From 383a1762781d79d2a2e67c9ffc3aadae20b6b30b Mon Sep 17 00:00:00 2001 From: Olivier Lamy Date: Tue, 15 Jan 2013 22:32:09 +0000 Subject: [PATCH] reuse context when possible git-svn-id: https://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk@1433712 13f79535-47bb-0310-9956-ffa450edef68 --- .../ldap/role/DefaultLdapRoleMapper.java | 127 ++-------- .../common/ldap/role/LdapRoleMapper.java | 21 +- .../common/ldap/role/TestLdapRoleMapper.java | 42 +++- .../redback/rbac/ldap/LdapRbacManager.java | 227 +++++++++++++++--- 4 files changed, 257 insertions(+), 160 deletions(-) diff --git a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java index e4af79a46..bfa828ef0 100644 --- a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java +++ b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java @@ -99,17 +99,13 @@ public class DefaultLdapRoleMapper return userConf.getString( UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY + role ); } - public List getAllGroups() + public List getAllGroups( DirContext context ) throws MappingException { - LdapConnection ldapConnection = null; NamingEnumeration namingEnumeration = null; try { - ldapConnection = ldapConnectionFactory.getConnection(); - - DirContext context = ldapConnection.getDirContext(); SearchControls searchControls = new SearchControls(); @@ -149,29 +145,29 @@ public class DefaultLdapRoleMapper finally { - if ( ldapConnection != null ) + close( namingEnumeration ); + } + } + + protected void closeNamingEnumeration( NamingEnumeration namingEnumeration ) + { + if ( namingEnumeration != null ) + { + try { - ldapConnection.close(); + namingEnumeration.close(); } - if ( namingEnumeration != null ) + catch ( NamingException e ) { - try - { - namingEnumeration.close(); - } - catch ( NamingException e ) - { - log.warn( "failed to close search results", e ); - } + log.warn( "failed to close NamingEnumeration", e ); } } } - public List getAllRoles() + public List getAllRoles( DirContext context ) throws MappingException { - // TODO read from ldap ? - List groups = getAllGroups(); + List groups = getAllGroups( context ); if ( groups.isEmpty() ) { @@ -194,17 +190,13 @@ public class DefaultLdapRoleMapper return roles; } - public List getGroupsMember( String group ) + public List getGroupsMember( String group, DirContext context ) throws MappingException { - LdapConnection ldapConnection = null; NamingEnumeration namingEnumeration = null; try { - ldapConnection = ldapConnectionFactory.getConnection(); - - DirContext context = ldapConnection.getDirContext(); SearchControls searchControls = new SearchControls(); @@ -255,28 +247,19 @@ public class DefaultLdapRoleMapper finally { - if ( ldapConnection != null ) - { - ldapConnection.close(); - } close( namingEnumeration ); } } - public List getGroups( String username ) + public List getGroups( String username, DirContext context ) throws MappingException { List userGroups = new ArrayList(); - LdapConnection ldapConnection = null; - NamingEnumeration namingEnumeration = null; try { - ldapConnection = ldapConnectionFactory.getConnection(); - - DirContext context = ldapConnection.getDirContext(); SearchControls searchControls = new SearchControls(); @@ -336,21 +319,16 @@ public class DefaultLdapRoleMapper { throw new MappingException( e.getMessage(), e ); } - finally { - if ( ldapConnection != null ) - { - ldapConnection.close(); - } close( namingEnumeration ); } } - public List getRoles( String username ) + public List getRoles( String username, DirContext context ) throws MappingException { - List groups = getGroups( username ); + List groups = getGroups( username, context ); Map rolesMapping = getLdapGroupMappings(); @@ -427,7 +405,7 @@ public class DefaultLdapRoleMapper return map; } - public boolean saveRole( String