You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by tr...@apache.org on 2009/08/21 14:49:10 UTC
svn commit: r806534 [2/2] - in /jackrabbit/trunk:
jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/
jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/user/
jackrabbit-core/src/main/java/org/apache/jackrabbit/core/ jackrabbi...
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLEditor.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLEditor.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLEditor.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLEditor.java Fri Aug 21 12:49:09 2009
@@ -54,6 +54,7 @@
public class ACLEditor extends ProtectedItemModifier implements AccessControlEditor, AccessControlConstants {
private static Logger log = LoggerFactory.getLogger(ACLEditor.class);
+
/**
* Default name for ace nodes
*/
@@ -63,6 +64,7 @@
* the editing session
*/
private final SessionImpl session;
+
private final String acRootPath;
ACLEditor(SessionImpl session, Path acRootPath) throws RepositoryException {
@@ -142,7 +144,7 @@
} // else: acl has already been set before -> use getPolicies instead
}
- // nodePath not below rep:accesscontrol -> not editable
+ // nodePath not below rep:policy -> not editable
// or policy has been set before in which case getPolicies should be used instead.
return new AccessControlPolicy[0];
}
@@ -175,7 +177,8 @@
/**
* @see AccessControlEditor#setPolicy(String,AccessControlPolicy)
*/
- public void setPolicy(String nodePath, AccessControlPolicy policy) throws AccessControlException, PathNotFoundException, RepositoryException {
+ public void setPolicy(String nodePath, AccessControlPolicy policy)
+ throws AccessControlException, PathNotFoundException, RepositoryException {
checkProtectsNode(nodePath);
checkValidPolicy(nodePath, policy);
@@ -201,8 +204,8 @@
/* add all new entries defined on the template */
AccessControlEntry[] aces = acl.getAccessControlEntries();
- for (int i = 0; i < aces.length; i++) {
- JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) aces[i];
+ for (AccessControlEntry ace1 : aces) {
+ JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) ace1;
// create the ACE node
Name nodeName = getUniqueNodeName(aclNode, "entry");
@@ -222,9 +225,9 @@
// store the restrictions:
String[] restrNames = ace.getRestrictionNames();
- for (int rnIndex = 0; rnIndex < restrNames.length; rnIndex++) {
- Name pName = session.getQName(restrNames[rnIndex]);
- Value value = ace.getRestriction(restrNames[rnIndex]);
+ for (String restrName : restrNames) {
+ Name pName = session.getQName(restrName);
+ Value value = ace.getRestriction(restrName);
setProperty(aceNode, pName, value);
}
}
@@ -257,16 +260,17 @@
//------------------------------------------------------------< private >---
/**
*
- * @param nodePath
- * @return
- * @throws PathNotFoundException
- * @throws RepositoryException
+ * @param nodePath the node path
+ * @return the node
+ * @throws PathNotFoundException if the node does not exist
+ * @throws RepositoryException if an error occurs
*/
- private NodeImpl getAcNode(String nodePath) throws PathNotFoundException, RepositoryException {
+ private NodeImpl getAcNode(String nodePath) throws PathNotFoundException,
+ RepositoryException {
if (Text.isDescendant(acRootPath, nodePath)) {
return (NodeImpl) session.getNode(nodePath);
} else {
- // node outside of rep:accesscontrol tree -> not handled by this editor.
+ // node outside of rep:policy tree -> not handled by this editor.
return null;
}
}
@@ -324,7 +328,7 @@
* defining content. It this case setting or modifying an AC-policy is
* obviously not possible.
*
- * @param nodePath
+ * @param nodePath the node path
* @throws AccessControlException If the given id identifies a Node that
* represents a ACL or ACE item.
* @throws RepositoryException
@@ -341,9 +345,9 @@
/**
* Check if the specified policy can be set or removed at nodePath.
*
- * @param nodePath
- * @param policy
- * @throws AccessControlException
+ * @param nodePath the node path
+ * @param policy the policy
+ * @throws AccessControlException if not allowed
*/
private void checkValidPolicy(String nodePath, AccessControlPolicy policy)
throws AccessControlException {
@@ -358,9 +362,9 @@
/**
*
- * @param principal
- * @return
- * @throws RepositoryException
+ * @param principal the principal
+ * @return the path
+ * @throws RepositoryException if an error occurs
*/
String getPathToAcNode(Principal principal) throws RepositoryException {
StringBuffer princPath = new StringBuffer(acRootPath);
@@ -389,9 +393,9 @@
/**
*
- * @param node
- * @return
- * @throws RepositoryException
+ * @param node the node
+ * @return <code>true</code> if access controlled
+ * @throws RepositoryException if an error occurs
*/
private static boolean isAccessControlled(NodeImpl node) throws RepositoryException {
return node != null && node.isNodeType(NT_REP_PRINCIPAL_ACCESS_CONTROL) && node.hasNode(N_POLICY);
@@ -399,9 +403,9 @@
/**
*
- * @param acNode
- * @return
- * @throws RepositoryException
+ * @param acNode the acl node
+ * @return the polict
+ * @throws RepositoryException if an error occurs
*/
private JackrabbitAccessControlPolicy createTemplate(NodeImpl acNode) throws RepositoryException {
if (!acNode.isNodeType(NT_REP_PRINCIPAL_ACCESS_CONTROL)) {
@@ -425,8 +429,8 @@
*
* @param node a name for the child is resolved
* @param name if missing the {@link #DEFAULT_ACE_NAME} is taken
- * @return
- * @throws RepositoryException
+ * @return the name
+ * @throws RepositoryException if an error occurs
*/
protected static Name getUniqueNodeName(Node node, String name) throws RepositoryException {
if (name == null) {
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLProvider.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLProvider.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLProvider.java Fri Aug 21 12:49:09 2009
@@ -16,49 +16,49 @@
*/
package org.apache.jackrabbit.core.security.authorization.principalbased;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import javax.jcr.Item;
+import javax.jcr.ItemNotFoundException;
+import javax.jcr.PropertyType;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.jcr.Value;
+import javax.jcr.ValueFactory;
+import javax.jcr.observation.Event;
+import javax.jcr.observation.EventIterator;
