You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2020/10/01 09:52:52 UTC
svn commit: r1882177 - in /jackrabbit/oak/trunk/oak-exercise: ./
src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/
src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/external/
src/main/java/org/apache/jackr...
Author: angela
Date: Thu Oct 1 09:52:51 2020
New Revision: 1882177
URL: http://svn.apache.org/viewvc?rev=1882177&view=rev
Log:
OAK-6764 : Convert oak-exercise to OSGi R6 annotations
Modified:
jackrabbit/oak/trunk/oak-exercise/pom.xml
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/CustomLoginModule.java
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/CustomLoginModuleFactory.java
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/external/CustomExternalIdentityProvider.java
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/predefined/PredefinedAuthorizationConfiguration.java
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/simplifiedroles/ThreeRolesAuthorizationConfiguration.java
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/simplifiedroles/ThreeRolesPermissionProvider.java
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/restriction/CustomRestrictionProvider.java
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalConfiguration.java
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalProvider.java
Modified: jackrabbit/oak/trunk/oak-exercise/pom.xml
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/pom.xml?rev=1882177&r1=1882176&r2=1882177&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-exercise/pom.xml Thu Oct 1 09:52:51 2020
@@ -133,11 +133,19 @@
<!-- OSGi -->
<dependency>
- <groupId>org.apache.felix</groupId>
- <artifactId>org.apache.felix.scr.annotations</artifactId>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.annotation</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.service.component.annotations</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.service.metatype.annotations</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.apache.felix</groupId>
<artifactId>org.apache.felix.jaas</artifactId>
<scope>provided</scope>
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/CustomLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/CustomLoginModule.java?rev=1882177&r1=1882176&r2=1882177&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/CustomLoginModule.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/CustomLoginModule.java Thu Oct 1 09:52:51 2020
@@ -23,8 +23,6 @@ import javax.security.auth.login.LoginEx
import javax.security.auth.spi.LoginModule;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
/**
* A custom login module for test purposes.
@@ -33,8 +31,6 @@ import org.slf4j.LoggerFactory;
*/
public class CustomLoginModule implements LoginModule {
- private static final Logger log = LoggerFactory.getLogger(CustomLoginModule.class);
-
private ConfigurationParameters config;
public CustomLoginModule() {
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/CustomLoginModuleFactory.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/CustomLoginModuleFactory.java?rev=1882177&r1=1882176&r2=1882177&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/CustomLoginModuleFactory.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/CustomLoginModuleFactory.java Thu Oct 1 09:52:51 2020
@@ -16,63 +16,54 @@
*/
package org.apache.jackrabbit.oak.exercise.security.authentication;
-import javax.security.auth.spi.LoginModule;
-
import org.apache.felix.jaas.LoginModuleFactory;
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.ConfigurationPolicy;
-import org.apache.felix.scr.annotations.Deactivate;
-import org.apache.felix.scr.annotations.Property;
-import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalLoginModule;
import org.osgi.service.component.ComponentContext;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.ConfigurationPolicy;
+import org.osgi.service.component.annotations.Deactivate;
+import org.osgi.service.metatype.annotations.AttributeDefinition;
+import org.osgi.service.metatype.annotations.Designate;
+import org.osgi.service.metatype.annotations.ObjectClassDefinition;
+
+import javax.security.auth.spi.LoginModule;
/**
* Implements a LoginModuleFactory that creates {@link CustomLoginModule}s
* and allows to configure login modules via OSGi config.
*/
-@Component(
- label = "Custom Test Login Module (Oak Exercise Module)",
- metatype = true,
- policy = ConfigurationPolicy.REQUIRE,
- configurationFactory = true
-)
-@Service
+@Component(service = LoginModuleFactory.class, configurationPolicy = ConfigurationPolicy.REQUIRE)
+@Designate(ocd = CustomLoginModuleFactory.Configuration.class, factory=true)
public class CustomLoginModuleFactory implements LoginModuleFactory {
- private static final Logger log = LoggerFactory.getLogger(CustomLoginModuleFactory.class);
+ @ObjectClassDefinition(name = "Apache Jackrabbit Oak Custom Test Login Module (Oak Exercises)")
+ @interface Configuration {
- @SuppressWarnings("UnusedDeclaration")
- @Property(
- intValue = 500,
- label = "JAAS Ranking",
- description = "Specifying the ranking (i.e. sort order) of this login module entry. The entries are sorted " +
- "in a descending order (i.e. higher value ranked configurations come first)."
