You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by an...@apache.org on 2011/03/03 13:24:21 UTC
svn commit: r1076600 [1/2] - in /jackrabbit/trunk:
jackrabbit-api/src/main/java/org/apache/jackrabbit/api/
jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/authorization/
jackrabbit-core/src/main/java/org/apache/jackrabbit/core/ jackrabb...
Author: angela
Date: Thu Mar 3 12:24:20 2011
New Revision: 1076600
URL: http://svn.apache.org/viewvc?rev=1076600&view=rev
Log:
JCR-2887 : Split PrivilegeRegistry in a per-session manager instance and a repository level registry [work in progress]
Added:
jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/authorization/
jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManager.java (with props)
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImpl.java (contents, props changed)
- copied, changed from r1072154, jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManager.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManagerTest.java (with props)
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/TestAll.java
- copied, changed from r1072151, jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/TestAll.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java (contents, props changed)
- copied, changed from r1072154, jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerTest.java
Removed:
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManager.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerTest.java
Modified:
jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/JackrabbitWorkspace.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/SystemSession.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/WorkspaceImpl.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/AMContext.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/AbstractAccessControlManager.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/DefaultAccessManager.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AbstractAccessControlProvider.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AccessControlEntryImpl.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistry.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLProvider.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/simple/SimpleAccessManager.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/session/SessionContext.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/EntryTest.java
Modified: jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/JackrabbitWorkspace.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/JackrabbitWorkspace.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/JackrabbitWorkspace.java (original)
+++ jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/JackrabbitWorkspace.java Thu Mar 3 12:24:20 2011
@@ -16,6 +16,7 @@
*/
package org.apache.jackrabbit.api;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.xml.sax.InputSource;
import javax.jcr.AccessDeniedException;
@@ -55,4 +56,12 @@ public interface JackrabbitWorkspace ext
*/
void createWorkspace(String workspaceName, InputSource workspaceTemplate)
throws AccessDeniedException, RepositoryException;
+
+ /**
+ * Returns the privilege manager.
+ *
+ * @return the privilege manager.
+ * @throws RepositoryException If an error occurs.
+ */
+ PrivilegeManager getPrivilegeManager() throws RepositoryException;
}
Added: jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManager.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManager.java?rev=1076600&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManager.java (added)
+++ jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManager.java Thu Mar 3 12:24:20 2011
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.api.security.authorization;
+
+import javax.jcr.AccessDeniedException;
+import javax.jcr.NamespaceException;
+import javax.jcr.RepositoryException;
+import javax.jcr.security.AccessControlException;
+import javax.jcr.security.Privilege;
+
+/**
+ * <code>PrivilegeManager</code> is a jackrabbit specific extensions to
+ * JCR access control management that allows to retrieve privileges known
+ * by this JCR implementation and to register new custom privileges according
+ * to implementation specific rules.
+ *
+ * @see javax.jcr.security.AccessControlManager#privilegeFromName(String)
+ */
+public interface PrivilegeManager {
+
+ /**
+ * Returns all registered privileges.
+ *
+ * @return all registered privileges.
+ * @throws RepositoryException If an error occurs.
+ */
+ Privilege[] getRegisteredPrivileges() throws RepositoryException;
+
+ /**
+ * Returns the privilege with the specified <code>privilegeName</code>.
+ *
+ * @param privilegeName Name of the principal.
+ * @return the privilege with the specified <code>privilegeName</code>.
+ * @throws javax.jcr.security.AccessControlException If no privilege with the given name exists.
+ * @throws javax.jcr.RepositoryException If another error occurs.
+ */
+ Privilege getPrivilege(String privilegeName) throws AccessControlException, RepositoryException;
+
+ /**
+ * Creates and registers a new custom privilege with the specified
+ * characteristics and returns the new privilege.<p/>
+ * If the registration succeeds, the changes are immediately effective;
+ * there is no need to call <code>save</code>.
+ *
+ * @param privilegeName The name of the new custom privilege.
+ * @param isAbstract Boolean flag indicating if the privilege is abstract.
+ * @param declaredAggregateNames An array of privilege names referring to
+ * registered privileges being aggregated by this new custom privilege.
+ * In case of a non aggregate privilege an empty array should be passed.
