You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/05/03 14:34:26 UTC
svn commit: r1478756 - in
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization:
AccessControlInitializer.java permission/PermissionHook.java
Author: angela
Date: Fri May 3 12:34:25 2013
New Revision: 1478756
URL: http://svn.apache.org/r1478756
Log:
OAK-797 : Move permission store initialization to a WorkspaceInitializer
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHook.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java?rev=1478756&r1=1478755&r2=1478756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java Fri May 3 12:34:25 2013
@@ -19,19 +19,25 @@ package org.apache.jackrabbit.oak.securi
import javax.annotation.Nonnull;
import com.google.common.collect.ImmutableList;
+import org.apache.jackrabbit.JcrConstants;
+import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.plugins.index.IndexUtils;
+import org.apache.jackrabbit.oak.security.authorization.permission.PermissionConstants;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
import org.apache.jackrabbit.oak.spi.lifecycle.WorkspaceInitializer;
import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
import org.apache.jackrabbit.oak.spi.state.NodeBuilder;
import org.apache.jackrabbit.oak.spi.state.NodeState;
+import static org.apache.jackrabbit.JcrConstants.JCR_PRIMARYTYPE;
+import static org.apache.jackrabbit.JcrConstants.JCR_SYSTEM;
+
/**
* Implementation of the {@code WorkspaceInitializer} interface that creates
* a property index definitions for {@link #REP_PRINCIPAL_NAME rep:principalName}
* properties defined with ACE nodes.
*/
-class AccessControlInitializer implements WorkspaceInitializer, AccessControlConstants {
+class AccessControlInitializer implements WorkspaceInitializer, AccessControlConstants, PermissionConstants {
@Nonnull
@Override
@@ -45,6 +51,15 @@ class AccessControlInitializer implement
ImmutableList.<String>of(REP_PRINCIPAL_NAME),
ImmutableList.<String>of(NT_REP_DENY_ACE, NT_REP_GRANT_ACE, NT_REP_ACE));
}
+
+ // create the permission store and the root for this workspace.
+ NodeBuilder permissionStore = root.child(JCR_SYSTEM).child(REP_PERMISSION_STORE);
+ if (!permissionStore.hasProperty(JCR_PRIMARYTYPE)) {
+ permissionStore.setProperty(JCR_PRIMARYTYPE, NT_REP_PERMISSION_STORE, Type.NAME);
+ }
+ if (!permissionStore.hasChildNode(workspaceName)) {
+ permissionStore.child(workspaceName).setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_PERMISSION_STORE, Type.NAME);
+ }
return root.getNodeState();
}
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHook.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHook.java?rev=1478756&r1=1478755&r2=1478756&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHook.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHook.java Fri May 3 12:34:25 2013
@@ -16,22 +16,15 @@
*/
package org.apache.jackrabbit.oak.security.authorization.permission;
-import static com.google.common.base.Preconditions.checkNotNull;
-import static org.apache.jackrabbit.JcrConstants.JCR_PRIMARYTYPE;
-import static org.apache.jackrabbit.JcrConstants.JCR_SYSTEM;
-import static org.apache.jackrabbit.oak.plugins.memory.EmptyNodeState.EMPTY_NODE;
-
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
-
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import com.google.common.base.Objects;
import com.google.common.base.Strings;
import com.google.common.collect.Lists;
-import org.apache.jackrabbit.JcrConstants;
import org.apache.jackrabbit.oak.api.CommitFailedException;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
@@ -57,6 +50,11 @@ import org.apache.jackrabbit.util.Text;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import static com.google.common.base.Preconditions.checkNotNull;
+import static org.apache.jackrabbit.JcrConstants.JCR_PRIMARYTYPE;
+import static org.apache.jackrabbit.JcrConstants.JCR_SYSTEM;
+import static org.apache.jackrabbit.oak.plugins.memory.EmptyNodeState.EMPTY_NODE;
+
/**
* {@code CommitHook} implementation that processes any modification made to
* access control content and updates persisted permission caches associated
@@ -93,18 +91,8 @@ public class PermissionHook implements P
@Nonnull
private NodeBuilder getPermissionRoot(NodeBuilder rootBuilder) {
- NodeBuilder permissionStore = rootBuilder.child(JCR_SYSTEM).child(REP_PERMISSION_STORE);
- if (!permissionStore.hasProperty(JCR_PRIMARYTYPE)) {
- permissionStore.setProperty(JCR_PRIMARYTYPE, NT_REP_PERMISSION_STORE, Type.NAME);
- }
- NodeBuilder permissionRoot;
- if (!permissionStore.hasChildNode(workspaceName)) {
- permissionRoot = permissionStore.child(workspaceName)
- .setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_PERMISSION_STORE, Type.NAME);
- } else {
- permissionRoot = permissionStore.child(workspaceName);
- }
- return permissionRoot;
+ // permission root has been created during workspace initialization
+ return rootBuilder.child(JCR_SYSTEM).child(REP_PERMISSION_STORE).child(workspaceName);
}
@CheckForNull