From d222a3233db88e0931f260fc598938b17eaf8e24 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Thu, 07 Jun 2007 22:32:59 +0000
Subject: [PATCH] Eliminate the search-unindexed privilege, since the feature was implemented to use a privilege of "unindexed-search" instead. Also, eliminate the index-rebuild privilege and fold all of its functionality into ldif-import, since having a separate privilege for it doesn't provide much benefit and creates additional administrative overhead.
---
opends/src/server/org/opends/server/tasks/RebuildTask.java | 2 +-
opends/tests/unit-tests-testng/src/server/org/opends/server/types/PrivilegeTestCase.java | 6 ++----
opends/src/server/org/opends/server/types/Privilege.java | 22 ----------------------
opends/resource/config/config.ldif | 2 --
4 files changed, 3 insertions(+), 29 deletions(-)
diff --git a/opends/resource/config/config.ldif b/opends/resource/config/config.ldif
index fd90449..15c91c0 100644
--- a/opends/resource/config/config.ldif
+++ b/opends/resource/config/config.ldif
@@ -1310,11 +1310,9 @@
ds-cfg-default-root-privilege-name: server-restart
ds-cfg-default-root-privilege-name: disconnect-client
ds-cfg-default-root-privilege-name: cancel-request
-ds-cfg-default-root-privilege-name: search-unindexed
ds-cfg-default-root-privilege-name: password-reset
ds-cfg-default-root-privilege-name: update-schema
ds-cfg-default-root-privilege-name: privilege-change
-ds-cfg-default-root-privilege-name: index-rebuild
ds-cfg-default-root-privilege-name: unindexed-search
dn: cn=Directory Manager,cn=Root DNs,cn=config
diff --git a/opends/src/server/org/opends/server/tasks/RebuildTask.java b/opends/src/server/org/opends/server/tasks/RebuildTask.java
index fd1bfb7..a99c3d9 100644
--- a/opends/src/server/org/opends/server/tasks/RebuildTask.java
+++ b/opends/src/server/org/opends/server/tasks/RebuildTask.java
@@ -104,7 +104,7 @@
if (operation != null)
{
ClientConnection clientConnection = operation.getClientConnection();
- if (! clientConnection.hasPrivilege(Privilege.INDEX_REBUILD, operation))
+ if (! clientConnection.hasPrivilege(Privilege.LDIF_IMPORT, operation))
{
int msgID = MSGID_TASK_INDEXREBUILD_INSUFFICIENT_PRIVILEGES;
String message = getMessage(msgID);
diff --git a/opends/src/server/org/opends/server/types/Privilege.java b/opends/src/server/org/opends/server/types/Privilege.java
index 06cbb2a..459c9a5 100644
--- a/opends/src/server/org/opends/server/types/Privilege.java
+++ b/opends/src/server/org/opends/server/types/Privilege.java
@@ -171,14 +171,6 @@
/**
- * The privilege that provides the ability to request unindexed
- * searches.
- */
- SEARCH_UNINDEXED("search-unindexed"),
-
-
-
- /**
* The privilege that provides the ability to reset user passwords.
*/
PASSWORD_RESET("password-reset"),
@@ -211,14 +203,6 @@
/**
- * The privilege that provides the ability to rebuild one or more
- * indexes in a backend that supports indexing.
- */
- INDEX_REBUILD("index-rebuild"),
-
-
-
- /**
* The privilege that provides the ability to perform an unindexed
* search in the JE backend.
