You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/10/10 15:03:44 UTC
svn commit: r1530960 - in
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak:
core/ plugins/version/ security/authorization/
security/authorization/permission/ security/privilege/ security/user/
spi/security/ spi/security/authorizat...
Author: angela
Date: Thu Oct 10 13:03:43 2013
New Revision: 1530960
URL: http://svn.apache.org/r1530960
Log:
OAK-527: simplify, minor improvement
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecurityContext.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/TreeTypeProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionConstants.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationContext.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContext.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserContext.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/Context.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/ReadStatus.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeConstants.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java?rev=1530960&r1=1530959&r2=1530960&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java Thu Oct 10 13:03:43 2013
@@ -27,8 +27,6 @@ import org.apache.jackrabbit.oak.api.Typ
import org.apache.jackrabbit.oak.spi.state.NodeState;
import org.apache.jackrabbit.oak.spi.state.ReadOnlyBuilder;
-import static com.google.common.base.Preconditions.checkNotNull;
-
/**
* Immutable implementation of the {@code Tree} interface in order to provide
* the much feature rich API functionality for a given {@code NodeState}.
@@ -120,8 +118,8 @@ public final class ImmutableTree extends
@Nonnull NodeState state, @Nonnull TreeTypeProvider typeProvider) {
super(name, new ReadOnlyBuilder(state));
this.state = state;
- this.parentProvider = checkNotNull(parentProvider);
- this.typeProvider = checkNotNull(typeProvider);
+ this.parentProvider = parentProvider;
+ this.typeProvider = typeProvider;
}
public static ImmutableTree createFromRoot(@Nonnull Root root, @Nonnull TreeTypeProvider typeProvider) {
@@ -295,8 +293,8 @@ public final class ImmutableTree extends
public static final class DefaultParentProvider implements ParentProvider {
private final ImmutableTree parent;
- DefaultParentProvider(ImmutableTree parent) {
- this.parent = checkNotNull(parent);
+ DefaultParentProvider(@Nonnull ImmutableTree parent) {
+ this.parent = parent;
}
@Override
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecurityContext.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecurityContext.java?rev=1530960&r1=1530959&r2=1530960&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecurityContext.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecurityContext.java Thu Oct 10 13:03:43 2013
@@ -69,7 +69,7 @@ class SecurityContext {
this.permissionProvider = parent.permissionProvider;
this.acContext = parent.acContext;
if (base.getType() == parent.base.getType()) {
- readStatus = ReadStatus.getChildStatus(parent.readStatus, acContext.hasChildItems(parent.base));
+ readStatus = ReadStatus.getChildStatus(parent.readStatus);
} else {
readStatus = null;
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/TreeTypeProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/TreeTypeProviderImpl.java?rev=1530960&r1=1530959&r2=1530960&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/TreeTypeProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/TreeTypeProviderImpl.java Thu Oct 10 13:03:43 2013
@@ -55,10 +55,9 @@ public final class TreeTypeProviderImpl
String name = tree.getName();
if (NodeStateUtils.isHidden(name)) {
type = TYPE_HIDDEN;
- } else if (VersionConstants.VERSION_NODE_NAMES.contains(name) ||
- VersionConstants.VERSION_NODE_TYPE_NAMES.contains(NodeStateUtils.getPrimaryTypeName(tree.state))) {
+ } else if (VersionConstants.VERSION_STORE_ROOT_NAMES.contains(name)) {
type = TYPE_VERSION;
- } else if (contextInfo.definesTree(tree)) {
+ } else if (contextInfo.definesContextRoot(tree)) {
type = TYPE_AC;
} else {
type = TYPE_DEFAULT;
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionConstants.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionConstants.java?rev=1530960&r1=1530959&r2=1530960&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionConstants.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionConstants.java Thu Oct 10 13:03:43 2013
@@ -19,7 +19,9 @@ package org.apache.jackrabbit.oak.plugin
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
+import java.util.Set;
+import com.google.common.collect.ImmutableSet;