- )
- public static final String JAAS_RANKING = LoginModuleFactory.JAAS_RANKING;
-
- @SuppressWarnings("UnusedDeclaration")
- @Property(
- value = "OPTIONAL",
- label = "JAAS Control Flag",
- description = "Property specifying whether or not a LoginModule is REQUIRED, REQUISITE, SUFFICIENT or " +
- "OPTIONAL. Refer to the JAAS configuration documentation for more details around the meaning of " +
- "these flags."
- )
- public static final String JAAS_CONTROL_FLAG = LoginModuleFactory.JAAS_CONTROL_FLAG;
-
- @SuppressWarnings("UnusedDeclaration")
- @Property(
- label = "JAAS Realm",
- description = "The realm name (or application name) against which the LoginModule is be registered. If no " +
- "realm name is provided then LoginModule is registered with a default realm as configured in " +
- "the Felix JAAS configuration."
- )
- public static final String JAAS_REALM_NAME = LoginModuleFactory.JAAS_REALM_NAME;
+ @AttributeDefinition(
+ name = "JAAS Ranking",
+ description = "Specifying the ranking (i.e. sort order) of this login module entry. The entries are sorted " +
+ "in a descending order (i.e. higher value ranked configurations come first)."
+ )
+ int jaasRanking() default 500;
+
+ @AttributeDefinition(
+ name = "JAAS Control Flag",
+ description = "Property specifying whether or not a LoginModule is REQUIRED, REQUISITE, SUFFICIENT or " +
+ "OPTIONAL. Refer to the JAAS configuration documentation for more details around the meaning of " +
+ "these flags."
+ )
+ String jaasControlFlag() default "OPTIONAL";
+
+ @AttributeDefinition(
+ name = "JAAS Realm",
+ description = "The realm name (or application name) against which the LoginModule is be registered. If no " +
+ "realm name is provided then LoginModule is registered with a default realm as configured in " +
+ "the Felix JAAS configuration."
+ )
+ String jaasRealmName();
+ }
// configuration parameters for the login module instances
private ConfigurationParameters osgiConfig;
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/external/CustomExternalIdentityProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/external/CustomExternalIdentityProvider.java?rev=1882177&r1=1882176&r2=1882177&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/external/CustomExternalIdentityProvider.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authentication/external/CustomExternalIdentityProvider.java Thu Oct 1 09:52:51 2020
@@ -16,56 +16,58 @@
*/
package org.apache.jackrabbit.oak.exercise.security.authentication.external;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.Set;
-import javax.jcr.Credentials;
-import javax.jcr.SimpleCredentials;
-import javax.security.auth.login.LoginException;
-
import com.google.common.base.Function;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.Modified;
-import org.apache.felix.scr.annotations.Properties;
-import org.apache.felix.scr.annotations.Property;
-import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity;
-import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser;
import org.apache.jackrabbit.util.Text;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.ConfigurationPolicy;
+import org.osgi.service.component.annotations.Modified;
+import org.osgi.service.metatype.annotations.AttributeDefinition;
+import org.osgi.service.metatype.annotations.Designate;
+import org.osgi.service.metatype.annotations.ObjectClassDefinition;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-@Component(metatype = true,
- label = "Apache Jackrabbit Oak CustomExternalIdentityProvider",
- immediate = true
-)
-@Service
-@Properties({
- @Property(name = "externalidentities",
- label = "External Identities",
- value = "testUser,a,b,c",
- cardinality = Integer.MAX_VALUE)
-})
+import javax.jcr.Credentials;
+import javax.jcr.SimpleCredentials;
+import javax.security.auth.login.LoginException;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
+
+@Component(service = ExternalIdentityProvider.class, immediate = true, configurationPolicy = ConfigurationPolicy.REQUIRE)
+@Designate(ocd = CustomExternalIdentityProvider.Configuration.class)
public class CustomExternalIdentityProvider implements ExternalIdentityProvider {
+ @ObjectClassDefinition(name = "Apache Jackrabbit Oak CustomExternalIdentityProvider (Oak Exercises)")
+ @interface Configuration {
+
+ @AttributeDefinition(
+ name = "External Identities",
+ description = "Define external identities in the format: userid [, groupids], where groupids = groupid [, groupids]",
+ cardinality = Integer.MAX_VALUE
+ )
+ String externalidentities() default "testUser,a,b,c";
+ }
+
private static final Logger log = LoggerFactory.getLogger(CustomExternalIdentityProvider.class);
- private Map<String, Set<String>> userGroupMap = new HashMap<String, Set<String>>();
- private Set<String> groupIds = new HashSet<String>();
+ private Map<String, Set<String>> userGroupMap = new HashMap<>();
+ private Set<String> groupIds = new HashSet<>();
public CustomExternalIdentityProvider() {};
