You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2019/10/10 07:18:30 UTC
svn commit: r1868225 - in /jackrabbit/oak/trunk:
oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/
oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/
oak-security-spi/src/main/jav...
Author: angela
Date: Thu Oct 10 07:18:30 2019
New Revision: 1868225
URL: http://svn.apache.org/viewvc?rev=1868225&view=rev
Log:
OAK-8688 : Move ReadPolicy from core to security-spi
Added:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicy.java (with props)
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicyTest.java (with props)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ReadPolicyTest.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/package-info.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java?rev=1868225&r1=1868224&r2=1868225&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java Thu Oct 10 07:18:30 2019
@@ -35,7 +35,6 @@ import javax.jcr.security.AccessControlE
import javax.jcr.security.AccessControlException;
import javax.jcr.security.AccessControlPolicy;
import javax.jcr.security.AccessControlPolicyIterator;
-import javax.jcr.security.NamedAccessControlPolicy;
import javax.jcr.security.Privilege;
import com.google.common.base.Objects;
@@ -74,6 +73,7 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager;
import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ImmutableACL;
import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.PolicyOwner;
+import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ReadPolicy;
import org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionConstants;
import org.apache.jackrabbit.oak.spi.security.authorization.permission.Permissions;
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction;
@@ -740,19 +740,6 @@ public class AccessControlManagerImpl ex
}
}
- private static final class ReadPolicy implements NamedAccessControlPolicy {
-
- private static final NamedAccessControlPolicy INSTANCE = new ReadPolicy();
-
- private ReadPolicy() {
- }
-
- @Override
- public String getName() {
- return "Grants read access on configured trees.";
- }
- }
-
private static final class PrincipalPredicate implements Predicate<Tree> {
private final Iterable<String> principalNames;
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ReadPolicyTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ReadPolicyTest.java?rev=1868225&r1=1868224&r2=1868225&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ReadPolicyTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ReadPolicyTest.java Thu Oct 10 07:18:30 2019
@@ -16,13 +16,17 @@
*/
package org.apache.jackrabbit.oak.security.authorization.accesscontrol;
+import java.util.HashSet;
+import java.util.Iterator;
import java.util.Set;
import javax.jcr.security.AccessControlPolicy;
import javax.jcr.security.NamedAccessControlPolicy;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
+import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration;
+import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.ReadPolicy;
import org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionConstants;
import org.junit.Before;
import org.junit.Test;
@@ -30,6 +34,7 @@ import org.junit.Test;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
/**
* Tests for the special {@code ReadPolicy} exposed at specified paths.
@@ -39,6 +44,7 @@ import static org.junit.Assert.assertTru
public class ReadPolicyTest extends AbstractSecurityTest {
private Set<String> readPaths;
+ private Set<String> subTreePaths = new HashSet<>();
@Override
@Before
@@ -47,6 +53,14 @@ public class ReadPolicyTest extends Abst
ConfigurationParameters options = getConfig(AuthorizationConfiguration.class).getParameters();
readPaths = options.getConfigValue(PermissionConstants.PARAM_READ_PATHS, PermissionConstants.DEFAULT_READ_PATHS);
+
+ for (String p : readPaths) {
+ Tree t = root.getTree(p);
+ Iterator<Tree> children = t.getChildren().iterator();
+ if (children.hasNext()) {
+ subTreePaths.add(children.next().getPath());
+ }
+ }
}
@Test
@@ -56,7 +70,7 @@ public class ReadPolicyTest extends Abst
assertTrue(policies.length > 0);
boolean found = false;
for (AccessControlPolicy policy : policies) {
- if ("org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlManagerImpl$ReadPolicy".equals(policy.getClass().getName())) {
+ if (policy instanceof ReadPolicy) {
found = true;
break;
}
@@ -69,10 +83,9 @@ public class ReadPolicyTest extends Abst
public void testGetEffectivePolicies() throws Exception {
for (String path : readPaths) {
AccessControlPolicy[] policies = getAccessControlManager(root).getEffectivePolicies(path);
- assertTrue(policies.length > 0);
boolean found = false;
for (AccessControlPolicy policy : policies) {
- if ("org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlManagerImpl$ReadPolicy".equals(policy.getClass().getName())) {
+ if (policy instanceof ReadPolicy) {
found = true;
break;
}
Added: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicy.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicy.java?rev=1868225&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicy.java (added)
+++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicy.java Thu Oct 10 07:18:30 2019
@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol;
+
+import javax.jcr.security.NamedAccessControlPolicy;
+
+public final class ReadPolicy implements NamedAccessControlPolicy {
+
+ public static final NamedAccessControlPolicy INSTANCE = new ReadPolicy();
+
+ private ReadPolicy() {
+ }
+
+ @Override
+ public String getName() {
+ return "Grants read access on configured trees.";
+ }
+}
\ No newline at end of file
Propchange: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicy.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/package-info.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/package-info.java?rev=1868225&r1=1868224&r2=1868225&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/package-info.java (original)
+++ jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/package-info.java Thu Oct 10 07:18:30 2019
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-@Version("1.6.1")
+@Version("1.7.0")
package org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol;
import org.osgi.annotation.versioning.Version;
Added: jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicyTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicyTest.java?rev=1868225&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicyTest.java (added)
+++ jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicyTest.java Thu Oct 10 07:18:30 2019
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol;
+
+import org.junit.Test;
+
+import javax.jcr.RepositoryException;
+
+import static org.junit.Assert.assertEquals;
+
+public class ReadPolicyTest {
+
+ @Test
+ public void testGetName() throws Exception {
+ assertEquals("Grants read access on configured trees.", ReadPolicy.INSTANCE.getName());
+ }
+}
\ No newline at end of file
Propchange: jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ReadPolicyTest.java
------------------------------------------------------------------------------
svn:eol-style = native