+import javax.jcr.security.AccessControlEntry;
+import javax.jcr.security.AccessControlException;
+import javax.jcr.security.AccessControlManager;
+import javax.jcr.security.AccessControlPolicy;
+import javax.jcr.security.Privilege;
+
+import org.apache.jackrabbit.api.security.principal.PrincipalManager;
+import org.apache.jackrabbit.core.ItemImpl;
+import org.apache.jackrabbit.core.NodeImpl;
+import org.apache.jackrabbit.core.SessionImpl;
+import org.apache.jackrabbit.core.observation.SynchronousEventListener;
+import org.apache.jackrabbit.core.security.SecurityConstants;
import org.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider;
+import org.apache.jackrabbit.core.security.authorization.AbstractCompiledPermissions;
import org.apache.jackrabbit.core.security.authorization.AccessControlConstants;
-import org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry;
import org.apache.jackrabbit.core.security.authorization.AccessControlEditor;
import org.apache.jackrabbit.core.security.authorization.CompiledPermissions;
import org.apache.jackrabbit.core.security.authorization.Permission;
-import org.apache.jackrabbit.core.security.authorization.AbstractCompiledPermissions;
-import org.apache.jackrabbit.core.security.SecurityConstants;
-import org.apache.jackrabbit.core.NodeImpl;
-import org.apache.jackrabbit.core.SessionImpl;
-import org.apache.jackrabbit.core.ItemImpl;
-import org.apache.jackrabbit.core.observation.SynchronousEventListener;
+import org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry;
import org.apache.jackrabbit.spi.Path;
import org.apache.jackrabbit.spi.commons.name.PathFactoryImpl;
-import org.apache.jackrabbit.api.security.principal.PrincipalManager;
-import javax.jcr.security.AccessControlPolicy;
-import javax.jcr.security.AccessControlEntry;
-import javax.jcr.security.Privilege;
-import javax.jcr.security.AccessControlManager;
-import javax.jcr.security.AccessControlException;
-
import org.apache.jackrabbit.util.Text;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import javax.jcr.RepositoryException;
-import javax.jcr.Session;
-import javax.jcr.Item;
-import javax.jcr.ItemNotFoundException;
-import javax.jcr.PropertyType;
-import javax.jcr.ValueFactory;
-import javax.jcr.observation.Event;
-import javax.jcr.observation.EventIterator;
-import java.util.Map;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.security.Principal;
-
/**
* <code>CombinedProvider</code>...
*/
@@ -70,6 +70,7 @@
private static final AccessControlPolicy effectivePolicy = EffectivePrincipalBasedPolicy.getInstance();
private ACLEditor editor;
+
private NodeImpl acRoot;
//-------------------------------------------------< AccessControlUtils >---
@@ -78,8 +79,8 @@
*/
public boolean isAcItem(Path absPath) throws RepositoryException {
Path.Element[] elems = absPath.getElements();
- for (int i = 0; i < elems.length; i++) {
- if (N_POLICY.equals(elems[i].getName())) {
+ for (Path.Element elem : elems) {
+ if (N_POLICY.equals(elem.getName())) {
return true;
}
}
@@ -117,7 +118,7 @@
log.debug("Install initial permissions: ...");
ValueFactory vf = session.getValueFactory();
- Map restrictions = new HashMap();
+ Map<String, Value> restrictions = new HashMap<String, Value>();
restrictions.put(session.getJCRName(ACLTemplate.P_NODE_PATH), vf.createValue(root.getPath(), PropertyType.PATH));
restrictions.put(session.getJCRName(ACLTemplate.P_GLOB), vf.createValue(GlobPattern.WILDCARD_ALL));
@@ -149,7 +150,11 @@
}
}
- private static void installDefaultPermissions(Principal principal, Privilege[] privs, Map restrictions, AccessControlEditor editor) throws RepositoryException, AccessControlException {
+ private static void installDefaultPermissions(Principal principal,
+ Privilege[] privs,
+ Map<String, Value> restrictions,
+ AccessControlEditor editor)
+ throws RepositoryException, AccessControlException {
AccessControlPolicy[] acls = editor.editAccessControlPolicies(principal);
if (acls.length > 0) {
ACLTemplate acl = (ACLTemplate) acls[0];
@@ -176,7 +181,7 @@
most nodes in the repository isn't available anyway) doesn't
provide the desired information.
As tmp. solution some default policy is returned indicating.
- TODO: add proper evalution and return a set of ACLs that take effect on the node at abspath
+ TODO: add proper evaluation and return a set of ACLs that take effect on the node at abs path
*/
return new AccessControlPolicy[] {effectivePolicy};
}
@@ -238,21 +243,22 @@
private List<AccessControlEntry> entries;
/**
- * @param principals
- * @throws RepositoryException
+ * @param principals the underlying principals
+ * @throws RepositoryException if an error occurs
*/
private CompiledPermissionImpl(Set<Principal> principals) throws RepositoryException {
this(principals, true);
}
/**
- * @param principals
- * @throws RepositoryException
+ * @param principals the underlying principals
+ * @param listenToEvents if <code>true</code> listens to events
+ * @throws RepositoryException if an error occurs
*/
private CompiledPermissionImpl(Set<Principal> principals, boolean listenToEvents) throws RepositoryException {
this.principals = principals;
- acPaths = new HashSet(principals.size());
+ acPaths = new HashSet<String>(principals.size());
entries = reload();
// TODO: describe
@@ -298,9 +304,9 @@
* evaluated or <code>null</code>.
* @param targetPath Path used for the evaluation; pointing to an
* existing or non-existing item.
- * @param isAcItem
- * @return
- * @throws RepositoryException
+ * @param isAcItem the item
+ * @return the result
+ * @throws RepositoryException if an error occurs
*/
private Result getResult(Item target,
String targetPath,
@@ -401,24 +407,23 @@
/**
*
- * @return
- * @throws RepositoryException
+ * @return the aces
+ * @throws RepositoryException if an error occurs
*/
private List<AccessControlEntry> reload() throws RepositoryException {
// reload the paths
acPaths.clear();
// acNodes must be ordered in the same order as the principals
- // in order to obtain proper acl-evalution in case the given
+ // in order to obtain proper acl-evaluation in case the given
// principal-set is ordered.
List<AccessControlEntry> allACEs = new ArrayList<AccessControlEntry>();
// build acl-hierarchy assuming that principal-order determines the
// acl-inheritance.