+ * @return the new privilege.
+ * @throws AccessDeniedException If the session this manager has been created
+ * for is not allowed to register new privileges.
+ * @throws NamespaceException If any of the specified JCR names is illegal.
+ * @throws RepositoryException If the privilege could not be registered due
+ * to any implementation specific constraint violations or if persisting the
+ * custom privilege fails.
+ */
+ Privilege registerPrivilege(String privilegeName, boolean isAbstract,
+ String[] declaredAggregateNames)
+ throws AccessDeniedException, NamespaceException, RepositoryException;
+}
Propchange: jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManager.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/trunk/jackrabbit-api/src/main/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManager.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision Rev URL
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/SystemSession.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/SystemSession.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/SystemSession.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/SystemSession.java Thu Mar 3 12:24:20 2011
@@ -29,6 +29,7 @@ import javax.jcr.security.AccessControlP
import javax.jcr.security.Privilege;
import javax.security.auth.Subject;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.core.config.WorkspaceConfig;
import org.apache.jackrabbit.core.id.ItemId;
import org.apache.jackrabbit.core.security.AMContext;
@@ -36,7 +37,6 @@ import org.apache.jackrabbit.core.securi
import org.apache.jackrabbit.core.security.AccessManager;
import org.apache.jackrabbit.core.security.SystemPrincipal;
import org.apache.jackrabbit.core.security.authorization.AccessControlProvider;
-import org.apache.jackrabbit.core.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager;
import org.apache.jackrabbit.spi.Name;
import org.apache.jackrabbit.spi.Path;
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/WorkspaceImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/WorkspaceImpl.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/WorkspaceImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/WorkspaceImpl.java Thu Mar 3 12:24:20 2011
@@ -40,6 +40,7 @@ import javax.jcr.version.VersionExceptio
import javax.jcr.version.VersionManager;
import org.apache.jackrabbit.api.JackrabbitWorkspace;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.commons.AbstractWorkspace;
import org.apache.jackrabbit.core.config.WorkspaceConfig;
import org.apache.jackrabbit.core.id.ItemId;
@@ -53,7 +54,6 @@ import org.apache.jackrabbit.core.observ
import org.apache.jackrabbit.core.observation.ObservationManagerImpl;
import org.apache.jackrabbit.core.query.QueryManagerImpl;
import org.apache.jackrabbit.core.retention.RetentionRegistry;
-import org.apache.jackrabbit.core.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.core.session.SessionContext;
import org.apache.jackrabbit.core.state.ItemStateCacheFactory;
import org.apache.jackrabbit.core.state.LocalItemStateManager;
@@ -344,6 +344,18 @@ public class WorkspaceImpl extends Abstr
workspaceName, configTemplate);
}
+ /**
+ * Return the <code>PrivilegeManager</code>.
+ *
+ * @return
+ * @throws RepositoryException
+ * @see org.apache.jackrabbit.api.JackrabbitWorkspace#getPrivilegeManager()
+ */
+ public PrivilegeManager getPrivilegeManager() throws RepositoryException {
+ sanityCheck();
+ return context.getPrivilegeManager();
+ }
+
/**
* Returns the configuration of this workspace.
@@ -545,17 +557,6 @@ public class WorkspaceImpl extends Abstr
return retentionRegistry;
}
- /**
- * Return the <code>PrivilegeManager</code>.
