- * Bundles associate the privilege to access restricted resources or - * operations with roles. Before granting access to a restricted resource - * or operation, a bundle will check if the Authorization object passed - * to it possesses the required role, by calling its hasRole method. + * Bundles associate the privilege to access restricted resources or operations + * with roles. Before granting access to a restricted resource or operation, a + * bundle will check if the Authorization object passed to it possesses the + * required role, by calling its hasRole method. *
* Authorization contexts are instantiated by calling * {@link UserAdmin#getAuthorization} @@ -30,37 +30,34 @@ * Trusting Authorization objects. *
* There are no restrictions regarding the creation of Authorization objects. - * Hence, a service must only accept Authorization objects from bundles that - * has been authorized to use the service using code based (or Java 2) - * permissions. + * Hence, a service must only accept Authorization objects from bundles that has + * been authorized to use the service using code based (or Java 2) permissions. *
- * In some cases it is useful to use ServicePermissions to do the code based - * access control. A service basing user access control on Authorization - * objects passed to it, will then require that a calling bundle has the - * ServicePermission to get the service in question. This is the most - * convenient way. The framework will do the code based permission check - * when the calling bundle attempts to get the service from the service - * registry. + * In some cases it is useful to use ServicePermissions to do the code based + * access control. A service basing user access control on Authorization objects + * passed to it, will then require that a calling bundle has the + * ServicePermission to get the service in question. This is the most convenient + * way. The framework will do the code based permission check when the calling + * bundle attempts to get the service from the service registry. *
- * Example: A servlet using a service on a user's behalf. The bundle with the + * Example: A servlet using a service on a user's behalf. The bundle with the * servlet must be given the ServicePermission to get the Service. *
- * However, in some cases the code based permission checks need to be more - * fine-grained. A service might allow all bundles to get it, but - * require certain code based permissions for some of its methods. + * However, in some cases the code based permission checks need to be more + * fine-grained. A service might allow all bundles to get it, but require + * certain code based permissions for some of its methods. *
- * Example: A servlet using a service on a user's behalf, where some
- * service functionality is open to anyone, and some is restricted by code
- * based permissions. When a restricted method is called
- * (e.g., one handing over
- * an Authorization object), the service explicitly checks that the calling
- * bundle has permission to make the call.
+ * Example: A servlet using a service on a user's behalf, where some service
+ * functionality is open to anyone, and some is restricted by code based
+ * permissions. When a restricted method is called (e.g., one handing over an
+ * Authorization object), the service explicitly checks that the calling bundle
+ * has permission to make the call.
*/
public class Authorization implements org.osgi.service.useradmin.Authorization {
protected UserAdmin useradmin;
protected Role user;
- protected String name; //user to distinguish between the anonymous user and user.anyone
+ protected String name; // user to distinguish between the anonymous user and user.anyone
protected Authorization(User user, UserAdmin useradmin) {
this.useradmin = useradmin;
@@ -68,19 +65,19 @@ protected Authorization(User user, UserAdmin useradmin) {
this.user = user;
name = user.getName();
} else {
- //anonymous user
+ // anonymous user
this.user = (Role) useradmin.getRole(Role.anyoneString);
name = null;
}
}
/**
- * Gets the name of the {@link User} that this Authorization
- * context was created for.
+ * Gets the name of the {@link User} that this Authorization context was created
+ * for.
*
- * @return The name of the {@link User} that this Authorization
- * context was created for, or null if no user was specified
- * when this Authorization context was created.
+ * @return The name of the {@link User} that this Authorization context was
+ * created for, or null if no user was specified when this
+ * Authorization context was created.
*/
@Override
public String getName() {
@@ -89,19 +86,19 @@ public String getName() {
}
/**
- * Checks if the role with the specified name is implied by this
- * Authorization context.
+ * Checks if the role with the specified name is implied by this Authorization
+ * context.
*
-
- * Bundles must define globally unique role names that are associated with
- * the privilege of accessing restricted resources or operations.
- * System administrators will grant users access to these resources, by
- * creating a {@link Group} for each role and adding {@link User}s to it.
+ *
+ * Bundles must define globally unique role names that are associated with the
+ * privilege of accessing restricted resources or operations. System
+ * administrators will grant users access to these resources, by creating a
+ * {@link Group} for each role and adding {@link User}s to it.
*
* @param name_ The name of the role to check for.
*
- * @return
- * Whether or not a given authorization context implies a Group role
- * depends on the members of that role.
+ * Whether or not a given authorization context implies a Group role depends on
+ * the members of that role.
