You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2012/10/31 11:28:51 UTC
svn commit: r1404075 - in /jackrabbit/oak/trunk/oak-core/src:
main/java/org/apache/jackrabbit/oak/security/user/
main/java/org/apache/jackrabbit/oak/spi/security/user/
main/java/org/apache/jackrabbit/oak/spi/security/user/action/
test/java/org/apache/j...
Author: angela
Date: Wed Oct 31 10:28:50 2012
New Revision: 1404075
URL: http://svn.apache.org/viewvc?rev=1404075&view=rev
Log:
OAK-50 : Implement User Management (WIP)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AuthorizableAction.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java?rev=1404075&r1=1404074&r2=1404075&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java Wed Oct 31 10:28:50 2012
@@ -239,7 +239,7 @@ public class UserManagerImpl implements
*/
void onCreate(User user, String password) throws RepositoryException {
for (AuthorizableAction action : authorizableActions) {
- action.onCreate(user, password, root);
+ action.onCreate(user, password, root, namePathMapper);
}
}
@@ -253,7 +253,7 @@ public class UserManagerImpl implements
*/
void onCreate(Group group) throws RepositoryException {
for (AuthorizableAction action : authorizableActions) {
- action.onCreate(group, root);
+ action.onCreate(group, root, namePathMapper);
}
}
@@ -267,7 +267,7 @@ public class UserManagerImpl implements
*/
void onRemove(Authorizable authorizable) throws RepositoryException {
for (AuthorizableAction action : authorizableActions) {
- action.onRemove(authorizable, root);
+ action.onRemove(authorizable, root, namePathMapper);
}
}
@@ -282,7 +282,7 @@ public class UserManagerImpl implements
*/
void onPasswordChange(User user, String password) throws RepositoryException {
for (AuthorizableAction action : authorizableActions) {
- action.onPasswordChange(user, password, root);
+ action.onPasswordChange(user, password, root, namePathMapper);
}
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java?rev=1404075&r1=1404074&r2=1404075&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java Wed Oct 31 10:28:50 2012
@@ -116,10 +116,4 @@ public interface UserConstants {
* password hash generation.
*/
String PARAM_PASSWORD_SALT_SIZE = "passwordSaltSize";
- /**
- * Configuration parameter to set the authorizable actions.
- *
- * @see org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableAction
- */
- String PARAM_AUTHORIZABLE_ACTIONS = "authorizableActions";
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java?rev=1404075&r1=1404074&r2=1404075&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java Wed Oct 31 10:28:50 2012
@@ -22,6 +22,7 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
/**
* Abstract implementation of the {@code AuthorizableAction} interface that
@@ -33,40 +34,40 @@ public abstract class AbstractAuthorizab
/**
* Doesn't perform any action.
*
- * @see AuthorizableAction#onCreate(org.apache.jackrabbit.api.security.user.Group, Root)
+ * @see AuthorizableAction#onCreate(org.apache.jackrabbit.api.security.user.Group, org.apache.jackrabbit.oak.api.Root, org.apache.jackrabbit.oak.namepath.NamePathMapper)
*/
@Override
- public void onCreate(Group group, Root root) throws RepositoryException {
+ public void onCreate(Group group, Root root, NamePathMapper namePathMapper) throws RepositoryException {
// nothing to do
}
/**
* Doesn't perform any action.
*
- * @see AuthorizableAction#onCreate(org.apache.jackrabbit.api.security.user.User, String, Root)
+ * @see AuthorizableAction#onCreate(org.apache.jackrabbit.api.security.user.User, String, org.apache.jackrabbit.oak.api.Root, org.apache.jackrabbit.oak.namepath.NamePathMapper)
*/
@Override
- public void onCreate(User user, String password, Root root) throws RepositoryException {
+ public void onCreate(User user, String password, Root root, NamePathMapper namePathMapper) throws RepositoryException {
// nothing to do
}
/**
* Doesn't perform any action.