- for (Iterator it = principals.iterator(); it.hasNext();) {
- Principal princ = (Principal) it.next();
- ACLTemplate acl = editor.getACL(princ);
+ for (Principal p : principals) {
+ ACLTemplate acl = editor.getACL(p);
if (acl == null || acl.isEmpty()) {
- acPaths.add(editor.getPathToAcNode(princ));
+ acPaths.add(editor.getPathToAcNode(p));
} else {
// retrieve the ACEs from the node
AccessControlEntry[] aces = acl.getAccessControlEntries();
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java Fri Aug 21 12:49:09 2009
@@ -70,17 +70,19 @@
private final Principal principal;
- private final List entries = new ArrayList();
+ private final List<AccessControlEntry> entries = new ArrayList<AccessControlEntry>();
private final String jcrNodePathName;
private final String jcrGlobName;
- ACLTemplate(Principal principal, String path, NamePathResolver resolver, ValueFactory vf) throws RepositoryException {
+ ACLTemplate(Principal principal, String path, NamePathResolver resolver, ValueFactory vf)
+ throws RepositoryException {
this(principal, path, null, resolver, vf);
}
ACLTemplate(Principal principal, NodeImpl acNode) throws RepositoryException {
- this(principal, acNode.getPath(), acNode, (SessionImpl) acNode.getSession(), acNode.getSession().getValueFactory());
+ this(principal, acNode.getPath(), acNode, (SessionImpl) acNode.getSession(),
+ acNode.getSession().getValueFactory());
}
private ACLTemplate(Principal principal, String path, NodeImpl acNode,
@@ -111,7 +113,7 @@
privileges[i] = acMgr.privilegeFromName(pValues[i].getString());
}
// the restrictions:
- Map restrictions = new HashMap(2);
+ Map<String, Value> restrictions = new HashMap<String, Value>(2);
Property prop = aceNode.getProperty(P_NODE_PATH);
restrictions.put(prop.getName(), prop.getValue());
@@ -130,7 +132,8 @@
}
AccessControlEntry createEntry(Principal princ, Privilege[] privileges,
- boolean allow, Map<String, Value> restrictions) throws RepositoryException {
+ boolean allow, Map<String, Value> restrictions)
+ throws RepositoryException {
checkValidEntry(princ, privileges, allow, restrictions);
// make sure the nodePath restriction is of type PATH
@@ -159,7 +162,7 @@
throw new AccessControlException("Invalid principal. Expected: " + principal);
}
- Set rNames = restrictions.keySet();
+ Set<String> rNames = restrictions.keySet();
if (!rNames.contains(jcrNodePathName)) {
throw new AccessControlException("Missing mandatory restriction: " + jcrNodePathName);
}
@@ -210,7 +213,7 @@
* @see org.apache.jackrabbit.api.security.JackrabbitAccessControlList#addEntry(Principal, Privilege[], boolean, Map)
*/
public boolean addEntry(Principal principal, Privilege[] privileges,
- boolean isAllow, Map restrictions)
+ boolean isAllow, Map<String, Value> restrictions)
throws AccessControlException, RepositoryException {
if (restrictions == null || restrictions.isEmpty()) {
log.debug("Restrictions missing. Using default: rep:nodePath = " + getPath() + "; rep:glob = null.");
@@ -235,7 +238,7 @@
*/
public AccessControlEntry[] getAccessControlEntries()
throws RepositoryException {
- return (AccessControlEntry[]) entries.toArray(new AccessControlEntry[entries.size()]);
+ return entries.toArray(new AccessControlEntry[entries.size()]);
}
/**
@@ -299,7 +302,8 @@
*/
private final GlobPattern pattern;
- private Entry(Principal principal, Privilege[] privileges, boolean allow, Map restrictions)
+ private Entry(Principal principal, Privilege[] privileges, boolean allow,
+ Map<String, Value> restrictions)
throws AccessControlException, RepositoryException {
super(principal, privileges, allow, restrictions, valueFactory);
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/DefaultPrincipalProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/DefaultPrincipalProvider.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/DefaultPrincipalProvider.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/DefaultPrincipalProvider.java Fri Aug 21 12:49:09 2009
@@ -16,9 +16,20 @@
*/
package org.apache.jackrabbit.core.security.principal;
+import java.security.Principal;
+import java.util.Iterator;
+import java.util.LinkedHashSet;
+import java.util.Map;
+import java.util.Set;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.jcr.observation.Event;
+import javax.jcr.observation.EventIterator;
+import javax.jcr.observation.EventListener;
+
import org.apache.commons.collections.iterators.IteratorChain;
import org.apache.commons.collections.map.LRUMap;
-import org.apache.commons.collections.set.ListOrderedSet;
import org.apache.jackrabbit.api.security.principal.PrincipalIterator;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.api.security.user.Authorizable;
@@ -31,15 +42,6 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import javax.jcr.RepositoryException;
-import javax.jcr.Session;
-import javax.jcr.observation.Event;
-import javax.jcr.observation.EventIterator;
-import javax.jcr.observation.EventListener;
-import java.security.Principal;
-import java.util.Iterator;
-import java.util.Set;
-
/**
* Provides principals for the users contained within the Repository.<p/>
* Each {@link Authorizable} accessible via {@link UserManager}
@@ -60,7 +62,7 @@
* a cache for group memberships: maps principal-name to a set of principals
* representing the members.
*/
- private final LRUMap membershipCache;
+ private final Map<String, Set<Principal>> membershipCache;
/**
* Principal-Base of this Provider
@@ -180,9 +182,9 @@
*/
public PrincipalIterator getGroupMembership(Principal userPrincipal) {
checkInitialized();
- Set mship;
+ Set<Principal> mship;
synchronized (membershipCache) {
- mship = (Set) membershipCache.get(userPrincipal.getName());
+ mship = membershipCache.get(userPrincipal.getName());
if (mship == null) {
// recursively collect group membership
mship = collectGroupMembership(userPrincipal);
@@ -275,15 +277,15 @@
* @return all Group principals the specified <code>princ</code> is member of
* including inherited membership.
