You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by ju...@apache.org on 2010/08/26 12:24:17 UTC
svn commit: r989591 - in /jackrabbit/branches/2.1: ./
jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/
jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/
jackrabbit-core/src/main/java/org/apache/jackrabbi...
Author: jukka
Date: Thu Aug 26 10:24:17 2010
New Revision: 989591
URL: http://svn.apache.org/viewvc?rev=989591&view=rev
Log:
2.1: Merged revision 945528 (JCR-2630)
Added:
jackrabbit/branches/2.1/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserAccessControlProviderTest.java
- copied unchanged from r945528, jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/UserAccessControlProviderTest.java
Modified:
jackrabbit/branches/2.1/ (props changed)
jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/DefaultAccessManager.java
jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/CompiledPermissions.java
jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java
jackrabbit/branches/2.1/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TestAll.java
Propchange: jackrabbit/branches/2.1/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Aug 26 10:24:17 2010
@@ -2,4 +2,4 @@
/jackrabbit/sandbox/JCR-1456:774917-886178
/jackrabbit/sandbox/JCR-2170:812417-816332
/jackrabbit/sandbox/tripod-JCR-2209:795441-795863
-/jackrabbit/trunk:931121,931479,931483-931484,931504,931609,931613,931838,931919,932318-932319,933144,933197,933203,933213,933216,933554,933646,933694,934405,934412,934849,935557,936668,938099,955222,955229,955307,955852,961487,961626,964362,965539,986682,986686,986715
+/jackrabbit/trunk:931121,931479,931483-931484,931504,931609,931613,931838,931919,932318-932319,933144,933197,933203,933213,933216,933554,933646,933694,934405,934412,934849,935557,936668,938099,945528,955222,955229,955307,955852,961487,961626,964362,965539,986682,986686,986715
Modified: jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/DefaultAccessManager.java
URL: http://svn.apache.org/viewvc/jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/DefaultAccessManager.java?rev=989591&r1=989590&r2=989591&view=diff
==============================================================================
--- jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/DefaultAccessManager.java (original)
+++ jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/DefaultAccessManager.java Thu Aug 26 10:24:17 2010
@@ -76,21 +76,6 @@ import java.util.Set;
public class DefaultAccessManager extends AbstractAccessControlManager implements AccessManager {
private static final Logger log = LoggerFactory.getLogger(DefaultAccessManager.class);
- private static final CompiledPermissions NO_PERMISSION = new CompiledPermissions() {
- public void close() {
- //nop
- }
- public boolean grants(Path absPath, int permissions) {
- // deny everything
- return false;
- }
- public int getPrivileges(Path absPath) {
- return PrivilegeRegistry.NO_PRIVILEGE;
- }
- public boolean canReadAll() {
- return false;
- }
- };
private boolean initialized;
@@ -161,7 +146,7 @@ public class DefaultAccessManager extend
} else {
log.warn("No AccessControlProvider defined -> no access is granted.");
editor = null;
- compiledPermissions = NO_PERMISSION;
+ compiledPermissions = CompiledPermissions.NO_PERMISSION;
}
initialized = true;
Modified: jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/CompiledPermissions.java
URL: http://svn.apache.org/viewvc/jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/CompiledPermissions.java?rev=989591&r1=989590&r2=989591&view=diff
==============================================================================
--- jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/CompiledPermissions.java (original)
+++ jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/CompiledPermissions.java Thu Aug 26 10:24:17 2010
@@ -72,4 +72,24 @@ public interface CompiledPermissions {
* @throws RepositoryException if an error occurs
*/
boolean canReadAll() throws RepositoryException;
+
+ /**
+ * Static implementation of a <code>CompiledPermissions</code> that doesn't
+ * grant any permissions at all.
+ */
+ public static final CompiledPermissions NO_PERMISSION = new CompiledPermissions() {
+ public void close() {
+ //nop
+ }
+ public boolean grants(Path absPath, int permissions) {
+ // deny everything
+ return false;
+ }
+ public int getPrivileges(Path absPath) {
+ return PrivilegeRegistry.NO_PRIVILEGE;
+ }
+ public boolean canReadAll() {
+ return false;
+ }
+ };
}
Modified: jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java?rev=989591&r1=989590&r2=989591&view=diff
==============================================================================
--- jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java (original)
+++ jackrabbit/branches/2.1/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java Thu Aug 26 10:24:17 2010
@@ -193,8 +193,9 @@ public class UserAccessControlProvider e
ItemBasedPrincipal userPrincipal = getUserPrincipal(principals);
NodeImpl userNode = getUserNode(userPrincipal);
if (userNode == null) {
- // no 'user' within set of principals -> READ-only
- return getReadOnlyPermissions();
+ // no 'user' within set of principals -> no permissions in the
+ // security workspace.
+ return CompiledPermissions.NO_PERMISSION;
} else {
return new CompiledPermissionsImpl(principals, userNode.getPath());
}
@@ -337,7 +338,7 @@ public class UserAccessControlProvider e
// no Node corresponding to user for which the permissions are
// calculated -> no permissions/privileges.
log.debug("No node at " + userNodePath);
- return new Result(Permission.NONE, Permission.NONE, PrivilegeRegistry.NO_PRIVILEGE, PrivilegeRegistry.NO_PRIVILEGE);
+ return Result.EMPTY;
}
// no explicit denied permissions:
@@ -445,8 +446,7 @@ public class UserAccessControlProvider e
@Override
public boolean grants(Path absPath, int permissions) throws RepositoryException {
if (permissions == Permission.READ) {
- // read is always granted
- return true;
+ return canReadAll();
}
// otherwise: retrieve from cache (or build)
return super.grants(absPath, permissions);
@@ -457,7 +457,9 @@ public class UserAccessControlProvider e
*/
@Override
public boolean canReadAll() throws RepositoryException {
- return true;
+ // for consistency with 'grants(Path, int) this method only returns
+ // true if there exists a node for 'userNodePath'
+ return session.nodeExists(userNodePath);
}
//--------------------------------------------------< EventListener >---
Modified: jackrabbit/branches/2.1/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/branches/2.1/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TestAll.java?rev=989591&r1=989590&r2=989591&view=diff
==============================================================================
--- jackrabbit/branches/2.1/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TestAll.java (original)
+++ jackrabbit/branches/2.1/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/user/TestAll.java Thu Aug 26 10:24:17 2010
@@ -51,6 +51,8 @@ public class TestAll extends TestCase {
suite.addTestSuite(DefaultPrincipalProviderTest.class);
+ suite.addTestSuite(UserAccessControlProviderTest.class);
+
return suite;
}
}