You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/05/14 19:14:40 UTC
svn commit: r1482471 - in /jackrabbit/oak/trunk/oak-core/src:
main/java/org/apache/jackrabbit/oak/security/authorization/
main/java/org/apache/jackrabbit/oak/security/authorization/permission/
main/java/org/apache/jackrabbit/oak/security/authorization/...
Author: angela
Date: Tue May 14 17:14:40 2013
New Revision: 1482471
URL: http://svn.apache.org/r1482471
Log:
OAK-51 : Access Control Management (wip)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/ACL.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/ACE.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlList.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/AccessControlConfiguration.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/OpenAccessControlConfiguration.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/Restriction.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinition.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinitionImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionProvider.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/ACETest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlListTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/ImmutableACLTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinitionImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionImplTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/ACL.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/ACL.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/ACL.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/ACL.java Tue May 14 17:14:40 2013
@@ -55,13 +55,13 @@ abstract class ACL extends AbstractAcces
private static final Logger log = LoggerFactory.getLogger(ACL.class);
- private final List<JackrabbitAccessControlEntry> entries = new ArrayList<JackrabbitAccessControlEntry>();
+ private final List<ACE> entries = new ArrayList<ACE>();
ACL(@Nullable String oakPath, @Nonnull NamePathMapper namePathMapper) {
this(oakPath, null, namePathMapper);
}
- ACL(@Nullable String oakPath, @Nullable List<JackrabbitAccessControlEntry> entries,
+ ACL(@Nullable String oakPath, @Nullable List<ACE> entries,
@Nonnull NamePathMapper namePathMapper) {
super(oakPath, namePathMapper);
if (entries != null) {
@@ -78,7 +78,7 @@ abstract class ACL extends AbstractAcces
//------------------------------------------< AbstractAccessControlList >---
@Nonnull
@Override
- public List<JackrabbitAccessControlEntry> getEntries() {
+ public List<ACE> getEntries() {
return entries;
}
@@ -86,7 +86,7 @@ abstract class ACL extends AbstractAcces
@Override
public void removeAccessControlEntry(AccessControlEntry ace) throws RepositoryException {
- JackrabbitAccessControlEntry entry = checkACE(ace);
+ ACE entry = checkACE(ace);
if (!entries.remove(entry)) {
throw new AccessControlException("Cannot remove AccessControlEntry " + ace);
}
@@ -107,8 +107,9 @@ abstract class ACL extends AbstractAcces
AccessControlUtils.checkValidPrincipal(principal, getPrincipalManager());
for (RestrictionDefinition def : getRestrictionProvider().getSupportedRestrictions(getOakPath())) {
- if (def.isMandatory() && (restrictions == null || !restrictions.containsKey(def.getJcrName()))) {
- throw new AccessControlException("Mandatory restriction " +def.getJcrName()+ " is missing.");
+ String jcrName = getNamePathMapper().getJcrName(def.getName());
+ if (def.isMandatory() && (restrictions == null || !restrictions.containsKey(jcrName))) {
+ throw new AccessControlException("Mandatory restriction " + jcrName + " is missing.");
}
}
@@ -117,12 +118,13 @@ abstract class ACL extends AbstractAcces
rs = Collections.emptySet();
} else {
rs = new HashSet<Restriction>(restrictions.size());
- for (String name : restrictions.keySet()) {
- rs.add(getRestrictionProvider().createRestriction(getOakPath(), name, restrictions.get(name)));
+ for (String jcrName : restrictions.keySet()) {
+ String oakName = getNamePathMapper().getOakName(jcrName);
+ rs.add(getRestrictionProvider().createRestriction(getOakPath(), oakName, restrictions.get(oakName)));
}
}
- ACE entry = new ACE(principal, privileges, isAllow, rs);
+ ACE entry = new ACE(principal, privileges, isAllow, rs, getNamePathMapper());
if (entries.contains(entry)) {
log.debug("Entry is already contained in policy -> no modification.");
return false;
@@ -133,8 +135,8 @@ abstract class ACL extends AbstractAcces
@Override
public void orderBefore(AccessControlEntry srcEntry, AccessControlEntry destEntry) throws RepositoryException {
- JackrabbitAccessControlEntry src = checkACE(srcEntry);
- JackrabbitAccessControlEntry dest = (destEntry == null) ? null : checkACE(destEntry);
+ ACE src = checkACE(srcEntry);
+ ACE dest = (destEntry == null) ? null : checkACE(destEntry);
if (src.equals(dest)) {
log.debug("'srcEntry' equals 'destEntry' -> no reordering required.");
@@ -184,9 +186,9 @@ abstract class ACL extends AbstractAcces
private boolean internalAddEntry(@Nonnull ACE entry) throws RepositoryException {
final Principal principal = entry.getPrincipal();
- List<JackrabbitAccessControlEntry> subList = Lists.newArrayList(Iterables.filter(entries, new Predicate<JackrabbitAccessControlEntry>() {
+ List<ACE> subList = Lists.newArrayList(Iterables.filter(entries, new Predicate<ACE>() {
@Override
- public boolean apply(@Nullable JackrabbitAccessControlEntry ace) {
+ public boolean apply(@Nullable ACE ace) {
return (ace != null) && ace.getPrincipal().equals(principal);
}
}));
@@ -236,7 +238,7 @@ abstract class ACL extends AbstractAcces
}
private ACE createACE(ACE existing, PrivilegeBits newPrivilegeBits) throws RepositoryException {
- return new ACE(existing.getPrincipal(), getPrivileges(newPrivilegeBits), existing.isAllow(), existing.getRestrictions());
+ return new ACE(existing.getPrincipal(), getPrivileges(newPrivilegeBits), existing.isAllow(), existing.getRestrictions(), getNamePathMapper());
}
private Set<Privilege> getPrivileges(PrivilegeBits bits) throws RepositoryException {
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java Tue May 14 17:14:40 2013
@@ -81,7 +81,7 @@ public class AccessControlConfigurationI
public List<? extends CommitHook> getCommitHooks(String workspaceName) {
return ImmutableList.of(
new VersionablePathHook(workspaceName),
- new PermissionHook(workspaceName, getRestrictionProvider(NamePathMapper.DEFAULT)));
+ new PermissionHook(workspaceName, getRestrictionProvider()));
}
@Override
@@ -106,8 +106,8 @@ public class AccessControlConfigurationI
@Nonnull
@Override
- public RestrictionProvider getRestrictionProvider(NamePathMapper namePathMapper) {
- return new RestrictionProviderImpl(namePathMapper);
+ public RestrictionProvider getRestrictionProvider() {
+ return new RestrictionProviderImpl();
}
@Nonnull
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java Tue May 14 17:14:40 2013
@@ -84,6 +84,7 @@ import org.apache.jackrabbit.util.Text;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.base.Preconditions.checkNotNull;
/**
@@ -117,7 +118,7 @@ public class AccessControlManagerImpl im
principalManager = securityProvider.getPrincipalConfiguration().getPrincipalManager(root, namePathMapper);
acConfig = securityProvider.getAccessControlConfiguration();
- restrictionProvider = acConfig.getRestrictionProvider(namePathMapper);
+ restrictionProvider = acConfig.getRestrictionProvider();
ntMgr = ReadOnlyNodeTypeManager.getInstance(root, namePathMapper);
readPaths = acConfig.getConfigurationParameters().getConfigValue(PARAM_READ_PATHS, DEFAULT_READ_PATHS);