*
- * @see AuthorizableAction#onRemove(org.apache.jackrabbit.api.security.user.Authorizable, Root)
+ * @see AuthorizableAction#onRemove(org.apache.jackrabbit.api.security.user.Authorizable, org.apache.jackrabbit.oak.api.Root, org.apache.jackrabbit.oak.namepath.NamePathMapper)
*/
@Override
- public void onRemove(Authorizable authorizable, Root root) throws RepositoryException {
+ public void onRemove(Authorizable authorizable, Root root, NamePathMapper namePathMapper) throws RepositoryException {
// nothing to do
}
/**
* Doesn't perform any action.
*
- * @see AuthorizableAction#onPasswordChange(org.apache.jackrabbit.api.security.user.User, String, Root)
+ * @see AuthorizableAction#onPasswordChange(org.apache.jackrabbit.api.security.user.User, String, org.apache.jackrabbit.oak.api.Root, org.apache.jackrabbit.oak.namepath.NamePathMapper)
*/
@Override
- public void onPasswordChange(User user, String newPassword, Root root) throws RepositoryException {
+ public void onPasswordChange(User user, String newPassword, Root root, NamePathMapper namePathMapper) throws RepositoryException {
// nothing to do
}
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java?rev=1404075&r1=1404074&r2=1404075&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java Wed Oct 31 10:28:50 2012
@@ -26,6 +26,7 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.util.Text;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -98,12 +99,12 @@ public class AccessControlAction extends
//-------------------------------------------------< AuthorizableAction >---
@Override
- public void onCreate(Group group, Root root) throws RepositoryException {
+ public void onCreate(Group group, Root root, NamePathMapper namePathMapper) throws RepositoryException {
setAC(group, root);
}
@Override
- public void onCreate(User user, String password, Root root) throws RepositoryException {
+ public void onCreate(User user, String password, Root root, NamePathMapper namePathMapper) throws RepositoryException {
setAC(user, root);
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AuthorizableAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AuthorizableAction.java?rev=1404075&r1=1404074&r2=1404075&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AuthorizableAction.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AuthorizableAction.java Wed Oct 31 10:28:50 2012
@@ -22,6 +22,7 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
/**
* The {@code AuthorizableAction} interface provide an implementation
@@ -47,25 +48,29 @@ public interface AuthorizableAction {
* with the creation of a new group. Note, that this method is called
* <strong>before</strong> any {@code Root#commit()} call.
*
+ *
* @param group The new group that has not yet been persisted;
* e.g. the associated tree is still 'NEW'.
* @param root The root associated with the user manager.
+ * @param namePathMapper
* @throws javax.jcr.RepositoryException If an error occurs.
*/
- void onCreate(Group group, Root root) throws RepositoryException;
+ void onCreate(Group group, Root root, NamePathMapper namePathMapper) throws RepositoryException;
/**
* Allows to add application specific modifications or validation associated
* with the creation of a new user. Note, that this method is called
* <strong>before</strong> any {@code Root#commit()} call.
*
+ *
* @param user The new user that has not yet been persisted;
* e.g. the associated tree is still 'NEW'.
* @param password The password that was specified upon user creation.
* @param root The root associated with the user manager.
+ * @param namePathMapper
* @throws RepositoryException If an error occurs.
*/
- void onCreate(User user, String password, Root root) throws RepositoryException;
+ void onCreate(User user, String password, Root root, NamePathMapper namePathMapper) throws RepositoryException;
/**
* Allows to add application specific behavior associated with the removal
@@ -73,21 +78,25 @@ public interface AuthorizableAction {
* {@link org.apache.jackrabbit.api.security.user.Authorizable#remove} is executed (and persisted); thus the
* target authorizable still exists.
*
+ *
* @param authorizable The authorizable to be removed.
* @param root The root associated with the user manager.
+ * @param namePathMapper
* @throws RepositoryException If an error occurs.
*/
- void onRemove(Authorizable authorizable, Root root) throws RepositoryException;
+ void onRemove(Authorizable authorizable, Root root, NamePathMapper namePathMapper) throws RepositoryException;
/**
* Allows to add application specific action or validation associated with
* changing a user password. Note, that this method is called <strong>before</strong>
* the password property is being modified in the content.
