You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2016/02/04 17:52:32 UTC
svn commit: r1728510 - in /jackrabbit/oak/trunk/oak-exercise: ./
src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/
src/main/java/org/apache/jackrabbit/oak/security/principal/
src/test/java/org/apache/jackrabbit/oak/security/pr...
Author: angela
Date: Thu Feb 4 16:52:32 2016
New Revision: 1728510
URL: http://svn.apache.org/viewvc?rev=1728510&view=rev
Log:
OAK-3008 : Training material for Oak security (WIP)
Modified:
jackrabbit/oak/trunk/oak-exercise/pom.xml
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/CustomRestrictionProvider.java
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/security/principal/CustomPrincipalConfiguration.java
jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L3_BuiltInPrivilegesTest.java
jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L5_PrivilegeContentTest.java
jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L6_JcrAllTest.java
Modified: jackrabbit/oak/trunk/oak-exercise/pom.xml
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/pom.xml?rev=1728510&r1=1728509&r2=1728510&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-exercise/pom.xml Thu Feb 4 16:52:32 2016
@@ -29,6 +29,7 @@
<artifactId>oak-exercise</artifactId>
<name>Oak Exercises</name>
+ <packaging>bundle</packaging>
<properties>
<skip.deployment>false</skip.deployment>
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/CustomRestrictionProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/CustomRestrictionProvider.java?rev=1728510&r1=1728509&r2=1728510&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/CustomRestrictionProvider.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/CustomRestrictionProvider.java Thu Feb 4 16:52:32 2016
@@ -16,12 +16,19 @@
*/
package org.apache.jackrabbit.oak.security.authorization.restriction;
+import java.util.Map;
import java.util.Set;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.jcr.RepositoryException;
import javax.jcr.Value;
+import org.apache.felix.scr.annotations.Activate;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.ConfigurationPolicy;
+import org.apache.felix.scr.annotations.Deactivate;
+import org.apache.felix.scr.annotations.Modified;
+import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction;
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionDefinition;
@@ -31,6 +38,8 @@ import org.apache.jackrabbit.oak.spi.sec
/**
* EXERCISE: complete the implemenation
*/
+@Component(metatype = true, policy = ConfigurationPolicy.REQUIRE)
+@Service({RestrictionProvider.class})
public class CustomRestrictionProvider implements RestrictionProvider {
@Nonnull
@@ -86,4 +95,19 @@ public class CustomRestrictionProvider i
// EXERCISE
return null;
}
+
+ @SuppressWarnings("UnusedDeclaration")
+ @Activate
+ private void activate(Map<String, Object> properties) {
+ }
+
+ @SuppressWarnings("UnusedDeclaration")
+ @Modified
+ private void modified(Map<String, Object> properties) {
+ }
+
+ @SuppressWarnings("UnusedDeclaration")
+ @Deactivate
+ private void deactivate(Map<String, Object> properties) {
+ }
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/security/principal/CustomPrincipalConfiguration.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/security/principal/CustomPrincipalConfiguration.java?rev=1728510&r1=1728509&r2=1728510&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/security/principal/CustomPrincipalConfiguration.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/security/principal/CustomPrincipalConfiguration.java Thu Feb 4 16:52:32 2016
@@ -16,14 +16,19 @@
*/
package org.apache.jackrabbit.oak.security.principal;
+import java.util.Map;
import javax.annotation.Nonnull;
+import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.ConfigurationPolicy;
+import org.apache.felix.scr.annotations.Deactivate;
+import org.apache.felix.scr.annotations.Modified;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.commons.PropertiesUtil;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
@@ -48,12 +53,14 @@ public class CustomPrincipalConfiguratio
@Nonnull
@Override
public PrincipalManager getPrincipalManager(Root root, NamePathMapper namePathMapper) {
+ log.info("CustomPrincipalConfiguration.getPrincipalManager");
return new PrincipalManagerImpl(getPrincipalProvider(root, namePathMapper));
}
@Nonnull
@Override
public PrincipalProvider getPrincipalProvider(Root root, NamePathMapper namePathMapper) {
+ log.info("CustomPrincipalConfiguration.getPrincipalProvider");
return new CustomPrincipalProvider(knownPrincipals);
}
@@ -62,4 +69,25 @@ public class CustomPrincipalConfiguratio
public String getName() {
return PrincipalConfiguration.NAME;
}
+
+ @SuppressWarnings("UnusedDeclaration")
+ @Activate
+ private void activate(Map<String, Object> properties) {
+ knownPrincipals = PropertiesUtil.toStringArray(properties.get("knownPrincipals"), new String[0]);
+ log.info("CustomPrincipalConfiguration.activate: " + knownPrincipals);
+ }
+
+ @SuppressWarnings("UnusedDeclaration")
+ @Modified
+ private void modified(Map<String, Object> properties) {
+ knownPrincipals = PropertiesUtil.toStringArray(properties.get("knownPrincipals"), new String[0]);
+ log.info("CustomPrincipalConfiguration.modified: " + knownPrincipals);
+ }
+
+ @SuppressWarnings("UnusedDeclaration")
+ @Deactivate
+ private void deactivate(Map<String, Object> properties) {
+ knownPrincipals = new String[0];