@@ -244,8 +245,8 @@ public class AccessControlManagerImpl im
AccessControlPolicy[] plcs = getPolicies(principalAcl.principal);
PrincipalACL existing = (plcs.length == 0) ? null : (PrincipalACL) plcs[0];
- List<JackrabbitAccessControlEntry> toAdd = Lists.newArrayList(principalAcl.getEntries());
- List<JackrabbitAccessControlEntry> toRemove = Collections.emptyList();
+ List<ACE> toAdd = Lists.newArrayList(principalAcl.getEntries());
+ List<ACE> toRemove = Collections.emptyList();
if (existing != null) {
toAdd.removeAll(existing.getEntries());
toRemove = existing.getEntries();
@@ -295,7 +296,16 @@ public class AccessControlManagerImpl im
}
aclTree.setOrderableChildren(true);
for (JackrabbitAccessControlEntry ace : acl.getEntries()) {
- writeACE(oakPath, aclTree, ace, restrictionProvider);
+ checkArgument(ace instanceof ACE);
+ boolean isAllow = ace.isAllow();
+ String nodeName = AccessControlUtils.generateAceName(aclTree, isAllow);
+ String ntName = (isAllow) ? NT_REP_GRANT_ACE : NT_REP_DENY_ACE;
+
+ NodeUtil aceNode = new NodeUtil(aclTree).addChild(nodeName, ntName);
+ aceNode.setString(REP_PRINCIPAL_NAME, ace.getPrincipal().getName());
+ aceNode.setNames(REP_PRIVILEGES, AccessControlUtils.namesFromPrivileges(ace.getPrivileges()));
+ Set<Restriction> restrictions = ((ACE) ace).getRestrictions();
+ restrictionProvider.writeRestrictions(oakPath, aceNode.getTree(), restrictions);
}
}
@@ -499,7 +509,7 @@ public class AccessControlManagerImpl im
if (accessControlledTree.exists() && AccessControlUtils.isAccessControlled(oakPath, accessControlledTree, ntMgr)) {
Tree aclTree = accessControlledTree.getChild(aclName);
if (aclTree.exists()) {
- List<JackrabbitAccessControlEntry> entries = new ArrayList<JackrabbitAccessControlEntry>();
+ List<ACE> entries = new ArrayList<ACE>();
for (Tree child : aclTree.getChildren()) {
if (AccessControlUtils.isACE(child, ntMgr)) {
entries.add(createACE(oakPath, child, restrictionProvider));
@@ -519,8 +529,8 @@ public class AccessControlManagerImpl im
private JackrabbitAccessControlList createPrincipalACL(@Nullable String oakPath,
@Nonnull Principal principal) throws RepositoryException {
Result aceResult = searchAces(Collections.<Principal>singleton(principal), root);
- RestrictionProvider restrProvider = new PrincipalRestrictionProvider(restrictionProvider, namePathMapper);
- List<JackrabbitAccessControlEntry> entries = new ArrayList<JackrabbitAccessControlEntry>();
+ RestrictionProvider restrProvider = new PrincipalRestrictionProvider(restrictionProvider);
+ List<ACE> entries = new ArrayList<ACE>();
for (ResultRow row : aceResult.getRows()) {
Tree aceTree = root.getTree(row.getPath());
if (AccessControlUtils.isACE(aceTree, ntMgr)) {
@@ -543,12 +553,12 @@ public class AccessControlManagerImpl im
}
@Nonnull
- private JackrabbitAccessControlEntry createACE(@Nullable String oakPath,
- @Nonnull Tree aceTree,
- @Nonnull RestrictionProvider restrictionProvider) throws RepositoryException {
+ private ACE createACE(@Nullable String oakPath,
+ @Nonnull Tree aceTree,
+ @Nonnull RestrictionProvider restrictionProvider) throws RepositoryException {
boolean isAllow = NT_REP_GRANT_ACE.equals(TreeUtil.getPrimaryTypeName(aceTree));
Set<Restriction> restrictions = restrictionProvider.readRestrictions(oakPath, aceTree);
- return new ACE(getPrincipal(aceTree), getPrivileges(aceTree), isAllow, restrictions);
+ return new ACE(getPrincipal(aceTree), getPrivileges(aceTree), isAllow, restrictions, namePathMapper);
}
@Nonnull
@@ -582,29 +592,6 @@ public class AccessControlManagerImpl im
}
}
- private static void writeACE(@Nullable String oakPath, @Nonnull Tree aclTree,
- @Nonnull JackrabbitAccessControlEntry ace,
- @Nonnull RestrictionProvider rProvider) throws RepositoryException {
- boolean isAllow = ace.isAllow();
- String nodeName = AccessControlUtils.generateAceName(aclTree, isAllow);
- String ntName = (isAllow) ? NT_REP_GRANT_ACE : NT_REP_DENY_ACE;
-
- NodeUtil aceNode = new NodeUtil(aclTree).addChild(nodeName, ntName);
- aceNode.setString(REP_PRINCIPAL_NAME, ace.getPrincipal().getName());
- aceNode.setNames(REP_PRIVILEGES, AccessControlUtils.namesFromPrivileges(ace.getPrivileges()));
- Set<Restriction> restrictions;
- if (ace instanceof ACE) {
- restrictions = ((ACE) ace).getRestrictions();
- } else {
- String[] rNames = ace.getRestrictionNames();
- restrictions = new HashSet<Restriction>(rNames.length);
- for (String rName : rNames) {
- restrictions.add(rProvider.createRestriction(oakPath, rName, ace.getRestriction(rName)));
- }
- }
- rProvider.writeRestrictions(oakPath, aceNode.getTree(), restrictions);
- }
-
@Nonnull
private Principal getPrincipal(@Nonnull Tree aceTree) {
String principalName = checkNotNull(TreeUtil.getString(aceTree, REP_PRINCIPAL_NAME));
@@ -696,7 +683,7 @@ public class AccessControlManagerImpl im
super(oakPath, namePathMapper);
}
- NodeACL(@Nullable String oakPath, @Nullable List<JackrabbitAccessControlEntry> entries) {
+ NodeACL(@Nullable String oakPath, @Nullable List<ACE> entries) {
super(oakPath, entries, namePathMapper);
}
@@ -746,11 +733,11 @@ public class AccessControlManagerImpl im
private final RestrictionProvider rProvider;
private PrincipalACL(@Nullable String oakPath, @Nonnull Principal principal) {
- this(oakPath, principal, null, new PrincipalRestrictionProvider(restrictionProvider, namePathMapper));
+ this(oakPath, principal, null, new PrincipalRestrictionProvider(restrictionProvider));
}
private PrincipalACL(@Nullable String oakPath, @Nonnull Principal principal,
- @Nullable List<JackrabbitAccessControlEntry> entries,
+ @Nullable List<ACE> entries,
@Nonnull RestrictionProvider restrictionProvider) {
super(oakPath, entries, namePathMapper);
this.principal = principal;
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorProvider.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorProvider.java Tue May 14 17:14:40 2013
@@ -63,7 +63,7 @@ class AccessControlValidatorProvider ext
Tree rootAfter = new ImmutableTree(after);
AccessControlConfiguration acConfig = securityProvider.getAccessControlConfiguration();
- RestrictionProvider restrictionProvider = acConfig.getRestrictionProvider(NamePathMapper.DEFAULT);
+ RestrictionProvider restrictionProvider = acConfig.getRestrictionProvider();
Map<String, Privilege> privileges = getPrivileges(before, securityProvider.getPrivilegeConfiguration());
ReadOnlyNodeTypeManager ntMgr = ReadOnlyNodeTypeManager.getInstance(before);
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java Tue May 14 17:14:40 2013
@@ -16,11 +16,8 @@
*/
package org.apache.jackrabbit.oak.security.authorization.permission;
-import static com.google.common.base.Preconditions.checkNotNull;
-
import java.security.Principal;
import java.util.Set;
-
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
@@ -29,14 +26,12 @@ import org.apache.jackrabbit.JcrConstant
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.api.Tree;
-import org.apache.jackrabbit.oak.util.TreeLocation;
import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.commons.PathUtils;
import org.apache.jackrabbit.oak.core.ImmutableRoot;
import org.apache.jackrabbit.oak.core.ImmutableTree;
import org.apache.jackrabbit.oak.core.TreeTypeProvider;
import org.apache.jackrabbit.oak.core.TreeTypeProviderImpl;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.plugins.version.VersionConstants;
import org.apache.jackrabbit.oak.security.authorization.AccessControlConstants;
import org.apache.jackrabbit.oak.security.privilege.PrivilegeBitsProvider;