- *
- * @return
- * @throws RepositoryException
- */
- public PrivilegeManager getPrivilegeManager() throws RepositoryException {
- sanityCheck();
- return context.getPrivilegeManager();
- }
-
//------------------------------------------------------------< Workspace >
/**
* {@inheritDoc}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/AMContext.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/AMContext.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/AMContext.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/AMContext.java Thu Mar 3 12:24:20 2011
@@ -16,9 +16,9 @@
*/
package org.apache.jackrabbit.core.security;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.core.HierarchyManager;
import org.apache.jackrabbit.core.fs.FileSystem;
-import org.apache.jackrabbit.core.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.spi.commons.conversion.NamePathResolver;
import javax.jcr.Session;
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/AbstractAccessControlManager.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/AbstractAccessControlManager.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/AbstractAccessControlManager.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/AbstractAccessControlManager.java Thu Mar 3 12:24:20 2011
@@ -18,9 +18,9 @@ package org.apache.jackrabbit.core.secur
import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.commons.iterator.AccessControlPolicyIteratorAdapter;
import org.apache.jackrabbit.core.security.authorization.Permission;
-import org.apache.jackrabbit.core.security.authorization.PrivilegeManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/DefaultAccessManager.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/DefaultAccessManager.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/DefaultAccessManager.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/DefaultAccessManager.java Thu Mar 3 12:24:20 2011
@@ -17,6 +17,7 @@
package org.apache.jackrabbit.core.security;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.commons.iterator.AccessControlPolicyIteratorAdapter;
import org.apache.jackrabbit.core.HierarchyManager;
import org.apache.jackrabbit.core.SessionImpl;
@@ -25,7 +26,7 @@ import org.apache.jackrabbit.core.securi
import org.apache.jackrabbit.core.security.authorization.AccessControlProvider;
import org.apache.jackrabbit.core.security.authorization.CompiledPermissions;
import org.apache.jackrabbit.core.security.authorization.Permission;
-import org.apache.jackrabbit.core.security.authorization.PrivilegeManager;
+import org.apache.jackrabbit.core.security.authorization.PrivilegeManagerImpl;
import org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry;
import org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager;
import org.apache.jackrabbit.spi.Name;
@@ -277,7 +278,7 @@ public class DefaultAccessManager extend
log.debug("No privileges passed -> allowed.");
return true;
} else {
- int privs = privilegeManager.getBits(privileges);
+ int privs = ((PrivilegeManagerImpl) privilegeManager).getBits(privileges);
Path p = resolver.getQPath(absPath);
return (compiledPermissions.getPrivileges(p) | ~privs) == -1;
}
@@ -292,7 +293,7 @@ public class DefaultAccessManager extend
int bits = compiledPermissions.getPrivileges(resolver.getQPath(absPath));
return (bits == PrivilegeRegistry.NO_PRIVILEGE) ?
new Privilege[0] :
- privilegeManager.getPrivileges(bits);
+ ((PrivilegeManagerImpl) privilegeManager).getPrivileges(bits);
}
/**
@@ -414,7 +415,7 @@ public class DefaultAccessManager extend
log.debug("No privileges passed -> allowed.");
return true;
} else {
- int privs = privilegeManager.getBits(privileges);
+ int privs = ((PrivilegeManagerImpl) privilegeManager).getBits(privileges);
Path p = resolver.getQPath(absPath);
CompiledPermissions perms = acProvider.compilePermissions(principals);
try {
@@ -438,7 +439,7 @@ public class DefaultAccessManager extend
int bits = perms.getPrivileges(resolver.getQPath(absPath));
return (bits == PrivilegeRegistry.NO_PRIVILEGE) ?
new Privilege[0] :
- privilegeManager.getPrivileges(bits);
+ ((PrivilegeManagerImpl) privilegeManager).getPrivileges(bits);
} finally {
perms.close();
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AbstractAccessControlProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AbstractAccessControlProvider.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AbstractAccessControlProvider.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AbstractAccessControlProvider.java Thu Mar 3 12:24:20 2011
@@ -25,10 +25,10 @@ import javax.jcr.Session;
import javax.jcr.observation.ObservationManager;
import javax.jcr.security.Privilege;
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
import org.apache.jackrabbit.core.ItemImpl;
import org.apache.jackrabbit.core.NodeImpl;
import org.apache.jackrabbit.core.SessionImpl;
-import org.apache.jackrabbit.core.WorkspaceImpl;
import org.apache.jackrabbit.core.id.ItemId;
import org.apache.jackrabbit.core.nodetype.NodeTypeImpl;
import org.apache.jackrabbit.core.security.SystemPrincipal;
@@ -96,7 +96,7 @@ public abstract class AbstractAccessCont
return true;
}
public int getPrivileges(Path absPath) throws RepositoryException {
- return ((WorkspaceImpl) session.getWorkspace()).getPrivilegeManager().getBits(new String[] {Privilege.JCR_ALL});
+ return getPrivilegeManagerImpl().getBits(new String[] {Privilege.JCR_ALL});
}
public boolean canReadAll() {
return true;
@@ -131,7 +131,7 @@ public abstract class AbstractAccessCont
if (isAcItem(absPath)) {
return PrivilegeRegistry.NO_PRIVILEGE;
} else {
- return ((WorkspaceImpl) session.getWorkspace()).getPrivilegeManager().getBits(new String[] {Privilege.JCR_READ});
+ return getPrivilegeManagerImpl().getBits(new String[] {Privilege.JCR_READ});
}
}
public boolean canReadAll() {
@@ -147,6 +147,9 @@ public abstract class AbstractAccessCont
};
}
+ private PrivilegeManagerImpl getPrivilegeManagerImpl() throws RepositoryException {
+ return (PrivilegeManagerImpl) ((JackrabbitWorkspace) session.getWorkspace()).getPrivilegeManager();
+ }
//-------------------------------------------------< AccessControlUtils >---
/**
* @see org.apache.jackrabbit.core.security.authorization.AccessControlUtils#isAcItem(Path)
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AccessControlEntryImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AccessControlEntryImpl.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AccessControlEntryImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AccessControlEntryImpl.java Thu Mar 3 12:24:20 2011
@@ -206,7 +206,7 @@ public abstract class AccessControlEntry
/**
* @return The privilege manager in use.
