Index: admin-api/src/test/java/org/safehaus/triplesec/admin/IntegrationTest.java =================================================================== --- admin-api/src/test/java/org/safehaus/triplesec/admin/IntegrationTest.java (revision 488792) +++ admin-api/src/test/java/org/safehaus/triplesec/admin/IntegrationTest.java (working copy) @@ -104,7 +104,7 @@ assertEquals( getName() + "0", ( String ) attrs.get( "permName" ).get() ); assertNull( attrs.get( "description" ) ); - // add a permission via add( String, Permission ) + // add a permission via add( String, StringPermission ) PermissionModifier modifier = new PermissionModifier( dao, "mockApplication", getName() + "1" ); modifier.setDescription( "a non-null description" ).add(); attrs = ctx.getAttributes( "permName=" + getName() Index: admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapHauskeysUserDao.java =================================================================== --- admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapHauskeysUserDao.java (revision 488792) +++ admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapHauskeysUserDao.java (working copy) @@ -302,7 +302,7 @@ } catch ( NoPermissionException e ) { - String msg = "Rename failed. Permission denied."; + String msg = "Rename failed. StringPermission denied."; log.error( msg, e ); throw new PermissionDeniedException( msg ); } @@ -402,7 +402,7 @@ } catch ( NoPermissionException e ) { - String msg = "Modify failed. Permission denied to " + rdn + " under " + baseUrl; + String msg = "Modify failed. StringPermission denied to " + rdn + " under " + baseUrl; log.error( msg, e ); throw new PermissionDeniedException( msg ); } @@ -438,7 +438,7 @@ } catch ( NoPermissionException e ) { - String msg = "Delete failed. Permission denied to delete " + rdn + " under " + baseUrl; + String msg = "Delete failed. StringPermission denied to delete " + rdn + " under " + baseUrl; log.error( msg, e ); throw new PermissionDeniedException( msg ); } Index: admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapUserDao.java =================================================================== --- admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapUserDao.java (revision 488792) +++ admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapUserDao.java (working copy) @@ -81,7 +81,7 @@ } catch ( NoPermissionException e ) { - String msg = "User load failed. Permission denied."; + String msg = "User load failed. StringPermission denied."; log.error( msg, e ); throw new PermissionDeniedException( msg ); } @@ -111,7 +111,7 @@ } catch ( NoPermissionException e ) { - String msg = "User lookup failed. Permission denied."; + String msg = "User lookup failed. StringPermission denied."; log.error( msg, e ); throw new PermissionDeniedException( msg ); } Index: admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapExternalUserDao.java =================================================================== --- admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapExternalUserDao.java (revision 488792) +++ admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapExternalUserDao.java (working copy) @@ -119,7 +119,7 @@ } catch ( NoPermissionException e ) { - String msg = "Rename failed. Permission denied."; + String msg = "Rename failed. StringPermission denied."; log.error( msg, e ); throw new PermissionDeniedException( msg ); } @@ -159,7 +159,7 @@ } catch ( NoPermissionException e ) { - String msg = "Modify failed. Permission denied to " + rdn + " under " + baseUrl; + String msg = "Modify failed. StringPermission denied to " + rdn + " under " + baseUrl; log.error( msg, e ); throw new PermissionDeniedException( msg ); } @@ -192,7 +192,7 @@ } catch ( NoPermissionException e ) { - String msg = "Delete failed. Permission denied to delete " + rdn + " under " + baseUrl; + String msg = "Delete failed. StringPermission denied to delete " + rdn + " under " + baseUrl; log.error( msg, e ); throw new PermissionDeniedException( msg ); } Index: admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapLocalUserDao.java =================================================================== --- admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapLocalUserDao.java (revision 488792) +++ admin-api/src/main/java/org/safehaus/triplesec/admin/dao/ldap/LdapLocalUserDao.java (working copy) @@ -205,7 +205,7 @@ } catch ( NoPermissionException e ) { - String msg = "Rename failed. Permission denied."; + String msg = "Rename failed. StringPermission denied."; log.error( msg, e ); throw new PermissionDeniedException( msg ); } @@ -298,7 +298,7 @@ } catch ( NoPermissionException e ) { - String msg = "Modify failed. Permission denied to " + rdn + " under " + baseUrl; + String msg = "Modify failed. StringPermission denied to " + rdn + " under " + baseUrl; log.error( msg, e ); throw new PermissionDeniedException( msg ); } @@ -333,7 +333,7 @@ } catch ( NoPermissionException e ) { - String msg = "Delete failed. Permission denied to delete " + rdn + " under " + baseUrl; + String msg = "Delete failed. StringPermission denied to delete " + rdn + " under " + baseUrl; log.error( msg, e ); throw new PermissionDeniedException( msg ); } Index: guardian-api/src/test/java/org/safehaus/triplesec/guardian/ProfileTest.java =================================================================== --- guardian-api/src/test/java/org/safehaus/triplesec/guardian/ProfileTest.java (revision 488792) +++ guardian-api/src/test/java/org/safehaus/triplesec/guardian/ProfileTest.java (working copy) @@ -62,15 +62,15 @@ public void testInstantiation() { Roles roles = new Roles( "app1", new Role[] { - new Role( STORE1, "role1", new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm1" ), + new Role( STORE1, "role1", new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm1" ), })), }); - Permissions grants = new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm1" ), + Permissions grants = new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm1" ), }); - Permissions denials = new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm2" ), + Permissions denials = new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm2" ), }); // Test null parameters @@ -114,8 +114,8 @@ } // Test unknown permissions - Permissions wrongPerms = new Permissions( "app1", new Permission[] { - new Permission( "app1", "wrongPerm" ), + Permissions wrongPerms = new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "wrongPerm" ), }); try { @@ -178,18 +178,18 @@ public void testProperties() { Roles roles = new Roles( "app1", new Role[] { - new Role( STORE1, "role1", new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm2" ), - new Permission( "app1", "perm3" ), - new Permission( "app1", "perm4" ), + new Role( STORE1, "role1", new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm2" ), + new StringPermission( "app1", "perm3" ), + new StringPermission( "app1", "perm4" ), })), }); - Permissions grants = new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm1" ), - new Permission( "app1", "perm2" ), + Permissions grants = new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm1" ), + new StringPermission( "app1", "perm2" ), }); - Permissions denials = new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm3" ), + Permissions denials = new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm3" ), }); Profile p = new Profile( STORE1, "trustin", "trustin", roles, grants, denials, "test description", false ); @@ -200,10 +200,10 @@ assertEquals( denials, p.getDenials() ); assertEquals( "test description", p.getDescription() ); - Permissions effectivePermissions = new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm1" ), - new Permission( "app1", "perm2" ), - new Permission( "app1", "perm4" ), + Permissions effectivePermissions = new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm1" ), + new StringPermission( "app1", "perm2" ), + new StringPermission( "app1", "perm4" ), }); assertEquals( effectivePermissions, p.getEffectivePermissions() ); @@ -212,9 +212,9 @@ public void testRolePermissions() { - Permission perm = new Permission( "app1", "perm1" ); - Permission wrongPerm = new Permission( "app1", "perm2" ); - Permissions perms = new Permissions( "app1", new