*
* A Group role can have two kinds of member roles: basic and
- * required.
- * A Group role is implied by an authorization context if all of
- * its required member roles are implied
- * and at least one of its basic member roles is implied.
+ * required. A Group role is implied by an authorization context if all
+ * of its required member roles are implied and at least one of its basic member
+ * roles is implied.
*
- * A Group role must contain at least one basic member role in order
- * to be implied. In other words, a Group without any basic member
- * roles is never implied by any authorization context.
+ * A Group role must contain at least one basic member role in order to be
+ * implied. In other words, a Group without any basic member roles is never
+ * implied by any authorization context.
*
* A User role always implies itself.
*
- * No loop detection is performed when adding members to groups, which
- * means that it is possible to create circular implications. Loop
- * detection is instead done when roles are checked. The semantics is that
- * if a role depends on itself (i.e., there is an implication loop), the
- * role is not implied.
+ * No loop detection is performed when adding members to groups, which means
+ * that it is possible to create circular implications. Loop detection is
+ * instead done when roles are checked. The semantics is that if a role depends
+ * on itself (i.e., there is an implication loop), the role is not implied.
*
- * The rule that a group must have at least one basic member to be implied
- * is motivated by the following example:
+ * The rule that a group must have at least one basic member to be implied is
+ * motivated by the following example:
*
*
* If alice and bob ever transfer to a different department, anybody in
* marketing will be able to assume the "foo" role, which certainly must be
- * prevented.
- * Requiring that "foo" (or any Group role for that matter) must have at least
- * one basic member accomplishes that.
+ * prevented. Requiring that "foo" (or any Group role for that matter) must have
+ * at least one basic member accomplishes that.
*
- * However, this would make it impossible for a group to be implied by just
- * its required members. An example where this implication might be useful
- * is the following declaration: "Any citizen who is an adult is allowed to
- * vote."
- * An intuitive configuration of "voter" would be:
+ * However, this would make it impossible for a group to be implied by just its
+ * required members. An example where this implication might be useful is the
+ * following declaration: "Any citizen who is an adult is allowed to vote." An
+ * intuitive configuration of "voter" would be:
*
*
- * This interface exposes the characteristics shared by all Roles: a name,
- * a type, and a set of properties.
+ * This interface exposes the characteristics shared by all Roles: a name, a
+ * type, and a set of properties.
*
* Properties represent public information about the Role that can be read by
- * anyone. Specific {@link UserAdminPermission}s are required to
- * change a Role's properties.
+ * anyone. Specific {@link UserAdminPermission}s are required to change a Role's
+ * properties.
*
- * Role properties are Dictionary objects. Changes to
- * these objects are propagated to the {@link UserAdmin} service and
- * made persistent.
+ * Role properties are Dictionary objects. Changes to these objects are
+ * propagated to the {@link UserAdmin} service and made persistent.
*
* Every UserAdmin contains a set of predefined roles that are always present
- * and cannot be removed. All predefined roles are of type ROLE.
- * This version of the org.osgi.service.useradmin package defines a
- * single predefined role named "user.anyone", which is inherited
- * by any other role. Other predefined roles may be added in the future.
+ * and cannot be removed. All predefined roles are of type ROLE. This
+ * version of the org.osgi.service.useradmin package defines a single
+ * predefined role named "user.anyone", which is inherited by any
+ * other role. Other predefined roles may be added in the future.
*/
public class Role implements org.osgi.service.useradmin.Role {
@@ -83,20 +81,19 @@ public int getType() {
}
/**
- * Returns a Dictionary of the (public) properties of this Role. Any changes
- * to the returned Dictionary will change the properties of this Role. This
- * will cause a UserAdminEvent of type {@link UserAdminEvent#ROLE_CHANGED}
- * to be broadcast to any UserAdminListeners.
+ * Returns a Dictionary of the (public) properties of this Role. Any changes to
+ * the returned Dictionary will change the properties of this Role. This will
+ * cause a UserAdminEvent of type {@link UserAdminEvent#ROLE_CHANGED} to be
+ * broadcast to any UserAdminListeners.
*
- * Only objects of type String may be used as property keys, and
- * only objects of type String or byte[]
- * may be used as property values.
- * Any other types will cause an exception of type
+ * Only objects of type String may be used as property keys, and only
+ * objects of type String or byte[] may be used as property
+ * values. Any other types will cause an exception of type
* IllegalArgumentException to be raised.