*/
@@ -276,12 +260,10 @@
PRIV_MAP.put("proxied-auth", PROXIED_AUTH);
PRIV_MAP.put("disconnect-client", DISCONNECT_CLIENT);
PRIV_MAP.put("cancel-request", CANCEL_REQUEST);
- PRIV_MAP.put("search-unindexed", SEARCH_UNINDEXED);
PRIV_MAP.put("password-reset", PASSWORD_RESET);
PRIV_MAP.put("data-sync", DATA_SYNC);
PRIV_MAP.put("update-schema", UPDATE_SCHEMA);
PRIV_MAP.put("privilege-change", PRIVILEGE_CHANGE);
- PRIV_MAP.put("index-rebuild", INDEX_REBUILD);
PRIV_MAP.put("unindexed-search", UNINDEXED_SEARCH);
PRIV_NAMES.add("bypass-acl");
@@ -300,12 +282,10 @@
PRIV_NAMES.add("proxied-auth");
PRIV_NAMES.add("disconnect-client");
PRIV_NAMES.add("cancel-request");
- PRIV_NAMES.add("search-unindexed");
PRIV_NAMES.add("password-reset");
PRIV_NAMES.add("data-sync");
PRIV_NAMES.add("update-schema");
PRIV_NAMES.add("privilege-change");
- PRIV_NAMES.add("index-rebuild");
PRIV_NAMES.add("unindexed-search");
DEFAULT_ROOT_PRIV_SET.add(BYPASS_ACL);
@@ -320,11 +300,9 @@
DEFAULT_ROOT_PRIV_SET.add(SERVER_RESTART);
DEFAULT_ROOT_PRIV_SET.add(DISCONNECT_CLIENT);
DEFAULT_ROOT_PRIV_SET.add(CANCEL_REQUEST);
- DEFAULT_ROOT_PRIV_SET.add(SEARCH_UNINDEXED);
DEFAULT_ROOT_PRIV_SET.add(PASSWORD_RESET);
DEFAULT_ROOT_PRIV_SET.add(UPDATE_SCHEMA);
DEFAULT_ROOT_PRIV_SET.add(PRIVILEGE_CHANGE);
- DEFAULT_ROOT_PRIV_SET.add(INDEX_REBUILD);
DEFAULT_ROOT_PRIV_SET.add(UNINDEXED_SEARCH);
}
diff --git a/opends/tests/unit-tests-testng/src/server/org/opends/server/types/PrivilegeTestCase.java b/opends/tests/unit-tests-testng/src/server/org/opends/server/types/PrivilegeTestCase.java
index 2168245..fa60bcf 100644
--- a/opends/tests/unit-tests-testng/src/server/org/opends/server/types/PrivilegeTestCase.java
+++ b/opends/tests/unit-tests-testng/src/server/org/opends/server/types/PrivilegeTestCase.java
@@ -135,7 +135,6 @@
"ds-privilege-name: -ldif-export",
"ds-privilege-name: -backend-backup",
"ds-privilege-name: -backend-restore",
- "ds-privilege-name: -index-rebuild",
"ds-privilege-name: -unindexed-search",
"",
"dn: cn=Proxy Root,cn=Root DNs,cn=config",
@@ -171,7 +170,6 @@
"ds-privilege-name: backend-restore",
"ds-privilege-name: proxied-auth",
"ds-privilege-name: bypass-acl",
- "ds-privilege-name: index-rebuild",
"ds-privilege-name: unindexed-search",
"ds-pwp-password-policy-dn: cn=Clear UserPassword Policy," +
"cn=Password Policies,cn=config",
@@ -1093,7 +1091,7 @@
/**
* Test to ensure that attempts to rebuild indexes will property respect
- * the INDEX_REBUILD privilege.
+ * the LDIF_IMPORT privilege.
*
* @param conn The client connection to use to perform the rebuild.
* @param hasPrivilege Indicates weather the authenticated user is
@@ -1106,7 +1104,7 @@
boolean hasPrivilege)
throws Exception
{
- assertEquals(conn.hasPrivilege(Privilege.INDEX_REBUILD, null), hasPrivilege);
+ assertEquals(conn.hasPrivilege(Privilege.LDIF_IMPORT, null), hasPrivilege);
Entry taskEntry = TestCaseUtils.makeEntry(
"dn: ds-task-id=" + UUID.randomUUID() + ",cn=Scheduled Tasks,cn=Tasks",
--
Gitblit v1.10.0