Permission[] { perm, } ); + StringPermission perm = new StringPermission( "app1", "perm1" ); + StringPermission wrongPerm = new StringPermission( "app1", "perm2" ); + Permissions perms = new Permissions( "app1", new StringPermission[] { perm, } ); // Effective permissions will be: 'perm1' Profile p = new Profile( @@ -234,7 +234,7 @@ // Check null parameters try { - p.checkPermission( ( Permission ) null ); + p.checkPermission( ( StringPermission ) null ); Assert.fail( "Exception is not thrown." ); } catch( NullPointerException e ) @@ -252,7 +252,7 @@ } try { - p.checkPermission( ( Permission ) null, "unused" ); + p.checkPermission( ( StringPermission ) null, "unused" ); Assert.fail( "Exception is not thrown." ); } catch( NullPointerException e ) @@ -340,11 +340,11 @@ public Permissions getPermissions() { - Permission[] perms = new Permission[] { - new Permission( appName, "perm1" ), - new Permission( appName, "perm2" ), - new Permission( appName, "perm3" ), - new Permission( appName, "perm4" ), + StringPermission[] perms = new StringPermission[] { + new StringPermission( appName, "perm1" ), + new StringPermission( appName, "perm2" ), + new StringPermission( appName, "perm3" ), + new StringPermission( appName, "perm4" ), }; return new Permissions( appName, perms ); } @@ -378,7 +378,7 @@ return null; } - public Set getDependentProfileNames( Permission permission ) throws GuardianException + public Set getDependentProfileNames( StringPermission permission ) throws GuardianException { return null; } Index: guardian-api/src/test/java/org/safehaus/triplesec/guardian/RoleTest.java =================================================================== --- guardian-api/src/test/java/org/safehaus/triplesec/guardian/RoleTest.java (revision 488792) +++ guardian-api/src/test/java/org/safehaus/triplesec/guardian/RoleTest.java (working copy) @@ -106,8 +106,8 @@ // Test unknown permissions try { - Permissions wrongPerms = new Permissions( "app1", new Permission[] { - new Permission( "app1", "wrongPerm" ), + Permissions wrongPerms = new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "wrongPerm" ), }); new Role( STORE1, "role1", wrongPerms ); @@ -136,11 +136,11 @@ public void testProperties() { - Permission perm1= new Permission( "app1", "perm1" ); - Permissions perms = new Permissions( "app1", new Permission[] { + StringPermission perm1= new StringPermission( "app1", "perm1" ); + Permissions perms = new Permissions( "app1", new StringPermission[] { perm1, - new Permission( "app1", "perm2" ), - new Permission( "app1", "perm3" ), } ); + new StringPermission( "app1", "perm2" ), + new StringPermission( "app1", "perm3" ), } ); Role r = new Role( STORE1, "role1", perms, "test description" ); assertEquals( "app1", r.getApplicationName() ); @@ -153,9 +153,9 @@ public void testRolePermissions() { - Permission perm = new Permission( "app1", "perm1" ); - Permission wrongPerm = new Permission( "app1", "perm2" ); - Permissions perms = new Permissions( "app1", new Permission[] { perm, } ); + StringPermission perm = new StringPermission( "app1", "perm1" ); + StringPermission wrongPerm = new StringPermission( "app1", "perm2" ); + Permissions perms = new Permissions( "app1", new StringPermission[] { perm, } ); Role r = new Role( STORE1, "role1", perms ); @@ -170,7 +170,7 @@ // Check null parameters try { - r.checkPermission( ( Permission ) null ); + r.checkPermission( ( StringPermission ) null ); fail( "Exception is not thrown." ); } catch( NullPointerException e ) @@ -188,7 +188,7 @@ } try { - r.checkPermission( ( Permission ) null, "unused" ); + r.checkPermission( ( StringPermission ) null, "unused" ); fail( "Exception is not thrown." ); } catch( NullPointerException e ) @@ -275,10 +275,10 @@ public Permissions getPermissions() { - Permission[] perms = new Permission[] { - new Permission( appName, "perm1" ), - new Permission( appName, "perm2" ), - new Permission( appName, "perm3" ), + StringPermission[] perms = new StringPermission[] { + new StringPermission( appName, "perm1" ), + new StringPermission( appName, "perm2" ), + new StringPermission( appName, "perm3" ), }; return new Permissions( appName, perms ); } @@ -310,7 +310,7 @@ return null; } - public Set getDependentProfileNames( Permission permission ) throws GuardianException + public Set getDependentProfileNames( StringPermission permission ) throws GuardianException { return null; } Index: guardian-api/src/test/java/org/safehaus/triplesec/guardian/RolesTest.java =================================================================== --- guardian-api/src/test/java/org/safehaus/triplesec/guardian/RolesTest.java (revision 488792) +++ guardian-api/src/test/java/org/safehaus/triplesec/guardian/RolesTest.java (working copy) @@ -239,12 +239,12 @@ dependents = roles12.getDependentRoles( "perm99" ); assertEquals( 0, dependents.size() ); - dependents = roles12.getDependentRoles( new Permission( "app1", "perm99" ) ); + dependents = roles12.getDependentRoles( new StringPermission( "app1", "perm99" ) ); assertEquals( 0, dependents.size() ); try { - dependents = roles12.getDependentRoles( new Permission( "blah", "perm99" ) ); + dependents = roles12.getDependentRoles( new StringPermission( "blah", "perm99" ) ); fail( "Should never get here due to an exception" ); } catch ( IllegalArgumentException e ) @@ -279,10 +279,10 @@ public Permissions getPermissions() { - Permission[] perms = new Permission[] { - new Permission( appName, "perm1" ), - new Permission( appName, "perm2" ), - new Permission( appName, "perm3" ), + StringPermission[] perms = new StringPermission[] { + new StringPermission( appName, "perm1" ), + new StringPermission( appName, "perm2" ), + new StringPermission( appName, "perm3" ), }; return new Permissions( appName, perms ); } @@ -314,7 +314,7 @@ return null; } - public Set getDependentProfileNames( Permission permission ) throws GuardianException + public Set getDependentProfileNames( StringPermission permission ) throws GuardianException { return null; } Index: guardian-api/src/test/java/org/safehaus/triplesec/guardian/PermissionTest.java =================================================================== --- guardian-api/src/test/java/org/safehaus/triplesec/guardian/PermissionTest.java (revision 488792) +++ guardian-api/src/test/java/org/safehaus/triplesec/guardian/PermissionTest.java (working copy) @@ -30,25 +30,25 @@ protected Object newInstanceA1() { - return new Permission( "app1", "perm1" ); + return new StringPermission( "app1", "perm1" ); } protected Object newInstanceA2() { - return new Permission( "app1", "perm1" ); + return new StringPermission( "app1", "perm1" ); } protected Object newInstanceB1() { - return new Permission( "app1", "perm2" ); + return new StringPermission( "app1", "perm2" ); } protected Object newInstanceB2() { - return new Permission( "app2", "perm1" ); + return new StringPermission( "app2", "perm1" ); } @@ -56,7 +56,7 @@ { try { - new Permission( "test", null ); + new StringPermission( "test", null ); fail( "Exception is not thrown." ); } catch ( NullPointerException e ) @@ -65,7 +65,7 @@ } try { - new Permission( null, "test" ); + new StringPermission( null, "test" ); fail( "Exception is not thrown." ); } catch ( NullPointerException e ) @@ -74,7 +74,7 @@ } try { - new Permission( "test", "" ); + new StringPermission( "test", "" ); fail( "Exception is not thrown." ); } catch ( IllegalArgumentException e ) @@ -83,7 +83,7 @@ } try { - new Permission( "", "test" ); + new StringPermission( "", "test" ); fail( "Exception is not thrown." ); } catch ( IllegalArgumentException e ) @@ -95,7 +95,7 @@ public void testPropeties() { - Permission p = new Permission( "a", "b", "c" ); + StringPermission p = new StringPermission( "a", "b", "c" ); assertEquals( "a", p.getApplicationName() ); assertEquals( "b", p.getName() ); assertEquals( "c", p.getDescription() ); Index: guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockApplicationPolicy.java =================================================================== --- guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockApplicationPolicy.java (revision 488792) +++ guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockApplicationPolicy.java (working copy) @@ -50,18 +50,18 @@ // add permissions // -------------------------------------------------------------------------------- - Permission perm0 = new Permission( name, "mockPerm0" ); permSet.add( perm0 ); - Permission perm1 = new Permission( name, "mockPerm1" ); permSet.add( perm1 ); - Permission perm2 = new Permission( name, "mockPerm2" ); permSet.add( perm2 ); - Permission perm3 = new Permission( name, "mockPerm3" ); permSet.add( perm3 ); - Permission perm4 = new Permission( name, "mockPerm4" ); permSet.add( perm4 ); - Permission perm5 = new Permission( name, "mockPerm5" ); permSet.add( perm5 ); - Permission perm6 = new Permission( name, "mockPerm6" ); permSet.add( perm6 ); - Permission perm7 = new Permission( name, "mockPerm7" ); permSet.add( perm7 ); - Permission perm8 = new Permission( name, "mockPerm8" ); permSet.add( perm8 ); - Permission perm9 = new Permission( name, "mockPerm9" ); permSet.add( perm9 ); + StringPermission perm0 = new StringPermission( name, "mockPerm0" ); permSet.add( perm0 ); + StringPermission perm1 = new StringPermission( name, "mockPerm1" ); permSet.add( perm1 ); + StringPermission perm2 = new StringPermission( name, "mockPerm2" ); permSet.add( perm2 ); + StringPermission perm3 = new StringPermission( name, "mockPerm3" ); permSet.add( perm3 ); + StringPermission perm4 = new StringPermission( name, "mockPerm4" ); permSet.add( perm4 ); + StringPermission perm5 = new StringPermission( name, "mockPerm5" ); permSet.add( perm5 ); + StringPermission perm6 = new StringPermission( name, "mockPerm6" ); permSet.add( perm6 ); + StringPermission perm7 = new StringPermission( name, "mockPerm7" ); permSet.add( perm7 ); + StringPermission perm8 = new StringPermission( name, "mockPerm8" ); permSet.add( perm8 ); + StringPermission perm9 = new StringPermission( name, "mockPerm9" ); permSet.add( perm9 ); - Permission[] permArray = ( Permission[] ) permSet.toArray( new Permission[0] ); + StringPermission[] permArray = ( StringPermission[] ) permSet.toArray( new StringPermission[0] ); perms = new Permissions( name, permArray ); // -------------------------------------------------------------------------------- @@ -69,27 +69,27 @@ // -------------------------------------------------------------------------------- // role without any permissions toggled - Permissions grants = new Permissions( name, new Permission[0] ); + Permissions grants = new Permissions( name, new StringPermission[0] ); Role role0 = new Role( this, "mockRole0", grants ); roleSet.add( role0 ); // role with permission mockPerm0 - grants = new Permissions( name, new Permission[] {perm0}); + grants = new Permissions( name, new StringPermission[] {perm0}); Role role1 = new Role( this, "mockRole1", grants ); roleSet.add( role1 ); // role with permission mockPerm1 - grants = new Permissions( name, new Permission[] {perm1}); + grants = new Permissions( name, new StringPermission[] {perm1}); Role role2 = new Role( this, "mockRole2", grants ); roleSet.add( role2 ); // role with permission mockPerm2 and mochPerm3 - grants = new Permissions( name, new Permission[] {perm2, perm3}); + grants = new Permissions( name, new StringPermission[] {perm2, perm3}); Role role3 = new Role( this, "mockRole3", grants ); roleSet.add( role3 ); // role with permission mockPerm4, mockPerm5, mockPerm6, mockPerm7, mockPerm9 - grants = new Permissions( name, new Permission[] {perm4, perm5, perm6, perm7, perm9}); + grants = new Permissions( name, new StringPermission[] {perm4, perm5, perm6, perm7, perm9}); Role role4 = new Role( this, "mockRole4", grants ); roleSet.add( role4 ); @@ -101,37 +101,37 @@ // -------------------------------------------------------------------------------- // a profile that has no permissions at all, and no roles (basis case) - grants = new Permissions( name, new Permission[0] ); - Permissions denials = new Permissions( name, new Permission[0] ); + grants = new Permissions( name, new StringPermission[0] ); + Permissions denials = new Permissions( name, new StringPermission[0] ); Roles roles = new Roles( name, new Role[0] ); Profile profile = new Profile( this, "mockProfile0", "trustin", roles, grants, denials, false ); profileByName.put( profile.getProfileId(), profile ); // a profile for checking union of role1 and role2 - inherits perm0 and perm1 - grants = new Permissions( name, new Permission[0] ); - denials = new Permissions( name, new Permission[0] ); + grants = new Permissions( name, new StringPermission[0] ); + denials = new Permissions( name, new StringPermission[0] ); roles = new Roles( name, new Role[] { role1, role2 } ); profile = new Profile( this, "mockProfile1", "trustin", roles, grants, denials, false ); profileByName.put( profile.getProfileId(), profile ); // a profile for checking union of roles with grants - granted perm0 and inherits perm1 - grants = new Permissions( name, new Permission[] { perm0 } ); - denials = new Permissions( name, new Permission[0] ); + grants = new Permissions( name, new StringPermission[] { perm0 } ); + denials = new Permissions( name, new StringPermission[0] ); roles = new Roles( name, new Role[] { role2 } ); profile = new Profile( this, "mockProfile2", "trustin", roles, grants, denials, false ); profileByName.put( profile.getProfileId(), profile ); // a profile for checking union of roles with grants - granted perm0, perm7 and inherits perm2 and perm3 - grants = new Permissions( name, new Permission[] { perm0, perm7 } ); - denials = new Permissions( name, new Permission[0] ); + grants = new Permissions( name, new StringPermission[] { perm0, perm7 } ); + denials = new Permissions( name, new StringPermission[0] ); roles = new Roles( name, new Role[] { role3 } ); profile = new Profile( this, "mockProfile3", "trustin", roles, grants, denials, false ); profileByName.put( profile.getProfileId(), profile ); // a profile for checking union of roles with grants and denials // granted perm0, in role3 and role4 but denied inherited perm7 - grants = new Permissions( name, new Permission[] { perm0 } ); - denials = new Permissions( name, new Permission[] { perm7 } ); + grants = new Permissions( name, new StringPermission[] { perm0 } ); + denials = new Permissions( name, new StringPermission[] { perm7 } ); roles = new Roles( name, new Role[] { role3, role4 } ); profile = new Profile( this, "mockProfile4", "trustin", roles, grants, denials, false ); profileByName.put( profile.getProfileId(), profile ); @@ -191,7 +191,7 @@ } - public Set getDependentProfileNames( Permission permission ) throws GuardianException + public Set getDependentProfileNames( StringPermission permission ) throws GuardianException { return null; } Index: guardian-api/src/test/java/org/safehaus/triplesec/guardian/ApplicationPolicyFactoryTest.java =================================================================== --- guardian-api/src/test/java/org/safehaus/triplesec/guardian/ApplicationPolicyFactoryTest.java (revision 488792) +++ guardian-api/src/test/java/org/safehaus/triplesec/guardian/ApplicationPolicyFactoryTest.java (working copy) @@ -176,7 +176,7 @@ return null; } - public Set getDependentProfileNames( Permission permission ) throws GuardianException + public Set getDependentProfileNames( StringPermission permission ) throws GuardianException { return null; } Index: guardian-api/src/test/java/org/safehaus/triplesec/guardian/PermissionsTest.java =================================================================== --- guardian-api/src/test/java/org/safehaus/triplesec/guardian/PermissionsTest.java (revision 488792) +++ guardian-api/src/test/java/org/safehaus/triplesec/guardian/PermissionsTest.java (working copy) @@ -37,32 +37,32 @@ { protected Object newInstanceA1() { - return new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm1" ), - new Permission( "app1", "perm2" ), - new Permission( "app1", "perm3" ), + return new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm1" ), + new StringPermission( "app1", "perm2" ), + new StringPermission( "app1", "perm3" ), }); } protected Object newInstanceA2() { - return new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm1" ), - new Permission( "app1", "perm2" ), - new Permission( "app1", "perm3" ), + return new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm1" ), + new StringPermission( "app1", "perm2" ), + new StringPermission( "app1", "perm3" ), }); } protected