@@ -78,7 +80,7 @@ public class CustomExternalIdentityProvi
for (String entry : config.getConfigValue("externalidentities", Collections.<String>emptySet())) {
String[] strs = Text.explode(entry, ',', false);
String uid = strs[0].trim();
- Set<String> declaredGroups = new HashSet<String>();
+ Set<String> declaredGroups = new HashSet<>();
if (strs.length > 1) {
for (int i = 1; i < strs.length; i++) {
groupIds.add(strs[i]);
@@ -88,14 +90,14 @@ public class CustomExternalIdentityProvi
}
userGroupMap.put(uid, declaredGroups);
}
- log.info("activated IDP: " + getName());
+ log.info("activated IDP: {}", getName());
}
@SuppressWarnings("UnusedDeclaration")
@Modified
public void modified(Map<String, Object> properties) {
activate(properties);
- log.info("modified IDP: " + getName());
+ log.info("modified IDP: {}", getName());
}
@NotNull
@@ -105,7 +107,7 @@ public class CustomExternalIdentityProvi
}
@Override
- public ExternalIdentity getIdentity(@NotNull ExternalIdentityRef ref) throws ExternalIdentityException {
+ public ExternalIdentity getIdentity(@NotNull ExternalIdentityRef ref) {
if (getName().equals(ref.getProviderName())) {
String id = ref.getId();
ExternalIdentity ei = getUser(id);
@@ -119,7 +121,7 @@ public class CustomExternalIdentityProvi
}
@Override
- public ExternalUser getUser(@NotNull final String userId) throws ExternalIdentityException {
+ public ExternalUser getUser(@NotNull final String userId) {
if (userGroupMap.containsKey(userId)) {
return new ExternalUser() {
@@ -148,7 +150,7 @@ public class CustomExternalIdentityProvi
@NotNull
@Override
- public Iterable<ExternalIdentityRef> getDeclaredGroups() throws ExternalIdentityException {
+ public Iterable<ExternalIdentityRef> getDeclaredGroups() {
Set<String> groupIds = userGroupMap.get(userId);
if (groupIds == null || groupIds.isEmpty()) {
return ImmutableSet.of();
@@ -175,7 +177,7 @@ public class CustomExternalIdentityProvi
}
@Override
- public ExternalUser authenticate(@NotNull Credentials credentials) throws ExternalIdentityException, LoginException {
+ public ExternalUser authenticate(@NotNull Credentials credentials) throws LoginException {
if (credentials instanceof SimpleCredentials) {
String userId = ((SimpleCredentials) credentials).getUserID();
return getUser(userId);
@@ -185,13 +187,13 @@ public class CustomExternalIdentityProvi
}
@Override
- public ExternalGroup getGroup(@NotNull final String name) throws ExternalIdentityException {
+ public ExternalGroup getGroup(@NotNull final String name) {
if (groupIds.contains(name)) {
return new ExternalGroup() {
@NotNull
@Override
- public Iterable<ExternalIdentityRef> getDeclaredMembers() throws ExternalIdentityException {
- Set<ExternalIdentityRef> members = new HashSet<ExternalIdentityRef>();
+ public Iterable<ExternalIdentityRef> getDeclaredMembers() {
+ Set<ExternalIdentityRef> members = new HashSet<>();
for (Map.Entry<String, Set<String>> entry : userGroupMap.entrySet()) {
if (entry.getValue().contains(name)) {
members.add(new ExternalIdentityRef(entry.getKey(), getName()));
@@ -225,7 +227,7 @@ public class CustomExternalIdentityProvi
@NotNull
@Override
- public Iterable<ExternalIdentityRef> getDeclaredGroups() throws ExternalIdentityException {
+ public Iterable<ExternalIdentityRef> getDeclaredGroups() {
return ImmutableSet.of();
}
@@ -242,13 +244,13 @@ public class CustomExternalIdentityProvi
@NotNull
@Override
- public Iterator<ExternalUser> listUsers() throws ExternalIdentityException {
+ public Iterator<ExternalUser> listUsers() {
throw new UnsupportedOperationException("listUsers");
}
@NotNull
@Override
- public Iterator<ExternalGroup> listGroups() throws ExternalIdentityException {
+ public Iterator<ExternalGroup> listGroups() {
throw new UnsupportedOperationException("listGroups");
}
}
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/predefined/PredefinedAuthorizationConfiguration.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/predefined/PredefinedAuthorizationConfiguration.java?rev=1882177&r1=1882176&r2=1882177&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/predefined/PredefinedAuthorizationConfiguration.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/predefined/PredefinedAuthorizationConfiguration.java Thu Oct 1 09:52:51 2020
@@ -16,50 +16,45 @@
*/
package org.apache.jackrabbit.oak.exercise.security.authorization.models.predefined;
-import java.security.Principal;
-import java.util.Collections;
-import java.util.Set;
-import javax.jcr.security.AccessControlException;
-import javax.jcr.security.AccessControlManager;
-import javax.jcr.security.AccessControlPolicy;
-import javax.jcr.security.AccessControlPolicyIterator;
-
-import com.google.common.collect.ImmutableSet;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.Properties;
-import org.apache.felix.scr.annotations.Property;
-import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy;
