You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/02/27 18:04:31 UTC
svn commit: r1450844 - in
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization:
PermissionValidator.java permission/PermissionProviderImpl.java
Author: angela
Date: Wed Feb 27 17:04:30 2013
New Revision: 1450844
URL: http://svn.apache.org/r1450844
Log:
OAK-527: permissions (wip)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidator.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidator.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidator.java?rev=1450844&r1=1450843&r2=1450844&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidator.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidator.java Wed Feb 27 17:04:30 2013
@@ -33,6 +33,8 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.state.NodeState;
import org.apache.jackrabbit.oak.spi.state.NodeStateUtils;
+import static com.google.common.base.Preconditions.checkNotNull;
+
/**
* Validator implementation that checks for sufficient permission for all
* write operations executed by a given content session.
@@ -91,7 +93,7 @@ class PermissionValidator implements Val
@Override
public Validator childNodeAdded(String name, NodeState after) throws CommitFailedException {
- Tree child = parentAfter.getChild(name);
+ Tree child = checkNotNull(parentAfter.getChild(name));
return checkPermissions(child, false, Permissions.ADD_NODE);
}
@@ -107,7 +109,7 @@ class PermissionValidator implements Val
@Override
public Validator childNodeDeleted(String name, NodeState before) throws CommitFailedException {
- Tree child = parentBefore.getChild(name);
+ Tree child = checkNotNull(parentBefore.getChild(name));
return checkPermissions(child, true, Permissions.REMOVE_NODE);
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java?rev=1450844&r1=1450843&r2=1450844&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java Wed Feb 27 17:04:30 2013
@@ -46,6 +46,8 @@ import org.apache.jackrabbit.util.Text;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import static com.google.common.base.Preconditions.checkNotNull;
+
/**
* PermissionProviderImpl... TODO
* <p/>
@@ -124,7 +126,8 @@ public class PermissionProviderImpl impl
@Override
public boolean isGranted(@Nonnull Tree tree, long permissions) {
if (isVersionContent(tree)) {
- return compiledPermissions.isGranted(getVersionablePath(tree, null), permissions);
+ String path = getVersionablePath(tree, null);
+ return path != null && compiledPermissions.isGranted(path, permissions);
} else {
return compiledPermissions.isGranted(tree, permissions);
}
@@ -133,7 +136,8 @@ public class PermissionProviderImpl impl
@Override
public boolean isGranted(@Nonnull Tree parent, @Nonnull PropertyState property, long permissions) {
if (isVersionContent(parent)) {
- return compiledPermissions.isGranted(getVersionablePath(parent, property), permissions);
+ String path = getVersionablePath(parent, property);
+ return path != null && compiledPermissions.isGranted(path, permissions);
} else {
return compiledPermissions.isGranted(parent, property, permissions);
}
@@ -146,10 +150,15 @@ public class PermissionProviderImpl impl
if (!location.exists()) {
// TODO: deal with version content
return compiledPermissions.isGranted(oakPath, permissions);
- } else if (location.getProperty() != null) {
- return isGranted(location.getTree(), location.getProperty(), permissions);
+ }
+
+ PropertyState property = location.getProperty();
+ if (property != null) {
+ Tree parent = location.getParent().getTree();
+ return parent != null && isGranted(parent, property, permissions);
} else {
- return isGranted(location.getTree(), permissions);
+ Tree tree = location.getTree();
+ return tree != null && isGranted(tree, permissions);
}
}
@@ -217,7 +226,7 @@ public class PermissionProviderImpl impl
Tree t = versionStoreTree;
while (t != null && !JcrConstants.JCR_VERSIONSTORAGE.equals(t.getName())) {
String name = t.getName();
- String ntName = TreeUtil.getPrimaryTypeName(t);
+ String ntName = checkNotNull(TreeUtil.getPrimaryTypeName(t));
if (VersionConstants.JCR_FROZENNODE.equals(name) && t != versionStoreTree) {
relPath = PathUtils.relativize(t.getPath(), versionStoreTree.getPath());
} else if (JcrConstants.NT_VERSIONHISTORY.equals(ntName)) {