import org.apache.jackrabbit.JcrConstants;
/**
@@ -147,4 +149,15 @@ public interface VersionConstants extend
REP_ACTIVITIES,
REP_CONFIGURATIONS
));
+
+ Set<String> VERSION_STORE_ROOT_NAMES = ImmutableSet.of(
+ JcrConstants.JCR_VERSIONSTORAGE,
+ VersionConstants.JCR_CONFIGURATIONS,
+ VersionConstants.JCR_ACTIVITIES);
+
+ Set<String> VERSION_STORE_NT_NAMES = ImmutableSet.of(
+ VersionConstants.REP_VERSIONSTORAGE,
+ VersionConstants.REP_ACTIVITIES,
+ VersionConstants.REP_CONFIGURATIONS
+ );
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationContext.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationContext.java?rev=1530960&r1=1530959&r2=1530960&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationContext.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationContext.java Thu Oct 10 13:03:43 2013
@@ -16,6 +16,8 @@
*/
package org.apache.jackrabbit.oak.security.authorization;
+import javax.annotation.Nonnull;
+
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants;
@@ -43,6 +45,12 @@ final class AuthorizationContext impleme
}
@Override
+ public boolean definesContextRoot(@Nonnull Tree tree) {
+ String name = tree.getName();
+ return POLICY_NODE_NAMES.contains(name) || REP_PERMISSION_STORE.equals(name);
+ }
+
+ @Override
public boolean definesTree(Tree tree) {
String ntName = TreeUtil.getPrimaryTypeName(tree);
return AC_NODETYPE_NAMES.contains(ntName) || PERMISSION_NODETYPE_NAMES.contains(ntName);
@@ -61,14 +69,4 @@ final class AuthorizationContext impleme
}
}
- @Override
- public boolean hasChildItems(Tree parent) {
- for (String name : POLICY_NODE_NAMES) {
- if (parent.hasChild(name)) {
- return true;
- }
- }
- String ntName = TreeUtil.getPrimaryTypeName(parent);
- return AC_NODETYPE_NAMES.contains(ntName) || PERMISSION_NODETYPE_NAMES.contains(ntName);
- }
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java?rev=1530960&r1=1530959&r2=1530960&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java Thu Oct 10 13:03:43 2013
@@ -62,11 +62,6 @@ public class PermissionProviderImpl impl
private static final Logger log = LoggerFactory.getLogger(PermissionProviderImpl.class);
- private static final Set<String> V_ROOT_NAMES = ImmutableSet.of(
- JcrConstants.JCR_VERSIONSTORAGE,
- VersionConstants.JCR_CONFIGURATIONS,
- VersionConstants.JCR_ACTIVITIES);
-
private final Root root;
private final String workspaceName;
@@ -249,7 +244,7 @@ public class PermissionProviderImpl impl
String propName = (property == null) ? "" : property.getName();
String versionablePath = null;
Tree t = versionStoreTree;
- while (t.exists() && !t.isRoot() && !V_ROOT_NAMES.contains(t.getName())) {
+ while (t.exists() && !t.isRoot() && !VersionConstants.VERSION_STORE_ROOT_NAMES.contains(t.getName())) {
String ntName = checkNotNull(TreeUtil.getPrimaryTypeName(t));
if (VersionConstants.JCR_FROZENNODE.equals(t.getName()) && t != versionStoreTree) {
relPath = PathUtils.relativize(t.getPath(), versionStoreTree.getPath());
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContext.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContext.java?rev=1530960&r1=1530959&r2=1530960&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContext.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContext.java Thu Oct 10 13:03:43 2013
@@ -16,6 +16,8 @@
*/
package org.apache.jackrabbit.oak.security.privilege;
+import javax.annotation.Nonnull;
+
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.util.TreeLocation;
@@ -41,8 +43,13 @@ final class PrivilegeContext implements
}
@Override
+ public boolean definesContextRoot(@Nonnull Tree tree) {
+ return REP_PRIVILEGES.equals(tree.getName());
+ }
+
+ @Override
public boolean definesTree(Tree tree) {
- return NT_REP_PRIVILEGE.equals(TreeUtil.getPrimaryTypeName(tree));
+ return PRIVILEGE_NODETYPE_NAMES.contains(TreeUtil.getPrimaryTypeName(tree));
}
@Override
@@ -50,10 +57,4 @@ final class PrivilegeContext implements
return location.getPath().startsWith(PRIVILEGES_PATH);
}
- @Override
- public boolean hasChildItems(Tree parent) {
- return parent.hasChild(REP_PRIVILEGES)
- || NT_REP_PRIVILEGES.equals(TreeUtil.getPrimaryTypeName(parent))
- || NT_REP_PRIVILEGE.equals(TreeUtil.getPrimaryTypeName(parent));
- }
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserContext.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserContext.java?rev=1530960&r1=1530959&r2=1530960&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserContext.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserContext.java Thu Oct 10 13:03:43 2013