@@ -47,10 +42,13 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.authorization.permission.ReadStatus;
import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
import org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal;
+import org.apache.jackrabbit.oak.util.TreeLocation;
import org.apache.jackrabbit.oak.util.TreeUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import static com.google.common.base.Preconditions.checkNotNull;
+
/**
* PermissionProviderImpl... TODO
* <p/>
@@ -84,7 +82,7 @@ public class PermissionProviderImpl impl
} else {
compiledPermissions = new CompiledPermissionImpl(principals,
permissionsTree, getBitsProvider(),
- acConfig.getRestrictionProvider(NamePathMapper.DEFAULT),
+ acConfig.getRestrictionProvider(),
acConfig.getConfigurationParameters().getConfigValue(AccessControlConstants.PARAM_READ_PATHS, AccessControlConstants.DEFAULT_READ_PATHS));
}
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java Tue May 14 17:14:40 2013
@@ -30,7 +30,6 @@ import com.google.common.collect.Sets;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.api.Type;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.plugins.memory.PropertyStates;
import org.apache.jackrabbit.oak.security.authorization.AccessControlConstants;
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction;
@@ -46,36 +45,33 @@ import org.apache.jackrabbit.oak.spi.sec
public class PrincipalRestrictionProvider implements RestrictionProvider, AccessControlConstants {
private final RestrictionProvider base;
- private final NamePathMapper namePathMapper;
- public PrincipalRestrictionProvider(RestrictionProvider base, NamePathMapper namePathMapper) {
+ public PrincipalRestrictionProvider(RestrictionProvider base) {
this.base = base;
- this.namePathMapper = namePathMapper;
}
@Nonnull
@Override
public Set<RestrictionDefinition> getSupportedRestrictions(@Nullable String oakPath) {
Set<RestrictionDefinition> definitions = new HashSet<RestrictionDefinition>(base.getSupportedRestrictions(oakPath));
- definitions.add(new RestrictionDefinitionImpl(REP_NODE_PATH, Type.PATH, true, namePathMapper));
+ definitions.add(new RestrictionDefinitionImpl(REP_NODE_PATH, Type.PATH, true));
return definitions;
}
@Nonnull
@Override
- public Restriction createRestriction(@Nullable String oakPath, @Nonnull String jcrName, @Nonnull Value value) throws RepositoryException {
- String oakName = namePathMapper.getOakName(jcrName);
+ public Restriction createRestriction(@Nullable String oakPath, @Nonnull String oakName, @Nonnull Value value) throws RepositoryException {
if (REP_NODE_PATH.equals(oakName) && PropertyType.PATH == value.getType()) {
- return new RestrictionImpl(PropertyStates.createProperty(oakName, value), true, namePathMapper);
+ return new RestrictionImpl(PropertyStates.createProperty(oakName, value), true);
} else {
- return base.createRestriction(oakPath, jcrName, value);
+ return base.createRestriction(oakPath, oakName, value);
}
}
@Nonnull
@Override
- public Restriction createRestriction(@Nullable String oakPath, @Nonnull String jcrName, @Nonnull Value... values) throws RepositoryException {
- return base.createRestriction(oakPath, jcrName, values);
+ public Restriction createRestriction(@Nullable String oakPath, @Nonnull String oakName, @Nonnull Value... values) throws RepositoryException {
+ return base.createRestriction(oakPath, oakName, values);
}
@Override
@@ -83,7 +79,7 @@ public class PrincipalRestrictionProvide
Set<Restriction> restrictions = new HashSet<Restriction>(base.readRestrictions(oakPath, aceTree));
String value = (oakPath == null) ? "" : oakPath;
PropertyState nodePathProp = PropertyStates.createProperty(REP_NODE_PATH, value, Type.PATH);
- restrictions.add(new RestrictionImpl(nodePathProp, true, namePathMapper));
+ restrictions.add(new RestrictionImpl(nodePathProp, true));
return restrictions;
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java Tue May 14 17:14:40 2013
@@ -36,7 +36,6 @@ import com.google.common.collect.Immutab
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.api.Type;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.plugins.memory.PropertyStates;
import org.apache.jackrabbit.oak.security.authorization.AccessControlConstants;
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.CompositePattern;
@@ -54,14 +53,11 @@ import org.apache.jackrabbit.util.Text;
*/
public class RestrictionProviderImpl implements RestrictionProvider, AccessControlConstants {
- private final NamePathMapper namePathMapper;
private Map<String, RestrictionDefinition> supported;
- public RestrictionProviderImpl(NamePathMapper namePathMapper) {
- this.namePathMapper = namePathMapper;
-
- RestrictionDefinition glob = new RestrictionDefinitionImpl(REP_GLOB, Type.STRING, false, namePathMapper);
- RestrictionDefinition nts = new RestrictionDefinitionImpl(REP_NT_NAMES, Type.NAMES, false, namePathMapper);
+ public RestrictionProviderImpl() {
+ RestrictionDefinition glob = new RestrictionDefinitionImpl(REP_GLOB, Type.STRING, false);
+ RestrictionDefinition nts = new RestrictionDefinitionImpl(REP_NT_NAMES, Type.NAMES, false);
this.supported = ImmutableMap.of(glob.getName(), glob, nts.getName(), nts);
}
@@ -77,18 +73,17 @@ public class RestrictionProviderImpl imp
}
@Override
- public Restriction createRestriction(String oakPath, String jcrName, Value value) throws RepositoryException {
+ public Restriction createRestriction(String oakPath, String oakName, Value value) throws RepositoryException {
if (isUnsupportedPath(oakPath)) {
throw new AccessControlException("Unsupported restriction at " + oakPath);
}
-
- String oakName = namePathMapper.getOakName(jcrName);
RestrictionDefinition definition = supported.get(oakName);
if (definition == null) {
throw new AccessControlException("Unsupported restriction: " + oakName);
}
Type requiredType = definition.getRequiredType();
- if (requiredType.tag() != PropertyType.UNDEFINED && requiredType.tag() != value.getType()) {
+ int tag = requiredType.tag();
+ if (tag != PropertyType.UNDEFINED && tag != value.getType()) {
throw new AccessControlException("Unsupported restriction: Expected value of type " + requiredType);
}
PropertyState propertyState;
@@ -101,12 +96,10 @@ public class RestrictionProviderImpl imp
}
@Override
- public Restriction createRestriction(String oakPath, String jcrName, Value... values) throws RepositoryException {
+ public Restriction createRestriction(String oakPath, String oakName, Value... values) throws RepositoryException {
if (isUnsupportedPath(oakPath)) {
throw new AccessControlException("Unsupported restriction at " + oakPath);
}
-
- String oakName = namePathMapper.getOakName(jcrName);
RestrictionDefinition definition = supported.get(oakName);
if (definition == null) {
throw new AccessControlException("Unsupported restriction: " + oakName);
@@ -213,7 +206,7 @@ public class RestrictionProviderImpl imp
//------------------------------------------------------------< private >---
@Nonnull
private Restriction createRestriction(PropertyState propertyState, RestrictionDefinition definition) {
- return new RestrictionImpl(propertyState, definition.isMandatory(), namePathMapper);
+ return new RestrictionImpl(propertyState, definition.isMandatory());
}
@Nonnull
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/ACE.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/ACE.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/ACE.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/ACE.java Tue May 14 17:14:40 2013
@@ -19,11 +19,13 @@ package org.apache.jackrabbit.oak.spi.se
import java.security.Principal;