Object newInstanceB1() { - return new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm1" ), + return new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm1" ), }); } protected Object newInstanceB2() { - return new Permissions( "app2", new Permission[0] ); + return new Permissions( "app2", new StringPermission[0] ); } public void testInstantiation() @@ -90,7 +90,7 @@ } // Test null elements - Permissions perms = new Permissions( "app1", new Permission[] { + Permissions perms = new Permissions( "app1", new StringPermission[] { null, null, null, }); Assert.assertTrue( perms.isEmpty() ); @@ -98,8 +98,8 @@ // Test mismatching application names try { - new Permissions( "app1", new Permission[] { - new Permission( "app2", "perm1" ), + new Permissions( "app1", new StringPermission[] { + new StringPermission( "app2", "perm1" ), }); Assert.fail( "Execption is not thrown." ); } @@ -113,10 +113,10 @@ public void testProperties() { - Permission p1 = new Permission( "app1", "perm1" ); - Permission p2 = new Permission( "app1", "perm2" ); - Permission p3 = new Permission( "app1", "perm3" ); - Permissions perms = new Permissions( "app1", new Permission[] { + StringPermission p1 = new StringPermission( "app1", "perm1" ); + StringPermission p2 = new StringPermission( "app1", "perm2" ); + StringPermission p3 = new StringPermission( "app1", "perm3" ); + Permissions perms = new Permissions( "app1", new StringPermission[] { p1, p2, p3, }); @@ -139,7 +139,7 @@ allPerms.add( p3 ); for( Iterator i = perms.iterator(); i.hasNext(); ) { - Permission p = ( Permission ) i.next(); + StringPermission p = ( StringPermission ) i.next(); Assert.assertTrue( allPerms.contains( p ) ); allPerms.remove( p ); } @@ -147,15 +147,15 @@ public void testSetOperations() { - Permissions perms1 = new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm1" ), + Permissions perms1 = new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm1" ), }); - Permissions perms2 = new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm2" ), + Permissions perms2 = new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm2" ), }); - Permissions perms12 = new Permissions( "app1", new Permission[] { - new Permission( "app1", "perm1" ), - new Permission( "app1", "perm2" ), + Permissions perms12 = new Permissions( "app1", new StringPermission[] { + new StringPermission( "app1", "perm1" ), + new StringPermission( "app1", "perm2" ), }); Permissions wrongPerms = new Permissions( "wrongApp", null ); Index: guardian-api/src/main/java/org/safehaus/triplesec/guardian/Profile.java =================================================================== --- guardian-api/src/main/java/org/safehaus/triplesec/guardian/Profile.java (revision 488792) +++ guardian-api/src/main/java/org/safehaus/triplesec/guardian/Profile.java (working copy) @@ -31,17 +31,17 @@ * to manage access controls for user profiles associated with applications. * Profiles associate users with applications. This class models that profile * by linking the user with an application and allowing the assignment of an - * application specific {@link Role} set and {@link Permission} set to the + * application specific {@link Role} set and {@link StringPermission} set to the * profile. *

*

* Profiles contain three sets of Permissions and a set of Roles used for * managing an authorization policy of a user. A Role Based Access Control - * (RBAC) model is used to easily manage the Profile. The three Permission + * (RBAC) model is used to easily manage the Profile. The three StringPermission * sets are: grants, denials and the effective calculated permissions for the - * profile. Roles assigned to the Profile lead to the inheritance of Permission - * granted to Role. Besides Role based Permission inheritence, additional - * Permission may be granted or denied to influence the total effective Permission. + * profile. Roles assigned to the Profile lead to the inheritance of StringPermission + * granted to Role. Besides Role based StringPermission inheritence, additional + * StringPermission may be granted or denied to influence the total effective StringPermission. * The grants Permissions set contains extra granted Permissions which may not be * inherited by assigned Roles. The denials Permissions set contains * {@link Permissions} that are denied whether they are inherited by assigned @@ -270,9 +270,9 @@ /** - * Gets the set of {@link Permission}s granted to this Profile. + * Gets the set of {@link StringPermission}s granted to this Profile. * - * @return a container of granted {@link Permission} objects + * @return a container of granted {@link StringPermission} objects */ public Permissions getGrants() { @@ -284,7 +284,7 @@ * This is the only time and place where negative permissions will ever be * found. * - * @return a container of denied {@link Permission} objects + * @return a container of denied {@link StringPermission} objects */ public Permissions getDenials() { @@ -298,7 +298,7 @@ * granted {@link Permissions} and denied {@link Permissions} of this * Profile. * - * @return a container of effective {@link Permission} objects for this profile. + * @return a container of effective {@link StringPermission} objects for this profile. */ public Permissions getEffectivePermissions() { @@ -307,7 +307,7 @@ /** - * Assertive check to test if this Profile has the effective {@link Permission}. + * Assertive check to test if this Profile has the effective {@link StringPermission}. * * @param permissionName the permission name to check for * @throws AccessControlException if the permission is not granted or @@ -329,7 +329,7 @@ * @param permission the permission to check for * @return true if the permission is granted, false otherwise */ - public boolean hasPermission( Permission permission ) + public boolean hasPermission( StringPermission permission ) { return effectivePermissions.contains( permission ); } @@ -355,7 +355,7 @@ * @throws AccessControlException if the permission is not granted or * inherited from an assigned Role */ - public void checkPermission( Permission permission ) + public void checkPermission( StringPermission permission ) { checkPermission( permission, @@ -397,7 +397,7 @@ * @throws AccessControlException if the permission is not granted or * inherited from an assigned Role */ - public void checkPermission( Permission permission, String message ) + public void checkPermission( StringPermission permission, String message ) { if ( permission == null ) { Index: guardian-api/src/main/java/org/safehaus/triplesec/guardian/Role.java =================================================================== --- guardian-api/src/main/java/org/safehaus/triplesec/guardian/Role.java (revision 488792) +++ guardian-api/src/main/java/org/safehaus/triplesec/guardian/Role.java (working copy) @@ -38,7 +38,7 @@ private static final long serialVersionUID = 6190625586883412135L; /** an empty byte array used as a placeholder for empty grants */ - private static final Permission[] EMPTY_PERMISSION_ARRAY = new Permission[0]; + private static final StringPermission[] EMPTY_PERMISSION_ARRAY = new StringPermission[0]; /** the name of this Role */ private final String name; @@ -163,7 +163,7 @@ * @param permission the permission to check for * @throws AccessControlException if the permission is not granted */ - public void checkPermission( Permission permission ) + public void checkPermission( StringPermission permission ) { checkPermission( permission, @@ -191,7 +191,7 @@ * @param permission the name of permission to check for * @return true if the permission is granted,false otherwise */ - public boolean hasPermission( Permission permission ) + public boolean hasPermission( StringPermission permission ) { return permissions.contains( permission ); } @@ -222,7 +222,7 @@ * @param message to use for AccessControlException if it is thrown * @throws AccessControlException if the permission is not granted */ - public void checkPermission( Permission permission, String message ) + public void checkPermission( StringPermission permission, String message ) { if ( permission == null ) { Index: guardian-api/src/main/java/org/safehaus/triplesec/guardian/PolicyChangeAdapter.java =================================================================== --- guardian-api/src/main/java/org/safehaus/triplesec/guardian/PolicyChangeAdapter.java (revision 488792) +++ guardian-api/src/main/java/org/safehaus/triplesec/guardian/PolicyChangeAdapter.java (working copy) @@ -40,12 +40,12 @@ } - public void permissionChanged( ApplicationPolicy policy, Permission permission, ChangeType changeType ) + public void permissionChanged( ApplicationPolicy policy, StringPermission permission, ChangeType changeType ) { } - public void permissionRenamed( ApplicationPolicy policy, Permission permission, String oldName ) + public void permissionRenamed( ApplicationPolicy policy, StringPermission permission, String oldName ) { } Index: guardian-api/src/main/java/org/safehaus/triplesec/guardian/PolicyChangeListener.java =================================================================== --- guardian-api/src/main/java/org/safehaus/triplesec/guardian/PolicyChangeListener.java (revision 488792) +++ guardian-api/src/main/java/org/safehaus/triplesec/guardian/PolicyChangeListener.java (working copy) @@ -58,7 +58,7 @@ * @param permission the permission that was changed * @param changeType the type of change: add, delete or modify. */ - void permissionChanged( ApplicationPolicy policy, Permission permission, ChangeType changeType ); + void permissionChanged( ApplicationPolicy policy, StringPermission permission, ChangeType changeType ); /** * Notification method called when a permission is renamed. @@ -67,7 +67,7 @@ * @param permission the permission that was renamed * @param oldName the old name of the permission */ - void permissionRenamed( ApplicationPolicy policy, Permission permission, String oldName ); + void permissionRenamed( ApplicationPolicy policy, StringPermission permission, String oldName ); /** * Notification method called when a profile is added, deleted, or modified. Index: guardian-api/src/main/java/org/safehaus/triplesec/guardian/Permissions.java =================================================================== --- guardian-api/src/main/java/org/safehaus/triplesec/guardian/Permissions.java (revision 488792) +++ guardian-api/src/main/java/org/safehaus/triplesec/guardian/Permissions.java (working copy) @@ -30,7 +30,7 @@ /** - * Represnets an immutable set of {@link Permission}s. + * Represnets an immutable set of {@link StringPermission}s. * * @author Trustin Lee * @version $Rev: 52 $, $Date: 2005-08-19 23:03:36 -0400 (Fri, 19 Aug 2005) $ @@ -38,12 +38,12 @@ public class Permissions implements Cloneable, Serializable { private static final long serialVersionUID = 824005229641450076L; - /** An empty array of {@link Permission}s which is used when null is specified */ - private static final Permission[] EMPTY_PERMISSION_ARRAY = new Permission[0]; + /** An empty array of {@link StringPermission}s which is used when null is specified */ + private static final StringPermission[] EMPTY_PERMISSION_ARRAY = new StringPermission[0]; /** the name of application this permissions belong to */ private final String applicationName; - /** Map<String permissionName, Permission permission> */ + /** Map<String permissionName, StringPermission permission> */ private final Map permissions = new HashMap(); @@ -51,9 +51,9 @@ * Creates a new instance. * * @param applicationName The name of the application this permissions belong to - * @param permissions The array of {@link Permission}s that will belong to this permission set + * @param permissions The array of {@link StringPermission}s that will belong to this permission set */ - public Permissions( String applicationName, Permission[] permissions ) + public Permissions( String applicationName, StringPermission[] permissions ) { // Check nulls and emptiness if( applicationName == null ) @@ -75,7 +75,7 @@ // same with what user specified. for( int i = permissions.length - 1; i >= 0; i -- ) { - Permission p = permissions[ i ]; + StringPermission p = permissions[ i ]; if( p == null ) { continue; @@ -110,7 +110,7 @@ * @return true if and only if this set contains the specified * permission */ - public boolean contains( Permission permission ) + public boolean contains( StringPermission permission ) { return applicationName.equals( permission.getApplicationName() ) && permissions.containsKey( permission.getName() ); @@ -118,7 +118,7 @@ /** - * Returns true if and only if this set contains the {@link Permission} + * Returns true if and only if this set contains the {@link StringPermission} * with the specified permissionName. * * @param permissionName the name of the permission to find @@ -147,14 +147,14 @@ /** - * Returns the {@link Permission} with the specified permissionName. + * Returns the {@link StringPermission} with the specified permissionName. * * @param permissionName the name of the permission to find * @return null if there's no permission with the specified name */ - public Permission get( String permissionName ) + public StringPermission get( String permissionName ) { - return ( Permission ) permissions.get( permissionName ); + return ( StringPermission ) permissions.get( permissionName ); } @@ -181,9 +181,9 @@ /** - * Returns an {@link Iterator} that iterates all {@link Permission}s this set contains. + * Returns an {@link Iterator} that iterates all {@link StringPermission}s this set contains. * - * @return an {@link Iterator} that iterates all {@link Permission}s this set contains + * @return an {@link Iterator} that iterates all {@link StringPermission}s this set contains */ public Iterator iterator() { @@ -192,7 +192,7 @@ /** - * Creates a new set of {@link Permission}s which contains all elements of + * Creates a new set of {@link StringPermission}s which contains all elements of * both this set and the specified set (OR operation). This operation never * modifies this set. * @@ -209,7 +209,7 @@ /** - * Creates a new set of {@link Permission}s which contains elements of + * Creates a new set of {@link StringPermission}s which contains elements of * this set excluding what exists in the specified set (NAND operation). * This operation never modifies this set. * @@ -227,7 +227,7 @@ /** - * Creates a new set of {@link Permission}s which contains elements which + * Creates a new set of {@link StringPermission}s which contains elements which * exists in both this set and the specified set (AND operation). This * operation never modifies this set. * @@ -251,8 +251,8 @@ public Object clone() { - Permission[] permissionArray = new Permission[ size() ]; - permissionArray = ( Permission[] ) permissions.values().toArray( permissionArray ); + StringPermission[] permissionArray = new StringPermission[ size() ]; + permissionArray = ( StringPermission[] ) permissions.values().toArray( permissionArray ); return new Permissions( applicationName, permissionArray ); } @@ -296,13 +296,13 @@ // Add the first one if( i.hasNext() ) { - Permission p = ( Permission ) i.next(); + StringPermission p = ( StringPermission ) i.next(); buf.append( p.getName() ); // Add others while( i.hasNext() ) { - p = ( Permission ) i.next(); + p = ( StringPermission ) i.next(); buf.append( ", " ); buf.append( p.getName() ); } Index: guardian-api/src/main/java/org/safehaus/triplesec/guardian/ApplicationPolicy.java =================================================================== --- guardian-api/src/main/java/org/safehaus/triplesec/guardian/ApplicationPolicy.java (revision 488792) +++ guardian-api/src/main/java/org/safehaus/triplesec/guardian/ApplicationPolicy.java (working copy) @@ -66,9 +66,9 @@ Roles getRoles(); /** - * Gets a set of {@link Permission}s defined for this store. + * Gets a set of {@link StringPermission}s defined for this store. * - * @return a set of {@link Permission}s defined for this store. + * @return a set of {@link StringPermission}s defined for this store. */ Permissions getPermissions(); @@ -92,7 +92,7 @@ * @throws GuardianException if there is an error accessing the backing * store or the permission is not associated with this ApplicationPolicy */ - Set getDependentProfileNames( Permission permission ) throws GuardianException; + Set getDependentProfileNames( StringPermission permission ) throws GuardianException; /** * Gets the set of profiles a user has for this ApplicationPolicy. Index: guardian-api/src/main/java/org/safehaus/triplesec/guardian/Roles.java =================================================================== --- guardian-api/src/main/java/org/safehaus/triplesec/guardian/Roles.java (revision 488792) +++ guardian-api/src/main/java/org/safehaus/triplesec/guardian/Roles.java (working copy) @@ -269,7 +269,7 @@ } - public Roles getDependentRoles( Permission perm ) + public Roles getDependentRoles( StringPermission perm ) { if ( ! perm.getApplicationName().equals( getApplicationName() ) ) { Index: guardian-api/src/main/java/org/safehaus/triplesec/guardian/Permission.java =================================================================== --- guardian-api/src/main/java/org/safehaus/triplesec/guardian/Permission.java (revision 488792) +++ guardian-api/src/main/java/org/safehaus/triplesec/guardian/Permission.java (working copy) @@ -1,179 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.safehaus.triplesec.guardian; - -import java.io.Serializable; - - -/** - * An application permission. - * - * @author Alex Karasulu - * @author Trustin Lee - * @version $Rev: 71 $, $Date: 2005-11-07 19:11:39 -0500 (Mon, 07 Nov 2005) $ - */ -public class Permission implements Comparable, Cloneable, Serializable -{ - private static final long serialVersionUID = -522561010304299861L; - - /** the name of the permission */ - private final String permissionName; - /** the name of the application this permission is associated with */ - private final String applicationName; - /** a short description of the permission */ - private final String description; - - - /** - * Creates a new permission instance. - * - * @param applicationName the name of the application this permission is associated with - * @param permissionName the permissionName of the permission - */ - public Permission( String applicationName, String permissionName ) - { - this( applicationName, permissionName, null ); - } - - - /** - * Creates a new permission instance with description. - * - * @param applicationName the name of the application this permission is associated with - * @param permissionName the permissionName of the permission - */ - public Permission( String applicationName, String permissionName, String description ) - { - if( applicationName == null ) - { - throw new NullPointerException( "applicationName" ); - } - if( permissionName == null ) - { - throw new NullPointerException( "permissionName" ); - } - if( applicationName.length() == 0 ) - { - throw new IllegalArgumentException( "applicationName is empty."); - } - if( permissionName.length() == 0 ) - { - throw new IllegalArgumentException( "permissionName is empty."); - } - - this.permissionName = permissionName; - this.applicationName = applicationName; - this.description = description; - } - - - /** - * Gets the name of this permission. - * - * @return the name - */ - public String getName() - { - return permissionName; - } - - - /** - * Gets the application name this permission is defined for. - * - * @return the name of the application. - */ - public String getApplicationName() - { - return applicationName; - } - - - /** - * Gets the name of this permission. - * - * @return the description - */ - public String getDescription() - { - return description; - } - - - // ------------------------------------------------------------------------ - // Object Overrides - // ------------------------------------------------------------------------ - - - public int hashCode() - { - return applicationName.hashCode() ^ permissionName.hashCode(); - } - - - public boolean equals( Object that ) - { - if( this == that ) - { - return true; - } - - if( that instanceof Permission ) - { - Permission thatP = ( Permission ) that; - return this.applicationName.equals( thatP.applicationName ) && - this.permissionName.equals( thatP.permissionName ); - } - - return false; - } - - - public int compareTo( Object that ) - { - Permission thatP = ( Permission ) that; - int ret = this.applicationName.compareTo( thatP.applicationName ); - if( ret != 0 ) - { - return ret; - } - - return this.permissionName.compareTo( thatP.permissionName ); - } - - - public String toString() - { - return "Permission(" + applicationName + ": " + permissionName + ')'; - } - - - public Object clone() - { - try - { - return super.clone(); - } - catch( CloneNotSupportedException e ) - { - throw new InternalError(); - } - } -} Index: guardian-ldif/src/main/java/org/safehaus/triplesec/guardian/ldif/LdifApplicationPolicy.java =================================================================== --- guardian-ldif/src/main/java/org/safehaus/triplesec/guardian/ldif/LdifApplicationPolicy.java (revision 488792) +++ guardian-ldif/src/main/java/org/safehaus/triplesec/guardian/ldif/LdifApplicationPolicy.java (working copy) @@ -96,7 +96,7 @@ load(); // create the admin profile with all permissions as grants and in all roles this.adminProfile = new Profile( this, "admin", "admin", roles, permissions, - new Permissions( applicationName, new Permission[0] ), false ); + new Permissions( applicationName, new StringPermission[0] ), false ); } @@ -184,8 +184,8 @@ + " in application '" + applicationName + "'" ); } } - Permission[] permArray = new Permission[permSet.size()]; - Permissions grants = new Permissions( applicationName, ( Permission[] ) permSet.toArray( permArray ) ); + StringPermission[] permArray = new StringPermission[permSet.size()]; + Permissions grants = new Permissions( applicationName, ( StringPermission[] ) permSet.toArray( permArray ) ); Attribute description = entry.get( "description" ); Role role; @@ -232,15 +232,15 @@ String dn = ( String ) keys.next(); Attributes entry = ( Attributes ) permissionMap.get( dn ); String permName = ( String ) entry.get( "permName" ).get(); - Permission perm; + StringPermission perm; Attribute description = entry.get( "description" ); if ( description != null ) { - perm = new Permission( applicationName, permName, ( String ) description.get() ); + perm = new StringPermission( applicationName, permName, ( String ) description.get() ); } else { - perm = new Permission( applicationName, permName ); + perm = new StringPermission( applicationName, permName ); } log.debug( "loading permission " + permName + " for application " + applicationName ); permSet.add( perm ); @@ -253,8 +253,8 @@ throw new GuardianException( msg, e ); } - Permission[] permArray = new Permission[permSet.size()]; - permArray = ( Permission[] ) permSet.toArray( permArray ); + StringPermission[] permArray = new StringPermission[permSet.size()]; + permArray = ( StringPermission[] ) permSet.toArray( permArray ); this.permissions = new Permissions( applicationName, permArray ); } @@ -369,12 +369,12 @@ throw new GuardianException( "Failed to get grants for profile: " + dn ); } - Permission[] grantsArray = new Permission[grantsSet.size()]; - grants = new Permissions( applicationName, ( Permission[] ) grantsSet.toArray( grantsArray ) ); + StringPermission[] grantsArray = new StringPermission[grantsSet.size()]; + grants = new Permissions( applicationName, ( StringPermission[] ) grantsSet.toArray( grantsArray ) ); } else { - grants = new Permissions( applicationName, new Permission[0] ); + grants = new Permissions( applicationName, new StringPermission[0] ); } // ------------------------------------------------------------------------------- @@ -398,12 +398,12 @@ { throw new GuardianException( "Failed to get denials for profile: " + dn ); } - Permission[] denialsArray = new Permission[denialsSet.size()]; - denials = new Permissions( applicationName, ( Permission[] ) denialsSet.toArray( denialsArray ) ); + StringPermission[] denialsArray = new StringPermission[denialsSet.size()]; + denials = new Permissions( applicationName, ( StringPermission[] ) denialsSet.toArray( denialsArray ) ); } else { - denials = new Permissions( applicationName, new Permission[0] ); + denials = new Permissions( applicationName, new StringPermission[0] ); } // ------------------------------------------------------------------------------- @@ -527,7 +527,7 @@ } - public Set getDependentProfileNames( Permission permission ) throws GuardianException + public Set getDependentProfileNames( StringPermission permission ) throws GuardianException { throw new RuntimeException( "Not implemented