You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-dev@jakarta.apache.org by cm...@apache.org on 2002/03/02 17:47:19 UTC
cvs commit: jakarta-slide/src/webdav/server/org/apache/slide/webdav/method AclMethod.java
cmlenz 02/03/02 08:47:19
Modified: src/webdav/server/org/apache/slide/webdav/method Tag:
SLIDE_1_0 AclMethod.java
Log:
Porting bugfixes/enhancements from the HEAD branch:
- Committed by juergen, 02/01/04 07:23:25
"added inheritance feature."
[ugh. now look at this diff!]
Revision Changes Path
No revision
No revision
1.14.2.1 +142 -123 jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/AclMethod.java
Index: AclMethod.java
===================================================================
RCS file: /home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/AclMethod.java,v
retrieving revision 1.14
retrieving revision 1.14.2.1
diff -u -r1.14 -r1.14.2.1
--- AclMethod.java 6 Nov 2001 19:40:55 -0000 1.14
+++ AclMethod.java 2 Mar 2002 16:47:19 -0000 1.14.2.1
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/AclMethod.java,v 1.14 2001/11/06 19:40:55 remm Exp $
- * $Revision: 1.14 $
- * $Date: 2001/11/06 19:40:55 $
+ * $Header: /home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/AclMethod.java,v 1.14.2.1 2002/03/02 16:47:19 cmlenz Exp $
+ * $Revision: 1.14.2.1 $
+ * $Date: 2002/03/02 16:47:19 $
*
* ====================================================================
*
@@ -185,15 +185,19 @@
(NodeProperty.DEFAULT_NAMESPACE, "ace");
for (int i = 0; i < aceList.getLength(); i++) {
-
+ boolean inheritable = true;
Element ace = (Element) aceList.item(i);
- // Ingnore inherited permissions
- int inheritedCount = ace.getElementsByTagNameNS
- (NodeProperty.DEFAULT_NAMESPACE, "inherited")
- .getLength();
- if (inheritedCount == 1)
- continue;
+ // inherited permissions
+ NodeList inheritedList = ace.getElementsByTagNameNS
+ (NodeProperty.DEFAULT_NAMESPACE, "inherited");
+ int inheritedCount = inheritedList.getLength();
+ if (inheritedCount == 1) {
+ Element inheritedElement = (Element) inheritedList.item(0);
+ String inherited = parseInheritence(inheritedElement);
+ if (inherited.equalsIgnoreCase("false")) inheritable = false;
+ // continue;
+ }
if (inheritedCount > 1) {
resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
throw new WebdavException(WebdavStatus.SC_BAD_REQUEST);
@@ -245,7 +249,7 @@
(NodeProperty.DEFAULT_NAMESPACE, "privilege");
}
- boolean inheritable = true;
+
// FIXME : Use the very unofficial Advanced ACL spec here.
for (int j = 0; j < privilegeList.getLength(); j++) {
@@ -255,85 +259,85 @@
int privilege = parsePrivilege(privilegeElement);
switch (privilege) {
- case PRIVILEGE_ALL:
- addPermission(principal, "/", negative, inheritable);
- break;
- case PRIVILEGE_READ:
- addPermission(principal, config.getReadObjectAction().getUri(),negative, inheritable);
- addPermission(principal, config.getReadLocksAction().getUri(), negative, inheritable);
- addPermission(principal, config.getReadRevisionMetadataAction().getUri(), negative, inheritable);
- addPermission(principal, config.getReadRevisionContentAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_READ_OBJECT:
- addPermission(principal, config.getReadObjectAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_READ_LOCKS:
- addPermission(principal, config.getReadLocksAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_READ_REVISION_METADATA:
- addPermission(principal, config.getReadRevisionMetadataAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_READ_REVISION_CONTENT:
- addPermission(principal, config.getReadRevisionContentAction().getUri(), negative, inheritable);
- break;
-
- case PRIVILEGE_WRITE:
- addPermission(principal, config.getCreateObjectAction().getUri(), negative, inheritable);
- addPermission(principal, config.getRemoveObjectAction().getUri(), negative, inheritable);
- addPermission(principal, config.getLockObjectAction().getUri(), negative, inheritable);
- addPermission(principal, config.getCreateRevisionMetadataAction().getUri(), negative, inheritable);
- addPermission(principal, config.getModifyRevisionMetadataAction().getUri(), negative, inheritable);
- addPermission(principal, config.getRemoveRevisionMetadataAction().getUri(), negative, inheritable);
- addPermission(principal, config.getCreateRevisionContentAction().getUri(), negative, inheritable);
- addPermission(principal, config.getModifyRevisionContentAction().getUri(), negative, inheritable);
- addPermission(principal, config.getRemoveRevisionContentAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_CREATE_OBJECT:
- addPermission(principal, config.getCreateObjectAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_REMOVE_OBJECT:
- addPermission(principal, config.getRemoveObjectAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_LOCK_OBJECT:
- addPermission(principal, config.getLockObjectAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_CREATE_REVISION_METADATA:
- addPermission(principal, config.getCreateRevisionMetadataAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_MODIFY_REVISION_METADATA:
- addPermission(principal, config.getModifyRevisionMetadataAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_REMOVE_REVISION_METADATA:
- addPermission(principal, config.getRemoveRevisionMetadataAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_CREATE_REVISION_CONTENT:
- addPermission(principal, config.getCreateRevisionContentAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_MODIFY_REVISION_CONTENT:
- addPermission(principal, config.getModifyRevisionContentAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_REMOVE_REVISION_CONTENT:
- addPermission(principal, config.getRemoveRevisionContentAction().getUri(), negative, inheritable);
- break;
-
- case PRIVILEGE_READ_ACL:
- addPermission(principal, config.getReadPermissionsAction().getUri(), negative, inheritable);
- break;
-
- case PRIVILEGE_WRITE_ACL:
- addPermission(principal, config.getGrantPermissionAction().getUri(), negative, inheritable);
- addPermission(principal, config.getRevokePermissionAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_GRANT_PERMISSION:
- addPermission(principal, config.getGrantPermissionAction().getUri(), negative, inheritable);
- break;
- case PRIVILEGE_REVOKE_PERMISSION:
- addPermission (principal, config.getRevokePermissionAction().getUri(), negative, inheritable);
- break;
- default:
- System.out.println("Error: Unknown internal privilege code !!!");
- resp.setStatus(WebdavStatus.SC_INTERNAL_SERVER_ERROR);
- throw new WebdavException(WebdavStatus.SC_INTERNAL_SERVER_ERROR);
+ case PRIVILEGE_ALL:
+ addPermission(principal, "/", negative, inheritable);
+ break;
+ case PRIVILEGE_READ:
+ addPermission(principal, config.getReadObjectAction().getUri(),negative, inheritable);
+ addPermission(principal, config.getReadLocksAction().getUri(), negative, inheritable);
+ addPermission(principal, config.getReadRevisionMetadataAction().getUri(), negative, inheritable);
+ addPermission(principal, config.getReadRevisionContentAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_READ_OBJECT:
+ addPermission(principal, config.getReadObjectAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_READ_LOCKS:
+ addPermission(principal, config.getReadLocksAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_READ_REVISION_METADATA:
+ addPermission(principal, config.getReadRevisionMetadataAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_READ_REVISION_CONTENT:
+ addPermission(principal, config.getReadRevisionContentAction().getUri(), negative, inheritable);
+ break;
+
+ case PRIVILEGE_WRITE:
+ addPermission(principal, config.getCreateObjectAction().getUri(), negative, inheritable);
+ addPermission(principal, config.getRemoveObjectAction().getUri(), negative, inheritable);
+ addPermission(principal, config.getLockObjectAction().getUri(), negative, inheritable);
+ addPermission(principal, config.getCreateRevisionMetadataAction().getUri(), negative, inheritable);
+ addPermission(principal, config.getModifyRevisionMetadataAction().getUri(), negative, inheritable);
+ addPermission(principal, config.getRemoveRevisionMetadataAction().getUri(), negative, inheritable);
+ addPermission(principal, config.getCreateRevisionContentAction().getUri(), negative, inheritable);
+ addPermission(principal, config.getModifyRevisionContentAction().getUri(), negative, inheritable);
+ addPermission(principal, config.getRemoveRevisionContentAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_CREATE_OBJECT:
+ addPermission(principal, config.getCreateObjectAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_REMOVE_OBJECT:
+ addPermission(principal, config.getRemoveObjectAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_LOCK_OBJECT:
+ addPermission(principal, config.getLockObjectAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_CREATE_REVISION_METADATA:
+ addPermission(principal, config.getCreateRevisionMetadataAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_MODIFY_REVISION_METADATA:
+ addPermission(principal, config.getModifyRevisionMetadataAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_REMOVE_REVISION_METADATA:
+ addPermission(principal, config.getRemoveRevisionMetadataAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_CREATE_REVISION_CONTENT:
+ addPermission(principal, config.getCreateRevisionContentAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_MODIFY_REVISION_CONTENT:
+ addPermission(principal, config.getModifyRevisionContentAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_REMOVE_REVISION_CONTENT:
+ addPermission(principal, config.getRemoveRevisionContentAction().getUri(), negative, inheritable);
+ break;
+
+ case PRIVILEGE_READ_ACL:
+ addPermission(principal, config.getReadPermissionsAction().getUri(), negative, inheritable);
+ break;
+
+ case PRIVILEGE_WRITE_ACL:
+ addPermission(principal, config.getGrantPermissionAction().getUri(), negative, inheritable);
+ addPermission(principal, config.getRevokePermissionAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_GRANT_PERMISSION:
+ addPermission(principal, config.getGrantPermissionAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_REVOKE_PERMISSION:
+ addPermission (principal, config.getRevokePermissionAction().getUri(), negative, inheritable);
+ break;
+ default:
+ System.out.println("Error: Unknown internal privilege code !!!");
+ resp.setStatus(WebdavStatus.SC_INTERNAL_SERVER_ERROR);
+ throw new WebdavException(WebdavStatus.SC_INTERNAL_SERVER_ERROR);
