabase(dbConnection, sqlStmt3, roleName, tenantId);
+ if (sqlStmt1.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt1, roleName, tenantId,
+ tenantId);
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt2, roleName, tenantId);
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt3, roleName, tenantId);
+ } else {
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt1, roleName);
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt2, roleName);
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt3, roleName);
+ }
dbConnection.commit();
} catch (SQLException e) {
log.error(e.getMessage(), e);
@@ -576,10 +648,19 @@
Connection dbConnection = null;
try {
dbConnection = getDBConnection();
- this.updateStringValuesToDatabase(dbConnection, sqlStmt1, userName, tenantId, tenantId);
- this.updateStringValuesToDatabase(dbConnection, sqlStmt2, userName, tenantId, tenantId);
- this.updateStringValuesToDatabase(dbConnection, sqlStmt3, userName, tenantId);
- this.updateStringValuesToDatabase(dbConnection, sqlStmt4, userName, tenantId);
+ if (sqlStmt1.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt1, userName, tenantId,
+ tenantId);
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt2, userName, tenantId,
+ tenantId);
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt3, userName, tenantId);
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt4, userName, tenantId);
+ } else {
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt1, userName);
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt2, userName);
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt3, userName);
+ this.updateStringValuesToDatabase(dbConnection, sqlStmt4, userName);
+ }
dbConnection.commit();
} catch (SQLException e) {
log.error(e.getMessage(), e);
@@ -611,12 +692,22 @@
try {
dbConnection = getDBConnection();
if (deletedUsers != null) {
- DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt1, deletedUsers, tenantId,
- roleName, tenantId, tenantId);
+ if (sqlStmt1.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt1,
+ deletedUsers, tenantId, roleName, tenantId, tenantId);
+ } else {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt1,
+ deletedUsers, tenantId, roleName);
+ }
}
if (newUsers != null) {
- DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2, newUsers, tenantId,
- roleName, tenantId, tenantId);
+ if (sqlStmt1.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2,
+ newUsers, tenantId, roleName, tenantId, tenantId);
+ } else {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2,
+ newUsers, tenantId, roleName);
+ }
}
dbConnection.commit();
} catch (SQLException e) {
@@ -647,13 +738,23 @@
try {
dbConnection = getDBConnection();
if (deletedRoles != null) {
- DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt1, deletedRoles, tenantId,
- userName, tenantId, tenantId);
+ if (sqlStmt1.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt1,
+ deletedRoles, tenantId, userName, tenantId, tenantId);
+ } else {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt1,
+ deletedRoles, tenantId, userName);
+ }
}
if (newRoles != null) {
- DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2, newRoles, tenantId,
- userName, tenantId, tenantId);
+ if (sqlStmt1.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2,
+ newRoles, tenantId, userName, tenantId, tenantId);
+ } else {
+ DatabaseUtil.udpateUserRoleMappingInBatchMode(dbConnection, sqlStmt2,
+ newRoles, tenantId, userName);
+ }
}
dbConnection.commit();
} catch (SQLException e) {
@@ -805,8 +906,9 @@
