You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-commits@jackrabbit.apache.org by tr...@apache.org on 2013/11/08 08:38:40 UTC

svn commit: r1539937 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security: README.md package-info.java

Author: tripod
Date: Fri Nov  8 07:38:40 2013
New Revision: 1539937

URL: http://svn.apache.org/r1539937
Log:
OAK-527: permissions (docu)

- adding draft for a more details documentation of how permission evaluation works internally

Added:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/README.md
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/package-info.java

Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/README.md
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/README.md?rev=1539937&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/README.md (added)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/README.md Fri Nov  8 07:38:40 2013
@@ -0,0 +1,79 @@
+The Oak Security Layer
+======================
+
+Internals of Permission Evaluation
+----------------------------------
+
+### What happens on `session.getNode("/foo").getProperty("jar:title").getString()` in respect to access control?
+
+  1. `SessionImpl.getNode()` internally calls `SessionDelegate.getNode()` 
+     which calls `Root.getTree()` which calls `Tree.getTree()` on the root tree. 
+     This creates a bunch of linked `MutableTree` objects.
+    
+  1. The session delegate then checks if the tree really exists, by calling `Tree.exists()`
+     which then calls `NodeBuilder.exists()`.
+
+  1. If the session performing the operation is an _admin_ session, then the node builder from
+     the persistence layer is directly used. In all other cases, the original node builder 
+     is wrapped by a `SecureNodeBuilder`. The `SecureNodeBuilder` performs access control
+     checks before delegating the calls to the delegated builder.
+    
+  1. For non _admin_ sessions the `SecureNodeBuilder` fetches its _tree permissions_ via
+     `getTreePermissions()` (See [below](#getTreePermissions) of how this works) and then
+     calls `TreePermission.canRead()`. This method (signature with no arguments) checks the 
+     `READ_NODE` permission for normal trees (as in this example) or the `READ_ACCESS_CONTROL`
+     permission on _AC trees_ [^1] and stores the result in the `ReadStatus`.
+     
+     For that an iterator of the _permission entries_ is [retrieved](#getEntrtyIterator) which
+     provides all the relevant permission entries that need to be evaluated for this tree (and
+     _subject_). 
+     
+  1. The _permission entries_ are analyzed if they include the respective permission and if so,
+     the read status is set accordingly. Note that the sequence of the permission entries from
+     the iterator is already in the correct order for this kind of evaluation. this is ensured
+     by the way how they are stored in the [permission store](#permissionStore) and how they
+     are feed into the iterator.
+     
+  1. and then..... (WIP)   
+	   
+  [^1]: AC trees are usually the `rep:policy` subtrees of access controlled nodes.
+
+
+### A Shortcut for evaluating read access: _readable tree configuration_
+  1. ....
+  
+
+### [](id:getTreePermissions) How does the `SecureNodeBuilder` obtain his _tree permissions_ ?
+
+  1. ...
+    
+
+### [](id:getEntryIterator) How does the `TreePermission` obtain the permission entry iterator?
+
+  1. ...
+  
+### [](id:permissionStore) How are the access control entries preprocessed and stored in the permission store?
+
+  1. ....
+
+License
+-------
+
+(see the top-level [LICENSE.txt](../LICENSE.txt) for full license details)
+
+Collective work: Copyright 2012 The Apache Software Foundation.
+
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
\ No newline at end of file

Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/package-info.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/package-info.java?rev=1539937&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/package-info.java (added)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/package-info.java Fri Nov  8 07:38:40 2013
@@ -0,0 +1,23 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * The Oak Security Layer.
+ *
+ * See <a href="README.md">README.md</a> for more details.
+ */
+package org.apache.jackrabbit.oak.security;
\ No newline at end of file

Re: svn commit: r1539937 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security: README.md package-info.java

Posted by Tobias Bocanegra <tr...@apache.org>.

sure...so far the oak doc only shows highlevel documents, so I though
its better in the javadoc section. it's in markdown, because I hate
writing HTML :-)
but I can move it. no problem.

regards, toby

On Fri, Nov 8, 2013 at 1:55 AM, Angela Schreiber <an...@adobe.com> wrote:
> agree... that should be in oak-doc.
>
> On 11/8/13 10:01 AM, "Michael Dürig" <md...@apache.org> wrote:
>
>>
>>
>>On 8.11.13 8:38 , tripod@apache.org wrote:
>>> Author: tripod
>>> Date: Fri Nov  8 07:38:40 2013
>>> New Revision: 1539937
>>>
>>> URL:http://svn.apache.org/r1539937
>>> Log:
>>> OAK-527: permissions (docu)
>>>
>>> - adding draft for a more details documentation of how permission
>>>evaluation works internally
>>>
>>> Added:
>>>
>>>jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/sec
>>>urity/README.md
>>
>>Wouldn't this be better suited for
>>https://github.com/apache/jackrabbit-oak/tree/trunk/oak-doc/src/site/markd
>>own?
>>
>>Michael
>

Re: svn commit: r1539937 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security: README.md package-info.java

Posted by Angela Schreiber <an...@adobe.com>.

agree... that should be in oak-doc.

On 11/8/13 10:01 AM, "Michael Dürig" <md...@apache.org> wrote:

>
>
>On 8.11.13 8:38 , tripod@apache.org wrote:
>> Author: tripod
>> Date: Fri Nov  8 07:38:40 2013
>> New Revision: 1539937
>>
>> URL:http://svn.apache.org/r1539937
>> Log:
>> OAK-527: permissions (docu)
>>
>> - adding draft for a more details documentation of how permission
>>evaluation works internally
>>
>> Added:
>>      
>>jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/sec
>>urity/README.md
>
>Wouldn't this be better suited for
>https://github.com/apache/jackrabbit-oak/tree/trunk/oak-doc/src/site/markd
>own?
>
>Michael

Re: svn commit: r1539937 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security: README.md package-info.java

Posted by Michael Dürig <md...@apache.org>.


On 8.11.13 8:38 , tripod@apache.org wrote:
> Author: tripod
> Date: Fri Nov  8 07:38:40 2013
> New Revision: 1539937
>
> URL:http://svn.apache.org/r1539937
> Log:
> OAK-527: permissions (docu)
>
> - adding draft for a more details documentation of how permission evaluation works internally
>
> Added:
>      jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/README.md

Wouldn't this be better suited for 
https://github.com/apache/jackrabbit-oak/tree/trunk/oak-doc/src/site/markdown?

Michael