*/
- private Set collectGroupMembership(Principal princ) {
- Set membership = new ListOrderedSet();
+ private Set<Principal> collectGroupMembership(Principal princ) {
+ Set<Principal> membership = new LinkedHashSet<Principal>();
try {
Authorizable auth = userManager.getAuthorizable(princ);
if (auth != null) {
addToCache(princ);
- Iterator itr = auth.memberOf();
+ Iterator<Group> itr = auth.memberOf();
while (itr.hasNext()) {
- Group group = (Group) itr.next();
+ Group group = itr.next();
Principal gp = group.getPrincipal();
addToCache(gp);
membership.add(gp);
@@ -324,7 +326,7 @@
try {
Iterator itr = userManager.findAuthorizables(pPrincipalName, simpleFilter, UserManager.SEARCH_TYPE_GROUP);
- // everyone will not be found by the usermanager -> extra test
+ // everyone will not be found by the user manager -> extra test
boolean addEveryone = everyonePrincipal.getName().matches(".*"+simpleFilter+".*");
return new PrincipalIteratorImpl(itr, addEveryone);
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/EveryonePrincipal.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/EveryonePrincipal.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/EveryonePrincipal.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/EveryonePrincipal.java Fri Aug 21 12:49:09 2009
@@ -51,7 +51,7 @@
return !member.equals(this);
}
- public Enumeration members() {
+ public Enumeration<? extends Principal> members() {
throw new UnsupportedOperationException("Not implemented.");
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/PrincipalManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/PrincipalManagerImpl.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/PrincipalManagerImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/PrincipalManagerImpl.java Fri Aug 21 12:49:09 2009
@@ -50,8 +50,8 @@
/**
* Creates a new default principal manager implementation.
*
- * @param session
- * @param providers
+ * @param session the underlying session
+ * @param providers the providers
*/
public PrincipalManagerImpl(Session session, PrincipalProvider[] providers) {
this.session = session;
@@ -84,9 +84,8 @@
*/
public PrincipalIterator findPrincipals(String simpleFilter) {
checkIsValid();
- List entries = new ArrayList(providers.length);
- for (int i = 0; i < providers.length; i++) {
- PrincipalProvider pp = providers[i];
+ List<CheckedIteratorEntry> entries = new ArrayList<CheckedIteratorEntry>(providers.length);
+ for (PrincipalProvider pp : providers) {
PrincipalIterator it = pp.findPrincipals(simpleFilter);
if (it.hasNext()) {
entries.add(new CheckedIteratorEntry(it, pp));
@@ -100,9 +99,8 @@
*/
public PrincipalIterator findPrincipals(String simpleFilter, int searchType) {
checkIsValid();
- List entries = new ArrayList(providers.length);
- for (int i = 0; i < providers.length; i++) {
- PrincipalProvider pp = providers[i];
+ List<CheckedIteratorEntry> entries = new ArrayList<CheckedIteratorEntry>(providers.length);
+ for (PrincipalProvider pp : providers) {
PrincipalIterator it = pp.findPrincipals(simpleFilter, searchType);
if (it.hasNext()) {
entries.add(new CheckedIteratorEntry(it, pp));
@@ -117,9 +115,8 @@
*/
public PrincipalIterator getPrincipals(int searchType) {
checkIsValid();
- List entries = new ArrayList(providers.length);
- for (int i = 0; i < providers.length; i++) {
- PrincipalProvider pp = providers[i];
+ List<CheckedIteratorEntry> entries = new ArrayList<CheckedIteratorEntry>(providers.length);
+ for (PrincipalProvider pp : providers) {
PrincipalIterator it = pp.getPrincipals(searchType);
if (it.hasNext()) {
entries.add(new CheckedIteratorEntry(it, pp));
@@ -133,9 +130,8 @@
*/
public PrincipalIterator getGroupMembership(Principal principal) {
checkIsValid();
- List entries = new ArrayList(providers.length + 1);
- for (int i = 0; i < providers.length; i++) {
- PrincipalProvider pp = providers[i];
+ List<CheckedIteratorEntry> entries = new ArrayList<CheckedIteratorEntry>(providers.length + 1);
+ for (PrincipalProvider pp : providers) {
PrincipalIterator groups = pp.getGroupMembership(principal);
if (groups.hasNext()) {
entries.add(new CheckedIteratorEntry(groups, pp));
@@ -170,17 +166,17 @@
}
/**
- * @param principalName
+ * @param principalName the name of the principal
* @return The principal with the given name or <code>null</code> if none
* of the providers knows that principal of if the Session is not allowed
* to see it.
*/
private Principal internalGetPrincipal(String principalName) {
checkIsValid();
- for (int i = 0; i < providers.length; i++) {
- Principal principal = providers[i].getPrincipal(principalName);
- if (principal != null && providers[i].canReadPrincipal(session, principal)) {
- return disguise(principal, providers[i]);
+ for (PrincipalProvider provider : providers) {
+ Principal principal = provider.getPrincipal(principalName);
+ if (principal != null && provider.canReadPrincipal(session, principal)) {
+ return disguise(principal, provider);
}
}
// nothing found or not allowed to see it.
@@ -188,7 +184,8 @@
}
/**
- * @param principal
+ * @param principal the principal
+ * @param provider the provider
* @return A group that only reveals those members that are visible to the
* current session or the specified principal if its not a group or the
* everyone principal.
@@ -238,15 +235,15 @@
return delegatee.isMember(member);
}
- public Enumeration members() {
+ public Enumeration<? extends Principal> members() {
Iterator it = Collections.list(delegatee.members()).iterator();
- final Iterator members = new CheckedPrincipalIterator(it, provider);
- return new Enumeration() {
+ final PrincipalIterator members = new CheckedPrincipalIterator(it, provider);
+ return new Enumeration<Principal>() {
public boolean hasMoreElements() {
return members.hasNext();
}
- public Object nextElement() {
- return members.next();
+ public Principal nextElement() {
+ return members.nextPrincipal();
}
};
}
@@ -291,16 +288,16 @@
*/
private class CheckedPrincipalIterator extends AbstractPrincipalIterator {
- private final List entries;
+ private final List<CheckedIteratorEntry> entries;
private CheckedPrincipalIterator(Iterator it, PrincipalProvider provider) {
- entries = new ArrayList(1);
+ entries = new ArrayList<CheckedIteratorEntry>(1);
entries.add(new CheckedIteratorEntry(it, provider));
next = seekNext();
}
- private CheckedPrincipalIterator(List entries) {
- this.entries = new ArrayList(entries);
+ private CheckedPrincipalIterator(List<CheckedIteratorEntry> entries) {
+ this.entries = new ArrayList<CheckedIteratorEntry>(entries);
next = seekNext();
}
@@ -309,8 +306,8 @@
*/
protected final Principal seekNext() {
while (!entries.isEmpty()) {
- // first test if current-itr has more elements
- CheckedIteratorEntry current = (CheckedIteratorEntry) entries.get(0);
+ // first test if current iterator has more elements
+ CheckedIteratorEntry current = entries.get(0);
Iterator iterator = current.iterator;
while (iterator.hasNext()) {
Principal chk = (Principal) iterator.next();
@@ -319,7 +316,7 @@
return disguise(chk, current.provider);
}
}
- // ino more elements in current-itr -> move to next iterator.