+ log.info("CustomPrincipalConfiguration.deactivate");
+ }
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L3_BuiltInPrivilegesTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L3_BuiltInPrivilegesTest.java?rev=1728510&r1=1728509&r2=1728510&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L3_BuiltInPrivilegesTest.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L3_BuiltInPrivilegesTest.java Thu Feb 4 16:52:32 2016
@@ -36,7 +36,6 @@ import org.apache.jackrabbit.oak.Abstrac
import org.apache.jackrabbit.oak.api.CommitFailedException;
import org.apache.jackrabbit.oak.api.ContentSession;
import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBitsProvider;
import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
import org.junit.Test;
@@ -105,7 +104,6 @@ public class L3_BuiltInPrivilegesTest ex
private Root testRoot;
private AccessControlManager acMgr;
- private PrivilegeBitsProvider privilegeBitsProvider;
@Override
public void before() throws Exception {
@@ -179,7 +177,7 @@ public class L3_BuiltInPrivilegesTest ex
root.commit();
}
- public void clearAcl(AccessControlManager acMgr) throws RepositoryException, CommitFailedException {
+ private void clearAcl(AccessControlManager acMgr) throws RepositoryException, CommitFailedException {
AccessControlPolicy[] policies = acMgr.getPolicies("/");
for (AccessControlPolicy policy : policies) {
acMgr.removePolicy("/", policy);
Modified: jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L5_PrivilegeContentTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L5_PrivilegeContentTest.java?rev=1728510&r1=1728509&r2=1728510&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L5_PrivilegeContentTest.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L5_PrivilegeContentTest.java Thu Feb 4 16:52:32 2016
@@ -113,13 +113,13 @@ public class L5_PrivilegeContentTest ext
public void testPrivilegeRoot() {
Tree privilegesRoot = root.getTree(PrivilegeConstants.PRIVILEGES_PATH);
- String name = null; // TODO
+ String name = null; // EXERCISE
assertEquals(name, privilegesRoot.getName());
- String primaryType = null; // TODO
+ String primaryType = null; // EXERCISE
assertEquals(primaryType, TreeUtil.getPrimaryTypeName(privilegesRoot));
- // TODO: look at the node type definition in the file 'builtin-nodetypes.cnd'
+ // EXERCISE: look at the node type definition in the file 'builtin-nodetypes.cnd'
// Question: can you predict how the tree defined the 'privilegesRoot' tree looks like?
}
@@ -129,16 +129,16 @@ public class L5_PrivilegeContentTest ext
PrivilegeDefinition def = PrivilegeUtil.readDefinition(repWriteTree);
- String expectedName = null; // TODO
+ String expectedName = null; // EXERCISE
assertEquals(expectedName, def.getName());
- boolean isAbstract = false; // TODO
+ boolean isAbstract = false; // EXERCISE
assertEquals(isAbstract, def.isAbstract());
- Set<String> expectedAggregates = null; // TODO
+ Set<String> expectedAggregates = null; // EXERCISE
assertEquals(expectedAggregates, def.getDeclaredAggregateNames());
- // TODO: compare the internal privilege definition (and it's tree representation) with the privilege itself.
+ // EXERCISE: compare the internal privilege definition (and it's tree representation) with the privilege itself.
Privilege repWritePrivilege = getPrivilegeManager(root).getPrivilege(PrivilegeConstants.REP_WRITE);
}
@@ -153,8 +153,8 @@ public class L5_PrivilegeContentTest ext
PrivilegeBits readBits = PrivilegeBits.getInstance(jcrReadTree);
PrivilegeBits writeBits = PrivilegeBits.getInstance(jcrReadTree);
- // TODO: play with 'PrivilegeBits' methods to compare 'privilegeBits' with 'readBits' and 'writeBits'
- // TODO: retrieve the property that stores the long representation of each privilege above
+ // EXERCISE: play with 'PrivilegeBits' methods to compare 'privilegeBits' with 'readBits' and 'writeBits'
+ // EXERCISE: retrieve the property that stores the long representation of each privilege above
}
@Test
@@ -165,12 +165,12 @@ public class L5_PrivilegeContentTest ext
Privilege newPrivilege = privilegeManager.registerPrivilege("myPrivilege", true, null);
root.commit();
- // TODO: compare the 'next' property state with rep:bits property of the newly created privilege.
+ // EXERCISE: compare the 'next' property state with rep:bits property of the newly created privilege.
PropertyState nextAgain = PrivilegeUtil.getPrivilegesTree(root).getProperty(PrivilegeConstants.REP_NEXT);
- // TODO: look at the new value of rep:next and explain it. Q: where did it get modified?
+ // EXERCISE: look at the new value of rep:next and explain it. Q: where did it get modified?
- // TODO: try to modify rep:next manually and explain what happens.
+ // EXERCISE: try to modify rep:next manually and explain what happens.
}
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L6_JcrAllTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L6_JcrAllTest.java?rev=1728510&r1=1728509&r2=1728510&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L6_JcrAllTest.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/security/privilege/L6_JcrAllTest.java Thu Feb 4 16:52:32 2016
@@ -67,7 +67,7 @@ public class L6_JcrAllTest extends Abstr
@Test
public void testManualModification() throws Exception {
- // TODO: fix the test case such that it passes.
+ // EXERCISE: fix the test case such that it passes.
Tree jcrAllTree = PrivilegeUtil.getPrivilegesTree(root).getChild(PrivilegeConstants.JCR_ALL);