From 9f214a54f4f3431c95cd622ed73e9dfbb03b29a3 Mon Sep 17 00:00:00 2001
From: Jean-Noel Rouvignac <jean-noel.rouvignac@forgerock.com>
Date: Tue, 23 Jul 2013 13:39:53 +0000
Subject: [PATCH] AciEffectiveRights.java: Changed the signature of createSummary() to return the summary string and remove the srcStr parameter. Extracted methods getEvalReason() and getDecidingAci() from createSummary().

---
 opends/src/server/org/opends/server/authorization/dseecompat/AciEffectiveRights.java |   68 +++++++++++++++++++++------------
 1 files changed, 43 insertions(+), 25 deletions(-)

diff --git a/opends/src/server/org/opends/server/authorization/dseecompat/AciEffectiveRights.java b/opends/src/server/org/opends/server/authorization/dseecompat/AciEffectiveRights.java
index b6ac7a7..52cc9d3 100644
--- a/opends/src/server/org/opends/server/authorization/dseecompat/AciEffectiveRights.java
+++ b/opends/src/server/org/opends/server/authorization/dseecompat/AciEffectiveRights.java
@@ -461,7 +461,7 @@
     if(skipCheck && container.isAuthzidAuthorizationDN()) {
       resString.append("write").append(":1");
       container.setEvaluationResult(EnumEvalReason.SKIP_ACI, null);
-      createSummary(container, true, "main");
+      container.setEvalSummary(createSummary(container, true));
     } else {
       // Reset everything.
       container.resetEffectiveRightsParams();
@@ -580,7 +580,7 @@
     if(skipCheck && container.isAuthzidAuthorizationDN()) {
       resString.append(rightStr).append(":1");
       container.setEvaluationResult(EnumEvalReason.SKIP_ACI, null);
-      createSummary(container, true, "main");
+      container.setEvalSummary(createSummary(container, true));
     } else {
       boolean ret;
       //Check if read right check, if so do accessAllowedEntry.
@@ -703,29 +703,18 @@
    *
    * @param evalCtx The evaluation context to gather information from.
    * @param evalRet The value returned from the access evaluation.
-   * @param srcStr String that can be used to specify where the summary call's
-   *               origin is.
+   * @return A summary of the ACI evaluation
    */
- public static
-  void createSummary(AciEvalContext evalCtx, boolean evalRet, String srcStr) {
-    String accessStatus=NOT_ALLOWED;
-    if(evalRet)
-      accessStatus=ALLOWED;
-    String accessReason="";
-    StringBuilder decideAci=new StringBuilder("");
+  public static String createSummary(AciEvalContext evalCtx, boolean evalRet)
+  {
+    String srcStr = "main";
+    String accessStatus = evalRet ? ALLOWED : NOT_ALLOWED;
+
     //Try and determine what reason string to use.
-    if(evalCtx.getEvalReason() == EnumEvalReason.EVALUATED_ALLOW_ACI) {
-      accessReason=EVALUATED_ALLOW;
-      decideAci.append(", deciding_aci: ").append(evalCtx.getDecidingAciName());
-    } else if(evalCtx.getEvalReason() == EnumEvalReason.EVALUATED_DENY_ACI) {
-      accessReason=EVALUATED_DENY;
-      decideAci.append(", deciding_aci: ").append(evalCtx.getDecidingAciName());
-    }  else if(evalCtx.getEvalReason() == EnumEvalReason.NO_ALLOW_ACIS)
-      accessReason=NO_ALLOWS;
-    else if(evalCtx.getEvalReason() == EnumEvalReason.NO_MATCHED_ALLOWS_ACIS)
-      accessReason=NO_ALLOWS_MATCHED;
-    else if(evalCtx.getEvalReason() == EnumEvalReason.SKIP_ACI)
-      accessReason=SKIP_ACI;
+    String accessReason = getEvalReason(evalCtx.getEvalReason());
+    StringBuilder decideAci =
+        getDecidingAci(evalCtx.getEvalReason(), evalCtx.getDecidingAciName());
+
     //Only manipulate the evaluation context's targattrfilters ACI name
     //if not a selfwrite evaluation and the context's targattrfilter match
     //hashtable is not empty.
@@ -765,10 +754,39 @@
       attrStr=aType.getPrimaryName();
     if(evalCtx.getTargAttrFiltersAciName() != null)
       decideAci.append(", access depends on attr value");
-    String summaryStr = String.format(summaryFormatStr, srcStr, accessStatus,
+    return String.format(summaryFormatStr, srcStr, accessStatus,
                          right,evalCtx.getResourceDN().toString(),attrStr, user,
                             accessReason, decideAci.toString());
-    evalCtx.setEvalSummary(summaryStr);
+  }
+
+  private static String getEvalReason(EnumEvalReason evalReason)
+  {
+    if (evalReason == EnumEvalReason.EVALUATED_ALLOW_ACI)
+      return EVALUATED_ALLOW;
+    else if (evalReason == EnumEvalReason.EVALUATED_DENY_ACI)
+      return EVALUATED_DENY;
+    else if (evalReason == EnumEvalReason.NO_ALLOW_ACIS)
+      return NO_ALLOWS;
+    else if (evalReason == EnumEvalReason.NO_MATCHED_ALLOWS_ACIS)
+      return NO_ALLOWS_MATCHED;
+    else if (evalReason == EnumEvalReason.SKIP_ACI)
+      return SKIP_ACI;
+    return "";
+  }
+
+  private static StringBuilder getDecidingAci(EnumEvalReason evalReason,
+      String decidingAciName)
+  {
+    StringBuilder decideAci = new StringBuilder();
+    if (evalReason == EnumEvalReason.EVALUATED_ALLOW_ACI)
+    {
+      decideAci.append(", deciding_aci: ").append(decidingAciName);
+    }
+    else if (evalReason == EnumEvalReason.EVALUATED_DENY_ACI)
+    {
+      decideAci.append(", deciding_aci: ").append(decidingAciName);
+    }
+    return decideAci;
   }
 
   /**

--
Gitblit v1.10.0