+ // no more elements in current iterator -> move to next iterator.
entries.remove(0);
}
return null;
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/ProviderRegistryImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/ProviderRegistryImpl.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/ProviderRegistryImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/ProviderRegistryImpl.java Fri Aug 21 12:49:09 2009
@@ -37,7 +37,7 @@
private static final Logger log = LoggerFactory.getLogger(ProviderRegistryImpl.class);
private final PrincipalProvider defaultPrincipalProvider;
- private final Map providers = new HashMap();
+ private final Map<String, PrincipalProvider> providers = new HashMap<String, PrincipalProvider>();
/**
* Create an instance of <code>ProviderRegistryImpl</code> with the given
@@ -82,7 +82,7 @@
*/
public PrincipalProvider getProvider(String className) {
synchronized (providers) {
- return (PrincipalProvider) providers.get(className);
+ return providers.get(className);
}
}
@@ -91,8 +91,8 @@
*/
public PrincipalProvider[] getProviders() {
synchronized (providers) {
- Collection pps = providers.values();
- return (PrincipalProvider[]) pps.toArray(new PrincipalProvider[pps.size()]);
+ Collection<PrincipalProvider> pps = providers.values();
+ return pps.toArray(new PrincipalProvider[pps.size()]);
}
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/simple/SimpleWorkspaceAccessManager.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/simple/SimpleWorkspaceAccessManager.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/simple/SimpleWorkspaceAccessManager.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/simple/SimpleWorkspaceAccessManager.java Fri Aug 21 12:49:09 2009
@@ -21,6 +21,7 @@
import javax.jcr.Session;
import javax.jcr.RepositoryException;
import java.util.Set;
+import java.security.Principal;
/**
* <code>SimpleWorkspaceAccessManager</code> always allows any set of principals
@@ -48,7 +49,8 @@
*
* @see WorkspaceAccessManager#grants(java.util.Set, String)
*/
- public boolean grants(Set principals, String workspaceName) throws RepositoryException {
+ public boolean grants(Set<Principal> principals, String workspaceName)
+ throws RepositoryException {
return true;
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/AuthorizableImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/AuthorizableImpl.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/AuthorizableImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/AuthorizableImpl.java Fri Aug 21 12:49:09 2009
@@ -80,13 +80,13 @@
* @see Authorizable#getPrincipals()
*/
public PrincipalIterator getPrincipals() throws RepositoryException {
- Collection coll = new ArrayList();
+ Collection<Principal> coll = new ArrayList<Principal>();
// the first element is the main principal of this user.
coll.add(getPrincipal());
// in addition add all referees.
PrincipalManager prMgr = getSession().getPrincipalManager();
- for (Iterator it = getRefereeValues().iterator(); it.hasNext();) {
- String refName = ((Value) it.next()).getString();
+ for (Object o : getRefereeValues()) {
+ String refName = ((Value) o).getString();
Principal princ = null;
if (prMgr.hasPrincipal(refName)) {
try {
@@ -96,7 +96,7 @@
}
}
if (princ == null) {
- log.warn("Principal "+ refName +" unknown to PrincipalManager.");
+ log.warn("Principal " + refName + " unknown to PrincipalManager.");
princ = new PrincipalImpl(refName);
}
coll.add(princ);
@@ -111,7 +111,7 @@
String principalName = principal.getName();
Value princValue = getSession().getValueFactory().createValue(principalName);
- List refereeValues = getRefereeValues();
+ List<Value> refereeValues = getRefereeValues();
if (refereeValues.contains(princValue) || getPrincipal().getName().equals(principalName)) {
return false;
}
@@ -120,7 +120,7 @@
}
refereeValues.add(princValue);
- userManager.setProtectedProperty(node, P_REFEREES, (Value[]) refereeValues.toArray(new Value[refereeValues.size()]));
+ userManager.setProtectedProperty(node, P_REFEREES, refereeValues.toArray(new Value[refereeValues.size()]));
return true;
}
@@ -129,14 +129,14 @@
*/
public synchronized boolean removeReferee(Principal principal) throws RepositoryException {
Value princValue = getSession().getValueFactory().createValue(principal.getName());
- List existingValues = getRefereeValues();
+ List<Value> existingValues = getRefereeValues();
if (existingValues.remove(princValue)) {
PropertyImpl prop = node.getProperty(P_REFEREES);
if (existingValues.isEmpty()) {
userManager.removeProtectedItem(prop, node);
} else {
- userManager.setProtectedProperty(node, P_REFEREES, (Value[]) existingValues.toArray(new Value[existingValues.size()]));
+ userManager.setProtectedProperty(node, P_REFEREES, existingValues.toArray(new Value[existingValues.size()]));
}
return true;
}
@@ -148,8 +148,8 @@
/**
* @see Authorizable#declaredMemberOf()
*/
- public Iterator declaredMemberOf() throws RepositoryException {
- List memberShip = new ArrayList();
+ public Iterator<Group> declaredMemberOf() throws RepositoryException {
+ List<Group> memberShip = new ArrayList<Group>();
collectMembership(memberShip, false);
return memberShip.iterator();
}
@@ -157,8 +157,8 @@
/**
* @see Authorizable#memberOf()
*/
- public Iterator memberOf() throws RepositoryException {
- List memberShip = new ArrayList();
+ public Iterator<Group> memberOf() throws RepositoryException {
+ List<Group> memberShip = new ArrayList<Group>();
collectMembership(memberShip, true);
return memberShip.iterator();
}
@@ -166,8 +166,8 @@
/**
* @see Authorizable#getPropertyNames()
*/
- public Iterator getPropertyNames() throws RepositoryException {
- List l = new ArrayList();
+ public Iterator<String> getPropertyNames() throws RepositoryException {
+ List<String> l = new ArrayList<String>();
for (PropertyIterator it = node.getProperties(); it.hasNext();) {
Property prop = it.nextProperty();
if (isAuthorizableProperty(prop)) {
@@ -334,13 +334,13 @@
Value toRemove = getSession().getValueFactory().createValue(group.getNode(), true);
PropertyImpl property = node.getProperty(P_GROUPS);
- List valList = new ArrayList(Arrays.asList(property.getValues()));
+ List<Value> valList = new ArrayList<Value>(Arrays.asList(property.getValues()));
if (valList.remove(toRemove)) {
try {
if (valList.isEmpty()) {
userManager.removeProtectedItem(property, node);
} else {
- Value[] values = (Value[]) valList.toArray(new Value[valList.size()]);
+ Value[] values = valList.toArray(new Value[valList.size()]);
userManager.setProtectedProperty(node, P_GROUPS, values);
}
return true;
@@ -356,15 +356,15 @@
}
}
- private void collectMembership(List groups, boolean includedIndirect) throws RepositoryException {
+ private void collectMembership(List<Group> groups, boolean includedIndirect) throws RepositoryException {