import org.apache.jackrabbit.commons.iterator.AccessControlPolicyIteratorAdapter;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.spi.security.CompositeConfiguration;
import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
import org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration;
import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlManager;
import org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider;
-import org.apache.jackrabbit.oak.spi.security.authorization.permission.Permissions;
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider;
-import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
import org.jetbrains.annotations.NotNull;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.ConfigurationPolicy;
+import org.osgi.service.metatype.annotations.AttributeDefinition;
+import org.osgi.service.metatype.annotations.Designate;
+import org.osgi.service.metatype.annotations.ObjectClassDefinition;
+
+import javax.jcr.security.AccessControlException;
+import javax.jcr.security.AccessControlManager;
+import javax.jcr.security.AccessControlPolicy;
+import javax.jcr.security.AccessControlPolicyIterator;
+import java.security.Principal;
+import java.util.Collections;
+import java.util.Set;
import static org.apache.jackrabbit.oak.spi.security.RegistrationConstants.OAK_SECURITY_NAME;
-@Component(metatype = true, policy = org.apache.felix.scr.annotations.ConfigurationPolicy.REQUIRE)
-@Service({AuthorizationConfiguration.class, org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.class})
-@Properties({
- @Property(name = CompositeConfiguration.PARAM_RANKING,
- label = "Ranking",
- description = "Ranking of this configuration in a setup with multiple authorization configurations.",
- intValue = 400),
- @Property(name = OAK_SECURITY_NAME,
- propertyPrivate = true,
- value = "org.apache.jackrabbit.oak.exercise.security.authorization.models.predefined.PredefinedAuthorizationConfiguration")
-})
+@Component(service = {AuthorizationConfiguration.class, org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.class},
+ property = OAK_SECURITY_NAME + "=org.apache.jackrabbit.oak.exercise.security.authorization.models.predefined.PredefinedAuthorizationConfiguration",
+ configurationPolicy = ConfigurationPolicy.REQUIRE)
+@Designate(ocd = PredefinedAuthorizationConfiguration.Configuration.class)
public final class PredefinedAuthorizationConfiguration extends ConfigurationBase implements AuthorizationConfiguration {
- private static final long READ_PERMISSIONS = Permissions.READ | Permissions.READ_ACCESS_CONTROL;
- private static final Set<String> READ_PRIVILEGE_NAMES = ImmutableSet.of(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_READ_ACCESS_CONTROL, PrivilegeConstants.REP_READ_NODES, PrivilegeConstants.REP_READ_PROPERTIES);
+ @ObjectClassDefinition(name = "Apache Jackrabbit Oak PredefinedAuthorizationConfiguration (Oak Exercises)")
+ @interface Configuration {
+ @AttributeDefinition(
+ name = "Ranking",
+ description = "Ranking of this configuration in a setup with multiple authorization configurations.")
+ int configurationRanking() default 400;
+ }
@NotNull
@Override
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java?rev=1882177&r1=1882176&r2=1882177&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java Thu Oct 1 09:52:51 2020
@@ -16,22 +16,9 @@
*/
package org.apache.jackrabbit.oak.exercise.security.authorization.models.readonly;
-import java.security.Principal;
-import java.util.Collections;
-import java.util.List;
-import java.util.Set;
-import javax.jcr.security.AccessControlException;
-import javax.jcr.security.AccessControlManager;
-import javax.jcr.security.AccessControlPolicy;
-import javax.jcr.security.AccessControlPolicyIterator;
-import javax.jcr.security.NamedAccessControlPolicy;
-
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Sets;
-import org.apache.felix.scr.annotations.Properties;
-import org.apache.felix.scr.annotations.Property;
-import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy;
import org.apache.jackrabbit.commons.iterator.AccessControlPolicyIteratorAdapter;
import org.apache.jackrabbit.oak.api.PropertyState;
@@ -68,6 +55,21 @@ import org.apache.jackrabbit.oak.spi.sta
import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.ConfigurationPolicy;
+import org.osgi.service.metatype.annotations.AttributeDefinition;
+import org.osgi.service.metatype.annotations.Designate;
+import org.osgi.service.metatype.annotations.ObjectClassDefinition;
+
+import javax.jcr.security.AccessControlException;
+import javax.jcr.security.AccessControlManager;
+import javax.jcr.security.AccessControlPolicy;
+import javax.jcr.security.AccessControlPolicyIterator;
+import javax.jcr.security.NamedAccessControlPolicy;
+import java.security.Principal;
+import java.util.Collections;
+import java.util.List;
+import java.util.Set;
import static org.apache.jackrabbit.oak.spi.security.RegistrationConstants.OAK_SECURITY_NAME;
@@ -155,19 +157,20 @@ import static org.apache.jackrabbit.oak.