import java.util.Collections;
import java.util.HashSet;
+import java.util.List;
import java.util.Set;
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.jcr.RepositoryException;
import javax.jcr.Value;
+import javax.jcr.ValueFormatException;
import javax.jcr.security.AccessControlException;
import javax.jcr.security.Privilege;
@@ -32,6 +34,8 @@ import com.google.common.base.Objects;
import com.google.common.collect.Collections2;
import com.google.common.collect.ImmutableSet;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.plugins.value.ValueFactoryImpl;
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction;
/**
@@ -45,17 +49,19 @@ public class ACE implements JackrabbitAc
private final Set<Privilege> privileges;
private final boolean isAllow;
private final Set<Restriction> restrictions;
+ private final NamePathMapper namePathMapper;
private Set<String> aggrPrivNames;
private int hashCode;
public ACE(Principal principal, Privilege[] privileges,
- boolean isAllow, Set<Restriction> restrictions) throws AccessControlException {
- this(principal, (privileges == null) ? null : ImmutableSet.copyOf(privileges), isAllow, restrictions);
+ boolean isAllow, Set<Restriction> restrictions,
+ NamePathMapper namePathMapper) throws AccessControlException {
+ this(principal, (privileges == null) ? null : ImmutableSet.copyOf(privileges), isAllow, restrictions, namePathMapper);
}
public ACE(Principal principal, Set<Privilege> privileges,
- boolean isAllow, Set<Restriction> restrictions) throws AccessControlException {
+ boolean isAllow, Set<Restriction> restrictions, NamePathMapper namePathMapper) throws AccessControlException {
if (principal == null || privileges == null || privileges.isEmpty()) {
throw new AccessControlException();
}
@@ -73,6 +79,7 @@ public class ACE implements JackrabbitAc
this.privileges = ImmutableSet.copyOf(privileges);
this.isAllow = isAllow;
this.restrictions = (restrictions == null) ? Collections.<Restriction>emptySet() : ImmutableSet.copyOf(restrictions);
+ this.namePathMapper = namePathMapper;
}
@Nonnull
@@ -105,7 +112,7 @@ public class ACE implements JackrabbitAc
return Collections2.transform(restrictions, new Function<Restriction, String>() {
@Override
public String apply(Restriction restriction) {
- return restriction.getJcrName();
+ return namePathMapper.getJcrName(restriction.getName());
}
}).toArray(new String[restrictions.size()]);
}
@@ -114,8 +121,31 @@ public class ACE implements JackrabbitAc
@Override
public Value getRestriction(String restrictionName) throws RepositoryException {
for (Restriction restriction : restrictions) {
- if (restriction.getJcrName().equals(restrictionName)) {
- return restriction.getValue();
+ String jcrName = namePathMapper.getJcrName(restriction.getName());
+ if (jcrName.equals(restrictionName)) {
+
+ if (restriction.getRequiredType().isArray()) {
+ List<Value> values = ValueFactoryImpl.createValues(restriction.getProperty(), namePathMapper);
+ switch (values.size()) {
+ case 1: return values.get(0);
+ default : throw new ValueFormatException("Attempt to retrieve single value from multivalued property");
+ }
+ } else {
+ return ValueFactoryImpl.createValue(restriction.getProperty(), namePathMapper);
+ }
+ }
+ }
+ return null;
+ }
+
+ // TODO add to API
+ @CheckForNull
+ public Value[] getRestrictions(String restrictionName) throws RepositoryException {
+ for (Restriction restriction : restrictions) {
+ String jcrName = namePathMapper.getJcrName(restriction.getName());
+ if (jcrName.equals(restrictionName)) {
+ List<Value> values = ValueFactoryImpl.createValues(restriction.getProperty(), namePathMapper);
+ return values.toArray(new Value[values.size()]);
}
}
return null;
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlList.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlList.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlList.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlList.java Tue May 14 17:14:40 2013
@@ -59,7 +59,12 @@ public abstract class AbstractAccessCont
}
@Nonnull
- public abstract List<JackrabbitAccessControlEntry> getEntries();
+ public NamePathMapper getNamePathMapper() {
+ return namePathMapper;
+ }
+
+ @Nonnull
+ public abstract List<? extends JackrabbitAccessControlEntry> getEntries();
@Nonnull
public abstract RestrictionProvider getRestrictionProvider();
@@ -75,7 +80,7 @@ public abstract class AbstractAccessCont
@Override
public AccessControlEntry[] getAccessControlEntries() throws RepositoryException {
- List<JackrabbitAccessControlEntry> entries = getEntries();
+ List<? extends JackrabbitAccessControlEntry> entries = getEntries();
return entries.toArray(new JackrabbitAccessControlEntry[entries.size()]);
}
@@ -103,7 +108,7 @@ public abstract class AbstractAccessCont
return Collections2.transform(supported, new Function<RestrictionDefinition, String>() {
@Override
public String apply(RestrictionDefinition definition) {
- return definition.getJcrName();
+ return namePathMapper.getJcrName(definition.getName());
}
}).toArray(new String[supported.size()]);
@@ -112,7 +117,8 @@ public abstract class AbstractAccessCont
@Override
public int getRestrictionType(String restrictionName) throws RepositoryException {
for (RestrictionDefinition definition : getRestrictionProvider().getSupportedRestrictions(getOakPath())) {
- if (definition.getJcrName().equals(restrictionName)) {
+ String jcrName = namePathMapper.getJcrName(definition.getName());
+ if (jcrName.equals(restrictionName)) {
return definition.getRequiredType().tag();
}
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/AccessControlConfiguration.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/AccessControlConfiguration.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/AccessControlConfiguration.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/AccessControlConfiguration.java Tue May 14 17:14:40 2013
@@ -39,7 +39,7 @@ public interface AccessControlConfigurat
@Nonnull NamePathMapper namePathMapper);
@Nonnull
- RestrictionProvider getRestrictionProvider(@Nonnull NamePathMapper namePathMapper);
+ RestrictionProvider getRestrictionProvider();
@Nonnull
PermissionProvider getPermissionProvider(@Nonnull Root root,
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/OpenAccessControlConfiguration.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/OpenAccessControlConfiguration.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/OpenAccessControlConfiguration.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/OpenAccessControlConfiguration.java Tue May 14 17:14:40 2013
@@ -42,7 +42,7 @@ public class OpenAccessControlConfigurat
@Nonnull
@Override
- public RestrictionProvider getRestrictionProvider(NamePathMapper namePathMapper) {
+ public RestrictionProvider getRestrictionProvider() {
throw new UnsupportedOperationException();
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/Restriction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/Restriction.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/Restriction.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/Restriction.java Tue May 14 17:14:40 2013
@@ -17,7 +17,6 @@
package org.apache.jackrabbit.oak.spi.security.authorization.restriction;
import javax.annotation.Nonnull;
-import javax.jcr.Value;
import org.apache.jackrabbit.oak.api.PropertyState;
@@ -37,12 +36,4 @@ public interface Restriction extends Res
*/
@Nonnull
PropertyState getProperty();
-
- /**
- * The JCR value of this restriction object contained in {@link #getProperty()}.
- *
- * @return The JCR value of this restriction.