NodeImpl node = getNode();
if (!node.hasProperty(P_GROUPS)) {
return;
}
Value[] refs = node.getProperty(P_GROUPS).getValues();
- for (int i = 0; i < refs.length; i++) {
+ for (Value ref : refs) {
try {
- NodeImpl groupNode = (NodeImpl) getSession().getNodeByUUID(refs[i].getString());
+ NodeImpl groupNode = (NodeImpl) getSession().getNodeByUUID(ref.getString());
Group group = GroupImpl.create(groupNode, userManager);
if (groups.add(group) && includedIndirect) {
((AuthorizableImpl) group).collectMembership(groups, true);
@@ -372,7 +372,7 @@
} catch (ItemNotFoundException e) {
// groupNode doesn't exist any more
log.warn("Group node referenced by " + getID() + " doesn't exist anymore -> Ignored from membership list.");
- // TODO: ev. clean up list of group memberships
+ // TODO: possibly clean up list of group memberships
}
}
}
@@ -441,14 +441,12 @@
}
}
- private List getRefereeValues() throws RepositoryException {
- List principalNames = new ArrayList();
+ private List<Value> getRefereeValues() throws RepositoryException {
+ List<Value> principalNames = new ArrayList<Value>();
if (node.hasProperty(P_REFEREES)) {
try {
- Value[] refProp = node.getProperty(P_REFEREES).getValues();
- for (int i = 0; i < refProp.length; i++) {
- principalNames.add(refProp[i]);
- }
+ principalNames.addAll(Arrays.asList(
+ node.getProperty(P_REFEREES).getValues()));
} catch (PathNotFoundException e) {
// ignore. should never occur.
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/GroupImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/GroupImpl.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/GroupImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/GroupImpl.java Fri Aug 21 12:49:09 2009
@@ -97,14 +97,14 @@
/**
* @see Group#getDeclaredMembers()
*/
- public Iterator getDeclaredMembers() throws RepositoryException {
+ public Iterator<Authorizable> getDeclaredMembers() throws RepositoryException {
return getMembers(false).iterator();
}
/**
* @see Group#getMembers()
*/
- public Iterator getMembers() throws RepositoryException {
+ public Iterator<Authorizable> getMembers() throws RepositoryException {
return getMembers(true).iterator();
}
@@ -169,9 +169,9 @@
* @return A collection of members of this group.
* @throws RepositoryException If an error occurs while collecting the members.
*/
- private Collection getMembers(boolean includeIndirect) throws RepositoryException {
+ private Collection<Authorizable> getMembers(boolean includeIndirect) throws RepositoryException {
PropertyIterator itr = getNode().getWeakReferences(getSession().getJCRName(P_GROUPS));
- Collection members = new HashSet((int) itr.getSize());
+ Collection<Authorizable> members = new HashSet<Authorizable>((int) itr.getSize());
while (itr.hasNext()) {
NodeImpl n = (NodeImpl) itr.nextProperty().getParent();
if (n.isNodeType(NT_REP_GROUP)) {
@@ -266,7 +266,7 @@
*/
private class NodeBasedGroup extends NodeBasedPrincipal implements java.security.acl.Group {
- private Set members;
+ private Set<Principal> members;
private NodeBasedGroup(String name) {
super(name);
@@ -289,15 +289,14 @@
* @see java.security.acl.Group#isMember(Principal)
*/
public boolean isMember(Principal member) {
- Collection members = getMembers();
+ Collection<Principal> members = getMembers();
if (members.contains(member)) {
// shortcut.
return true;
}
// test if member of a member-group
- for (Iterator it = members.iterator(); it.hasNext();) {
- Principal p = (Principal) it.next();
+ for (Principal p : members) {
if (p instanceof java.security.acl.Group &&
((java.security.acl.Group) p).isMember(member)) {
return true;
@@ -322,7 +321,7 @@
*
* @see java.security.acl.Group#members()
*/
- public Enumeration members() {
+ public Enumeration<? extends Principal> members() {
return Collections.enumeration(getMembers());
}
@@ -340,9 +339,9 @@
}
//----------------------------------------------------------------------
- private Collection getMembers() {
+ private Collection<Principal> getMembers() {
if (members == null) {
- members = new HashSet();
+ members = new HashSet<Principal>();
try {
for (Iterator it = GroupImpl.this.getMembers(); it.hasNext();) {
Authorizable authrz = (Authorizable) it.next();
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/ImpersonationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/ImpersonationImpl.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/ImpersonationImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/ImpersonationImpl.java Fri Aug 21 12:49:09 2009
@@ -16,6 +16,14 @@
*/
package org.apache.jackrabbit.core.security.user;
+import java.security.Principal;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Value;
+import javax.security.auth.Subject;
+
import org.apache.jackrabbit.api.security.principal.NoSuchPrincipalException;
import org.apache.jackrabbit.api.security.principal.PrincipalIterator;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
@@ -31,14 +39,6 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import javax.jcr.RepositoryException;
-import javax.jcr.Value;
-import javax.security.auth.Subject;
-import java.security.Principal;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
/**
* ImpersonationImpl
*/
@@ -59,15 +59,14 @@
* @see Impersonation#getImpersonators()
*/
public PrincipalIterator getImpersonators() throws RepositoryException {
- Set impersonators = getImpersonatorNames();
+ Set<String> impersonators = getImpersonatorNames();
if (impersonators.isEmpty()) {
return PrincipalIteratorAdapter.EMPTY;
} else {
final PrincipalManager pMgr = user.getSession().getPrincipalManager();
- Set s = new HashSet();
- for (Iterator it = impersonators.iterator(); it.hasNext();) {
- String pName = it.next().toString();
+ Set<Principal> s = new HashSet<Principal>();
+ for (String pName: impersonators) {
Principal p = null;
if (pMgr.hasPrincipal(pName)) {
try {
@@ -115,7 +114,7 @@
}
boolean granted = false;
- Set impersonators = getImpersonatorNames();
+ Set<String> impersonators = getImpersonatorNames();
if (impersonators.add(pName)) {
updateImpersonatorNames(impersonators);
granted = true;
@@ -135,7 +134,7 @@
boolean revoked = false;
String pName = principal.getName();
- Set impersonators = getImpersonatorNames();
+ Set<String> impersonators = getImpersonatorNames();
if (impersonators.remove(pName)) {
updateImpersonatorNames(impersonators);
revoked = true;
@@ -156,9 +155,9 @@
return true;
}
- Set principalNames = new HashSet();
- for (Iterator it = subject.getPrincipals().iterator(); it.hasNext();) {
- principalNames.add(((Principal) it.next()).getName());
+ Set<String> principalNames = new HashSet<String>();
+ for (Principal p: subject.getPrincipals()) {
+ principalNames.add(p.getName());
}
boolean allows = false;
@@ -174,21 +173,21 @@
//------------------------------------------------------------< private >---