* </ul>
*
*/
-@org.apache.felix.scr.annotations.Component(metatype = true, policy = org.apache.felix.scr.annotations.ConfigurationPolicy.REQUIRE)
-@Service({AuthorizationConfiguration.class, org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.class})
-@Properties({
- @Property(name = CompositeConfiguration.PARAM_RANKING,
- label = "Ranking",
- description = "Ranking of this configuration in a setup with multiple authorization configurations.",
- intValue = 300),
- @Property(name = OAK_SECURITY_NAME,
- propertyPrivate = true,
- value = "org.apache.jackrabbit.oak.exercise.security.authorization.models.readonly.ReadOnlyAuthorizationConfiguration")
-})
+@Component(service = {AuthorizationConfiguration.class, org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.class},
+ property = OAK_SECURITY_NAME + "=org.apache.jackrabbit.oak.exercise.security.authorization.models.readonly.ReadOnlyAuthorizationConfiguration",
+ configurationPolicy = ConfigurationPolicy.REQUIRE)
+@Designate(ocd = ReadOnlyAuthorizationConfiguration.Configuration.class)
public final class ReadOnlyAuthorizationConfiguration extends ConfigurationBase implements AuthorizationConfiguration {
+ @ObjectClassDefinition(name = "Apache Jackrabbit Oak ReadOnlyAuthorizationConfiguration (Oak Exercises)")
+ @interface Configuration {
+ @AttributeDefinition(
+ name = "Ranking",
+ description = "Ranking of this configuration in a setup with multiple authorization configurations.")
+ int configurationRanking() default 300;
+ }
+
private static final long READ_PERMISSIONS = Permissions.READ | Permissions.READ_ACCESS_CONTROL;
private static final Set<String> READ_PRIVILEGE_NAMES = ImmutableSet.of(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_READ_ACCESS_CONTROL, PrivilegeConstants.REP_READ_NODES, PrivilegeConstants.REP_READ_PROPERTIES);
@@ -269,6 +272,7 @@ public final class ReadOnlyAuthorization
@Override
public void refresh() {
+ // nop
}
@NotNull
@@ -310,7 +314,7 @@ public final class ReadOnlyAuthorization
}
}
- private static final boolean onlyReadPermissions(long permissions) {
+ private static boolean onlyReadPermissions(long permissions) {
return Permissions.diff(permissions, READ_PERMISSIONS) == Permissions.NO_PERMISSION;
}
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/simplifiedroles/ThreeRolesAuthorizationConfiguration.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/simplifiedroles/ThreeRolesAuthorizationConfiguration.java?rev=1882177&r1=1882176&r2=1882177&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/simplifiedroles/ThreeRolesAuthorizationConfiguration.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/simplifiedroles/ThreeRolesAuthorizationConfiguration.java Thu Oct 1 09:52:51 2020
@@ -16,21 +16,7 @@
*/
package org.apache.jackrabbit.oak.exercise.security.authorization.models.simplifiedroles;
-import java.io.ByteArrayInputStream;
-import java.security.Principal;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import javax.jcr.RepositoryException;
-import javax.jcr.security.AccessControlManager;
-
import com.google.common.collect.ImmutableList;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.Deactivate;
-import org.apache.felix.scr.annotations.Modified;
-import org.apache.felix.scr.annotations.Properties;
-import org.apache.felix.scr.annotations.Property;
-import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.api.Tree;
@@ -49,7 +35,6 @@ import org.apache.jackrabbit.oak.spi.com
import org.apache.jackrabbit.oak.spi.commit.Validator;
import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
-import org.apache.jackrabbit.oak.spi.security.CompositeConfiguration;
import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.Context;
@@ -63,39 +48,59 @@ import org.apache.jackrabbit.oak.spi.sta
import org.apache.jackrabbit.oak.spi.state.NodeStore;
import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
import org.jetbrains.annotations.NotNull;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.ConfigurationPolicy;
+import org.osgi.service.component.annotations.Deactivate;
+import org.osgi.service.component.annotations.Modified;
+import org.osgi.service.metatype.annotations.AttributeDefinition;
+import org.osgi.service.metatype.annotations.Designate;
+import org.osgi.service.metatype.annotations.ObjectClassDefinition;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import javax.jcr.RepositoryException;
+import javax.jcr.security.AccessControlManager;
+import java.io.ByteArrayInputStream;