- */
- @Nonnull
- Value getValue();
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinition.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinition.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinition.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinition.java Tue May 14 17:14:40 2013
@@ -48,14 +48,6 @@ public interface RestrictionDefinition {
String getName();
/**
- * The jcr name of this restriction definition.
- *
- * @return The jcr name.
- */
- @Nonnull
- String getJcrName();
-
- /**
* The required type as defined by this definition.
*
* @return The required type which must be a valid {@link javax.jcr.PropertyType}.
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinitionImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinitionImpl.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinitionImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinitionImpl.java Tue May 14 17:14:40 2013
@@ -21,19 +21,17 @@ import javax.jcr.PropertyType;
import com.google.common.base.Objects;
import org.apache.jackrabbit.oak.api.Type;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import static com.google.common.base.Preconditions.checkNotNull;
/**
- * RestrictionDefinitionImpl... TODO
+ * Default implementation of the {@link RestrictionDefinition} interface.
*/
public class RestrictionDefinitionImpl implements RestrictionDefinition {
private final String name;
private final Type type;
private final boolean isMandatory;
- private final NamePathMapper namePathMapper;
/**
* Create a new instance.
@@ -43,23 +41,15 @@ public class RestrictionDefinitionImpl i
* {@link javax.jcr.PropertyType} except {@link javax.jcr.PropertyType#UNDEFINED}
* is allowed.
* @param isMandatory A boolean indicating if the restriction is mandatory.
- * @param namePathMapper The name path mapper used to calculate the JCR name.
*/
- public RestrictionDefinitionImpl(@Nonnull String name, Type type, boolean isMandatory,
- @Nonnull NamePathMapper namePathMapper) {
+ public RestrictionDefinitionImpl(@Nonnull String name, Type type, boolean isMandatory) {
this.name = checkNotNull(name);
if (type.tag() == PropertyType.UNDEFINED) {
throw new IllegalArgumentException("'undefined' is not a valid required definition type.");
}
this.type = type;
this.isMandatory = isMandatory;
- this.namePathMapper = checkNotNull(namePathMapper);
}
-
- protected NamePathMapper getNamePathMapper() {
- return namePathMapper;
- }
-
//----------------------------------------------< RestrictionDefinition >---
@Nonnull
@Override
@@ -67,12 +57,6 @@ public class RestrictionDefinitionImpl i
return name;
}
- @Nonnull
- @Override
- public String getJcrName() {
- return namePathMapper.getJcrName(getName());
- }
-
@Override
public Type getRequiredType() {
return type;
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionImpl.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionImpl.java Tue May 14 17:14:40 2013
@@ -17,12 +17,9 @@
package org.apache.jackrabbit.oak.spi.security.authorization.restriction;
import javax.annotation.Nonnull;
-import javax.jcr.Value;
import com.google.common.base.Objects;
import org.apache.jackrabbit.oak.api.PropertyState;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.plugins.value.ValueFactoryImpl;
/**
* {@code RestrictionImpl}
@@ -31,9 +28,8 @@ public class RestrictionImpl extends Res
private final PropertyState property;
- public RestrictionImpl(@Nonnull PropertyState property, boolean isMandatory,
- @Nonnull NamePathMapper namePathMapper) {
- super(property.getName(), property.getType(), isMandatory, namePathMapper);
+ public RestrictionImpl(@Nonnull PropertyState property, boolean isMandatory) {
+ super(property.getName(), property.getType(), isMandatory);
this.property = property;
}
@@ -44,17 +40,10 @@ public class RestrictionImpl extends Res
return property;
}
- @Nonnull
- @Override
- public Value getValue() {
- return ValueFactoryImpl.createValue(property, getNamePathMapper());
- }
-
//-------------------------------------------------------------< Object >---
-
@Override
public int hashCode() {
- return Objects.hashCode(getName(), getRequiredType(), isMandatory(), getValue());
+ return Objects.hashCode(getName(), getRequiredType(), isMandatory(), property);
}
@Override
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionProvider.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionProvider.java Tue May 14 17:14:40 2013
@@ -23,6 +23,7 @@ import javax.jcr.RepositoryException;
import javax.jcr.Value;
import javax.jcr.security.AccessControlException;
+import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
/**
@@ -35,12 +36,12 @@ public interface RestrictionProvider {
@Nonnull
Restriction createRestriction(@Nullable String oakPath,
- @Nonnull String jcrName,
+ @Nonnull String oakName,
@Nonnull Value value) throws RepositoryException;
@Nonnull
Restriction createRestriction(@Nullable String oakPath,
- @Nonnull String jcrName,
+ @Nonnull String oakName,
@Nonnull Value... values) throws RepositoryException;
@Nonnull
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java Tue May 14 17:14:40 2013
@@ -72,8 +72,6 @@ import static org.junit.Assert.fail;
/**
* Test abstract {@code ACL} implementation.
- * <p/>
- * TODO: test restrictions
*/
public class ACLTest extends AbstractAccessControlListTest implements PrivilegeConstants, AccessControlConstants {
@@ -99,7 +97,7 @@ public class ACLTest extends AbstractAcc
@Override
protected AbstractAccessControlList createACL(@Nullable String jcrPath,
- @Nonnull List<JackrabbitAccessControlEntry> entries,
+ @Nonnull List<ACE> entries,
@Nonnull NamePathMapper namePathMapper,
final @Nonnull RestrictionProvider restrictionProvider) {
String path = (jcrPath == null) ? null : namePathMapper.getOakPathKeepIndex(jcrPath);
@@ -235,7 +233,7 @@ public class ACLTest extends AbstractAcc
@Test
public void testRemoveNonExisting() throws Exception {
try {
- acl.removeAccessControlEntry(new ACE(testPrincipal, testPrivileges, true, null));
+ acl.removeAccessControlEntry(new ACE(testPrincipal, testPrivileges, true, null, namePathMapper));
fail("Removing a non-existing ACE should fail.");
} catch (AccessControlException e) {
// success
@@ -252,13 +250,13 @@ public class ACLTest extends AbstractAcc
acl.addEntry(testPrincipal, write, false);
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), write);
- List<JackrabbitAccessControlEntry> entries = acl.getEntries();
+ List<? extends JackrabbitAccessControlEntry> entries = acl.getEntries();
assertEquals(3, entries.size());
AccessControlEntry first = entries.get(0);
acl.orderBefore(first, null);
- List<JackrabbitAccessControlEntry> entriesAfter = acl.getEntries();
+ List<? extends JackrabbitAccessControlEntry> entriesAfter = acl.getEntries();
assertEquals(first, entriesAfter.get(2));
}
@@ -300,7 +298,7 @@ public class ACLTest extends AbstractAcc
acl.addAccessControlEntry(testPrincipal, read);
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), write);
- AccessControlEntry invalid = new ACE(testPrincipal, write, false, Collections.<Restriction>emptySet());
+ AccessControlEntry invalid = new ACE(testPrincipal, write, false, Collections.<Restriction>emptySet(), namePathMapper);
try {
acl.orderBefore(invalid, acl.getEntries().get(0));
fail("src entry not contained in list -> reorder should fail.");
@@ -561,7 +559,7 @@ public class ACLTest extends AbstractAcc
acl.addEntry(testPrincipal, writePriv, false);
acl.addEntry(testPrincipal, addNodePriv, true, restrictions);
- List<JackrabbitAccessControlEntry> entries = acl.getEntries();
+ List<? extends JackrabbitAccessControlEntry> entries = acl.getEntries();
assertACE(entries.get(0), true, readPriv);
assertACE(entries.get(1), false, writePriv);
assertACE(entries.get(2), true, addNodePriv);
@@ -579,7 +577,7 @@ public class ACLTest extends AbstractAcc
acl.addEntry(testPrincipal, addNodePriv, true, restrictions);