*/
- protected abstract PrivilegeManager getPrivilegeManager();
+ protected abstract PrivilegeManagerImpl getPrivilegeManager();
/**
* Build the hash code.
Copied: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImpl.java (from r1072154, jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManager.java)
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImpl.java?p2=jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImpl.java&p1=jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManager.java&r1=1072154&r2=1076600&rev=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManager.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImpl.java Thu Mar 3 12:24:20 2011
@@ -16,6 +16,7 @@
*/
package org.apache.jackrabbit.core.security.authorization;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.core.SessionImpl;
import org.apache.jackrabbit.spi.Name;
import org.apache.jackrabbit.spi.commons.conversion.IllegalNameException;
@@ -39,12 +40,12 @@ import java.util.Set;
/**
* <code>PrivilegeManager</code>...
*/
-public final class PrivilegeManager implements PrivilegeRegistry.Listener {
+public final class PrivilegeManagerImpl implements PrivilegeManager, PrivilegeRegistry.Listener {
/**
* logger instance
*/
- private static final Logger log = LoggerFactory.getLogger(PrivilegeManager.class);
+ private static final Logger log = LoggerFactory.getLogger(PrivilegeManagerImpl.class);
private static final Privilege[] EMPTY_ARRAY = new Privilege[0];
@@ -66,7 +67,7 @@ public final class PrivilegeManager impl
*/
private final Map<Name, Privilege> cache;
- public PrivilegeManager(PrivilegeRegistry registry, NameResolver nameResolver) {
+ public PrivilegeManagerImpl(PrivilegeRegistry registry, NameResolver nameResolver) {
this.registry = registry;
this.resolver = nameResolver;
this.cache = new HashMap<Name, Privilege>();
@@ -76,6 +77,7 @@ public final class PrivilegeManager impl
registry.addListener(this);
}
+ //---------------------------------------------------< PrivilegeManager >---
/**
* Returns all registered privileges.
*
@@ -165,6 +167,7 @@ public final class PrivilegeManager impl
return getPrivilege(privilegeName);
}
+ //-----------------------------< implementation specific public methods >---
/**
* @param privileges An array of privileges.
* @return The privilege bits.
Propchange: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImpl.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImpl.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision Rev URL
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistry.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistry.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistry.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/PrivilegeRegistry.java Thu Mar 3 12:24:20 2011
@@ -147,7 +147,8 @@ public final class PrivilegeRegistry {
* built-in privileges.
*
* @param resolver
- * @deprecated Use {@link PrivilegeManager} instead.
+ * @deprecated Use {@link org.apache.jackrabbit.api.security.authorization.PrivilegeManager} instead.
+ * @see org.apache.jackrabbit.api.JackrabbitWorkspace#getPrivilegeManager()
*/
public PrivilegeRegistry(NameResolver resolver) {
registerDefinitions(createBuiltInPrivilegeDefinitions());
@@ -162,11 +163,11 @@ public final class PrivilegeRegistry {
* Throws <code>UnsupportedOperationException</code>.