+import java.security.Principal;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
import static org.apache.jackrabbit.oak.spi.security.RegistrationConstants.OAK_SECURITY_NAME;
-@Component(metatype = true, immediate = true, policy = org.apache.felix.scr.annotations.ConfigurationPolicy.REQUIRE)
-@Service({AuthorizationConfiguration.class, org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.class})
-@Properties({
- @Property(name = "supportedPath",
- label = "Supported Path"),
- @Property(name = CompositeConfiguration.PARAM_RANKING,
- label = "Ranking",
- description = "Ranking of this configuration in a setup with multiple authorization configurations.",
- intValue = 10),
- @Property(name = OAK_SECURITY_NAME,
- propertyPrivate = true,
- value = "org.apache.jackrabbit.oak.exercise.security.authorization.models.simplifiedroles.ThreeRolesAuthorizationConfiguration")
-})
+@Component(service = {AuthorizationConfiguration.class, org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.class},
+ property = OAK_SECURITY_NAME + "=org.apache.jackrabbit.oak.exercise.security.authorization.models.simplifiedroles.ThreeRolesAuthorizationConfiguration",
+ immediate = true,
+ configurationPolicy = ConfigurationPolicy.REQUIRE)
+@Designate(ocd = ThreeRolesAuthorizationConfiguration.Configuration.class)
public class ThreeRolesAuthorizationConfiguration extends ConfigurationBase implements AuthorizationConfiguration, ThreeRolesConstants {
- private static final Logger log = LoggerFactory.getLogger(ThreeRolesAuthorizationConfiguration.class);
+ @ObjectClassDefinition(name = "Apache Jackrabbit Oak ThreeRolesAuthorizationConfiguration (Oak Exercises)")
+ @interface Configuration {
+ @AttributeDefinition(
+ name = "Supported Paths", description = "Define paths where this simplified authorization model is supported.")
+ int supportedPath();
+
+ @AttributeDefinition(
+ name = "Ranking",
+ description = "Ranking of this configuration in a setup with multiple authorization configurations.")
+ int configurationRanking() default 10;
+ }
+ private static final Logger log = LoggerFactory.getLogger(ThreeRolesAuthorizationConfiguration.class);
+ private static final String PARAM_SUPPORTED_PATHS = "supportedPath";
private String supportedPath;
- @org.apache.felix.scr.annotations.Activate
+ @Activate
private void activate(Map<String, Object> properties) {
- supportedPath = PropertiesUtil.toString(properties.get("supportedPath"), (String) null);
+ supportedPath = PropertiesUtil.toString(properties.get(PARAM_SUPPORTED_PATHS), (String) null);
}
@Modified
private void modified(Map<String, Object> properties) {
- supportedPath = PropertiesUtil.toString(properties.get("supportedPath"), (String) null);
+ supportedPath = PropertiesUtil.toString(properties.get(PARAM_SUPPORTED_PATHS), (String) null);
}
@Deactivate
@@ -141,8 +146,6 @@ public class ThreeRolesAuthorizationConf
" - "+REP_READERS +" (STRING) multiple protected IGNORE\n" +
" - "+REP_EDITORS+" (STRING) multiple protected IGNORE\n" +
" - "+REP_OWNERS+" (STRING) multiple protected IGNORE";
- System.out.println(cnd);
-
return builder -> {
NodeState base = builder.getNodeState();
NodeStore store = new MemoryNodeStore(base);
@@ -228,6 +231,6 @@ public class ThreeRolesAuthorizationConf
@Override
public void setParameters(@NotNull ConfigurationParameters config) {
super.setParameters(config);
- supportedPath = config.getConfigValue("supportedPath", null, String.class);
+ supportedPath = config.getConfigValue(PARAM_SUPPORTED_PATHS, null, String.class);
}
}
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/simplifiedroles/ThreeRolesPermissionProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/simplifiedroles/ThreeRolesPermissionProvider.java?rev=1882177&r1=1882176&r2=1882177&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/simplifiedroles/ThreeRolesPermissionProvider.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/simplifiedroles/ThreeRolesPermissionProvider.java Thu Oct 1 09:52:51 2020
@@ -16,9 +16,6 @@
*/
package org.apache.jackrabbit.oak.exercise.security.authorization.models.simplifiedroles;
-import java.security.Principal;
-import java.util.Set;
-import com.google.common.base.Function;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import org.apache.jackrabbit.oak.api.PropertyState;
@@ -40,6 +37,9 @@ import org.apache.jackrabbit.util.Text;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
+import java.security.Principal;
+import java.util.Set;
+
class ThreeRolesPermissionProvider implements AggregatedPermissionProvider, ThreeRolesConstants {