yet!" ); } Index: guardian-ldap/src/test/java/org/safehaus/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java =================================================================== --- guardian-ldap/src/test/java/org/safehaus/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java (revision 488792) +++ guardian-ldap/src/test/java/org/safehaus/triplesec/guardian/ldap/LdapApplicationPolicyIntegrationTest.java (working copy) @@ -37,7 +37,7 @@ import org.safehaus.triplesec.guardian.ApplicationPolicy; import org.safehaus.triplesec.guardian.ApplicationPolicyFactory; import org.safehaus.triplesec.guardian.ChangeType; -import org.safehaus.triplesec.guardian.Permission; +import org.safehaus.triplesec.guardian.StringPermission; import org.safehaus.triplesec.guardian.PolicyChangeListener; import org.safehaus.triplesec.guardian.Profile; import org.safehaus.triplesec.guardian.Role; @@ -57,7 +57,7 @@ private ChangeType changeType; private Profile profile; private Role role; - private Permission permission; + private StringPermission permission; private LdapApplicationPolicy store; @@ -192,17 +192,17 @@ assertTrue( dependents.contains( "mockProfile1" ) ); assertTrue( dependents.contains( "mockProfile2" ) ); - Permission perm1 = store.getPermissions().get( "mockPerm1" ); + StringPermission perm1 = store.getPermissions().get( "mockPerm1" ); dependents = store.getDependentProfileNames( perm1 ); assertEquals( 1, dependents.size() ); - Permission perm7 = store.getPermissions().get( "mockPerm7" ); + StringPermission perm7 = store.getPermissions().get( "mockPerm7" ); dependents = store.getDependentProfileNames( perm7 ); assertEquals( 3, dependents.size() ); assertTrue( dependents.contains( "mockProfile3" ) ); assertTrue( dependents.contains( "mockProfile4" ) ); - Permission perm0 = store.getPermissions().get( "mockPerm0" ); + StringPermission perm0 = store.getPermissions().get( "mockPerm0" ); dependents = store.getDependentProfileNames( perm0 ); assertEquals( 4, dependents.size() ); assertTrue( dependents.contains( "mockProfile2" ) ); @@ -258,7 +258,7 @@ Thread.sleep( 200 ); // ------------------------------------------------------------------- - // Test Permission Addition and Notification + // Test StringPermission Addition and Notification // ------------------------------------------------------------------- Attributes attrs = new BasicAttributes( "objectClass", "policyPermission", true ); @@ -298,7 +298,7 @@ this.changeType = null; // ------------------------------------------------------------------- - // Test Permission Deletion and Notification + // Test StringPermission Deletion and Notification // ------------------------------------------------------------------- ctx.destroySubcontext( "permName=mockPerm10,ou=permissions" ); @@ -588,7 +588,7 @@ this.changeType = null; // ------------------------------------------------------------------- - // Test Permission Alteration and Notification + // Test StringPermission Alteration and Notification // ------------------------------------------------------------------- ctx.modifyAttributes( "permName=mockPerm1,ou=permissions", new ModificationItem[] { @@ -714,7 +714,7 @@ originalName = null; // ------------------------------------------------------------------- - // Test Permission Rename and Notification + // Test StringPermission Rename and Notification // ------------------------------------------------------------------- Attributes attrs = new BasicAttributes( "objectClass", "policyPermission", true ); @@ -774,7 +774,7 @@ } } - public void permissionChanged( ApplicationPolicy policy, Permission permission, ChangeType changeType ) + public void permissionChanged( ApplicationPolicy policy, StringPermission permission, ChangeType changeType ) { synchronized( lockObject ) { @@ -784,7 +784,7 @@ } } - public void permissionRenamed( ApplicationPolicy policy, Permission permission, String oldName ) + public void permissionRenamed( ApplicationPolicy policy, StringPermission permission, String oldName ) { synchronized( lockObject ) { Index: guardian-ldap/src/main/java/org/safehaus/triplesec/guardian/ldap/LdapApplicationPolicy.java =================================================================== --- guardian-ldap/src/main/java/org/safehaus/triplesec/guardian/ldap/LdapApplicationPolicy.java (revision 488792) +++ guardian-ldap/src/main/java/org/safehaus/triplesec/guardian/ldap/LdapApplicationPolicy.java (working copy) @@ -53,7 +53,7 @@ /** a breif description of this application */ private String description; - /** the {@link Permission}s defined for this store's application */ + /** the {@link StringPermission}s defined for this store's application */ private Permissions permissions; /** the {@link Role}s defined for this store's application */ private Roles roles; @@ -96,7 +96,7 @@ // setup the administrator with all permissions and roles adminProfile = new Profile( this, "admin", "admin", roles, permissions, - new Permissions( applicationName, new Permission[0] ), false ); + new Permissions( applicationName, new StringPermission[0] ), false ); try { @@ -226,7 +226,7 @@ { SearchResult result = ( SearchResult ) list.next(); String permName = ( String ) result.getAttributes().get( "permName" ).get(); - Permission perm = getPermission( result.getAttributes() ); + StringPermission perm = getPermission( result.getAttributes() ); log.debug( "loading permission " + permName + " for application " + applicationName ); permSet.add( perm ); } @@ -238,24 +238,24 @@ throw new GuardianException( msg, e ); } - Permission[] permArray = new Permission[permSet.size()]; - permArray = ( Permission[] ) permSet.toArray( permArray ); + StringPermission[] permArray = new StringPermission[permSet.size()]; + permArray = ( StringPermission[] ) permSet.toArray( permArray ); this.permissions = new Permissions( applicationName, permArray ); } - private Permission getPermission( Attributes attrs ) throws NamingException + private StringPermission getPermission( Attributes attrs ) throws NamingException { - Permission perm; + StringPermission perm; String permName = ( String ) attrs.get( "permName" ).get(); Attribute description = attrs.get( "description" ); if ( description != null ) { - perm = new Permission( applicationName, permName, ( String ) description.get() ); + perm = new StringPermission( applicationName, permName, ( String ) description.get() ); } else { - perm = new Permission( applicationName, permName ); + perm = new StringPermission( applicationName, permName ); } return perm; } @@ -302,8 +302,8 @@ + " in application '" + applicationName + "'" ); } } - Permission[] permArray = new Permission[permSet.size()]; - Permissions grants = new Permissions( applicationName, ( Permission[] ) permSet.toArray( permArray ) ); + StringPermission[] permArray = new StringPermission[permSet.size()]; + Permissions grants = new Permissions( applicationName, ( StringPermission[] ) permSet.toArray( permArray ) ); Attribute description = attrs.get( "description" ); Role role; @@ -379,12 +379,12 @@ String grantedPermName = ( String ) grantsEnumeration.next(); grantsSet.add( this.permissions.get( grantedPermName ) ); } - Permission[] grantsArray = new Permission[grantsSet.size()]; - grants = new Permissions( applicationName, ( Permission[] ) grantsSet.toArray( grantsArray ) ); + StringPermission[] grantsArray = new StringPermission[grantsSet.size()]; + grants = new Permissions( applicationName, ( StringPermission[] ) grantsSet.toArray( grantsArray ) ); } else { - grants = new Permissions( applicationName, new Permission[0] ); + grants = new Permissions( applicationName, new StringPermission[0] ); } // ------------------------------------------------------------------------------- @@ -401,12 +401,12 @@ String deniedPermName = ( String ) denialsEnumeration.next(); denialsSet.add( this.permissions.get( deniedPermName ) ); } - Permission[] denialsArray = new Permission[denialsSet.size()]; - denials = new Permissions( applicationName, ( Permission[] ) denialsSet.toArray( denialsArray ) ); + StringPermission[] denialsArray = new StringPermission[denialsSet.size()]; + denials = new Permissions( applicationName, ( StringPermission[] ) denialsSet.toArray( denialsArray ) ); } else { - denials = new Permissions( applicationName, new