roleName ) + public boolean saveRole( String roleName, DirContext context ) throws MappingException { @@ -438,7 +416,7 @@ public class DefaultLdapRoleMapper return false; } - List allGroups = getAllGroups(); + List allGroups = getAllGroups( context ); if ( allGroups.contains( groupName ) ) { log.info( "group {} already exists for role.", groupName, roleName ); @@ -458,14 +436,8 @@ public class DefaultLdapRoleMapper basicAttribute.add( "uid=admin," + getBaseDn() ); attributes.put( basicAttribute ); - LdapConnection ldapConnection = null; - try { - ldapConnection = ldapConnectionFactory.getConnection(); - - DirContext context = ldapConnection.getDirContext(); - String dn = "cn=" + groupName + "," + this.groupsDn; context.createSubcontext( dn, attributes ); @@ -483,16 +455,9 @@ public class DefaultLdapRoleMapper { throw new MappingException( e.getMessage(), e ); } - finally - { - if ( ldapConnection != null ) - { - ldapConnection.close(); - } - } } - public boolean saveUserRole( String roleName, String username ) + public boolean saveUserRole( String roleName, String username, DirContext context ) throws MappingException { @@ -504,15 +469,9 @@ public class DefaultLdapRoleMapper return false; } - LdapConnection ldapConnection = null; - NamingEnumeration namingEnumeration = null; try { - ldapConnection = ldapConnectionFactory.getConnection(); - - DirContext context = ldapConnection.getDirContext(); - SearchControls searchControls = new SearchControls(); searchControls.setDerefLinkFlag( true ); @@ -555,10 +514,6 @@ public class DefaultLdapRoleMapper finally { - if ( ldapConnection != null ) - { - ldapConnection.close(); - } if ( namingEnumeration != null ) { try @@ -573,7 +528,7 @@ public class DefaultLdapRoleMapper } } - public boolean removeUserRole( String roleName, String username ) + public boolean removeUserRole( String roleName, String username, DirContext context ) throws MappingException { String groupName = HashBiMap.create( getLdapGroupMappings() ).inverse().get( roleName ); @@ -584,14 +539,9 @@ public class DefaultLdapRoleMapper return false; } - LdapConnection ldapConnection = null; - NamingEnumeration namingEnumeration = null; try { - ldapConnection = ldapConnectionFactory.getConnection(); - - DirContext context = ldapConnection.getDirContext(); SearchControls searchControls = new SearchControls(); @@ -629,10 +579,6 @@ public class DefaultLdapRoleMapper finally { - if ( ldapConnection != null ) - { - ldapConnection.close(); - } if ( namingEnumeration != null ) { try @@ -647,19 +593,14 @@ public class DefaultLdapRoleMapper } } - public void removeAllRoles() + public void removeAllRoles( DirContext context ) throws MappingException { //all mapped roles Collection groups = getLdapGroupMappings().keySet(); - LdapConnection ldapConnection = null; try { - ldapConnection = ldapConnectionFactory.getConnection(); - - DirContext context = ldapConnection.getDirContext(); - for ( String groupName : groups ) { @@ -680,27 +621,16 @@ public class DefaultLdapRoleMapper { throw new MappingException( e.getMessage(), e ); } - finally - { - if ( ldapConnection != null ) - { - ldapConnection.close(); - } - } } - public void removeRole( String roleName ) + public void removeRole( String roleName, DirContext context ) throws MappingException { String groupName = HashBiMap.create( getLdapGroupMappings() ).inverse().get( roleName ); - LdapConnection ldapConnection = null; try { - ldapConnection = ldapConnectionFactory.getConnection(); - - DirContext context = ldapConnection.getDirContext(); String dn = "cn=" + groupName + "," + this.groupsDn; @@ -718,13 +648,6 @@ public class DefaultLdapRoleMapper { throw new MappingException( e.getMessage(), e ); } - finally - { - if ( ldapConnection != null ) - { - ldapConnection.close(); - } - } } //--------------------------------- diff --git a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java index 3de33643a..56d5e3be6 100644 --- a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java +++ b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java @@ -20,6 +20,7 @@ package org.apache.archiva.redback.common.ldap.role; import org.apache.archiva.redback.common.ldap.MappingException; +import javax.naming.directory.DirContext; import java.util.List; import java.util.Map; @@ -47,7 +48,7 @@ public interface LdapRoleMapper * * @return all LDAP groups */ - List getAllGroups() + List getAllGroups( DirContext context ) throws MappingException; /** @@ -56,7 +57,7 @@ public interface LdapRoleMapper * @return all roles * @throws Exception */ - List getAllRoles() + List getAllRoles( DirContext context ) throws MappingException; @@ -75,13 +76,13 @@ public interface LdapRoleMapper * @return uids of group members * @throws MappingException */ - List getGroupsMember( String group ) + List getGroupsMember( String group, DirContext context ) throws MappingException; - List getGroups( String username ) + List getGroups( String username, DirContext context ) throws MappingException; - List getRoles( String username ) + List getRoles( String username, DirContext context ) throws MappingException; /** @@ -118,7 +119,7 @@ public interface LdapRoleMapper * @return true if role was added, false if role already exists * @throws MappingException */ - boolean saveRole( String roleName ) + boolean saveRole( String roleName, DirContext context ) throws MappingException; /** @@ -129,16 +130,16 @@ public interface LdapRoleMapper * @return true if role was added to user, false if role already exists for the user * @throws MappingException */ - boolean saveUserRole( String roleName, String username ) + boolean saveUserRole( String roleName, String username, DirContext context ) throws MappingException; - boolean removeUserRole( String roleName, String username ) + boolean removeUserRole( String roleName, String username, DirContext context ) throws MappingException; - void removeAllRoles() + void removeAllRoles( DirContext context ) throws MappingException; - void removeRole( String roleName ) + void removeRole( String roleName, DirContext context ) throws MappingException; } diff --git a/redback-common/redback-common-ldap/src/test/java/org/apache/archiva/redback/common/ldap/role/TestLdapRoleMapper.java b/redback-common/redback-common-ldap/src/test/java/org/apache/archiva/redback/common/ldap/role/TestLdapRoleMapper.java index 7742e6c91..8dbe61811 100644 --- a/redback-common/redback-common-ldap/src/test/java/org/apache/archiva/redback/common/ldap/role/TestLdapRoleMapper.java +++ b/redback-common/redback-common-ldap/src/test/java/org/apache/archiva/redback/common/ldap/role/TestLdapRoleMapper.java @@ -19,6 +19,8 @@ package org.apache.archiva.redback.common.ldap.role; */ import junit.framework.TestCase; +import org.apache.archiva.redback.common.ldap.connection.LdapConnection; +import org.apache.archiva.redback.common.ldap.connection.LdapConnectionFactory; import org.apache.archiva.redback.components.apacheds.ApacheDs; import org.apache.archiva.redback.policy.PasswordEncoder; import org.apache.archiva.redback.policy.encoders.SHA1PasswordEncoder; @@ -81,6 +83,13 @@ public class TestLdapRoleMapper @Named(value = "ldapRoleMapper#test") LdapRoleMapper ldapRoleMapper; + @Inject + LdapConnectionFactory ldapConnectionFactory; + + LdapConnection ldapConnection; + + DirContext context; + private Map> usersPerGroup; private List users; @@ -128,6 +137,8 @@ public class TestLdapRoleMapper makeUsers(); createGroups(); + + } @After @@ -151,11 +162,23 @@ public class TestLdapRoleMapper context.unbind( suffix ); + context.close(); + + ldapConnection.close(); + apacheDs.stopServer(); super.tearDown(); } + protected DirContext getDirContext() + throws Exception + { + ldapConnection = ldapConnectionFactory.getConnection(); + context = ldapConnection.getDirContext(); + return context; + } + private void createGroups() throws Exception { @@ -262,11 +285,12 @@ public class TestLdapRoleMapper return "cn=" + cn + "," + groupSuffix; } + @Test public void getAllGroups() throws Exception { - List allGroups = ldapRoleMapper.getAllGroups(); + List allGroups = ldapRoleMapper.getAllGroups( getDirContext() ); log.info( "allGroups: {}", allGroups ); @@ -278,13 +302,13 @@ public class TestLdapRoleMapper public void getGroupsMember() throws Exception { - List users = ldapRoleMapper.getGroupsMember( "archiva-admin" ); + List users = ldapRoleMapper.getGroupsMember( "archiva-admin", getDirContext() ); log.info( "users for archiva-admin: {}", users ); Assertions.assertThat( users ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "admin", "user.7" ); - users = ldapRoleMapper.getGroupsMember( "internal-repo-observer" ); + users = ldapRoleMapper.getGroupsMember( "internal-repo-observer", getDirContext() ); Assertions.assertThat( users ).isNotNull().isNotEmpty().hasSize( 3 ).contains( "admin", "user.7", "user.8" ); } @@ -293,7 +317,7 @@ public class TestLdapRoleMapper public void getGroups() throws Exception { - List groups = ldapRoleMapper.getGroups( "admin" ); + List groups = ldapRoleMapper.getGroups( "admin", getDirContext() ); log.info( "groups for admin: {}", groups ); @@ -301,11 +325,11 @@ public class TestLdapRoleMapper "internal-repo-manager", "internal-repo-observer" ); - groups = ldapRoleMapper.getGroups( "user.8" ); + groups = ldapRoleMapper.getGroups( "user.8", getDirContext() ); Assertions.assertThat( groups ).isNotNull().isNotEmpty().hasSize( 1 ).contains( "internal-repo-observer" ); - groups = ldapRoleMapper.getGroups( "user.7" ); + groups = ldapRoleMapper.getGroups( "user.7", getDirContext() ); Assertions.assertThat( groups ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "archiva-admin", "internal-repo-observer" ); @@ -315,7 +339,7 @@ public class TestLdapRoleMapper public void getRoles() throws Exception { - List roles = ldapRoleMapper.getRoles( "admin" ); + List roles = ldapRoleMapper.getRoles( "admin", getDirContext() ); log.info( "roles for admin: {}", roles ); @@ -323,14 +347,14 @@ public class TestLdapRoleMapper "Internal Repo Manager", "Internal Repo Observer" ); - roles = ldapRoleMapper.getRoles( "user.7" ); + roles = ldapRoleMapper.getRoles( "user.7", getDirContext() ); log.info( "roles for user.7: {}", roles ); Assertions.assertThat( roles ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "Archiva System Administrator", "Internal Repo Observer" ); - roles = ldapRoleMapper.getRoles( "user.8" ); + roles = ldapRoleMapper.getRoles( "user.8", getDirContext() ); log.info( "roles for user.8: {}", roles ); diff --git a/redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/main/java/org/apache/archiva/redback/rbac/ldap/LdapRbacManager.java b/redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/main/java/org/apache/archiva/redback/rbac/ldap/LdapRbacManager.java index 95414b758..b46bd32e4 100644 --- a/redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/main/java/org/apache/archiva/redback/rbac/ldap/LdapRbacManager.java +++ b/redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/main/java/org/apache/archiva/redback/rbac/ldap/LdapRbacManager.java @@ -56,6 +56,8 @@ import org.springframework.stereotype.Service; import javax.annotation.PostConstruct; import javax.inject.Inject; import javax.inject.Named; +import javax.naming.NamingException; +import javax.naming.directory.DirContext; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; @@ -160,14 +162,27 @@ public class LdapRbacManager { if ( writableLdap ) { + LdapConnection ldapConnection = null; + DirContext context = null; try { - ldapRoleMapper.removeAllRoles(); + ldapConnection = ldapConnectionFactory.getConnection(); + context = ldapConnection.getDirContext(); + ldapRoleMapper.removeAllRoles( context ); } catch ( MappingException e ) { log.warn( "skip error removing all roles {}", e.getMessage() ); } + catch ( LdapException e ) + { + log.warn( "skip error removing all roles {}", e.getMessage() ); + } + finally + { + closeContext( context ); + closeLdapConnection( ldapConnection ); + } } this.rbacImpl.eraseDatabase(); } @@ -218,29 +233,42 @@ public class LdapRbacManager public List getAllRoles() throws RbacManagerException { + LdapConnection ldapConnection = null; + DirContext context = null; try { - List groups = ldapRoleMapper.getAllGroups(); + ldapConnection = ldapConnectionFactory.getConnection(); + context = ldapConnection.getDirContext(); + + List groups = ldapRoleMapper.getAllGroups( context ); return mapToRoles( groups ); } catch ( MappingException e ) { throw new RbacManagerException( e.getMessage(), e ); } + catch ( LdapException e ) + { + throw new RbacManagerException( e.getMessage(), e ); + } + finally + { + closeContext( context ); + closeLdapConnection( ldapConnection ); + } //return this.rbacImpl.getAllRoles(); } public List getAllUserAssignments() throws RbacManagerException { - // TODO FROM ldap or from real impl ? - //return this.rbacImpl.getAllUserAssignments(); LdapConnection ldapConnection = null; + DirContext context = null; try { ldapConnection = ldapConnectionFactory.getConnection(); - Map> usersWithRoles = - ldapController.findUsersWithRoles( ldapConnection.getDirContext() ); + context = ldapConnection.getDirContext(); + Map> usersWithRoles = ldapController.findUsersWithRoles( context ); List userAssignments = new ArrayList( usersWithRoles.size() ); for ( Map.Entry> entry : usersWithRoles.entrySet() ) @@ -261,9 +289,30 @@ public class LdapRbacManager } finally { - if ( ldapConnection != null ) + closeContext( context ); + closeLdapConnection( ldapConnection ); + } + } + + protected void closeLdapConnection( LdapConnection ldapConnection ) + { + if ( ldapConnection != null ) + { + ldapConnection.close(); + } + } + + protected void closeContext( DirContext context ) + { + if ( context != null ) + { + try + { + context.close(); + } + catch ( NamingException e ) { - ldapConnection.close(); + log.warn( "skip issue closing context: {}", e.getMessage() ); } } } @@ -311,10 +360,16 @@ public class LdapRbacManager public Collection getAssignedRoles( String username ) throws RbacManagerException { + + LdapConnection ldapConnection = null; + DirContext context = null; + try { - // TODO here !! - List roleNames = ldapRoleMapper.getRoles( username ); + + ldapConnection = ldapConnectionFactory.getConnection(); + context = ldapConnection.getDirContext(); + List roleNames = ldapRoleMapper.getRoles( username, context ); if ( roleNames.isEmpty() ) { @@ -334,6 +389,10 @@ public class LdapRbacManager { throw new RbacManagerException( e.getMessage(), e ); } + catch ( LdapException e ) + { + throw new RbacManagerException( e.getMessage(), e ); + } } public Collection getAssignedRoles( UserAssignment userAssignment ) @@ -355,20 +414,21 @@ public class LdapRbacManager } /** - public Collection getEffectivelyAssignedRoles( String username ) - throws RbacManagerException - { - // TODO here !! - return this.rbacImpl.getEffectivelyAssignedRoles( username ); - }**/ + public Collection getEffectivelyAssignedRoles( String username ) + throws RbacManagerException + { + // TODO here !! + return this.rbacImpl.getEffectivelyAssignedRoles( username ); + }**/ /** - public Collection