private static final PrivilegeBits SUPPORTED_PRIVBITS = PrivilegeBits.getInstance(
@@ -61,7 +61,7 @@ class ThreeRolesPermissionProvider imple
@NotNull String supportedPath, @NotNull Context ctx,
@NotNull RootProvider rootProvider) {
this.root = root;
- this.principalNames = ImmutableSet.copyOf(Iterables.transform(principals, (Function<Principal, String>) Principal::getName));
+ this.principalNames = ImmutableSet.copyOf(Iterables.transform(principals, Principal::getName));
this.supportedPath = supportedPath;
this.ctx = ctx;
this.rootProvider = rootProvider;
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/restriction/CustomRestrictionProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/restriction/CustomRestrictionProvider.java?rev=1882177&r1=1882176&r2=1882177&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/restriction/CustomRestrictionProvider.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/restriction/CustomRestrictionProvider.java Thu Oct 1 09:52:51 2020
@@ -16,17 +16,6 @@
*/
package org.apache.jackrabbit.oak.exercise.security.authorization.restriction;
-import java.util.Map;
-import java.util.Set;
-import javax.jcr.RepositoryException;
-import javax.jcr.Value;
-
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.ConfigurationPolicy;
-import org.apache.felix.scr.annotations.Deactivate;
-import org.apache.felix.scr.annotations.Modified;
-import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction;
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionDefinition;
@@ -34,14 +23,32 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.ConfigurationPolicy;
+import org.osgi.service.component.annotations.Deactivate;
+import org.osgi.service.component.annotations.Modified;
+import org.osgi.service.metatype.annotations.Designate;
+import org.osgi.service.metatype.annotations.ObjectClassDefinition;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Value;
+import java.util.Collections;
+import java.util.Map;
+import java.util.Set;
/**
* EXERCISE: complete the implementation
*/
-@Component(policy = ConfigurationPolicy.REQUIRE)
-@Service({RestrictionProvider.class})
+@Component(service = RestrictionProvider.class, configurationPolicy = ConfigurationPolicy.REQUIRE)
+@Designate(ocd = CustomRestrictionProvider.Configuration.class)
public class CustomRestrictionProvider implements RestrictionProvider {
+ @ObjectClassDefinition(name = "Apache Jackrabbit Oak CustomRestrictionProvider (Oak Exercises)")
+ @interface Configuration {
+ // EXERCISE
+ }
+
@NotNull
@Override
public Set<RestrictionDefinition> getSupportedRestrictions(@Nullable String oakPath) {
@@ -99,15 +106,18 @@ public class CustomRestrictionProvider i
@SuppressWarnings("UnusedDeclaration")
@Activate
private void activate(Map<String, Object> properties) {
+ // EXERCISE
}
@SuppressWarnings("UnusedDeclaration")
@Modified
private void modified(Map<String, Object> properties) {
+ // EXERCISE
}
@SuppressWarnings("UnusedDeclaration")
@Deactivate
private void deactivate(Map<String, Object> properties) {
+ // EXERCISE
}
}
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalConfiguration.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalConfiguration.java?rev=1882177&r1=1882176&r2=1882177&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalConfiguration.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalConfiguration.java Thu Oct 1 09:52:51 2020
@@ -17,37 +17,47 @@
package org.apache.jackrabbit.oak.exercise.security.principal;
import java.util.Map;
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.ConfigurationPolicy;
-import org.apache.felix.scr.annotations.Deactivate;
-import org.apache.felix.scr.annotations.Modified;
-import org.apache.felix.scr.annotations.Property;
-import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.commons.PropertiesUtil;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalManagerImpl;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
import org.jetbrains.annotations.NotNull;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.ConfigurationPolicy;
+import org.osgi.service.component.annotations.Deactivate;
+import org.osgi.service.component.annotations.Modified;
+import org.osgi.service.metatype.annotations.AttributeDefinition;
+import org.osgi.service.metatype.annotations.Designate;
+import org.osgi.service.metatype.annotations.ObjectClassDefinition;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Custom principal configuration that is disabled by default.