acl.addEntry(testPrincipal, writePriv, false);
- List<JackrabbitAccessControlEntry> entries = acl.getEntries();
+ List<? extends JackrabbitAccessControlEntry> entries = acl.getEntries();
assertACE(entries.get(0), true, readPriv);
assertACE(entries.get(1), true, addNodePriv);
assertACE(entries.get(2), false, writePriv);
@@ -711,7 +709,7 @@ public class ACLTest extends AbstractAcc
private final RestrictionDefinition supported;
private TestRestrictionProvider(String name, Type type, boolean isMandatory) {
- supported = new RestrictionDefinitionImpl(name, type, isMandatory, namePathMapper);
+ supported = new RestrictionDefinitionImpl(name, type, isMandatory);
}
@Nonnull
@@ -722,21 +720,21 @@ public class ACLTest extends AbstractAcc
@Nonnull
@Override
- public Restriction createRestriction(@Nullable String oakPath, @Nonnull String jcrName, @Nonnull Value value) throws RepositoryException {
- if (!supported.getJcrName().equals(jcrName)) {
+ public Restriction createRestriction(@Nullable String oakPath, @Nonnull String oakName, @Nonnull Value value) throws RepositoryException {
+ if (!supported.getName().equals(oakName)) {
throw new AccessControlException();
}
if (supported.getRequiredType().tag() != value.getType()) {
throw new AccessControlException();
}
- PropertyState property = PropertyStates.createProperty(namePathMapper.getOakName(jcrName), value.getString(), value.getType());
- return new RestrictionImpl(property, supported.isMandatory(), namePathMapper);
+ PropertyState property = PropertyStates.createProperty(namePathMapper.getOakName(oakName), value.getString(), value.getType());
+ return new RestrictionImpl(property, supported.isMandatory());
}
@Nonnull
@Override
- public Restriction createRestriction(@Nullable String oakPath, @Nonnull String jcrName, @Nonnull Value... values) throws RepositoryException {
- if (!supported.getJcrName().equals(jcrName)) {
+ public Restriction createRestriction(@Nullable String oakPath, @Nonnull String oakName, @Nonnull Value... values) throws RepositoryException {
+ if (!supported.getName().equals(oakName)) {
throw new AccessControlException();
}
for (Value v : values) {
@@ -744,8 +742,8 @@ public class ACLTest extends AbstractAcc
throw new AccessControlException();
}
}
- PropertyState property = PropertyStates.createProperty(namePathMapper.getOakName(jcrName), Arrays.asList(values), supported.getRequiredType());
- return new RestrictionImpl(property, supported.isMandatory(), namePathMapper);
+ PropertyState property = PropertyStates.createProperty(namePathMapper.getOakName(oakName), Arrays.asList(values), supported.getRequiredType());
+ return new RestrictionImpl(property, supported.isMandatory());
}
@Nonnull
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImplTest.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImplTest.java Tue May 14 17:14:40 2013
@@ -35,7 +35,6 @@ import org.apache.jackrabbit.oak.api.Tre
import org.apache.jackrabbit.oak.core.ImmutableRoot;
import org.apache.jackrabbit.oak.core.ImmutableTree;
import org.apache.jackrabbit.oak.core.TreeTypeProvider;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.security.SecurityProviderImpl;
import org.apache.jackrabbit.oak.security.authorization.AccessControlConstants;
import org.apache.jackrabbit.oak.security.authorization.restriction.RestrictionProviderImpl;
@@ -92,7 +91,7 @@ public class CompiledPermissionImplTest
group3 = new GroupImpl("group3");
pbp = new PrivilegeBitsProvider(root);
- rp = new RestrictionProviderImpl(NamePathMapper.DEFAULT);
+ rp = new RestrictionProviderImpl();
NodeUtil rootNode = new NodeUtil(root.getTree("/"));
NodeUtil system = rootNode.getChild("jcr:system");
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImplTest.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImplTest.java Tue May 14 17:14:40 2013
@@ -42,7 +42,7 @@ public class RestrictionProviderImplTest
public void before() throws Exception {
super.before();
- provider = new RestrictionProviderImpl(namePathMapper);
+ provider = new RestrictionProviderImpl();
}
@Test
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/ACETest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/ACETest.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/ACETest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/ACETest.java Tue May 14 17:14:40 2013
@@ -77,7 +77,7 @@ public class ACETest extends AbstractAcc
}
private ACE createEntry(Principal principal, Privilege[] privileges, boolean isAllow) throws AccessControlException {
- return new ACE(principal, privileges, isAllow, null);
+ return new ACE(principal, privileges, isAllow, null, namePathMapper);
}
@Test
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlListTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlListTest.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlListTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlListTest.java Tue May 14 17:14:40 2013
@@ -31,7 +31,6 @@ import javax.jcr.RepositoryException;
import javax.jcr.security.Privilege;
import com.google.common.collect.Lists;
-import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
import org.apache.jackrabbit.oak.TestNameMapper;
import org.apache.jackrabbit.oak.namepath.GlobalNameMapper;
import org.apache.jackrabbit.oak.namepath.NameMapper;
@@ -58,40 +57,40 @@ public abstract class AbstractAccessCont
}
protected AbstractAccessControlList createEmptyACL() {
- return createACL(getTestPath(), Collections.<JackrabbitAccessControlEntry>emptyList(), namePathMapper);
+ return createACL(getTestPath(), Collections.<ACE>emptyList(), namePathMapper);
}
- protected AbstractAccessControlList createACL(@Nonnull JackrabbitAccessControlEntry... entries) {
+ protected AbstractAccessControlList createACL(@Nonnull ACE... entries) {
return createACL(getTestPath(), Lists.newArrayList(entries), namePathMapper);
}
- protected AbstractAccessControlList createACL(@Nonnull List<JackrabbitAccessControlEntry> entries) {
+ protected AbstractAccessControlList createACL(@Nonnull List<ACE> entries) {
return createACL(getTestPath(), entries, namePathMapper);
}
protected AbstractAccessControlList createACL(@Nullable String jcrPath,
- @Nonnull JackrabbitAccessControlEntry... entries) {
+ @Nonnull ACE... entries) {
return createACL(jcrPath, Lists.newArrayList(entries), namePathMapper);
}
protected AbstractAccessControlList createACL(@Nullable String jcrPath,
- @Nonnull List<JackrabbitAccessControlEntry> entries,
+ @Nonnull List<ACE> entries,
@Nonnull NamePathMapper namePathMapper) {
return createACL(jcrPath, entries, namePathMapper, getRestrictionProvider());
}
protected abstract AbstractAccessControlList createACL(@Nullable String jcrPath,
- @Nonnull List<JackrabbitAccessControlEntry> entries,
+ @Nonnull List<ACE> entries,
@Nonnull NamePathMapper namePathMapper,
@Nonnull RestrictionProvider restrictionProvider);
- protected List<JackrabbitAccessControlEntry> createTestEntries() throws RepositoryException {
- List<JackrabbitAccessControlEntry> entries = new ArrayList<JackrabbitAccessControlEntry>(3);
+ protected List<ACE> createTestEntries() throws RepositoryException {
+ List<ACE> entries = new ArrayList<ACE>(3);
for (int i = 0; i < 3; i++) {
entries.add(new ACE(
new PrincipalImpl("testPrincipal" + i),
new Privilege[]{getPrivilegeManager().getPrivilege(PrivilegeConstants.JCR_READ)},
- true, null));
+ true, null, namePathMapper));
}
return entries;
}
@@ -127,7 +126,7 @@ public abstract class AbstractAccessCont
paths.put("/{http://jackrabbit.apache.org}testPath", "/jr:testPath");
for (String path : paths.keySet()) {
- AbstractAccessControlList acl = createACL(path, Collections.<JackrabbitAccessControlEntry>emptyList(), npMapper);
+ AbstractAccessControlList acl = createACL(path, Collections.<ACE>emptyList(), npMapper);
assertEquals(paths.get(path), acl.getPath());
}
}
@@ -148,7 +147,7 @@ public abstract class AbstractAccessCont
// test if oak-path is properly set.
