From dea403034aece9467fa103c5d4ae945fd2b60a9f Mon Sep 17 00:00:00 2001
From: Alinga Yeung <Alinga.Yeung@nrc-cnrc.gc.ca>
Date: Tue, 11 Aug 2015 10:15:09 -0700
Subject: [PATCH] Story ac2 rework. We now expose getUserGroups() in
 GroupPersistence instead of in UserPersistence.

---
 .../nrc/cadc/ac/server/GroupPersistence.java  | 20 +++++++++++++++++++
 .../nrc/cadc/ac/server/UserPersistence.java   | 20 -------------------
 .../ac/server/ldap/LdapGroupPersistence.java  | 10 ++++++++++
 .../nrc/cadc/ac/server/ldap/LdapUserDAO.java  |  5 +++--
 .../ac/server/ldap/LdapUserPersistence.java   |  5 +++--
 5 files changed, 36 insertions(+), 24 deletions(-)

diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/GroupPersistence.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/GroupPersistence.java
index bdfa4e05..df3b6579 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/GroupPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/GroupPersistence.java
@@ -72,6 +72,8 @@ import java.security.AccessControlException;
 import java.security.Principal;
 import java.util.Collection;
 
+import com.unboundid.ldap.sdk.DN;
+
 import ca.nrc.cadc.ac.Group;
 import ca.nrc.cadc.ac.GroupAlreadyExistsException;
 import ca.nrc.cadc.ac.GroupNotFoundException;
@@ -106,6 +108,24 @@ public abstract interface GroupPersistence<T extends Principal>
         throws GroupNotFoundException, TransientException,
                AccessControlException;
 
+    
+    /**
+     * Get all groups the user, specified by userID, belongs to. 
+     * 
+     * @param userID The userID.
+     * @param isAdmin return only admin Groups when true, else return non-admin
+     *                Groups.
+     * 
+     * @return Collection of group DN.
+     * 
+     * @throws UserNotFoundException  when the user is not found.
+     * @throws TransientException If an temporary, unexpected problem occurred.
+     * @throws AccessControlException If the operation is not permitted.
+     */
+    Collection<DN> getUserGroups(T userID, boolean isAdmin)
+        throws UserNotFoundException, TransientException,
+               AccessControlException;
+
     /**
      * Creates the group.
      *
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java
index f0fab8b6..94498c47 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java
@@ -70,14 +70,11 @@ package ca.nrc.cadc.ac.server;
 
 import java.security.AccessControlException;
 import java.security.Principal;
-import java.util.Collection;
 import java.util.Map;
 
 import ca.nrc.cadc.ac.*;
 import ca.nrc.cadc.net.TransientException;
 
-import com.unboundid.ldap.sdk.DN;
-
 
 public interface UserPersistence<T extends Principal>
 {
@@ -179,23 +176,6 @@ public interface UserPersistence<T extends Principal>
         throws UserNotFoundException, TransientException, 
                AccessControlException;
     
-    /**
-     * Get all groups the user specified by userID belongs to.
-     * 
-     * @param userID The userID.
-     * @param isAdmin return only admin Groups when true, else return non-admin
-     *                Groups.
-     * 
-     * @return Collection of group DN.
-     * 
-     * @throws UserNotFoundException  when the user is not found.
-     * @throws TransientException If an temporary, unexpected problem occurred.
-     * @throws AccessControlException If the operation is not permitted.
-     */
-    Collection<DN> getUserGroups(T userID, boolean isAdmin)
-        throws UserNotFoundException, TransientException,
-               AccessControlException;
-    
     /**
      * Check whether the user is a member of the group.
      *
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java
index f59bc151..4ba6cc65 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupPersistence.java
@@ -74,6 +74,8 @@ import java.util.Collection;
 
 import org.apache.log4j.Logger;
 
+import com.unboundid.ldap.sdk.DN;
+
 import ca.nrc.cadc.ac.Group;
 import ca.nrc.cadc.ac.GroupAlreadyExistsException;
 import ca.nrc.cadc.ac.GroupNotFoundException;
@@ -144,6 +146,14 @@ public class LdapGroupPersistence<T extends Principal>
             }
         }
     }
+    
+    public Collection<DN> getUserGroups(T userID, boolean isAdmin)
+            throws UserNotFoundException, TransientException,
+                   AccessControlException
+    {
+        return (new LdapUserPersistence<T>()).getUserGroups(userID, isAdmin);
+    }
+
 
     public Group addGroup(Group group)
         throws GroupAlreadyExistsException, TransientException, 
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
index 15850110..0e2702a5 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -693,7 +693,8 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
     }
 
     /**
-     * Get all groups the user specified by userID belongs to.
+     * Get all groups the user specified by userID belongs to. This method is created
+     * to provide optimization for the LDAP server.
      *
      * @param userID  The userID.
      * @param isAdmin
@@ -702,7 +703,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
      * @throws TransientException     If an temporary, unexpected problem occurred., e.getMessage(
      * @throws AccessControlException If the operation is not permitted.
      */
-    public Collection<DN> getUserGroups(final T userID, final boolean isAdmin)
+    protected Collection<DN> getUserGroups(final T userID, final boolean isAdmin)
             throws UserNotFoundException, TransientException,
                    AccessControlException
     {
diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
index bacfe86a..1e365d54 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
@@ -319,7 +319,8 @@ public class LdapUserPersistence<T extends Principal>
     }
     
     /**
-     * Get all groups the user specified by userID belongs to.
+     * Get all groups the user specified by userID belongs to. This method is created
+     * to provide optimization for the LDAP server.
      * 
      * @param userID The userID.
      * @param isAdmin return only admin Groups when true, else return non-admin
@@ -331,7 +332,7 @@ public class LdapUserPersistence<T extends Principal>
      * @throws TransientException If an temporary, unexpected problem occurred.
      * @throws AccessControlException If the operation is not permitted.
      */
-    public Collection<DN> getUserGroups(T userID, boolean isAdmin)
+    protected Collection<DN> getUserGroups(T userID, boolean isAdmin)
         throws UserNotFoundException, TransientException, AccessControlException
     {
         LdapUserDAO<T> userDAO = null;
-- 
GitLab