}
}
}
@@ -405,7 +409,7 @@
* @return the URI of the principal
*/
protected String parsePrincipal(Element principal) throws WebdavException {
-
+
// FIXME: make constants and make sure they are used in
// AclMethod:parsePrincipal and PropFindMethod:writePrincipal
NodeList hrefList = principal.getElementsByTagNameNS(NodeProperty.DEFAULT_NAMESPACE, "href");
@@ -419,12 +423,27 @@
return "~";
} else if (hasChild(principal, NodeProperty.DEFAULT_NAMESPACE, "unauthenticated")) {
return token.getNamespaceConfig().getUsersPath() + "/" +
- token.getNamespaceConfig().getGuestPath();
+ token.getNamespaceConfig().getGuestPath();
}
resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
throw new WebdavException(WebdavStatus.SC_BAD_REQUEST);
}
+ /**
+ *
+ * @return the URI of the inheritence
+ */
+ protected String parseInheritence(Element inheritence) throws WebdavException {
+
+ NodeList hrefList = inheritence.getElementsByTagNameNS(NodeProperty.DEFAULT_NAMESPACE, "href");
+ if (hrefList.getLength() == 1) {
+ Element href = (Element) hrefList.item(0);
+ if (href.getFirstChild().getNodeType() == Node.TEXT_NODE)
+ return getSlidePath(href.getFirstChild().getNodeValue());
+ }
+ throw new WebdavException(WebdavStatus.SC_BAD_REQUEST);
+ }
+
/**
* Parse privilege.
@@ -444,36 +463,36 @@
return PRIVILEGE_READ_ACL;
} else if (hasChild(privilege, NodeProperty.DEFAULT_NAMESPACE, "write-acl")) {
return PRIVILEGE_WRITE_ACL;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-object")) {
-// return PRIVILEGE_READ_OBJECT;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-revision-metadata")) {
-// return PRIVILEGE_READ_REVISION_METADATA;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-revision-content")) {
-// return PRIVILEGE_READ_REVISION_CONTENT;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "create-object")) {
-// return PRIVILEGE_CREATE_OBJECT;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "remove-object")) {
-// return PRIVILEGE_REMOVE_OBJECT;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "lock-object")) {
-// return PRIVILEGE_LOCK_OBJECT;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-locks")) {
-// return PRIVILEGE_READ_LOCKS;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "create-revision-metadata")) {
-// return PRIVILEGE_CREATE_REVISION_METADATA;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "modify-revision-metadata")) {
-// return PRIVILEGE_MODIFY_REVISION_METADATA;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "remove-revision-metadata")) {
-// return PRIVILEGE_REMOVE_REVISION_METADATA;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "create-revision-content")) {
-// return PRIVILEGE_CREATE_REVISION_CONTENT;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "modify-revision-content")) {
-// return PRIVILEGE_MODIFY_REVISION_CONTENT;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "remove-revision-content")) {
-// return PRIVILEGE_REMOVE_REVISION_CONTENT;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "grant-permission")) {
-// return PRIVILEGE_GRANT_PERMISSION;
-// } else if (hasChild(privilege, SLIDE_NAMESPACE, "revoke-permission")) {
-// return PRIVILEGE_REVOKE_PERMISSION;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-object")) {
+ // return PRIVILEGE_READ_OBJECT;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-revision-metadata")) {
+ // return PRIVILEGE_READ_REVISION_METADATA;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-revision-content")) {
+ // return PRIVILEGE_READ_REVISION_CONTENT;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "create-object")) {
+ // return PRIVILEGE_CREATE_OBJECT;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "remove-object")) {
+ // return PRIVILEGE_REMOVE_OBJECT;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "lock-object")) {
+ // return PRIVILEGE_LOCK_OBJECT;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-locks")) {
+ // return PRIVILEGE_READ_LOCKS;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "create-revision-metadata")) {
+ // return PRIVILEGE_CREATE_REVISION_METADATA;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "modify-revision-metadata")) {
+ // return PRIVILEGE_MODIFY_REVISION_METADATA;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "remove-revision-metadata")) {
+ // return PRIVILEGE_REMOVE_REVISION_METADATA;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "create-revision-content")) {
+ // return PRIVILEGE_CREATE_REVISION_CONTENT;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "modify-revision-content")) {
+ // return PRIVILEGE_MODIFY_REVISION_CONTENT;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "remove-revision-content")) {
+ // return PRIVILEGE_REMOVE_REVISION_CONTENT;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "grant-permission")) {
+ // return PRIVILEGE_GRANT_PERMISSION;
+ // } else if (hasChild(privilege, SLIDE_NAMESPACE, "revoke-permission")) {
+ // return PRIVILEGE_REVOKE_PERMISSION;
} else {
System.err.println("Error: Unknown privilege !!!");
resp.setStatus(WebdavStatus.SC_BAD_REQUEST);
@@ -493,7 +512,7 @@
}
-
+
/**
* Add permission to the list of permissions to set.
*/
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>