You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ro...@apache.org on 2017/11/07 09:49:15 UTC
[sling-org-apache-sling-jcr-resourcesecurity] 07/16: Simplify code,
use common method for permission check
This is an automated email from the ASF dual-hosted git repository.
rombert pushed a commit to annotated tag org.apache.sling.jcr.resourcesecurity-1.0.0
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-resourcesecurity.git
commit 27da478a2b02e8f42439e1a40325210984e12e79
Author: Carsten Ziegeler <cz...@apache.org>
AuthorDate: Fri Mar 28 16:51:17 2014 +0000
Simplify code, use common method for permission check
git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/contrib/jcr/resourcesecurity@1582821 13f79535-47bb-0310-9956-ffa450edef68
---
.../impl/ResourceAccessGateFactory.java | 39 +++++-----------------
1 file changed, 8 insertions(+), 31 deletions(-)
diff --git a/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java b/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java
index 7c13fed..6d9c5e2 100644
--- a/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java
+++ b/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java
@@ -20,7 +20,6 @@ package org.apache.sling.jcr.resourcesecurity.impl;
import java.util.Map;
-import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
@@ -74,24 +73,13 @@ public class ResourceAccessGateFactory
}
/**
- * Skip the check if the resource is backed by a JCR resource.
- * This is a sanity check which should usually not be required if the system
- * is configured correctly.
- */
- private boolean skipCheck(final Resource resource) {
- // if resource is backed by a JCR node, skip check
- return resource.adaptTo(Node.class) != null;
- }
-
- /**
* Check the permission
*/
- private GateResult checkPermission(final Resource resource, final String permission) {
- if ( this.skipCheck(resource) ) {
- return GateResult.GRANTED;
- }
+ private GateResult checkPermission(final ResourceResolver resolver,
+ final String path,
+ final String permission) {
boolean granted = false;
- final Session session = resource.getResourceResolver().adaptTo(Session.class);
+ final Session session = resolver.adaptTo(Session.class);
if ( session != null ) {
try {
granted = session.hasPermission(jcrPath, permission);
@@ -139,7 +127,7 @@ public class ResourceAccessGateFactory
*/
@Override
public GateResult canRead(final Resource resource) {
- return this.checkPermission(resource, Session.ACTION_READ);
+ return this.checkPermission(resource.getResourceResolver(), resource.getPath(), Session.ACTION_READ);
}
/**
@@ -147,7 +135,7 @@ public class ResourceAccessGateFactory
*/
@Override
public GateResult canDelete(Resource resource) {
- return this.checkPermission(resource, Session.ACTION_REMOVE);
+ return this.checkPermission(resource.getResourceResolver(), resource.getPath(), Session.ACTION_REMOVE);
}
/**
@@ -155,7 +143,7 @@ public class ResourceAccessGateFactory
*/
@Override
public GateResult canUpdate(Resource resource) {
- return this.checkPermission(resource, Session.ACTION_SET_PROPERTY);
+ return this.checkPermission(resource.getResourceResolver(), resource.getPath(), Session.ACTION_SET_PROPERTY);
}
/**
@@ -163,17 +151,6 @@ public class ResourceAccessGateFactory
*/
@Override
public GateResult canCreate(String absPathName, ResourceResolver resourceResolver) {
- boolean canCreate = false;
-
- final Session session = resourceResolver.adaptTo(Session.class);
- if ( session != null ) {
- try {
- canCreate = session.hasPermission(jcrPath, Session.ACTION_ADD_NODE);
- } catch (final RepositoryException re) {
- // ignore
- }
- }
-
- return canCreate ? GateResult.GRANTED : GateResult.DENIED;
+ return this.checkPermission(resourceResolver, absPathName, Session.ACTION_ADD_NODE);
}
}
--
To stop receiving notification emails like this one, please contact
"commits@sling.apache.org" <co...@sling.apache.org>.