prepStmt = dbConnection.prepareStatement(sqlStmt2);
prepStmt.setString(1, userName);
- prepStmt.setInt(2, tenantId);
-
+ if (sqlStmt1.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ prepStmt.setInt(2, tenantId);
+ }
rs = prepStmt.executeQuery();
boolean isAuthed = false;
if (rs.next() == true) {
@@ -816,7 +918,8 @@
}
}
if (isAuthed) {
- updateStringValuesToDatabase(dbConnection, sqlStmt1, digestednewPassword, userName, tenantId);
+ updateStringValuesToDatabase(dbConnection, sqlStmt1, digestednewPassword, userName,
+ tenantId);
} else {
throw new UserStoreException("Failed to update password.");
}
@@ -838,11 +941,13 @@
}
String digestAlgo = realmConfig.getUserStoreProperty(JDBCRealmConstants.DIGEST_FUNCTION);
String digestedPassword = UMUtil.digestPassword((String) newCredential, digestAlgo);
-
- updateStringValuesToDatabase(null, sqlStmt, digestedPassword, userName, tenantId);
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ updateStringValuesToDatabase(null, sqlStmt, digestedPassword, userName, tenantId);
+ } else {
+ updateStringValuesToDatabase(null, sqlStmt, digestedPassword, userName);
+ }
}
-
public String[] getHybridRoles() throws UserStoreException {
String[] names = new String[0];
if (isReadOnly() == true) {
@@ -867,9 +972,9 @@
if (param == null) {
throw new UserStoreException("Null data provided.");
} else if (param instanceof String) {
- prepStmt.setString(i + 1, (String)param);
+ prepStmt.setString(i + 1, (String) param);
} else if (param instanceof Integer) {
- prepStmt.setInt(i + 1, (Integer)param);
+ prepStmt.setInt(i + 1, (Integer) param);
}
}
}
@@ -923,7 +1028,8 @@
if (sqlStmt == null) {
throw new UserStoreException("The sql statement for add user property sql is null");
}
- updateStringValuesToDatabase(dbConnection, sqlStmt, userName, tenantId, propertyName, profileName, tenantId);
+ updateStringValuesToDatabase(dbConnection, sqlStmt, userName, tenantId, propertyName,
+ profileName, tenantId);
}
protected String getProperty(Connection dbConnection, String userName, String propertyName,
@@ -941,9 +1047,11 @@
prepStmt.setString(1, userName);
prepStmt.setString(2, propertyName);
prepStmt.setString(3, profileName);
- prepStmt.setInt(4, tenantId);
- prepStmt.setInt(5, tenantId);
-
+ if (sqlStmt.contains(UserCoreConstants.UM_TENANT_COLUMN)) {
+ prepStmt.setInt(4, tenantId);
+ prepStmt.setInt(5, tenantId);
+ }
+
rs = prepStmt.executeQuery();
while (rs.next()) {
value = rs.getString(1);
Modified: trunk/carbon/org.wso2.carbon.user.core/src/test/java/org/wso2/carbon/user/core/jdbc/JDBCRealmTest.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon/org.wso2.carbon.user.core/src/test/java/org/wso2/carbon/user/core/jdbc/JDBCRealmTest.java?rev=44753&r1=44752&r2=44753&view=diff
==============================================================================
--- trunk/carbon/org.wso2.carbon.user.core/src/test/java/org/wso2/carbon/user/core/jdbc/JDBCRealmTest.java (original)
+++ trunk/carbon/org.wso2.carbon.user.core/src/test/java/org/wso2/carbon/user/core/jdbc/JDBCRealmTest.java Wed Sep 2 02:12:39 2009
@@ -45,8 +45,8 @@
}
BasicDataSource ds = new BasicDataSource();
- //ds.setDriverClassName("org.apache.derby.jdbc.EmbeddedDriver");
- //ds.setUrl("jdbc:derby:target/databasetest/CARBON_TEST;create=true");
+ // ds.setDriverClassName("org.apache.derby.jdbc.EmbeddedDriver");
+ // ds.setUrl("jdbc:derby:target/databasetest/CARBON_TEST;create=true");
ds.setDriverClassName(UserCoreTestConstants.DB_DRIVER);
ds.setUrl(UserCoreTestConstants.DB_TEST_URL);
@@ -81,17 +81,17 @@