- private Set getImpersonatorNames() throws RepositoryException {
- Set princNames = new HashSet();
+ private Set<String> getImpersonatorNames() throws RepositoryException {
+ Set<String> princNames = new HashSet<String>();
if (user.getNode().hasProperty(P_IMPERSONATORS)) {
Value[] vs = user.getNode().getProperty(P_IMPERSONATORS).getValues();
- for (int i = 0; i < vs.length; i++) {
- princNames.add(vs[i].getString());
+ for (Value v : vs) {
+ princNames.add(v.getString());
}
}
return princNames;
}
- private void updateImpersonatorNames(Set principalNames) throws RepositoryException {
+ private void updateImpersonatorNames(Set<String> principalNames) throws RepositoryException {
NodeImpl userNode = user.getNode();
try {
- String[] pNames = (String[]) principalNames.toArray(new String[principalNames.size()]);
+ String[] pNames = principalNames.toArray(new String[principalNames.size()]);
if (pNames.length == 0) {
PropertyImpl prop = userNode.getProperty(P_IMPERSONATORS);
userManager.removeProtectedItem(prop, userNode);
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/IndexNodeResolver.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/IndexNodeResolver.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/IndexNodeResolver.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/IndexNodeResolver.java Fri Aug 21 12:49:09 2009
@@ -79,7 +79,7 @@
* @return
* @throws javax.jcr.RepositoryException
*/
- public NodeIterator findNodes(Set propertyNames, String value, Name ntName,
+ public NodeIterator findNodes(Set<Name> propertyNames, String value, Name ntName,
boolean exact, long maxSize) throws RepositoryException {
Query query = buildQuery(value, propertyNames, ntName, exact, maxSize);
return query.execute().getNodes();
@@ -115,7 +115,7 @@
* @return
* @throws RepositoryException
*/
- private Query buildQuery(String value, Set props, Name ntName,
+ private Query buildQuery(String value, Set<Name> props, Name ntName,
boolean exact, long maxSize)
throws RepositoryException {
StringBuilder stmt = new StringBuilder("/jcr:root");
@@ -128,10 +128,9 @@
} else {
stmt.append(")[");
int i = 0;
- Iterator itr = props.iterator();
- while (itr.hasNext()) {
+ for (Name prop : props) {
stmt.append((exact) ? "@" : "jcr:like(@");
- String pName = getNamePathResolver().getJCRName((Name) itr.next());
+ String pName = getNamePathResolver().getJCRName(prop);
stmt.append(ISO9075.encode(pName));
if (exact) {
stmt.append("='");
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/NodeResolver.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/NodeResolver.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/NodeResolver.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/NodeResolver.java Fri Aug 21 12:49:09 2009
@@ -16,17 +16,16 @@
*/
package org.apache.jackrabbit.core.security.user;
-import org.apache.jackrabbit.spi.Name;
-import org.apache.jackrabbit.spi.commons.conversion.NamePathResolver;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import java.util.Collections;
+import java.util.Set;
import javax.jcr.Node;
import javax.jcr.NodeIterator;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
-import java.util.Collections;
-import java.util.Set;
+
+import org.apache.jackrabbit.spi.Name;
+import org.apache.jackrabbit.spi.commons.conversion.NamePathResolver;
/**
* Resolver: searches for Principals stored in Nodes of a {@link javax.jcr.Workspace}
@@ -35,8 +34,6 @@
*/
abstract class NodeResolver {
- private static final Logger log = LoggerFactory.getLogger(NodeResolver.class);
-
private final Session session;
private final NamePathResolver resolver;
@@ -109,7 +106,7 @@
* @return matching nodes (or an empty iterator if no match was found).
* @throws RepositoryException If an error occurs.
*/
- public abstract NodeIterator findNodes(Set propertyNames, String value,
+ public abstract NodeIterator findNodes(Set<Name> propertyNames, String value,
Name ntName, boolean exact, long maxSize)
throws RepositoryException;
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/TraversingNodeResolver.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/TraversingNodeResolver.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/TraversingNodeResolver.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/TraversingNodeResolver.java Fri Aug 21 12:49:09 2009
@@ -100,7 +100,7 @@
/**
* @inheritDoc
*/
- public NodeIterator findNodes(Set propertyNames, String value, Name ntName,
+ public NodeIterator findNodes(Set<Name> propertyNames, String value, Name ntName,
boolean exact, long maxSize) throws RepositoryException {
String sr = getSearchRoot(ntName);
if (getSession().nodeExists(sr)) {
@@ -151,11 +151,12 @@
* @param exact if set to true the value has to match exactly else a
* substring is searched
* @param maxSize
+ * @return
*/
- private NodeIterator collectNodes(String value, Set props, Name ntName,
+ private NodeIterator collectNodes(String value, Set<Name> props, Name ntName,
NodeIterator nodes, boolean exact,
long maxSize) {
- Set matchSet = new HashSet();
+ Set<Node> matchSet = new HashSet<Node>();
collectNodes(value, props, ntName, nodes, matchSet, exact, maxSize);
return new NodeIteratorAdapter(matchSet);
}
@@ -172,9 +173,9 @@
* @param exact if set to true the value has to match exact
* @param maxSize
*/
- private void collectNodes(String value, Set propertyNames,
+ private void collectNodes(String value, Set<Name> propertyNames,
Name nodeTypeName, NodeIterator itr,
- Set matchSet, boolean exact, long maxSize) {
+ Set<Node> matchSet, boolean exact, long maxSize) {
while (itr.hasNext()) {
NodeImpl node = (NodeImpl) itr.nextNode();
try {
@@ -203,7 +204,7 @@
* @throws RepositoryException
*/
private static boolean matches(NodeImpl node, Name nodeTypeName,
- Collection propertyNames, String value,
+ Collection<Name> propertyNames, String value,
boolean exact) throws RepositoryException {
boolean match = false;
@@ -216,9 +217,9 @@
match = (exact) ? node.getName().equals(value) :
node.getName().matches(".*"+value+".*");
} else {
- Iterator pItr = propertyNames.iterator();
+ Iterator<Name> pItr = propertyNames.iterator();
while (!match && pItr.hasNext()) {
- Name propertyName = (Name) pItr.next();
+ Name propertyName = pItr.next();
if (node.hasProperty(propertyName)) {
Property prop = node.getProperty(propertyName);
if (prop.getDefinition().isMultiple()) {
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java Fri Aug 21 12:49:09 2009
@@ -133,7 +133,7 @@
userAdminGroup = (configuration.containsKey(USER_ADMIN_GROUP_NAME)) ? configuration.get(USER_ADMIN_GROUP_NAME).toString() : USER_ADMIN_GROUP_NAME;
groupAdminGroup = (configuration.containsKey(GROUP_ADMIN_GROUP_NAME)) ? configuration.get(GROUP_ADMIN_GROUP_NAME).toString() : GROUP_ADMIN_GROUP_NAME;
- // make sure the groups exist (and ev. create them).