*
- * In order to add, change, or remove a property in the returned Dictionary,
- * a {@link UserAdminPermission} named after the property name (or
- * a prefix of it) with action
- * In this context, the term "user" is not limited to just
- * human beings.
- * Instead, it refers to any entity that may have any number of
+ * In this context, the term "user" is not limited to just human
+ * beings. Instead, it refers to any entity that may have any number of
* credentials associated with it that it may use to authenticate itself.
*
* In general, User objects are associated with a specific {@link UserAdmin}
@@ -34,8 +33,8 @@
* associated with it. Specific {@link UserAdminPermission}s are required to
* read or change a User's credentials.
*
- * Credentials are Dictionary objects and have semantics that are similar
- * to the properties in Role.
+ * Credentials are Dictionary objects and have semantics that are similar to the
+ * properties in Role.
*/
public class User extends Role implements org.osgi.service.useradmin.User {
@@ -49,24 +48,23 @@ protected User(String name, UserAdmin useradmin) {
}
/**
- * Returns a Dictionary of the credentials of this User. Any changes
- * to the returned Dictionary will change the credentials of this User.
- * This will cause a UserAdminEvent of type
- * {@link UserAdminEvent#ROLE_CHANGED} to be broadcast to any
- * UserAdminListeners.
+ * Returns a Dictionary of the credentials of this User. Any changes to the
+ * returned Dictionary will change the credentials of this User. This will cause
+ * a UserAdminEvent of type {@link UserAdminEvent#ROLE_CHANGED} to be broadcast
+ * to any UserAdminListeners.
*
- * Only objects of type String may be used as credential keys, and only
- * objects of type
- * In order to retrieve a credential from the returned Dictionary,
- * a {@link UserAdminPermission} named after the credential name (or
- * a prefix of it) with action
- * In order to add or remove a credential from the returned Dictionary,
- * a {@link UserAdminPermission} named after the credential name (or
- * a prefix of it) with action
* If the specified credential value is not of type String or
- * byte[], it is ignored, that is, false is returned
- * (as opposed to an IllegalArgumentException being raised).
+ * byte[], it is ignored, that is, false is returned (as
+ * opposed to an IllegalArgumentException being raised).
*
- * @param key The credential key.
+ * @param key The credential key.
* @param value The credential value.
*
* @return
- * This version of UserAdmin defines two types of roles: "User" and
- * "Group". Each type of role is represented by an "int" constant and an
- * interface. The range of positive integers is reserved for new types of
- * roles that may be added in the future. When defining proprietary role
- * types, negative constant values must be used.
+ * This version of UserAdmin defines two types of roles: "User" and "Group".
+ * Each type of role is represented by an "int" constant and an interface. The
+ * range of positive integers is reserved for new types of roles that may be
+ * added in the future. When defining proprietary role types, negative constant
+ * values must be used.
*
* Every role has a name and a type.
*
- * A {@link User} role can be configured with credentials (e.g., a password)
- * and properties (e.g., a street address, phone number, etc.).
+ * A {@link User} role can be configured with credentials (e.g., a password) and
+ * properties (e.g., a street address, phone number, etc.).
*
* A {@link Group} role represents an aggregation of {@link User} and
- * {@link Group} roles. In
- * other words, the members of a Group role are roles themselves.
+ * {@link Group} roles. In other words, the members of a Group role are roles
+ * themselves.
*
- * Every UserAdmin manages and maintains its own
- * namespace of roles, in which each role has a unique name.
+ * Every UserAdmin manages and maintains its own namespace of roles, in which
+ * each role has a unique name.
*/
public class UserAdmin implements org.osgi.service.useradmin.UserAdmin {
@@ -63,7 +63,7 @@ protected UserAdmin(PreferencesService preferencesService, BundleContext context
log = new LogTracker(context, System.out);
alive = true;
- //This handles user admin persistence
+ // This handles user admin persistence
try {
userAdminStore = new UserAdminStore(preferencesService, this, log);
userAdminStore.init();
@@ -84,21 +84,23 @@ protected void setServiceReference(ServiceReference reference) {
/**
* Creates a role with the given name and of the given type.
*
- * If a role was created, a UserAdminEvent of type
- * {@link UserAdminEvent#ROLE_CREATED} is broadcast to any
- * UserAdminListener.
+ *
+ * If a role was created, a UserAdminEvent of type
+ * {@link UserAdminEvent#ROLE_CREATED} is broadcast to any UserAdminListener.
*
* @param name The name of the role to create.