getEffectivelyUnassignedRoles( String username ) - throws RbacManagerException - { - // TODO here !! - return this.rbacImpl.getEffectivelyUnassignedRoles( username ); - }**/ + * public Collection getEffectivelyUnassignedRoles( String username ) + * throws RbacManagerException + * { + * // TODO here !! + * return this.rbacImpl.getEffectivelyUnassignedRoles( username ); + * }* + */ public Set getEffectiveRoles( Role role ) throws RbacManagerException @@ -403,10 +463,15 @@ public class LdapRbacManager public Role getRole( String roleName ) throws RbacManagerException { + + LdapConnection ldapConnection = null; + DirContext context = null; //verify it's a ldap group try { - if ( !ldapRoleMapper.getAllRoles().contains( roleName ) ) + ldapConnection = ldapConnectionFactory.getConnection(); + context = ldapConnection.getDirContext(); + if ( !ldapRoleMapper.getAllRoles( context ).contains( roleName ) ) { return null; } @@ -415,6 +480,10 @@ public class LdapRbacManager { throw new RbacManagerException( e.getMessage(), e ); } + catch ( LdapException e ) + { + throw new RbacManagerException( e.getMessage(), e ); + } return this.rbacImpl.getRole( roleName ); } @@ -427,10 +496,19 @@ public class LdapRbacManager public Collection getUnassignedRoles( String username ) throws RbacManagerException { + LdapConnection ldapConnection = null; + + DirContext context = null; + try { - List allRoles = ldapRoleMapper.getAllRoles(); - final List userRoles = ldapRoleMapper.getRoles( username ); + + ldapConnection = ldapConnectionFactory.getConnection(); + + context = ldapConnection.getDirContext(); + + List allRoles = ldapRoleMapper.getAllRoles( context ); + final List userRoles = ldapRoleMapper.getRoles( username, context ); List unassignedRoles = new ArrayList(); @@ -447,14 +525,27 @@ public class LdapRbacManager { throw new RbacManagerException( e.getMessage(), e ); } + catch ( LdapException e ) + { + throw new RbacManagerException( e.getMessage(), e ); + } + finally + { + closeContext( context ); + closeLdapConnection( ldapConnection ); + } } public UserAssignment getUserAssignment( String username ) throws RbacManagerException { + LdapConnection ldapConnection = null; + DirContext context = null; try { - List roles = ldapRoleMapper.getRoles( username ); + ldapConnection = ldapConnectionFactory.getConnection(); + context = ldapConnection.getDirContext(); + List roles = ldapRoleMapper.getRoles( username, context ); return new UserAssignmentImpl( username, roles ); } @@ -462,6 +553,15 @@ public class LdapRbacManager { throw new RbacManagerException( e.getMessage(), e ); } + catch ( LdapException e ) + { + throw new RbacManagerException( e.getMessage(), e ); + } + finally + { + closeContext( context ); + closeLdapConnection( ldapConnection ); + } //return this.rbacImpl.getUserAssignment( username ); } @@ -607,14 +707,22 @@ public class LdapRbacManager } if ( writableLdap ) { + LdapConnection ldapConnection = null; + DirContext context = null; try { - ldapRoleMapper.removeRole( role.getName() ); + ldapConnection = ldapConnectionFactory.getConnection(); + context = ldapConnection.getDirContext(); + ldapRoleMapper.removeRole( role.getName(), context ); } catch ( MappingException e ) { throw new RbacManagerException( e.getMessage(), e ); } + catch ( LdapException e ) + { + throw new RbacManagerException( e.getMessage(), e ); + } fireRbacRoleRemoved( role ); } } @@ -671,14 +779,27 @@ public class LdapRbacManager { return false; } + LdapConnection ldapConnection = null; + DirContext context = null; try { - return ldapRoleMapper.getAllRoles().contains( name ); + ldapConnection = ldapConnectionFactory.getConnection(); + context = ldapConnection.getDirContext(); + return ldapRoleMapper.getAllRoles( context ).contains( name ); } - catch ( Exception e ) + catch ( MappingException e ) { throw new RbacManagerException( e.getMessage(), e ); } + catch ( LdapException e ) + { + throw new RbacManagerException( e.getMessage(), e ); + } + finally + { + closeContext( context ); + closeLdapConnection( ldapConnection ); + } } public Operation saveOperation( Operation operation ) @@ -704,14 +825,18 @@ public class LdapRbacManager { if ( writableLdap ) { + LdapConnection ldapConnection = null; + DirContext context = null; try { - ldapRoleMapper.saveRole( role.getName() ); + ldapConnection = ldapConnectionFactory.getConnection(); + context = ldapConnection.getDirContext(); + ldapRoleMapper.saveRole( role.getName(), context ); if ( !role.getChildRoleNames().isEmpty() ) { for ( String roleName : role.getChildRoleNames() ) { - ldapRoleMapper.saveRole( roleName ); + ldapRoleMapper.saveRole( roleName, context ); } } fireRbacRoleSaved( role ); @@ -720,6 +845,10 @@ public class LdapRbacManager { throw new RbacManagerException( e.getMessage(), e ); } + catch ( LdapException e ) + { + throw new RbacManagerException( e.getMessage(), e ); + } } return this.rbacImpl.saveRole( role ); //return new RoleImpl( role.getName(), role.getPermissions() ); @@ -730,11 +859,16 @@ public class LdapRbacManager { if ( writableLdap ) { + LdapConnection ldapConnection = null; + DirContext context = null; try { + + ldapConnection = ldapConnectionFactory.getConnection(); + context = ldapConnection.getDirContext(); for ( Role role : roles ) { - ldapRoleMapper.saveRole( role.getName() ); + ldapRoleMapper.saveRole( role.getName(), context ); fireRbacRoleSaved( role ); } } @@ -742,6 +876,10 @@ public class LdapRbacManager { throw new RbacManagerException( e.getMessage(), e ); } + catch ( LdapException e ) + { + throw new RbacManagerException( e.getMessage(), e ); + } } this.rbacImpl.saveRoles( roles ); @@ -750,7 +888,8 @@ public class LdapRbacManager public UserAssignment saveUserAssignment( UserAssignment userAssignment ) throws RbacManagerException { - + LdapConnection ldapConnection = null; + DirContext context = null; try { if ( !userManager.userExists( userAssignment.getPrincipal() ) ) @@ -758,10 +897,11 @@ public class LdapRbacManager User user = userManager.createUser( userAssignment.getPrincipal(), null, null ); userManager.addUser( user ); } + ldapConnection = ldapConnectionFactory.getConnection(); + context = ldapConnection.getDirContext(); + List allRoles = ldapRoleMapper.getAllRoles( context ); - List allRoles = ldapRoleMapper.getAllRoles(); - - List currentUserRoles = ldapRoleMapper.getRoles( userAssignment.getPrincipal() ); + List currentUserRoles = ldapRoleMapper.getRoles( userAssignment.getPrincipal(), context ); for ( String role : userAssignment.getRoleNames() ) { @@ -770,10 +910,10 @@ public class LdapRbacManager // role exists in ldap ? if ( !allRoles.contains( role ) ) { - ldapRoleMapper.saveRole( role ); + ldapRoleMapper.saveRole( role, context ); allRoles.add( role ); } - ldapRoleMapper.saveUserRole( role, userAssignment.getPrincipal() ); + ldapRoleMapper.saveUserRole( role, userAssignment.getPrincipal(), context ); currentUserRoles.add( role ); } } @@ -782,7 +922,7 @@ public class LdapRbacManager { if ( !userAssignment.getRoleNames().contains( role ) && writableLdap ) { - ldapRoleMapper.removeUserRole( role, userAssignment.getPrincipal() ); + ldapRoleMapper.removeUserRole( role, userAssignment.getPrincipal(), context ); } } @@ -796,6 +936,15 @@ public class LdapRbacManager { throw new RbacManagerException( e.getMessage(), e ); } + catch ( LdapException e ) + { + throw new RbacManagerException( e.getMessage(), e ); + } + finally + { + closeContext( context ); + closeLdapConnection( ldapConnection ); + } //this.rbacImpl.saveUserAssignment( userAssignment ); -- 2.39.5