You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/04/05 17:02:14 UTC
svn commit: r1464997 - in
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak:
core/ImmutableTree.java
security/authorization/permission/PermissionProviderImpl.java
Author: angela
Date: Fri Apr 5 15:02:14 2013
New Revision: 1464997
URL: http://svn.apache.org/r1464997
Log:
OAK-527: permissions (wip)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java?rev=1464997&r1=1464996&r2=1464997&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java Fri Apr 5 15:02:14 2013
@@ -27,6 +27,7 @@ import org.apache.jackrabbit.oak.api.Pro
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.commons.PathUtils;
+import org.apache.jackrabbit.oak.plugins.nodetype.NodeTypeConstants;
import org.apache.jackrabbit.oak.plugins.version.VersionConstants;
import org.apache.jackrabbit.oak.spi.security.Context;
import org.apache.jackrabbit.oak.spi.state.ChildNodeEntry;
@@ -275,10 +276,16 @@ public final class ImmutableTree extends
// TODO
public interface TypeProvider {
+ // regular trees
int TYPE_DEFAULT = 1;
+ // version store(s) content
int TYPE_VERSION = 2;
+ // access control content
int TYPE_AC = 4;
- int TYPE_HIDDEN = 8;
+ // node type definition content
+ int TYPE_NODE_TYPE = 8;
+ // hidden trees
+ int TYPE_HIDDEN = 16;
TypeProvider EMPTY = new TypeProvider() {
@Override
@@ -310,6 +317,9 @@ public final class ImmutableTree extends
case TYPE_HIDDEN:
type = TYPE_HIDDEN;
break;
+ case TYPE_NODE_TYPE:
+ type = TYPE_NODE_TYPE;
+ break;
case TYPE_VERSION:
type = TYPE_VERSION;
break;
@@ -320,6 +330,8 @@ public final class ImmutableTree extends
String name = tree.getName();
if (NodeStateUtils.isHidden(name)) {
type = TYPE_HIDDEN;
+ } else if (NodeTypeConstants.JCR_NODE_TYPES.equals(name)) {
+ type = TYPE_NODE_TYPE;
} else if (VersionConstants.VERSION_NODE_NAMES.contains(name) ||
VersionConstants.VERSION_NODE_TYPE_NAMES.contains(NodeStateUtils.getPrimaryTypeName(tree.state))) {
type = TYPE_VERSION;
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java?rev=1464997&r1=1464996&r2=1464997&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java Fri Apr 5 15:02:14 2013
@@ -104,6 +104,7 @@ public class PermissionProviderImpl impl
@Override
public ReadStatus getReadStatus(@Nonnull Tree tree, @Nullable PropertyState property) {
+ // TODO: OAK-753 decide on where to filter out hidden items.
if (isHidden(tree, property)) {
return ReadStatus.DENY_ALL;
} else if (isAccessControlContent(tree) && canReadAccessControlContent(tree, property)) {
@@ -126,7 +127,8 @@ public class PermissionProviderImpl impl
if (isVersionContent(tree)) {
TreeLocation location = getVersionableLocation(tree, property);
if (location == null) {
- return false;
+ // TODO: review permission evaluation on hierarchy nodes within the different version stores.
+ return compiledPermissions.isGranted(tree, property, permissions);
}
Tree versionableTree = (property == null) ? location.getTree() : location.getParent().getTree();
if (versionableTree != null) {
@@ -222,7 +224,8 @@ public class PermissionProviderImpl impl
status = compiledPermissions.getReadStatus(tree, property);
}
} else {
- status = ReadStatus.DENY_THIS;
+ // TODO: review access on hierarchy nodes within the different version stores.
+ status = compiledPermissions.getReadStatus(versionStoreTree, property);
}
return status;
}
@@ -249,7 +252,7 @@ public class PermissionProviderImpl impl
}
if (versionablePath == null || versionablePath.length() == 0) {
- log.warn("Unable to determine path of the version controlled node.");
+ log.warn("Unable to determine versionable path of the version store node.");
return null;
} else {
return getImmutableRoot().getLocation(versionablePath);