+ // make sure the groups exist (and possibly create them).
UserManager uMgr = sImpl.getUserManager();
if (!initGroup(uMgr, userAdminGroup)) {
log.warn("Unable to initialize User admininistrator group -> no user admins.");
@@ -174,7 +174,7 @@
/**
* @see org.apache.jackrabbit.core.security.authorization.AccessControlProvider#compilePermissions(Set)
*/
- public CompiledPermissions compilePermissions(Set principals) throws RepositoryException {
+ public CompiledPermissions compilePermissions(Set<Principal> principals) throws RepositoryException {
checkInitialized();
if (isAdminOrSystem(principals)) {
return getAdminPermissions();
@@ -201,11 +201,10 @@
//------------------------------------------------------------< private >---
- private ItemBasedPrincipal getUserPrincipal(Set principals) {
+ private ItemBasedPrincipal getUserPrincipal(Set<Principal> principals) {
try {
UserManager uMgr = session.getUserManager();
- for (Iterator it = principals.iterator(); it.hasNext();) {
- Principal p = (Principal) it.next();
+ for (Principal p : principals) {
if (!(p instanceof Group) && p instanceof ItemBasedPrincipal
&& uMgr.getAuthorizable(p) != null) {
return (ItemBasedPrincipal) p;
@@ -253,7 +252,7 @@
return PrivilegeRegistry.getBits(privs);
}
- private static boolean containsGroup(Set principals, String groupName) {
+ private static boolean containsGroup(Set<Principal> principals, String groupName) {
for (Iterator it = principals.iterator(); it.hasNext() && groupName != null;) {
Principal p = (Principal) it.next();
if (p.getName().equals(groupName)) {
@@ -296,7 +295,7 @@
private boolean isUserAdmin;
private boolean isGroupAdmin;
- protected CompiledPermissionsImpl(Set principals, String userNodePath) throws RepositoryException {
+ protected CompiledPermissionsImpl(Set<Principal> principals, String userNodePath) throws RepositoryException {
this.userNodePath = userNodePath;
isUserAdmin = containsGroup(principals, userAdminGroup);
isGroupAdmin = containsGroup(principals, groupAdminGroup);
@@ -321,7 +320,7 @@
if (userNode == null) {
// no Node corresponding to user for which the permissions are
- // calculated -> no permissions/priviles.
+ // calculated -> no permissions/privileges.
log.debug("No node at " + userNodePath);
return new Result(Permission.NONE, Permission.NONE, PrivilegeRegistry.NO_PRIVILEGE, PrivilegeRegistry.NO_PRIVILEGE);
}
@@ -493,8 +492,8 @@
if (session.propertyExists(evPath)) {
Value[] vs = session.getProperty(evPath).getValues();
String princName = session.getJCRName(P_PRINCIPAL_NAME);
- for (int i = 0; i < vs.length; i++) {
- Node groupNode = session.getNodeByUUID(vs[i].getString());
+ for (Value v : vs) {
+ Node groupNode = session.getNodeByUUID(v.getString());
String pName = groupNode.getProperty(princName).getString();
if (userAdminGroup.equals(pName)) {
isUserAdmin = true;
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserManagerImpl.java?rev=806534&r1=806533&r2=806534&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserManagerImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserManagerImpl.java Fri Aug 21 12:49:09 2009
@@ -462,7 +462,7 @@
* @throws RepositoryException
*/
boolean hasAuthorizableOrReferee(Principal principal) throws RepositoryException {
- Set s = new HashSet(2);
+ Set<Name> s = new HashSet<Name>(2);
s.add(P_PRINCIPAL_NAME);
s.add(P_REFEREES);
NodeIterator res = authResolver.findNodes(s, principal.getName(), NT_REP_AUTHORIZABLE, true, 1);
@@ -569,7 +569,7 @@
private NodeImpl getUserNode(String userID) throws RepositoryException {
NodeImpl n = (NodeImpl) idResolver.findNode(userID, false);
if (n == null && compatibleJR16) {
- // backwards-compatibiltiy with JR < 2.0 user structure that doesn't
+ // backwards-compatibility with JR < 2.0 user structure that doesn't
// allow to determine the auth-path from the id directly.
// search for it the node belonging to that userID
n = (NodeImpl) authResolver.findNode(P_USERID, userID, NT_REP_USER);
@@ -587,7 +587,7 @@
private NodeImpl getGroupNode(String groupID) throws RepositoryException {
NodeImpl n = (NodeImpl) idResolver.findNode(groupID, true);
if (n == null && compatibleJR16) {
- // backwards-compatibiltiy with JR < 2.0 group structure that doesn't
+ // backwards-compatibility with JR < 2.0 group structure that doesn't
// allow to determine the auth-path from the id directly
// search for it the node belonging to that groupID.
// NOTE: JR < 2.0 always returned groupIDs that didn't contain any
@@ -627,7 +627,7 @@
*/
private final class AuthorizableIterator implements Iterator {
- private final Set served = new HashSet();
+ private final Set<String> served = new HashSet<String>();
private Authorizable next;
private NodeIterator authNodeIter;