*
* @return all registered privileges.
- * @deprecated Use {@link org.apache.jackrabbit.core.security.authorization.PrivilegeManager#getRegisteredPrivileges()} instead.
+ * @deprecated Use {@link org.apache.jackrabbit.api.security.authorization.PrivilegeManager#getRegisteredPrivileges()} instead.
*/
public Privilege[] getRegisteredPrivileges() {
try {
- return new PrivilegeManager(this, resolver).getRegisteredPrivileges();
+ return new PrivilegeManagerImpl(this, resolver).getRegisteredPrivileges();
} catch (RepositoryException e) {
throw new UnsupportedOperationException("No supported any more. Use PrivilegeManager#getRegisteredPrivileges() instead.");
}
@@ -174,31 +175,31 @@ public final class PrivilegeRegistry {
/**
* Creates a new <code>PrivilegeManager</code> from the specified resolver
- * and calls {@link org.apache.jackrabbit.core.security.authorization.PrivilegeManager#getRegisteredPrivileges()}.
+ * and calls {@link PrivilegeManagerImpl#getRegisteredPrivileges()}.
*
* @param privilegeName Name of the privilege.
* @return the privilege with the specified <code>privilegeName</code>.
* @throws AccessControlException If no privilege with the given name exists.
* @throws RepositoryException If another error occurs.
- * @deprecated Use {@link PrivilegeManager#getPrivilege(String)} instead.
+ * @deprecated Use {@link org.apache.jackrabbit.api.security.authorization.PrivilegeManager#getPrivilege(String)} instead.
*/
public Privilege getPrivilege(String privilegeName) throws AccessControlException, RepositoryException {
- return new PrivilegeManager(this, resolver).getPrivilege(privilegeName);
+ return new PrivilegeManagerImpl(this, resolver).getPrivilege(privilegeName);
}
/**
* Creates a new <code>PrivilegeManager</code> from the specified resolver
- * and calls {@link org.apache.jackrabbit.core.security.authorization.PrivilegeManager#getPrivileges(int)}.
+ * and calls {@link PrivilegeManagerImpl#getPrivileges(int)}.
*
* @param bits Privilege bits as obtained from {@link #getBits(Privilege[])}.
* @return Array of <code>Privilege</code>s that are presented by the given it
* or an empty array if <code>bits</code> is lower than {@link #READ} or
* cannot be resolved to registered <code>Privilege</code>s.
* @see #getBits(Privilege[])
- * @deprecated Use {@link PrivilegeManager#getPrivileges(int)} instead.
+ * @deprecated Use {@link PrivilegeManagerImpl#getPrivileges(int)} instead.
*/
public Privilege[] getPrivileges(int bits) {
- return new PrivilegeManager(this, resolver).getPrivileges(bits);
+ return new PrivilegeManagerImpl(this, resolver).getPrivileges(bits);
}
/**
@@ -212,7 +213,7 @@ public final class PrivilegeRegistry {
* @throws AccessControlException If the specified array is null
* or if it contains an unregistered privilege.
* @see #getPrivileges(int)
- * @deprecated Use {@link PrivilegeManager#getBits(javax.jcr.security.Privilege[])} instead.
+ * @deprecated Use {@link PrivilegeManagerImpl#getBits(javax.jcr.security.Privilege[])} instead.