for (String path : paths.keySet()) {
- AbstractAccessControlList acl = createACL(path, Collections.<JackrabbitAccessControlEntry>emptyList(), npMapper);
+ AbstractAccessControlList acl = createACL(path, Collections.<ACE>emptyList(), npMapper);
assertEquals(paths.get(path), acl.getOakPath());
}
}
@@ -180,7 +179,7 @@ public abstract class AbstractAccessCont
@Test
public void testGetEntries() throws RepositoryException {
- List<JackrabbitAccessControlEntry> aces = createTestEntries();
+ List<ACE> aces = createTestEntries();
AbstractAccessControlList acl = createACL(aces);
assertNotNull(acl.getEntries());
@@ -200,7 +199,7 @@ public abstract class AbstractAccessCont
assertNotNull(restrNames);
List<String> names = Lists.newArrayList(restrNames);
for (RestrictionDefinition def : getRestrictionProvider().getSupportedRestrictions(getTestPath())) {
- assertTrue(names.remove(def.getJcrName()));
+ assertTrue(names.remove(namePathMapper.getJcrName(def.getName())));
}
assertTrue(names.isEmpty());
}
@@ -209,7 +208,7 @@ public abstract class AbstractAccessCont
public void testGetRestrictionType() throws RepositoryException {
AbstractAccessControlList acl = createEmptyACL();
for (RestrictionDefinition def : getRestrictionProvider().getSupportedRestrictions(getTestPath())) {
- int reqType = acl.getRestrictionType(def.getJcrName());
+ int reqType = acl.getRestrictionType(namePathMapper.getJcrName(def.getName()));
assertTrue(reqType > PropertyType.UNDEFINED);
assertEquals(def.getRequiredType().tag(), reqType);
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlTest.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlTest.java Tue May 14 17:14:40 2013
@@ -46,7 +46,7 @@ public abstract class AbstractAccessCont
protected RestrictionProvider getRestrictionProvider() {
if (restrictionProvider == null) {
- restrictionProvider = getSecurityProvider().getAccessControlConfiguration().getRestrictionProvider(getNamePathMapper());
+ restrictionProvider = getSecurityProvider().getAccessControlConfiguration().getRestrictionProvider();
}
return restrictionProvider;
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/ImmutableACLTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/ImmutableACLTest.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/ImmutableACLTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/ImmutableACLTest.java Tue May 14 17:14:40 2013
@@ -57,7 +57,7 @@ public class ImmutableACLTest extends Ab
}
@Override
- protected ImmutableACL createACL(String jcrPath, List<JackrabbitAccessControlEntry> entries,
+ protected ImmutableACL createACL(String jcrPath, List<ACE> entries,
NamePathMapper namePathMapper, RestrictionProvider restrictionProvider) {
String oakPath = (jcrPath == null) ? null : namePathMapper.getOakPathKeepIndex(jcrPath);
return new ImmutableACL(oakPath, entries, restrictionProvider, namePathMapper);
@@ -116,9 +116,9 @@ public class ImmutableACLTest extends Ab
@Test
public void testImmutable() throws Exception {
- List<JackrabbitAccessControlEntry> entries = new ArrayList<JackrabbitAccessControlEntry>();
- entries.add(new ACE(testPrincipal, testPrivileges, true, null));
- entries.add(new ACE(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_LIFECYCLE_MANAGEMENT), false, null));
+ List<ACE> entries = new ArrayList<ACE>();
+ entries.add(new ACE(testPrincipal, testPrivileges, true, null, namePathMapper));
+ entries.add(new ACE(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_LIFECYCLE_MANAGEMENT), false, null, namePathMapper));
JackrabbitAccessControlList acl = createACL(entries);
assertFalse(acl.isEmpty());
@@ -143,16 +143,16 @@ public class ImmutableACLTest extends Ab
JackrabbitAccessControlList acl = createEmptyACL();
assertEquals(acl, createEmptyACL());
- assertFalse(acl.equals(createACL(new ACE(testPrincipal, testPrivileges, true, Collections.<Restriction>emptySet()))));
+ assertFalse(acl.equals(createACL(new ACE(testPrincipal, testPrivileges, true, Collections.<Restriction>emptySet(), namePathMapper))));
assertFalse(acl.equals(new TestACL(getTestPath(), getRestrictionProvider(), Collections.<JackrabbitAccessControlEntry>emptyList())));
}
@Test
public void testEquals() throws Exception {
RestrictionProvider rp = getRestrictionProvider();
- ACE ace1 = new ACE(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_VERSION_MANAGEMENT), false, null);
- ACE ace2 = new ACE(testPrincipal, testPrivileges, true, null);
- ACE ace2b = new ACE(testPrincipal, getAggregatedPrivileges(testPrivileges), true, null);
+ ACE ace1 = new ACE(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_VERSION_MANAGEMENT), false, null, namePathMapper);
+ ACE ace2 = new ACE(testPrincipal, testPrivileges, true, null, namePathMapper);
+ ACE ace2b = new ACE(testPrincipal, getAggregatedPrivileges(testPrivileges), true, null, namePathMapper);
JackrabbitAccessControlList acl = createACL(ace1, ace2);
JackrabbitAccessControlList repoAcl = createACL((String) null, ace1, ace2);
@@ -175,9 +175,9 @@ public class ImmutableACLTest extends Ab
@Test
public void testHashCode() throws Exception {
RestrictionProvider rp = getRestrictionProvider();
- ACE ace1 = new ACE(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_VERSION_MANAGEMENT), false, null);
- ACE ace2 = new ACE(testPrincipal, testPrivileges, true, null);
- ACE ace2b = new ACE(testPrincipal, getAggregatedPrivileges(testPrivileges), true, null);
+ ACE ace1 = new ACE(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_VERSION_MANAGEMENT), false, null, namePathMapper);
+ ACE ace2 = new ACE(testPrincipal, testPrivileges, true, null, namePathMapper);
+ ACE ace2b = new ACE(testPrincipal, getAggregatedPrivileges(testPrivileges), true, null, namePathMapper);
JackrabbitAccessControlList acl = createACL(ace1, ace2);
JackrabbitAccessControlList repoAcl = createACL((String) null, ace1, ace2);
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinitionImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinitionImplTest.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinitionImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionDefinitionImplTest.java Tue May 14 17:14:40 2013
@@ -21,9 +21,6 @@ import java.util.List;
import org.apache.jackrabbit.oak.TestNameMapper;
import org.apache.jackrabbit.oak.api.Type;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.namepath.NamePathMapperImpl;
-import org.apache.jackrabbit.oak.plugins.name.Namespaces;
import org.apache.jackrabbit.oak.spi.security.authorization.AbstractAccessControlTest;
import org.junit.Before;
import org.junit.Test;
@@ -45,11 +42,8 @@ public class RestrictionDefinitionImplTe
public void before() throws Exception {
super.before();
- registerNamespace(TestNameMapper.TEST_PREFIX, TestNameMapper.TEST_URI);
- NamePathMapper npMapper = new NamePathMapperImpl(new TestNameMapper(Namespaces.getNamespaceMap(root.getTree("/")), TestNameMapper.LOCAL_MAPPING));
-
name = TestNameMapper.TEST_PREFIX + ":defName";
- definition = new RestrictionDefinitionImpl(name, Type.NAME, true, npMapper);
+ definition = new RestrictionDefinitionImpl(name, Type.NAME, true);
}
@Test
@@ -58,11 +52,6 @@ public class RestrictionDefinitionImplTe
}
@Test
- public void testGetJcrName() {
- assertEquals(TestNameMapper.TEST_LOCAL_PREFIX + ":defName", definition.getJcrName());
- }
-
- @Test
public void testGetRequiredType() {
assertEquals(Type.NAME, definition.getRequiredType());
}
@@ -75,21 +64,14 @@ public class RestrictionDefinitionImplTe
@Test
public void testInvalid() {
try {
- new RestrictionDefinitionImpl(null, Type.BOOLEAN, false, namePathMapper);
+ new RestrictionDefinitionImpl(null, Type.BOOLEAN, false);
fail("Creating RestrictionDefinition with null name should fail.");
} catch (NullPointerException e) {
// success
}
try {
- new RestrictionDefinitionImpl(name, Type.BOOLEAN, false, null);
- fail("Creating RestrictionDefinition with null name/path mapper should fail.");
- } catch (NullPointerException e) {
- // success
- }
-
- try {
- new RestrictionDefinitionImpl(name, Type.UNDEFINED, false, namePathMapper);
+ new RestrictionDefinitionImpl(name, Type.UNDEFINED, false);
fail("Creating RestrictionDefinition with undefined required type should fail.");
} catch (IllegalArgumentException e) {
// success
@@ -99,23 +81,18 @@ public class RestrictionDefinitionImplTe
@Test
public void testEquals() {
// same definition
- assertEquals(definition, new RestrictionDefinitionImpl(name, Type.NAME, true, definition.getNamePathMapper()));
-
- // same def but different namepathmapper.
