You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2020/10/01 11:59:56 UTC
svn commit: r1882179 - in /jackrabbit/oak/trunk/oak-authorization-cug: ./
src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/
Author: angela
Date: Thu Oct 1 11:59:56 2020
New Revision: 1882179
URL: http://svn.apache.org/viewvc?rev=1882179&view=rev
Log:
OAK-6758 : Convert oak-authorization-cug to OSGi R6 annotations
Modified:
jackrabbit/oak/trunk/oak-authorization-cug/pom.xml
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugExcludeImpl.java
Modified: jackrabbit/oak/trunk/oak-authorization-cug/pom.xml
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-authorization-cug/pom.xml?rev=1882179&r1=1882178&r2=1882179&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-authorization-cug/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-authorization-cug/pom.xml Thu Oct 1 11:59:56 2020
@@ -87,6 +87,7 @@
<artifactId>oak-core</artifactId>
<version>${project.version}</version>
</dependency>
+
<!-- General utility libraries -->
<dependency>
<groupId>com.google.guava</groupId>
@@ -123,14 +124,17 @@
<scope>provided</scope>
</dependency>
<dependency>
- <groupId>org.apache.felix</groupId>
- <artifactId>org.apache.felix.scr.annotations</artifactId>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.annotation</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.osgi</groupId>
- <artifactId>org.osgi.annotation</artifactId>
- <scope>provided</scope>
+ <artifactId>org.osgi.service.component.annotations</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.service.metatype.annotations</artifactId>
</dependency>
<!-- Nullability annotations -->
Modified: jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java?rev=1882179&r1=1882178&r2=1882179&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java (original)
+++ jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java Thu Oct 1 11:59:56 2020
@@ -28,15 +28,6 @@ import javax.jcr.security.AccessControlM
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.ConfigurationPolicy;
-import org.apache.felix.scr.annotations.Modified;
-import org.apache.felix.scr.annotations.Properties;
-import org.apache.felix.scr.annotations.Property;
-import org.apache.felix.scr.annotations.Reference;
-import org.apache.felix.scr.annotations.ReferenceCardinality;
-import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
@@ -50,7 +41,6 @@ import org.apache.jackrabbit.oak.spi.lif
import org.apache.jackrabbit.oak.spi.mount.MountInfoProvider;
import org.apache.jackrabbit.oak.spi.mount.Mounts;
import org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants;
-import org.apache.jackrabbit.oak.spi.security.CompositeConfiguration;
import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.Context;
@@ -66,44 +56,54 @@ import org.apache.jackrabbit.oak.spi.sta
import org.apache.jackrabbit.oak.spi.state.NodeStore;
import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
import org.jetbrains.annotations.NotNull;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.ConfigurationPolicy;
+import org.osgi.service.component.annotations.Modified;
+import org.osgi.service.component.annotations.Reference;
+import org.osgi.service.component.annotations.ReferenceCardinality;
+import org.osgi.service.metatype.annotations.AttributeDefinition;
+import org.osgi.service.metatype.annotations.Designate;
+import org.osgi.service.metatype.annotations.ObjectClassDefinition;
import static org.apache.jackrabbit.oak.spi.security.RegistrationConstants.OAK_SECURITY_NAME;
-@Component(metatype = true,
- label = "Apache Jackrabbit Oak CUG Configuration",
- description = "Authorization configuration dedicated to setup and evaluate 'Closed User Group' permissions.",
- policy = ConfigurationPolicy.REQUIRE)
-@Service({AuthorizationConfiguration.class, SecurityConfiguration.class})
-@Properties({
- @Property(name = CugConstants.PARAM_CUG_SUPPORTED_PATHS,
- label = "Supported Paths",
- description = "Paths under which CUGs can be created and will be evaluated.",
- cardinality = Integer.MAX_VALUE),
- @Property(name = CugConstants.PARAM_CUG_ENABLED,
- label = "CUG Evaluation Enabled",
- description = "Flag to enable the evaluation of the configured CUG policies.",
- boolValue = false),
- @Property(name = CompositeConfiguration.PARAM_RANKING,
- label = "Ranking",
- description = "Ranking of this configuration in a setup with multiple authorization configurations.",
- intValue = 200),
- @Property(name = OAK_SECURITY_NAME,
- propertyPrivate = true,
- value = "org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugConfiguration")
-})
+@Component(
+ service = {AuthorizationConfiguration.class, SecurityConfiguration.class},
+ property = OAK_SECURITY_NAME + "=org.apache.jackrabbit.oak.spi.security.authorization.cug.impl.CugConfiguration",
+ configurationPolicy = ConfigurationPolicy.REQUIRE)
+@Designate(ocd = CugConfiguration.Configuration.class)
public class CugConfiguration extends ConfigurationBase implements AuthorizationConfiguration, CugConstants {
+ @ObjectClassDefinition(name = "Apache Jackrabbit Oak CUG Configuration",
+ description = "Authorization configuration dedicated to setup and evaluate 'Closed User Group' permissions.")
