Index: api/src/main/java/org/sakaiproject/authz/api/AuthzGroupService.java =================================================================== --- api/src/main/java/org/sakaiproject/authz/api/AuthzGroupService.java (revision 132808) +++ api/src/main/java/org/sakaiproject/authz/api/AuthzGroupService.java (working copy) @@ -486,4 +486,12 @@ * * @return List containing the currently registered AuthzGroupAdvisors */ - public List getAuthzGroupAdvisors();} + public List getAuthzGroupAdvisors(); + + /** + * Set of all maintain roles + * + * @return String Set containing all maintain roles. + */ + public Set getMaintainRoles(); +} Index: kernel-component/src/main/webapp/WEB-INF/authz-components.xml =================================================================== --- kernel-component/src/main/webapp/WEB-INF/authz-components.xml (revision 132808) +++ kernel-component/src/main/webapp/WEB-INF/authz-components.xml (working copy) @@ -87,4 +87,15 @@ + + + + + + + + + + Index: kernel-impl/src/main/java/org/sakaiproject/authz/impl/AuthzGroupServiceTest.java =================================================================== --- kernel-impl/src/main/java/org/sakaiproject/authz/impl/AuthzGroupServiceTest.java (revision 132808) +++ kernel-impl/src/main/java/org/sakaiproject/authz/impl/AuthzGroupServiceTest.java (working copy) @@ -31,6 +31,8 @@ import org.sakaiproject.user.api.UserDirectoryService; import org.sakaiproject.tool.api.SessionManager; +import java.util.Set; + /** *

* AuthzGroupServiceTest extends the db authz group service providing the dependency injectors for testing. @@ -109,4 +111,9 @@ { return null; } + + @Override + public Set getMaintainRoles() { + return null; + } } Index: kernel-impl/src/main/java/org/sakaiproject/authz/impl/BaseAuthzGroupService.java =================================================================== --- kernel-impl/src/main/java/org/sakaiproject/authz/impl/BaseAuthzGroupService.java (revision 132808) +++ kernel-impl/src/main/java/org/sakaiproject/authz/impl/BaseAuthzGroupService.java (working copy) @@ -1505,6 +1505,13 @@ * The azGroup to refresh. */ void refreshAuthzGroup(BaseAuthzGroup azGroup); + + /** + * Retrieve all maintain roles + * + * @return a String Set of all maintain roles + */ + public Set getMaintainRoles(); } public class ProviderMap implements Map @@ -1618,4 +1625,8 @@ public List getAuthzGroupAdvisors() { return Collections.unmodifiableList(authzGroupAdvisors); } + + public Set getMaintainRoles(){ + return m_storage.getMaintainRoles(); + } } Index: kernel-impl/src/main/java/org/sakaiproject/authz/impl/DbAuthzGroupService.java =================================================================== --- kernel-impl/src/main/java/org/sakaiproject/authz/impl/DbAuthzGroupService.java (revision 132808) +++ kernel-impl/src/main/java/org/sakaiproject/authz/impl/DbAuthzGroupService.java (working copy) @@ -147,6 +147,8 @@ private Cache authzUserGroupIdsCache; + private Cache maintainRolesCache; + /** * @return the ServerConfigurationService collaborator. */ @@ -233,6 +235,11 @@ M_log.info("init(): table: " + m_realmTableName + " external locks: " + m_useExternalLocks); authzUserGroupIdsCache = m_memoryService.newCache("org.sakaiproject.authz.impl.DbAuthzGroupService.authzUserGroupIdsCache"); + + maintainRolesCache = m_memoryService.newCache("org.sakaiproject.authz.impl.DbAuthzGroupService.maintainRolesCache"); + //get the set of maintain roles and cache them on startup + getMaintainRoles(); + } catch (Exception t) { @@ -250,6 +257,8 @@ // done with event watching eventTrackingService().deleteObserver(this); + maintainRolesCache.destroy(); + M_log.info(this +".destroy()"); } @@ -2934,6 +2943,22 @@ return