- RestrictionDefinition definition2 = new RestrictionDefinitionImpl(name, Type.NAME, true, namePathMapper);
- assertFalse(definition.getJcrName().equals(definition2.getJcrName()));
- assertEquals(definition, definition2);
+ assertEquals(definition, new RestrictionDefinitionImpl(name, Type.NAME, true));
}
@Test
public void testNotEqual() {
List<RestrictionDefinition> defs = new ArrayList<RestrictionDefinition>();
// - different type
- defs.add(new RestrictionDefinitionImpl(name, Type.STRING, true, namePathMapper));
+ defs.add(new RestrictionDefinitionImpl(name, Type.STRING, true));
// - different name
- defs.add(new RestrictionDefinitionImpl("otherName", Type.NAME, true, namePathMapper));
+ defs.add(new RestrictionDefinitionImpl("otherName", Type.NAME, true));
// - different mandatory flag
- defs.add(new RestrictionDefinitionImpl(name, Type.NAMES, false, namePathMapper));
+ defs.add(new RestrictionDefinitionImpl(name, Type.NAMES, false));
// - different impl
defs.add(new RestrictionDefinition() {
@Override
@@ -123,10 +100,6 @@ public class RestrictionDefinitionImplTe
return name;
}
@Override
- public String getJcrName() {
- throw new UnsupportedOperationException();
- }
- @Override
public Type getRequiredType() {
return Type.NAME;
}
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionImplTest.java?rev=1482471&r1=1482470&r2=1482471&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/RestrictionImplTest.java Tue May 14 17:14:40 2013
@@ -18,18 +18,12 @@ package org.apache.jackrabbit.oak.spi.se
import java.util.ArrayList;
import java.util.List;
-import javax.annotation.Nonnull;
import javax.jcr.PropertyType;
-import javax.jcr.Value;
import org.apache.jackrabbit.oak.TestNameMapper;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Type;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.namepath.NamePathMapperImpl;
import org.apache.jackrabbit.oak.plugins.memory.PropertyStates;
-import org.apache.jackrabbit.oak.plugins.name.Namespaces;
-import org.apache.jackrabbit.oak.plugins.value.ValueFactoryImpl;
import org.apache.jackrabbit.oak.spi.security.authorization.AbstractAccessControlTest;
import org.junit.Before;
import org.junit.Test;
@@ -51,12 +45,9 @@ public class RestrictionImplTest extends
public void before() throws Exception {
super.before();
- registerNamespace(TestNameMapper.TEST_PREFIX, TestNameMapper.TEST_URI);
- NamePathMapper npMapper = new NamePathMapperImpl(new TestNameMapper(Namespaces.getNamespaceMap(root.getTree("/")), TestNameMapper.LOCAL_MAPPING));
-
name = TestNameMapper.TEST_PREFIX + ":defName";
PropertyState property = createProperty(name);
- restriction = new RestrictionImpl(property, true, npMapper);
+ restriction = new RestrictionImpl(property, true);
}
private static PropertyState createProperty(String name) {
@@ -69,11 +60,6 @@ public class RestrictionImplTest extends
}
@Test
- public void testGetJcrName() {
- assertEquals(TestNameMapper.TEST_LOCAL_PREFIX + ":defName", restriction.getJcrName());
- }
-
- @Test
public void testGetRequiredType() {
assertEquals(Type.NAME, restriction.getRequiredType());
}
@@ -86,40 +72,28 @@ public class RestrictionImplTest extends
@Test
public void testInvalid() {
try {
- new RestrictionImpl(null, false, namePathMapper);
+ new RestrictionImpl(null, false);
fail("Creating RestrictionDefinition with null name should fail.");
} catch (NullPointerException e) {
// success
}
-
- try {
- new RestrictionImpl(createProperty(name), false, null);
- fail("Creating RestrictionDefinition with null name/path mapper should fail.");
- } catch (NullPointerException e) {
- // success
- }
}
@Test
public void testEquals() {
// same definition
- assertEquals(restriction, new RestrictionImpl(createProperty(name), true, restriction.getNamePathMapper()));
-
- // same def but different namepathmapper.
- Restriction r2 = new RestrictionImpl(createProperty(name), true, namePathMapper);
- assertFalse(restriction.getJcrName().equals(r2.getJcrName()));
- assertEquals(restriction, r2);
+ assertEquals(restriction, new RestrictionImpl(createProperty(name), true));
}
@Test
public void testNotEqual() {
List<Restriction> rs = new ArrayList<Restriction>();
// - different type
- rs.add(new RestrictionImpl(PropertyStates.createProperty(name, PropertyType.STRING), true, namePathMapper));
+ rs.add(new RestrictionImpl(PropertyStates.createProperty(name, PropertyType.STRING), true));
// - different name
- rs.add(new RestrictionImpl(PropertyStates.createProperty("otherName", PropertyType.NAME), true, namePathMapper));
+ rs.add(new RestrictionImpl(PropertyStates.createProperty("otherName", PropertyType.NAME), true));
// - different mandatory flag
- rs.add(new RestrictionImpl(createProperty(name), false, namePathMapper));
+ rs.add(new RestrictionImpl(createProperty(name), false));
// - different impl
rs.add(new Restriction() {
@Override
@@ -127,10 +101,6 @@ public class RestrictionImplTest extends
return name;
}
@Override
- public String getJcrName() {
- throw new UnsupportedOperationException();
- }
- @Override
public Type getRequiredType() {
return Type.NAME;
}
@@ -142,12 +112,6 @@ public class RestrictionImplTest extends
public PropertyState getProperty() {
return createProperty(name);
}
-
- @Nonnull
- @Override
- public Value getValue() {
- return ValueFactoryImpl.createValue(createProperty(name), namePathMapper);
- }
});
for (Restriction r : rs) {