+ @interface Configuration {
+ @AttributeDefinition(
+ name = "Supported Paths",
+ description = "Paths under which CUGs can be created and will be evaluated.",
+ cardinality = Integer.MAX_VALUE)
+ String[] cugSupportedPaths() default {};
+
+ @AttributeDefinition(
+ name = "CUG Evaluation Enabled",
+ description = "Flag to enable the evaluation of the configured CUG policies.")
+ boolean cugEnabled() default false;
+
+ @AttributeDefinition(
+ name = "Ranking",
+ description = "Ranking of this configuration in a setup with multiple authorization configurations.")
+ int configurationRanking() default 200;
+ }
+
/**
* Reference to services implementing {@link org.apache.jackrabbit.oak.spi.security.authorization.cug.CugExclude}.
*/
- @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY)
private CugExclude exclude;
/**
* Reference to service implementing {@link MountInfoProvider} to make the
* CUG authorization model multiplexing aware.
*/
- @Reference
private MountInfoProvider mountInfoProvider = Mounts.defaultMountInfoProvider();
private Set<String> supportedPaths = ImmutableSet.of();
@@ -206,6 +206,7 @@ public class CugConfiguration extends Co
activate(properties);
}
+ @Reference(name="mountInfoProvider")
public void bindMountInfoProvider(MountInfoProvider mountInfoProvider) {
this.mountInfoProvider = mountInfoProvider;
}
@@ -216,6 +217,7 @@ public class CugConfiguration extends Co
this.mountInfoProvider = null;
}
+ @Reference(name="exclude", cardinality = ReferenceCardinality.MANDATORY)
public void bindExclude(CugExclude exclude) {
this.exclude = exclude;
}
Modified: jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugExcludeImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugExcludeImpl.java?rev=1882179&r1=1882178&r2=1882179&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugExcludeImpl.java (original)
+++ jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugExcludeImpl.java Thu Oct 1 11:59:56 2020
@@ -21,35 +21,36 @@ import java.util.Collections;
import java.util.Map;
import java.util.Set;
import com.google.common.collect.ImmutableSet;
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.Modified;
-import org.apache.felix.scr.annotations.Properties;
-import org.apache.felix.scr.annotations.Property;
-import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.oak.commons.PropertiesUtil;
import org.apache.jackrabbit.oak.spi.security.authorization.cug.CugExclude;
import org.jetbrains.annotations.NotNull;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.Modified;
+import org.osgi.service.metatype.annotations.AttributeDefinition;
+import org.osgi.service.metatype.annotations.Designate;
+import org.osgi.service.metatype.annotations.ObjectClassDefinition;
/**
* Extension of the default {@link org.apache.jackrabbit.oak.spi.security.authorization.cug.CugExclude}
* implementation that allow to specify additional principal names to be excluded
* from CUG evaluation.
*/
-@Component(metatype = true,
- immediate = true,
- label = "Apache Jackrabbit Oak CUG Exclude List",
- description = "Exclude principal(s) from CUG evaluation. In addition to the " +
- "principals defined by the default CugExclude ('AdminPrincipal', 'SystemPrincipal', 'SystemUserPrincipal' classes), " +
- "this component allows to optionally configure additional principals by name.")
-@Service({CugExclude.class})
-@Properties({
- @Property(name = "principalNames",
- label = "Principal Names",
+@Component(service = CugExclude.class, immediate = true)
+@Designate(ocd = CugExcludeImpl.Configuration.class)
+public class CugExcludeImpl extends CugExclude.Default {
+
+ @ObjectClassDefinition(name = "Apache Jackrabbit Oak CUG Exclude List",
+ description = "Exclude principal(s) from CUG evaluation. In addition to the " +
+ "principals defined by the default CugExclude ('AdminPrincipal', 'SystemPrincipal', 'SystemUserPrincipal' classes), " +
+ "this component allows to optionally configure additional principals by name.")
+ @interface Configuration {
+ @AttributeDefinition(
+ name = "Principal Names",
description = "Name(s) of additional principal(s) that are excluded from CUG evaluation.",
cardinality = Integer.MAX_VALUE)
-})
-public class CugExcludeImpl extends CugExclude.Default {
+ String[] principalNames() default {};
+ }
private Set<String> principalNames = Collections.emptySet();