You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/02/07 19:06:25 UTC
svn commit: r1443636 - in
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization:
AccessControlInitializer.java PermissionHook.java
Author: angela
Date: Thu Feb 7 18:06:24 2013
New Revision: 1443636
URL: http://svn.apache.org/r1443636
Log:
OAK-527: permissions (wip)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java?rev=1443636&r1=1443635&r2=1443636&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java Thu Feb 7 18:06:24 2013
@@ -26,6 +26,9 @@ import org.apache.jackrabbit.oak.spi.sta
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import static org.apache.jackrabbit.JcrConstants.JCR_PRIMARYTYPE;
+import static org.apache.jackrabbit.JcrConstants.JCR_SYSTEM;
+
/**
* AccessControlInitializer... TODO
*/
@@ -41,12 +44,17 @@ public class AccessControlInitializer im
NodeStoreBranch branch = store.branch();
NodeBuilder root = branch.getRoot().builder();
- NodeBuilder index = IndexUtils.getOrCreateOakIndex(root);
+ NodeBuilder system = root.child(JCR_SYSTEM);
+ if (!system.hasChildNode(REP_PERMISSION_STORE)) {
+ system.child(REP_PERMISSION_STORE)
+ .setProperty(JCR_PRIMARYTYPE, NT_REP_PERMISSION_STORE);
+ }
+ // property index for rep:principalName stored in ACEs
+ NodeBuilder index = IndexUtils.getOrCreateOakIndex(root);
IndexUtils.createIndexDefinition(index, "acPrincipalName", true, false,
ImmutableList.<String>of(REP_PRINCIPAL_NAME),
ImmutableList.<String>of(NT_REP_DENY_ACE, NT_REP_GRANT_ACE));
-
try {
branch.setRoot(root.getNodeState());
branch.merge();
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java?rev=1443636&r1=1443635&r2=1443636&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java Thu Feb 7 18:06:24 2013
@@ -19,6 +19,7 @@ package org.apache.jackrabbit.oak.securi
import javax.annotation.Nonnull;
import javax.jcr.RepositoryException;
+import org.apache.jackrabbit.JcrConstants;
import org.apache.jackrabbit.oak.api.CommitFailedException;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
@@ -48,17 +49,27 @@ public class PermissionHook implements C
@Nonnull
@Override
public NodeState processCommit(final NodeState before, NodeState after) throws CommitFailedException {
- // TODO OAK-526: add implementation
- return after;
-//
-// NodeBuilder rootBuilder = after.builder();
-//
-// String workspaceName = "default"; // TODO
-// NodeBuilder permissionRoot = rootBuilder.child(NodeTypeConstants.JCR_SYSTEM).child(REP_PERMISSION_STORE).child(workspaceName);
-// ReadOnlyNodeTypeManager ntMgr = ReadOnlyNodeTypeManager.getInstance(before);
-//
-// after.compareAgainstBaseState(before, new Diff(new Node(rootBuilder), permissionRoot, ntMgr));
-// return rootBuilder.getNodeState();
+ NodeBuilder rootBuilder = after.builder();
+
+ // TODO: retrieve workspace name
+ String workspaceName = "default";
+ NodeBuilder permissionRoot = getPermissionRoot(rootBuilder, workspaceName);
+ ReadOnlyNodeTypeManager ntMgr = ReadOnlyNodeTypeManager.getInstance(before);
+
+ after.compareAgainstBaseState(before, new Diff(new Node(rootBuilder), permissionRoot, ntMgr));
+ return rootBuilder.getNodeState();
+ }
+
+ private NodeBuilder getPermissionRoot(NodeBuilder rootBuilder, String workspaceName) {
+ NodeBuilder store = rootBuilder.child(NodeTypeConstants.JCR_SYSTEM).child(REP_PERMISSION_STORE);
+ NodeBuilder permissionRoot;
+ if (!store.hasChildNode(workspaceName)) {
+ permissionRoot = store.child(workspaceName)
+ .setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_PERMISSION_STORE);
+ } else {
+ permissionRoot = store.child(workspaceName);
+ }
+ return permissionRoot;
}
private static class Diff implements NodeStateDiff {