- * @param type The type of the role to create. Must be either
- * {@link Role#USER} or {@link Role#GROUP}.
+ * @param type The type of the role to create. Must be either {@link Role#USER}
+ * or {@link Role#GROUP}.
*
- * @return The newly created role, or If the role was removed, a UserAdminEvent of type
- * {@link UserAdminEvent#ROLE_REMOVED} is broadcast to any
- * UserAdminListener.
+ *
+ * If the role was removed, a UserAdminEvent of type
+ * {@link UserAdminEvent#ROLE_REMOVED} is broadcast to any UserAdminListener.
*
* @param name The name of the role to remove.
*
* @return This method is called before a service which matched
- * the search parameters of the ServiceTracker object is
- * added to it. This method should return the
- * service object to be tracked for this ServiceReference object.
+ *
+ * This method is called before a service which matched the search parameters of
+ * the ServiceTracker object is added to it. This method should return
+ * the service object to be tracked for this ServiceReference object.
* The returned service object is stored in the ServiceTracker object
* and is available from the getService and getServices
* methods.
*
- * @param reference Reference to service being added to the ServiceTracker object.
- * @return The service object to be tracked for the
- * ServiceReference object or null if the ServiceReference object should not
- * be tracked.
+ * @param reference Reference to service being added to the
+ * ServiceTracker object.
+ * @return The service object to be tracked for the ServiceReference
+ * object or null if the ServiceReference object
+ * should not be tracked.
*/
@Override
public Object addingService(ServiceReference reference) {
@@ -99,11 +100,12 @@ public Object addingService(ServiceReference reference) {
/**
* A service tracked by the ServiceTracker object has been removed.
*
- * This method is called after a service is no longer being tracked
- * by the ServiceTracker object.
+ *
+ * This method is called after a service is no longer being tracked by the
+ * ServiceTracker object.
*
* @param reference Reference to service that has been removed.
- * @param service The service object for the removed service.
+ * @param service The service object for the removed service.
*/
@Override
public void removedService(ServiceReference reference, Object service) {
@@ -113,24 +115,27 @@ public void removedService(ServiceReference reference, Object service) {
}
/**
- * This method is the call back that is called once for each listener.
- * This method must cast the EventListener object to the appropriate listener
- * class for the event type and call the appropriate listener method.
+ * This method is the call back that is called once for each listener. This
+ * method must cast the EventListener object to the appropriate listener class
+ * for the event type and call the appropriate listener method.
*
- * @param listener This listener must be cast to the appropriate listener
- * class for the events created by this source and the appropriate listener method
- * must then be called.
+ * @param listener This listener must be cast to the appropriate listener
+ * class for the events created by this source and the
+ * appropriate listener method must then be called.
* @param listenerObject This is the optional object that was passed to
- * ListenerList.addListener when the listener was added to the ListenerList.
- * @param eventAction This value was passed to the EventQueue object via one of its
- * dispatchEvent* method calls. It can provide information (such
- * as which listener method to call) so that this method
- * can complete the delivery of the event to the listener.
- * @param eventObject This object was passed to the EventQueue object via one of its
- * dispatchEvent* method calls. This object was created by the event source and
- * is passed to this method. It should contain all the necessary information (such
- * as what event object to pass) so that this method
- * can complete the delivery of the event to the listener.
+ * ListenerList.addListener when the listener was added to
+ * the ListenerList.
+ * @param eventAction This value was passed to the EventQueue object via one
+ * of its dispatchEvent* method calls. It can provide
+ * information (such as which listener method to call) so
+ * that this method can complete the delivery of the event
+ * to the listener.
+ * @param eventObject This object was passed to the EventQueue object via one
+ * of its dispatchEvent* method calls. This object was
+ * created by the event source and is passed to this
+ * method. It should contain all the necessary information
+ * (such as what event object to pass) so that this method
+ * can complete the delivery of the event to the listener.
*/
@Override
public void dispatchEvent(Object listener, Object listenerObject, int eventAction, Object eventObject) {
diff --git a/bundles/org.eclipse.equinox.useradmin/src/org/eclipse/equinox/internal/useradmin/UserAdminHashtable.java b/bundles/org.eclipse.equinox.useradmin/src/org/eclipse/equinox/internal/useradmin/UserAdminHashtable.java
index f8c819c7a50..89c071d6c8f 100644
--- a/bundles/org.eclipse.equinox.useradmin/src/org/eclipse/equinox/internal/useradmin/UserAdminHashtable.java
+++ b/bundles/org.eclipse.equinox.useradmin/src/org/eclipse/equinox/internal/useradmin/UserAdminHashtable.java
@@ -34,7 +34,7 @@ public class UserAdminHashtable extends Hashtabletrue if this Authorization context implies the
- * specified role, otherwise false.