*
+ *
* @param user The user that whose password is going to change.
- * @param newPassword The new password as specified in {@link User#changePassword}
+ * @param newPassword The new password as specified in {@link org.apache.jackrabbit.api.security.user.User#changePassword}
* @param root The root associated with the user manager.
+ * @param namePathMapper
* @throws RepositoryException If an exception or error occurs.
*/
- void onPasswordChange(User user, String newPassword, Root root) throws RepositoryException;
+ void onPasswordChange(User user, String newPassword, Root root, NamePathMapper namePathMapper) throws RepositoryException;
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java?rev=1404075&r1=1404074&r2=1404075&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java Wed Oct 31 10:28:50 2012
@@ -22,18 +22,19 @@ import javax.jcr.RepositoryException;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
/**
* Authorizable action attempting to clear all group membership before removing
* the specified authorizable. If {@link Group#removeMember(Authorizable)}
- * fails due to lack of permissions {@link #onRemove(Authorizable, Root)}
+ * fails due to lack of permissions {@link AuthorizableAction#onRemove(org.apache.jackrabbit.api.security.user.Authorizable, org.apache.jackrabbit.oak.api.Root, org.apache.jackrabbit.oak.namepath.NamePathMapper)}
* throws an exception and removing the specified authorizable will be aborted.
*/
public class ClearMembershipAction extends AbstractAuthorizableAction {
//-------------------------------------------------< AuthorizableAction >---
@Override
- public void onRemove(Authorizable authorizable, Root root) throws RepositoryException {
+ public void onRemove(Authorizable authorizable, Root root, NamePathMapper namePathMapper) throws RepositoryException {
clearMembership(authorizable);
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java?rev=1404075&r1=1404074&r2=1404075&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java Wed Oct 31 10:28:50 2012
@@ -23,6 +23,7 @@ import javax.jcr.nodetype.ConstraintViol
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -55,12 +56,12 @@ public class PasswordValidationAction ex
//-------------------------------------------------< AuthorizableAction >---
@Override
- public void onCreate(User user, String password, Root root) throws RepositoryException {
+ public void onCreate(User user, String password, Root root, NamePathMapper namePathMapper) throws RepositoryException {
validatePassword(password, false);
}
@Override
- public void onPasswordChange(User user, String newPassword, Root root) throws RepositoryException {
+ public void onPasswordChange(User user, String newPassword, Root root, NamePathMapper namePathMapper) throws RepositoryException {
validatePassword(newPassword, true);
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java?rev=1404075&r1=1404074&r2=1404075&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java Wed Oct 31 10:28:50 2012
@@ -112,7 +112,7 @@ public class PasswordValidationActionTes
for (String pw : invalid) {
try {
- pwAction.onPasswordChange(user, pw, root);
+ pwAction.onPasswordChange(user, pw, root, NamePathMapper.DEFAULT);
fail("should throw constraint violation");
} catch (ConstraintViolationException e) {
// success
@@ -127,7 +127,7 @@ public class PasswordValidationActionTes
valid.add("&)(*&^%23qW");
for (String pw : valid) {
- pwAction.onPasswordChange(user, pw, root);
+ pwAction.onPasswordChange(user, pw, root, NamePathMapper.DEFAULT);
}
}
@@ -166,12 +166,12 @@ public class PasswordValidationActionTes
private int onPasswordChangeCalled = 0;
@Override
- public void onCreate(User user, String password, Root root) throws RepositoryException {
+ public void onCreate(User user, String password, Root root, NamePathMapper namePathMapper) throws RepositoryException {
onCreateCalled++;
}
@Override
- public void onPasswordChange(User user, String newPassword, Root root) throws RepositoryException {
+ public void onPasswordChange(User user, String newPassword, Root root, NamePathMapper namePathMapper) throws RepositoryException {
onPasswordChangeCalled++;
}
}