@@ -16,6 +16,8 @@
*/
package org.apache.jackrabbit.oak.security.user;
+import javax.annotation.Nonnull;
+
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.util.TreeLocation;
@@ -50,6 +52,11 @@ final class UserContext implements Conte
}
@Override
+ public boolean definesContextRoot(@Nonnull Tree tree) {
+ return definesTree(tree);
+ }
+
+ @Override
public boolean definesTree(Tree tree) {
String ntName = TreeUtil.getPrimaryTypeName(tree);
return NT_REP_GROUP.equals(ntName) || NT_REP_USER.equals(ntName) || NT_REP_MEMBERS.equals(ntName);
@@ -75,18 +82,4 @@ final class UserContext implements Conte
}
}
- @Override
- public boolean hasChildItems(Tree parent) {
- if (NODE_TYPE_NAMES.contains(TreeUtil.getPrimaryTypeName(parent))) {
- // covers all properties
- return true;
- }
- for (Tree child : parent.getChildren()) {
- String ntName = TreeUtil.getPrimaryTypeName(child);
- if (NODE_TYPE_NAMES.contains(ntName)) {
- return true;
- }
- }
- return false;
- }
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/Context.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/Context.java?rev=1530960&r1=1530959&r2=1530960&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/Context.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/Context.java Thu Oct 10 13:03:43 2013
@@ -16,6 +16,8 @@
*/
package org.apache.jackrabbit.oak.spi.security;
+import javax.annotation.Nonnull;
+
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.util.TreeLocation;
@@ -25,33 +27,34 @@ import org.apache.jackrabbit.oak.util.Tr
*/
public interface Context {
- boolean definesProperty(Tree parent, PropertyState property);
+ boolean definesProperty(@Nonnull Tree parent, @Nonnull PropertyState property);
- boolean definesTree(Tree tree);
+ boolean definesContextRoot(@Nonnull Tree tree);
- boolean definesLocation(TreeLocation location);
+ boolean definesTree(@Nonnull Tree tree);
- boolean hasChildItems(Tree parent);
+ boolean definesLocation(@Nonnull TreeLocation location);
class Default implements Context {
@Override
- public boolean definesProperty(Tree parent, PropertyState property) {
+ public boolean definesProperty(@Nonnull Tree parent, @Nonnull PropertyState property) {
return false;
}
@Override
- public boolean definesTree(Tree tree) {
+ public boolean definesContextRoot(@Nonnull Tree tree) {
return false;
}
@Override
- public boolean definesLocation(TreeLocation location) {
+ public boolean definesTree(@Nonnull Tree tree) {
return false;
}
@Override
- public boolean hasChildItems(Tree parent) {
+ public boolean definesLocation(@Nonnull TreeLocation location) {
return false;
}
+
}
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/ReadStatus.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/ReadStatus.java?rev=1530960&r1=1530959&r2=1530960&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/ReadStatus.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/ReadStatus.java Thu Oct 10 13:03:43 2013
@@ -78,8 +78,7 @@ public class ReadStatus {
}
@CheckForNull
- public static ReadStatus getChildStatus(@Nullable ReadStatus parentStatus,
- boolean hasAcChildren) {
+ public static ReadStatus getChildStatus(@Nullable ReadStatus parentStatus) {
if (parentStatus == null) {
return null;
}
@@ -89,22 +88,14 @@ public class ReadStatus {
return null; // recalculate for child items
case STATUS_CHILDREN:
case STATUS_NODES:
- if (hasAcChildren) {
- return null;
- } else {
- return (parentStatus.isAllow) ? ALLOW_NODES : DENY_NODES;
- }
+ return null;
case STATUS_PROPERTIES:
case STATUS_THIS_PROPERTIES:
// TODO
return null; // recalculate for properties of child node
case STATUS_CHILDITEMS:
case STATUS_ALL_REGULAR:
- if (hasAcChildren) {
- return null;
- } else {
- return (parentStatus.isAllow) ? ALLOW_ALL_REGULAR : DENY_ALL_REGULAR;
- }
+ return null;
case STATUS_ACCESS_CONTROL:
// TODO
return null; // recalculate
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeConstants.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeConstants.java?rev=1530960&r1=1530959&r2=1530960&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeConstants.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeConstants.java Thu Oct 10 13:03:43 2013
@@ -69,6 +69,11 @@ public interface PrivilegeConstants {
String NT_REP_PRIVILEGE = "rep:Privilege";
/**
+ * Node type names associated with privilege content
+ */
+ Set<String> PRIVILEGE_NODETYPE_NAMES = ImmutableSet.of(NT_REP_PRIVILEGES, NT_REP_PRIVILEGE);
+
+ /**
* Name of the privilege definition property that stores the internal representation
* of this privilege.
*/