rv; } + + public Set getMaintainRoles(){ + + Set maintainRoles = null; + + if (maintainRolesCache != null && maintainRolesCache.containsKey("maintainRoles")) { + maintainRoles = (Set) maintainRolesCache.get("maintainRoles"); + } else { + String sql = dbAuthzGroupSql.getMaintainRolesSql(); + maintainRoles = new HashSet(m_sql.dbRead(sql)); + maintainRolesCache.put("maintainRoles", maintainRoles); + } + + return maintainRoles; + } + } // DbStorage /** To avoide the dreaded ORA-01795 and the like, we need to limit to <100 the items in each in(?, ?, ...) clause, connecting them with ORs. */ Index: kernel-impl/src/main/java/org/sakaiproject/authz/impl/DbAuthzGroupSql.java =================================================================== --- kernel-impl/src/main/java/org/sakaiproject/authz/impl/DbAuthzGroupSql.java (revision 132808) +++ kernel-impl/src/main/java/org/sakaiproject/authz/impl/DbAuthzGroupSql.java (working copy) @@ -152,4 +152,6 @@ String getSelectRealmUserRoleSql(String inClause); String getSelectRealmUsersInGroupsSql( String inClause); + + String getMaintainRolesSql(); } Index: kernel-impl/src/main/java/org/sakaiproject/authz/impl/DbAuthzGroupSqlDefault.java =================================================================== --- kernel-impl/src/main/java/org/sakaiproject/authz/impl/DbAuthzGroupSqlDefault.java (revision 132808) +++ kernel-impl/src/main/java/org/sakaiproject/authz/impl/DbAuthzGroupSqlDefault.java (working copy) @@ -3,20 +3,20 @@ * $Id: AuthzGroup.java 7063 2006-03-27 17:46:13Z ggolden@umich.edu $ *********************************************************************************** * - * Copyright (c) 2007, 2008 Sakai Foundation - * - * Licensed under the Educational Community License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.opensource.org/licenses/ECL-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Copyright (c) 2007, 2008 Sakai Foundation * + * Licensed under the Educational Community License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.opensource.org/licenses/ECL-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * **********************************************************************************/ package org.sakaiproject.authz.impl; @@ -59,8 +59,8 @@ public String getCountRealmRoleFunctionSql(String anonymousRoleKey, String authorizationRoleKey, boolean authorized, String inClause) { - return "select count(1) from SAKAI_REALM_RL_FN " + "where REALM_KEY in (select REALM_KEY from SAKAI_REALM where " + inClause + ")" - + getCountRealmRoleFunctionEndSql(anonymousRoleKey, authorizationRoleKey, authorized, inClause); + return "select count(1) from SAKAI_REALM_RL_FN " + "where REALM_KEY in (select REALM_KEY from SAKAI_REALM where " + inClause + ")" + + getCountRealmRoleFunctionEndSql(anonymousRoleKey, authorizationRoleKey, authorized, inClause); } public String getCountRealmRoleSql() @@ -516,4 +516,7 @@ return "select SRRG.USER_ID from SAKAI_REALM_RL_GR SRRG inner join SAKAI_REALM SR ON SRRG.REALM_KEY = SR.REALM_KEY where SRRG.ACTIVE = '1' and " + inClause; } + public String getMaintainRolesSql() { + return "SELECT ROLE_NAME FROM SAKAI_REALM_ROLE WHERE ROLE_KEY IN (SELECT DISTINCT MAINTAIN_ROLE FROM SAKAI_REALM WHERE MAINTAIN_ROLE IS NOT NULL)"; + } } Index: kernel-impl/src/test/java/org/sakai/memory/impl/test/MockAuthzGroupService.java =================================================================== --- kernel-impl/src/test/java/org/sakai/memory/impl/test/MockAuthzGroupService.java (revision 132808) +++ kernel-impl/src/test/java/org/sakai/memory/impl/test/MockAuthzGroupService.java (working copy) @@ -278,4 +278,7 @@ return null; } + public Set getMaintainRoles() { + return null; + } }