Permission[0] ); + denials = new Permissions( applicationName, new StringPermission[0] ); } // ------------------------------------------------------------------------------- @@ -613,7 +613,7 @@ } - public Set getDependentProfileNames( Permission permission ) throws GuardianException + public Set getDependentProfileNames( StringPermission permission ) throws GuardianException { SearchControls controls = new SearchControls(); controls.setSearchScope( SearchControls.ONELEVEL_SCOPE ); @@ -774,11 +774,11 @@ * 3. Let user application know that the permission has changed. */ Permissions permissions = LdapApplicationPolicy.this.permissions; - Permission newPermission = getPermission( entry ); - Permission oldPermission = permissions.get( newPermission.getName() ); + StringPermission newPermission = getPermission( entry ); + StringPermission oldPermission = permissions.get( newPermission.getName() ); Roles dependentRoles = LdapApplicationPolicy.this.roles.getDependentRoles( oldPermission ); - Permissions newPermissions = new Permissions( applicationName, new Permission[] { newPermission } ); - Permissions oldPermissions = new Permissions( applicationName, new Permission[] { oldPermission } ); + Permissions newPermissions = new Permissions( applicationName, new StringPermission[] { newPermission } ); + Permissions oldPermissions = new Permissions( applicationName, new StringPermission[] { oldPermission } ); permissions = permissions.removeAll( oldPermissions ); permissions = permissions.addAll( newPermissions ); LdapApplicationPolicy.this.permissions = permissions; @@ -871,7 +871,7 @@ // setup the administrator with all permissions and roles adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin", roles, permissions, - new Permissions( applicationName, new Permission[0] ), false ); + new Permissions( applicationName, new StringPermission[0] ), false ); } catch ( NamingException e ) { @@ -920,10 +920,10 @@ * 1. Need to add the permission to the permissions of the application * 2. Need to notify of the permission's addition to all listeners */ - Permission permission = getPermission( entry ); + StringPermission permission = getPermission( entry ); Permissions permissions = LdapApplicationPolicy.this.permissions; permissions = permissions.addAll( new Permissions( applicationName, - new Permission[] { permission } ) ); + new StringPermission[] { permission } ) ); LdapApplicationPolicy.this.permissions = permissions; for ( int ii = 0; ii < listeners.size(); ii++ ) @@ -967,7 +967,7 @@ // setup the administrator with all permissions and roles adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin", roles, permissions, - new Permissions( applicationName, new Permission[0] ), false ); + new Permissions( applicationName, new StringPermission[0] ), false ); } catch ( NamingException e ) { @@ -1004,9 +1004,9 @@ */ String profileId = ( String ) entry.get( "permName" ).get(); Permissions permissions = LdapApplicationPolicy.this.permissions; - Permission permission = permissions.get( profileId ); + StringPermission permission = permissions.get( profileId ); permissions = permissions.removeAll( new Permissions( applicationName, - new Permission[] { permission } ) ); + new StringPermission[] { permission } ) ); LdapApplicationPolicy.this.permissions = permissions; for ( int ii = 0; ii < listeners.size(); ii++ ) @@ -1050,7 +1050,7 @@ // setup the administrator with all permissions and roles adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin", roles, permissions, - new Permissions( applicationName, new Permission[0] ), false ); + new Permissions( applicationName, new StringPermission[0] ), false ); } catch ( NamingException e ) { @@ -1091,7 +1091,7 @@ if ( hasObjectClass( oc, "policyPermission" ) ) { removePermission( oldProfileId ); - Permission newPermission = getPermission( newEntry ); + StringPermission newPermission = getPermission( newEntry ); add( newPermission ); for ( int ii = 0; ii < listeners.size(); ii++ ) @@ -1132,7 +1132,7 @@ // setup the administrator with all permissions and roles adminProfile = new Profile( LdapApplicationPolicy.this, "admin", "admin", roles, permissions, - new Permissions( applicationName, new Permission[0] ), false ); + new Permissions( applicationName, new StringPermission[0] ), false ); } catch ( NamingException e ) { @@ -1194,17 +1194,17 @@ } - private void add( Permission permission ) + private void add( StringPermission permission ) { - Permissions addedPermissions = new Permissions( applicationName, new Permission[] { permission } ); + Permissions addedPermissions = new Permissions( applicationName, new StringPermission[] { permission } ); this.permissions = this.permissions.addAll( addedPermissions ); } - private Permission removePermission( String permName ) + private StringPermission removePermission( String permName ) { - Permission permission = this.permissions.get( permName ); - Permissions removedPermissions = new Permissions( applicationName, new Permission[] { permission } ); + StringPermission permission = this.permissions.get( permName ); + Permissions removedPermissions = new Permissions( applicationName, new StringPermission[] { permission } ); this.permissions = this.permissions.removeAll( removedPermissions ); return permission; } Index: jaas/src/main/java/org/safehaus/triplesec/jaas/SafehausPrincipal.java =================================================================== --- jaas/src/main/java/org/safehaus/triplesec/jaas/SafehausPrincipal.java (revision 488792) +++ jaas/src/main/java/org/safehaus/triplesec/jaas/SafehausPrincipal.java (working copy) @@ -33,8 +33,9 @@ */ public class SafehausPrincipal implements Principal { + /** the Guardian authorization profile for this principal */ - private Profile profile; + private final Profile profile; SafehausPrincipal( Profile profile ) Index: jaas/src/main/java/org/safehaus/triplesec/jaas/SafehausLoginModule.java =================================================================== --- jaas/src/main/java/org/safehaus/triplesec/jaas/SafehausLoginModule.java (revision 488792) +++ jaas/src/main/java/org/safehaus/triplesec/jaas/SafehausLoginModule.java (working copy) @@ -91,8 +91,9 @@ { if ( module.commit() ) { - this.subject.getPrincipals().clear(); - this.subject.getPrincipals().add( new SafehausPrincipal( this.profile ) ); + //Clearing the principals means this has to be the only login module, not a reasonable assumption +// this.subject.getPrincipals().clear(); + this.subject.getPrincipals().add( new SafehausPrincipal( profile ) ); return true; } @@ -192,7 +193,8 @@ if ( bindAs( "uid=admin,ou=system", "admin" ) ) { - this.subject.getPrincipals().add( new SafehausPrincipal( profile ) ); + //add in commit(), not here +// this.subject.getPrincipals().add( new SafehausPrincipal( profile ) ); return true; } else Index: swing-demo/src/main/java/org/safehaus/triplesec/guardian/demo/DemoFrame.java =================================================================== --- swing-demo/src/main/java/org/safehaus/triplesec/guardian/demo/DemoFrame.java (revision 488792) +++ swing-demo/src/main/java/org/safehaus/triplesec/guardian/demo/DemoFrame.java (working copy) @@ -41,7 +41,7 @@ import org.safehaus.triplesec.guardian.ApplicationPolicy; import org.safehaus.triplesec.guardian.ApplicationPolicyFactory; import org.safehaus.triplesec.guardian.ChangeType; -import org.safehaus.triplesec.guardian.Permission; +import org.safehaus.triplesec.guardian.StringPermission; import org.safehaus.triplesec.guardian.PolicyChangeListener; import org.safehaus.triplesec.guardian.Profile; import org.safehaus.triplesec.guardian.Role; @@ -581,8 +581,8 @@ } public void roleRenamed( ApplicationPolicy policy, Role role, String oldName ) {} - public void permissionChanged( ApplicationPolicy policy, Permission permission, ChangeType changeType ) {} - public void permissionRenamed( ApplicationPolicy policy, Permission permission, String oldName ){} + public void permissionChanged( ApplicationPolicy policy, StringPermission permission, ChangeType changeType ) {} + public void permissionRenamed( ApplicationPolicy policy, StringPermission permission, String oldName ){} public void profileRenamed( ApplicationPolicy policy, Profile profile, String oldName ){} }