From fe10ac8a380a9a349bbe26794263501611918e69 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Mon, 30 Jul 2007 00:42:18 +0000
Subject: [PATCH] Provide a mechanism to disable privileges in the server if necessary.  If a privilege is disabled, then the server will behave as if all users have that privilege.  This can help improve compatibility with environments that expect a feature to always be available, or to only be governed by access control.

---
 opends/src/server/org/opends/server/core/DirectoryServer.java |   44 ++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 44 insertions(+), 0 deletions(-)

diff --git a/opends/src/server/org/opends/server/core/DirectoryServer.java b/opends/src/server/org/opends/server/core/DirectoryServer.java
index 865a256..3388200 100644
--- a/opends/src/server/org/opends/server/core/DirectoryServer.java
+++ b/opends/src/server/org/opends/server/core/DirectoryServer.java
@@ -522,6 +522,9 @@
   // The error logger that will be used during the Directory Server startup.
   private TextErrorLogPublisher startupErrorLogPublisher;
 
+  // The set of disabled privileges.
+  private Set<Privilege> disabledPrivileges;
+
   // The set of allowed task classes.
   private Set<String> allowedTasks;
 
@@ -722,6 +725,7 @@
     directoryServer.importTaskListeners =
          new CopyOnWriteArrayList<ImportTaskListener>();
     directoryServer.allowedTasks = new LinkedHashSet<String>(0);
+    directoryServer.disabledPrivileges = new LinkedHashSet<Privilege>(0);
   }
 
 
@@ -7423,6 +7427,46 @@
 
 
   /**
+   * Retrieves the set of privileges that have been disabled.
+   *
+   * @return  The set of privileges that have been disabled.
+   */
+  public static Set<Privilege> getDisabledPrivileges()
+  {
+    return directoryServer.disabledPrivileges;
+  }
+
+
+
+  /**
+   * Indicates whether the specified privilege is disabled.
+   *
+   * @param  privilege  The privilege for which to make the determination.
+   *
+   * @return  {@code true} if the specified privilege is disabled, or
+   *          {@code false} if not.
+   */
+  public static boolean isDisabled(Privilege privilege)
+  {
+    return directoryServer.disabledPrivileges.contains(privilege);
+  }
+
+
+
+  /**
+   * Specifies the set of privileges that should be disabled in the server.
+   *
+   * @param  disabledPrivileges  The set of privileges that should be disabled
+   *                             in the server.
+   */
+  public static void setDisabledPrivileges(Set<Privilege> disabledPrivileges)
+  {
+    directoryServer.disabledPrivileges = disabledPrivileges;
+  }
+
+
+
+  /**
    * Registers the provided backup task listener with the Directory Server.
    *
    * @param  listener  The backup task listener to register with the Directory

--
Gitblit v1.10.0