+ * @return true if this Authorization context implies the specified
+ * role, otherwise false.
*/
@Override
public boolean hasRole(String name_) {
@@ -118,16 +115,16 @@ public boolean hasRole(String name_) {
/**
* Gets the names of all roles encapsulated by this Authorization context.
*
- * @return The names of all roles encapsulated by this Authorization
- * context, or null if no roles are in the context.
+ * @return The names of all roles encapsulated by this Authorization context, or
+ * null if no roles are in the context.
*/
@Override
public String[] getRoles() {
useradmin.checkAlive();
- // go through all of the roles and find out which ones are implied by this
+ // go through all of the roles and find out which ones are implied by this
// authorization context.
- synchronized (useradmin) //we don't want anything changing while we get the list
+ synchronized (useradmin) // we don't want anything changing while we get the list
{
int length = useradmin.roles.size();
Vector
* group foo
@@ -50,20 +48,18 @@
* basic members: alice, bob
*
*
- * Privileged operations that require membership in "foo" can be performed
- * only by alice and bob, who are in marketing.
+ * Privileged operations that require membership in "foo" can be performed only
+ * by alice and bob, who are in marketing.
*
* group voter
@@ -71,12 +67,11 @@
* basic members:
*
*
- * However, according to the above rule, the "voter" role could never be
- * assumed by anybody, since it lacks any basic members.
- * In order to address this deficiency a predefined role named
- * "user.anyone" can be specified, which is always implied.
- * The desired implication of the "voter" group can then be achieved by
- * specifying "user.anyone" as its basic member, as follows:
+ * However, according to the above rule, the "voter" role could never be assumed
+ * by anybody, since it lacks any basic members. In order to address this
+ * deficiency a predefined role named "user.anyone" can be specified, which is
+ * always implied. The desired implication of the "voter" group can then be
+ * achieved by specifying "user.anyone" as its basic member, as follows:
*
*
* group voter
@@ -102,19 +97,19 @@ protected Group(String name, UserAdmin useradmin) {
*
* @param role The role to add as a basic member.
*
- * @return true if the given role could be added as a basic
- * member,
- * and false if this Group already contains a role whose name
- * matches that of the specified role.
+ * @return true if the given role could be added as a basic member,
+ * and false if this Group already contains a role whose
+ * name matches that of the specified role.
*
- * @throws SecurityException If a security manager exists and the caller
- * does not have the UserAdminPermission with name admin.
+ * @throws SecurityException If a security manager exists and the caller does
+ * not have the UserAdminPermission with name
+ * admin.
*/
@Override
public boolean addMember(org.osgi.service.useradmin.Role role) {
useradmin.checkAlive();
useradmin.checkAdminPermission();
- //only need to check for null for the public methods
+ // only need to check for null for the public methods
if (role == null) {
return (false);
}
@@ -126,7 +121,7 @@ public boolean addMember(org.osgi.service.useradmin.Role role) {
}
}
- // When we are loading from storage this method is called directly. We
+ // When we are loading from storage this method is called directly. We
// do not want to write to storage when we are loading form storage.
protected boolean addMember(org.osgi.service.useradmin.Role role, boolean store) {
((org.eclipse.equinox.internal.useradmin.Role) role).addImpliedRole(this);
@@ -147,11 +142,12 @@ protected boolean addMember(org.osgi.service.useradmin.Role role, boolean store)
* @param role The role to add as a required member.
*
* @return true if the given role could be added as a required
- * member, and false if this Group already contains a role
- * whose name matches that of the specified role.
+ * member, and false if this Group already contains a role
+ * whose name matches that of the specified role.
*
- * @throws SecurityException If a security manager exists and the caller
- * does not have the UserAdminPermission with name admin.
+ * @throws SecurityException If a security manager exists and the caller does
+ * not have the UserAdminPermission with name
+ * admin.
*/
@Override
public boolean addRequiredMember(org.osgi.service.useradmin.Role role) {
@@ -186,11 +182,12 @@ protected boolean addRequiredMember(org.osgi.service.useradmin.Role role, boolea
*
* @param role The role to remove from this Group.
*
- * @return true if the role could be removed,
- * otherwise false.
+ * @return true if the role could be removed, otherwise
+ * false.