admin.addUser("vajira", "credential", new String[] { "role1" }, userProps, null);
// authenticate
assertTrue(admin.authenticate("dimuthu", "credential"));
-
+
admin.updateCredentialByAdmin("dimuthu", "topsecret");
assertTrue(admin.authenticate("dimuthu", "topsecret"));
-
+
assertTrue(admin.isExistingUser("dimuthu"));
assertFalse(admin.isExistingUser("muhaha"));
// update
- admin.updateCredential("dimuthu", "password", "topsecret");
+ admin.updateCredential("dimuthu", "password", "topsecret");
assertFalse(admin.authenticate("dimuthu", "credential"));
- //assertTrue(admin.authenticate("dimuthu", "password")); bug TODO
+ // assertTrue(admin.authenticate("dimuthu", "password")); bug TODO
String[] names = admin.listUsers("*", 100);
assertEquals(4, names.length);
@@ -130,7 +130,7 @@
String[] users = admin.getUserListOfRole("role3");
assertEquals(3, users.length);
-
+
// negative
try {
admin.updateRoleListOfUser("saman", new String[] { "x" }, new String[] { "y" });
@@ -146,8 +146,6 @@
// exptected error in negative testing
}
-
-
}
public void doAuthorizationStuff() throws Exception {
@@ -159,20 +157,24 @@
authMan.authorizeRole("rolex", "wall", "write");
authMan.authorizeRole("roley", "table", "write");
authMan.authorizeUser("sunil", "wall", "read");
-
+
assertTrue(authMan.isUserAuthorized("saman", "wall", "write"));
assertTrue(authMan.isUserAuthorized("sunil", "wall", "read"));
assertTrue(authMan.isRoleAuthorized("roley", "table", "write"));
assertFalse(authMan.isUserAuthorized("saman", "wall", "read"));
assertFalse(authMan.isUserAuthorized("sunil", "wall", "write"));
-
+ assertEquals(1,authMan.getAllowedRolesForResource("wall", "write").length);
+ assertEquals(1,authMan.getDirectlyAllowedUsersForResource("wall", "read").length);
+
authMan.denyRole("rolex", "wall", "write");
assertFalse(authMan.isRoleAuthorized("rolex", "wall", "write"));
- authMan.denyUser("sunil", "wall", "read");
- assertFalse(authMan.isUserAuthorized("sunil", "wall", "read"));
- // System.out.println(Arrays.toString(authMan.getAllowedUsersForResource("wall", "write"))); TODO bug
+ authMan.denyUser("saman", "wall", "read");
+ assertFalse(authMan.isUserAuthorized("saman", "wall", "read"));
+ assertEquals(1,authMan.getDeniedRolesForResource("wall", "write").length);
+ assertEquals(1,authMan.getDirectlyDeniedUsersForResource("wall", "read").length);
+
authMan.clearUserAuthorization("sunil", "wall", "read");
authMan.clearRoleAuthorization("roley", "table", "write");
authMan.clearResourceAuthorizations("wall");
@@ -232,4 +234,5 @@
assertNull(obtained.get(ClaimTestUtil.CLAIM_URI2)); // overridden
}
+
}
Modified: trunk/carbon/org.wso2.carbon.user.core/src/test/java/org/wso2/carbon/user/core/jdbc/ReadOnlyJDBCRealmTest.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon/org.wso2.carbon.user.core/src/test/java/org/wso2/carbon/user/core/jdbc/ReadOnlyJDBCRealmTest.java?rev=44753&r1=44752&r2=44753&view=diff
==============================================================================
--- trunk/carbon/org.wso2.carbon.user.core/src/test/java/org/wso2/carbon/user/core/jdbc/ReadOnlyJDBCRealmTest.java (original)
+++ trunk/carbon/org.wso2.carbon.user.core/src/test/java/org/wso2/carbon/user/core/jdbc/ReadOnlyJDBCRealmTest.java Wed Sep 2 02:12:39 2009
@@ -48,6 +48,7 @@
DatabaseCreator creator = new DatabaseCreator(ds);
creator.createRegistryDatabase();
+
this.addIntialData(ds);
RealmConfigXMLProcessor builder = new RealmConfigXMLProcessor();
InputStream inStream = this.getClass().getClassLoader().getResource(
More information about the Carbon-commits
mailing list