You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@manifoldcf.apache.org by kw...@apache.org on 2011/09/26 02:16:51 UTC
svn commit: r1175631 - /incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/java/org/apache/solr/mcf/ManifoldCFSecurityFilter.java

Author: kwright
Date: Mon Sep 26 00:16:51 2011
New Revision: 1175631

URL: http://svn.apache.org/viewvc?rev=1175631&view=rev
Log:
Share the queries in need of rewrite among all clauses.

Modified:
    incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/java/org/apache/solr/mcf/ManifoldCFSecurityFilter.java

Modified: incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/java/org/apache/solr/mcf/ManifoldCFSecurityFilter.java
URL: http://svn.apache.org/viewvc/incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/java/org/apache/solr/mcf/ManifoldCFSecurityFilter.java?rev=1175631&r1=1175630&r2=1175631&view=diff
==============================================================================
--- incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/java/org/apache/solr/mcf/ManifoldCFSecurityFilter.java (original)
+++ incubator/lcf/upstream/solr/SOLR-1895/solr/contrib/mcf/src/java/org/apache/solr/mcf/ManifoldCFSecurityFilter.java Mon Sep 26 00:16:51 2011
@@ -153,6 +153,11 @@ public class ManifoldCFSecurityFilter ex
     BooleanQuery bq = new BooleanQuery();
     //bf.setMaxClauseCount(100000);
     
+    Query allowShareOpen = new WildcardQuery(new Term(fieldAllowShare,"*"));
+    Query denyShareOpen = new WildcardQuery(new Term(fieldDenyShare,"*"));
+    Query allowDocumentOpen = new WildcardQuery(new Term(fieldAllowDocument,"*"));
+    Query denyDocumentOpen = new WildcardQuery(new Term(fieldDenyDocument,"*"));
+    
     if (userAccessTokens.size() == 0)
     {
       // Only open documents can be included.
@@ -161,16 +166,18 @@ public class ManifoldCFSecurityFilter ex
       // We're trying to map to:  -(fieldAllowShare:*) , which should be pretty efficient in Solr because it is negated.  If this turns out not to be so, then we should
       // have the SolrConnector inject a special token into these fields when they otherwise would be empty, and we can trivially match on that token.
       bq.add(new MatchAllDocsQuery(),BooleanClause.Occur.SHOULD);
-      bq.add(new WildcardQuery(new Term(fieldAllowShare,"*")),BooleanClause.Occur.MUST_NOT);
-      bq.add(new WildcardQuery(new Term(fieldDenyShare,"*")),BooleanClause.Occur.MUST_NOT);
-      bq.add(new WildcardQuery(new Term(fieldAllowDocument,"*")),BooleanClause.Occur.MUST_NOT);
-      bq.add(new WildcardQuery(new Term(fieldDenyDocument,"*")),BooleanClause.Occur.MUST_NOT);
+      bq.add(allowShareOpen,BooleanClause.Occur.MUST_NOT);
+      bq.add(denyShareOpen,BooleanClause.Occur.MUST_NOT);
+      bq.add(allowDocumentOpen,BooleanClause.Occur.MUST_NOT);
+      bq.add(denyDocumentOpen,BooleanClause.Occur.MUST_NOT);
     }
     else
     {
       // Extend the query appropriately for each user access token.
-      bq.add(calculateCompleteSubquery(fieldAllowShare,fieldDenyShare,userAccessTokens),BooleanClause.Occur.MUST);
-      bq.add(calculateCompleteSubquery(fieldAllowDocument,fieldDenyDocument,userAccessTokens),BooleanClause.Occur.MUST);
+      bq.add(calculateCompleteSubquery(fieldAllowShare,fieldDenyShare,allowShareOpen,denyShareOpen,userAccessTokens),
+        BooleanClause.Occur.MUST);
+      bq.add(calculateCompleteSubquery(fieldAllowDocument,fieldDenyDocument,allowDocumentOpen,denyDocumentOpen,userAccessTokens),
+        BooleanClause.Occur.MUST);
     }
 
     // Concatenate with the user's original query.
@@ -193,7 +200,7 @@ public class ManifoldCFSecurityFilter ex
   * ((fieldAllowShare is empty AND fieldDenyShare is empty) OR fieldAllowShare HAS token1 OR fieldAllowShare HAS token2 ...)
   *     AND fieldDenyShare DOESN'T_HAVE token1 AND fieldDenyShare DOESN'T_HAVE token2 ...
   */
-  protected Query calculateCompleteSubquery(String allowField, String denyField, List<String> userAccessTokens)
+  protected Query calculateCompleteSubquery(String allowField, String denyField, Query allowOpen, Query denyOpen, List<String> userAccessTokens)
   {
     BooleanQuery bq = new BooleanQuery();
     bq.setMaxClauseCount(1000000);
@@ -201,8 +208,8 @@ public class ManifoldCFSecurityFilter ex
     // Add the empty-acl case
     BooleanQuery subUnprotectedClause = new BooleanQuery();
     subUnprotectedClause.add(new MatchAllDocsQuery(),BooleanClause.Occur.SHOULD);
-    subUnprotectedClause.add(new WildcardQuery(new Term(allowField,"*")),BooleanClause.Occur.MUST_NOT);
-    subUnprotectedClause.add(new WildcardQuery(new Term(denyField,"*")),BooleanClause.Occur.MUST_NOT);
+    subUnprotectedClause.add(allowOpen,BooleanClause.Occur.MUST_NOT);
+    subUnprotectedClause.add(denyOpen,BooleanClause.Occur.MUST_NOT);
     bq.add(subUnprotectedClause,BooleanClause.Occur.SHOULD);
     for (String accessToken : userAccessTokens)
     {