*
- * @throws SecurityException If a security manager exists and the caller
- * does not have the UserAdminPermission with name admin.
+ * @throws SecurityException If a security manager exists and the caller does
+ * not have the UserAdminPermission with name
+ * admin.
*/
@Override
public boolean removeMember(org.osgi.service.useradmin.Role role) {
@@ -205,12 +202,15 @@ public boolean removeMember(org.osgi.service.useradmin.Role role) {
} catch (BackingStoreException ex) {
return (false);
}
- //The role keeps track of which groups it is a member of so it can remove itself from
- //the group if it is deleted. In this case, this group is being removed from the role's
- //list.
+ // The role keeps track of which groups it is a member of so it can remove
+ // itself from
+ // the group if it is deleted. In this case, this group is being removed from
+ // the role's
+ // list.
((org.eclipse.equinox.internal.useradmin.Role) role).removeImpliedRole(this);
- // We don't know if the Role to be removed is a basic orrequired member, or both. We
+ // We don't know if the Role to be removed is a basic orrequired member, or
+ // both. We
// simply try to remove it from both.
boolean removeRequired = requiredMembers.removeElement(role);
boolean removeBasic = basicMembers.removeElement(role);
@@ -221,8 +221,8 @@ public boolean removeMember(org.osgi.service.useradmin.Role role) {
/**
* Gets the basic members of this Group.
*
- * @return The basic members of this Group, or null if this
- * Group does not contain any basic members.
+ * @return The basic members of this Group, or null if this Group
+ * does not contain any basic members.
*/
@Override
public org.osgi.service.useradmin.Role[] getMembers() {
@@ -241,7 +241,7 @@ public org.osgi.service.useradmin.Role[] getMembers() {
* Gets the required members of this Group.
*
* @return The required members of this Group, or null if this
- * Group does not contain any required members.
+ * Group does not contain any required members.
*/
@Override
public org.osgi.service.useradmin.Role[] getRequiredMembers() {
@@ -271,10 +271,10 @@ public int getType() {
@SuppressWarnings("unchecked")
protected boolean isImpliedBy(Role role, VectorchangeProperty is required.
+ * In order to add, change, or remove a property in the returned Dictionary, a
+ * {@link UserAdminPermission} named after the property name (or a prefix of it)
+ * with action changeProperty is required.
*
* @return Dictionary containing the properties of this Role.
*/
@@ -111,19 +108,19 @@ protected void addImpliedRole(Group group) {
}
protected void removeImpliedRole(Group group) {
- if (exists) //this prevents a loop when destroy is called
+ if (exists) // this prevents a loop when destroy is called
{
impliedRoles.removeElement(group);
}
}
- //we are being deleted so delete ourselves from all of the groups
+ // we are being deleted so delete ourselves from all of the groups
protected synchronized void destroy() {
exists = false;
EnumerationString or of type byte[]
- * may be used as credential values. Any other types will cause an exception
- * of type IllegalArgumentException to be raised.
+ * Only objects of type String may be used as credential keys, and only objects
+ * of type String or of type byte[] may be used as
+ * credential values. Any other types will cause an exception of type
+ * IllegalArgumentException to be raised.
* getCredential is required.
+ * In order to retrieve a credential from the returned Dictionary, a
+ * {@link UserAdminPermission} named after the credential name (or a prefix of
+ * it) with action getCredential is required.
* changeCredential is required.
+ * In order to add or remove a credential from the returned Dictionary, a
+ * {@link UserAdminPermission} named after the credential name (or a prefix of
+ * it) with action changeCredential is required.
*
* @return Dictionary containing the credentials of this User.
*/
@@ -78,22 +76,23 @@ public Dictionarytrue if this user has the specified credential;
- * false otherwise.
+ * false otherwise.
*
- * @throws SecurityException If a security manager exists and the caller
- * does not have the UserAdminPermission named after the credential
- * key (or a prefix of it) with action getCredential.
+ * @throws SecurityException If a security manager exists and the caller does
+ * not have the UserAdminPermission named
+ * after the credential key (or a prefix of it) with
+ * action getCredential.
*/
@Override
public boolean hasCredential(String key, Object value) {
@@ -121,7 +120,7 @@ public boolean hasCredential(String key, Object value) {
return (true);
}
}
- return (false); //if checkValue is null
+ return (false); // if checkValue is null
}
/**
@@ -135,11 +134,11 @@ public int getType() {
return org.osgi.service.useradmin.Role.USER;
}
- //A user always implies itself
+ // A user always implies itself
@Override
protected boolean isImpliedBy(Role role, Vectornull if a role with
- * the given name already exists.