*/
-@Component(metatype = true, policy = ConfigurationPolicy.REQUIRE)
-@Service({PrincipalConfiguration.class, org.apache.jackrabbit.oak.spi.security.SecurityConfiguration.class})
+@Component(service = {PrincipalConfiguration.class, SecurityConfiguration.class}, configurationPolicy = ConfigurationPolicy.REQUIRE)
+@Designate(ocd = CustomPrincipalConfiguration.Configuration.class)
public class CustomPrincipalConfiguration extends ConfigurationBase implements PrincipalConfiguration {
+ @ObjectClassDefinition(name = "Apache Jackrabbit Oak CustomPrincipalConfiguration (Oak Exercises)")
+ @interface Configuration {
+ @AttributeDefinition(
+ name = "knownPrincipals", description = "Hardcoded list of known principal names.", cardinality = 100)
+ int knownPrincipals();
+ }
+
private static final Logger log = LoggerFactory.getLogger(CustomPrincipalConfiguration.class);
+ private static final String PARAM_KNOWN_PRINCIPALS = "knownPrincipals";
+
// EXERCISE define sensible properties (e.g. configuration parameters for principal lookup on a third party system)
- @Property(name = "knownPrincipals", value = {}, cardinality = 100)
private String[] knownPrincipals = new String[0];
@NotNull
@@ -73,15 +83,15 @@ public class CustomPrincipalConfiguratio
@SuppressWarnings("UnusedDeclaration")
@Activate
private void activate(Map<String, Object> properties) {
- knownPrincipals = PropertiesUtil.toStringArray(properties.get("knownPrincipals"), new String[0]);
- log.info("CustomPrincipalConfiguration.activate: " + knownPrincipals);
+ knownPrincipals = PropertiesUtil.toStringArray(properties.get(PARAM_KNOWN_PRINCIPALS), new String[0]);
+ log.info("CustomPrincipalConfiguration.activate: {}", knownPrincipals);
}
@SuppressWarnings("UnusedDeclaration")
@Modified
private void modified(Map<String, Object> properties) {
- knownPrincipals = PropertiesUtil.toStringArray(properties.get("knownPrincipals"), new String[0]);
- log.info("CustomPrincipalConfiguration.modified: " + knownPrincipals);
+ knownPrincipals = PropertiesUtil.toStringArray(properties.get(PARAM_KNOWN_PRINCIPALS), new String[0]);
+ log.info("CustomPrincipalConfiguration.modified: {}", knownPrincipals);
}
@SuppressWarnings("UnusedDeclaration")
@@ -94,6 +104,6 @@ public class CustomPrincipalConfiguratio
@Override
public void setParameters(@NotNull ConfigurationParameters config) {
super.setParameters(config);
- knownPrincipals = config.getConfigValue("knownPrincipals", new String[0]);
+ knownPrincipals = config.getConfigValue(PARAM_KNOWN_PRINCIPALS, new String[0]);
}
}
Modified: jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalProvider.java?rev=1882177&r1=1882176&r2=1882177&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalProvider.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalProvider.java Thu Oct 1 09:52:51 2020
@@ -33,7 +33,7 @@ import org.jetbrains.annotations.Nullabl
*/
class CustomPrincipalProvider implements PrincipalProvider {
- private final Set knownPrincipalNames;
+ private final Set<String> knownPrincipalNames;
CustomPrincipalProvider(String[] knownPrincipalNames) {
this.knownPrincipalNames = ImmutableSet.copyOf(knownPrincipalNames);
@@ -55,7 +55,7 @@ class CustomPrincipalProvider implements
public Set<Principal> getMembershipPrincipals(@NotNull Principal principal) {
// EXERCISE : expose the group membership of your known Principals
// EXERCISE : add every other principal into one of your known-principal-groups to establish dynamic group membership
- return Collections.EMPTY_SET;
+ return Collections.emptySet();
}
@NotNull
@@ -63,7 +63,7 @@ class CustomPrincipalProvider implements
public Set<? extends Principal> getPrincipals(@NotNull String userID) {
// EXERCISE : expose the principal-sets of your known principals
// EXERCISE : add every other principal into one of your known-principal-groups to establish dynamic group membership
- return Collections.EMPTY_SET;
+ return Collections.emptySet();
}
@NotNull