+ * @return The newly created role, or null if a role with the given
+ * name already exists.
*
* @throws IllegalArgumentException if type is invalid.
*
- * @throws SecurityException If a security manager exists and the caller
- * does not have the UserAdminPermission with name admin.
+ * @throws SecurityException If a security manager exists and the caller
+ * does not have the
+ * UserAdminPermission with name
+ * admin.
*/
@Override
public org.osgi.service.useradmin.Role createRole(String name, int type) {
@@ -110,7 +112,7 @@ public org.osgi.service.useradmin.Role createRole(String name, int type) {
if ((type != org.osgi.service.useradmin.Role.GROUP) && (type != org.osgi.service.useradmin.Role.USER)) {
throw (new IllegalArgumentException(UserAdminMsg.CREATE_INVALID_TYPE_ROLE_EXCEPTION));
}
- //if the role already exists, return null
+ // if the role already exists, return null
if (getRole(name) != null) {
return (null);
}
@@ -128,7 +130,7 @@ protected org.osgi.service.useradmin.Role createRole(String name, int type, bool
newRole = new User(name, this);
} else if (type == org.osgi.service.useradmin.Role.GROUP) {
newRole = new Group(name, this);
- } else //unknown type
+ } else // unknown type
{
return (null);
}
@@ -152,24 +154,25 @@ protected org.osgi.service.useradmin.Role createRole(String name, int type, bool
/**
* Removes the role with the given name from this UserAdmin.
*
- * true If a role with the given name is present in this
- * UserAdmin and could be removed, otherwise false.
+ * UserAdmin and could be removed, otherwise false.
*
- * @throws SecurityException If a security manager exists and the caller
- * does not have the UserAdminPermission with name admin.
+ * @throws SecurityException If a security manager exists and the caller does
+ * not have the UserAdminPermission with name
+ * admin.
*/
@Override
public boolean removeRole(String name) {
checkAlive();
checkAdminPermission();
if (name.equals(Role.anyoneString)) {
- //silently ignore
+ // silently ignore
return (true);
}
synchronized (this) {
@@ -196,8 +199,8 @@ public boolean removeRole(String name) {
*
* @param name The name of the role to get.
*
- * @return The requested role, or null if this UserAdmin does
- * not have a role with the given name.
+ * @return The requested role, or null if this UserAdmin does not
+ * have a role with the given name.
*/
@Override
public org.osgi.service.useradmin.Role getRole(String name) {
@@ -218,17 +221,16 @@ public org.osgi.service.useradmin.Role getRole(String name) {
}
/**
- * Gets the roles managed by this UserAdmin that have properties matching
- * the specified LDAP filter criteria. See
- * org.osgi.framework.Filter or IETF RFC 2254 for a
- * description of the filter syntax. If a null filter is
- * specified, all roles managed by this UserAdmin are returned.
+ * Gets the roles managed by this UserAdmin that have properties matching the
+ * specified LDAP filter criteria. See org.osgi.framework.Filter or
+ * IETF RFC 2254 for a description of the filter syntax. If a null
+ * filter is specified, all roles managed by this UserAdmin are returned.
*
* @param filterString The filter criteria to match.
*
- * @return The roles managed by this UserAdmin whose properties
- * match the specified filter criteria, or all roles if a
- * null filter is specified.
+ * @return The roles managed by this UserAdmin whose properties match the
+ * specified filter criteria, or all roles if a null filter
+ * is specified.
*
*/
@Override
@@ -239,10 +241,10 @@ public org.osgi.service.useradmin.Role[] getRoles(String filterString) throws In
if (filterString == null) {
returnedRoles = roles;
} else {
- Filter filter = context.createFilter(filterString); //We do this first so an
- //InvalidSyntaxException will be
- //thrown even if there are no roles
- //present.
+ Filter filter = context.createFilter(filterString); // We do this first so an
+ // InvalidSyntaxException will be
+ // thrown even if there are no roles
+ // present.
returnedRoles = new Vector<>();
for (int i = 0; i < roles.size(); i++) {
Role role = roles.elementAt(i);
@@ -263,16 +265,15 @@ public org.osgi.service.useradmin.Role[] getRoles(String filterString) throws In
/**
* Gets the user with the given property key-value pair from the UserAdmin
- * database. This is a convenience method for retrieving a user based on
- * a property for which every user is supposed to have a unique value
- * (within the scope of this UserAdmin), such as a user's
- * X.500 distinguished name.
+ * database. This is a convenience method for retrieving a user based on a
+ * property for which every user is supposed to have a unique value (within the
+ * scope of this UserAdmin), such as a user's X.500 distinguished name.
*
- * @param key The property key to look for.
+ * @param key The property key to look for.
* @param value The property value to compare with.
*
- * @return A matching user, if exactly one is found. If zero or
- * more than one matching users are found, null is returned.
+ * @return A matching user, if exactly one is found. If zero or more
+ * than one matching users are found, null is returned.
*/
@Override
public org.osgi.service.useradmin.User getUser(String key, String value) {
@@ -292,7 +293,7 @@ public org.osgi.service.useradmin.User getUser(String key, String value) {
keyValue = (String) props.get(key);
if (keyValue != null && keyValue.equals(value)) {
if (foundUser != null) {
- return (null); //we found more than one match
+ return (null); // we found more than one match
}
foundUser = user;
}
@@ -302,12 +303,12 @@ public org.osgi.service.useradmin.User getUser(String key, String value) {
}
/**
- * Creates an Authorization object that encapsulates the specified user
- * and the roles it possesses. The null user is interpreted
- * as the anonymous user.
+ * Creates an Authorization object that encapsulates the specified user and the
+ * roles it possesses. The null user is interpreted as the
+ * anonymous user.
*
* @param user The user to create an Authorization object for, or
- * null for the anonymous user.
+ * null for the anonymous user.
*
* @return the Authorization object for the specified user.
*/
@@ -338,21 +339,24 @@ public void checkAdminPermission() {
public void checkGetCredentialPermission(String credential) {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
- sm.checkPermission(new org.osgi.service.useradmin.UserAdminPermission(credential, org.osgi.service.useradmin.UserAdminPermission.GET_CREDENTIAL));
+ sm.checkPermission(new org.osgi.service.useradmin.UserAdminPermission(credential,
+ org.osgi.service.useradmin.UserAdminPermission.GET_CREDENTIAL));
}
}
public void checkChangeCredentialPermission(String credential) {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
- sm.checkPermission(new org.osgi.service.useradmin.UserAdminPermission(credential, org.osgi.service.useradmin.UserAdminPermission.CHANGE_CREDENTIAL));
+ sm.checkPermission(new org.osgi.service.useradmin.UserAdminPermission(credential,
+ org.osgi.service.useradmin.UserAdminPermission.CHANGE_CREDENTIAL));
}
}
public void checkChangePropertyPermission(String property) {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
- sm.checkPermission(new org.osgi.service.useradmin.UserAdminPermission(property, org.osgi.service.useradmin.UserAdminPermission.CHANGE_PROPERTY));
+ sm.checkPermission(new org.osgi.service.useradmin.UserAdminPermission(property,
+ org.osgi.service.useradmin.UserAdminPermission.CHANGE_PROPERTY));
}
}
diff --git a/bundles/org.eclipse.equinox.useradmin/src/org/eclipse/equinox/internal/useradmin/UserAdminEventAdapter.java b/bundles/org.eclipse.equinox.useradmin/src/org/eclipse/equinox/internal/useradmin/UserAdminEventAdapter.java
index 54e027720fc..8b55fc72f75 100644
--- a/bundles/org.eclipse.equinox.useradmin/src/org/eclipse/equinox/internal/useradmin/UserAdminEventAdapter.java
+++ b/bundles/org.eclipse.equinox.useradmin/src/org/eclipse/equinox/internal/useradmin/UserAdminEventAdapter.java
@@ -79,17 +79,17 @@ public void roleChanged(UserAdminEvent event) {
if (eventAdmin != null) {
String typename = null;
switch (event.getType()) {
- case UserAdminEvent.ROLE_CREATED :
- typename = ROLE_CREATED;
- break;
- case UserAdminEvent.ROLE_CHANGED :
- typename = ROLE_CHANGED;
- break;
- case UserAdminEvent.ROLE_REMOVED :
- typename = ROLE_REMOVED;
- break;
- default :
- return;
+ case UserAdminEvent.ROLE_CREATED:
+ typename = ROLE_CREATED;
+ break;
+ case UserAdminEvent.ROLE_CHANGED:
+ typename = ROLE_CHANGED;
+ break;
+ case UserAdminEvent.ROLE_REMOVED:
+ typename = ROLE_REMOVED;
+ break;
+ default:
+ return;
}
String topic = TOPIC + TOPIC_SEPARATOR + typename;
Hashtable