*/
public static int getBits(Privilege[] privileges) throws AccessControlException {
if (privileges == null || privileges.length == 0) {
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java Thu Mar 3 12:24:20 2011
@@ -16,17 +16,17 @@
*/
package org.apache.jackrabbit.core.security.authorization.acl;
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.core.NodeImpl;
import org.apache.jackrabbit.core.ProtectedItemModifier;
import org.apache.jackrabbit.core.SessionImpl;
-import org.apache.jackrabbit.core.WorkspaceImpl;
import org.apache.jackrabbit.core.security.authorization.AccessControlConstants;
import org.apache.jackrabbit.core.security.authorization.AccessControlEditor;
import org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl;
import org.apache.jackrabbit.core.security.authorization.AccessControlUtils;
import org.apache.jackrabbit.core.security.authorization.Permission;
-import org.apache.jackrabbit.core.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.spi.Name;
import org.apache.jackrabbit.spi.commons.conversion.NameException;
import org.apache.jackrabbit.spi.commons.conversion.NameParser;
@@ -130,7 +130,7 @@ public class ACLEditor extends Protected
// create an empty acl unless the node is protected or cannot have
// rep:AccessControllable mixin set (e.g. due to a lock)
String mixin = session.getJCRName(NT_REP_ACCESS_CONTROLLABLE);
- PrivilegeManager privMgr = ((WorkspaceImpl) session.getWorkspace()).getPrivilegeManager();
+ PrivilegeManager privMgr = ((JackrabbitWorkspace) session.getWorkspace()).getPrivilegeManager();
if (controlledNode.isNodeType(mixin) || controlledNode.canAddMixin(mixin)) {
acl = new ACLTemplate(nodePath, session.getPrincipalManager(),
privMgr, session.getValueFactory(), session);
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java Thu Mar 3 12:24:20 2011
@@ -33,17 +33,18 @@ import javax.jcr.security.AccessControlE
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.Privilege;
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.core.NodeImpl;
import org.apache.jackrabbit.core.SessionImpl;
-import org.apache.jackrabbit.core.WorkspaceImpl;
import org.apache.jackrabbit.core.id.NodeId;
import org.apache.jackrabbit.core.nodetype.NodeTypeImpl;
import org.apache.jackrabbit.core.security.authorization.AbstractACLTemplate;
import org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl;
import org.apache.jackrabbit.core.security.authorization.Permission;
-import org.apache.jackrabbit.core.security.authorization.PrivilegeManager;
+import org.apache.jackrabbit.core.security.authorization.PrivilegeManagerImpl;
import org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry;
import org.apache.jackrabbit.core.security.authorization.GlobPattern;
import org.apache.jackrabbit.core.security.principal.PrincipalImpl;
@@ -79,7 +80,7 @@ class ACLTemplate extends AbstractACLTem
/**
* The privilege mgr
*/
- private final PrivilegeManager privilegeMgr;
+ private final PrivilegeManagerImpl privilegeMgr;
/**
* The name resolver
@@ -114,7 +115,7 @@ class ACLTemplate extends AbstractACLTem
NamePathResolver resolver) throws NamespaceException {
super(path, valueFactory);
this.principalMgr = principalMgr;
- this.privilegeMgr = privilegeMgr;
+ this.privilegeMgr = (PrivilegeManagerImpl) privilegeMgr;
this.resolver = resolver;
this.id = null;
@@ -135,7 +136,7 @@ class ACLTemplate extends AbstractACLTem
}
SessionImpl sImpl = (SessionImpl) aclNode.getSession();
principalMgr = sImpl.getPrincipalManager();
- privilegeMgr = ((WorkspaceImpl) sImpl.getWorkspace()).getPrivilegeManager();
+ privilegeMgr = (PrivilegeManagerImpl) ((JackrabbitWorkspace) sImpl.getWorkspace()).getPrivilegeManager();
this.resolver = sImpl;
this.id = aclNode.getParentId();
@@ -458,7 +459,7 @@ class ACLTemplate extends AbstractACLTem
}
@Override
- protected PrivilegeManager getPrivilegeManager() {
+ protected PrivilegeManagerImpl getPrivilegeManager() {
return privilegeMgr;
}
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLProvider.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLProvider.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLProvider.java Thu Mar 3 12:24:20 2011
@@ -17,10 +17,10 @@
package org.apache.jackrabbit.core.security.authorization.principalbased;
import org.apache.commons.collections.map.LRUMap;
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.core.NodeImpl;
import org.apache.jackrabbit.core.SessionImpl;
-import org.apache.jackrabbit.core.WorkspaceImpl;
import org.apache.jackrabbit.core.id.ItemId;
import org.apache.jackrabbit.core.security.SecurityConstants;
import org.apache.jackrabbit.core.security.authorization.AbstractAccessControlProvider;
@@ -32,6 +32,7 @@ import org.apache.jackrabbit.core.securi
import org.apache.jackrabbit.core.security.authorization.AccessControlModifications;
import org.apache.jackrabbit.core.security.authorization.CompiledPermissions;
import org.apache.jackrabbit.core.security.authorization.Permission;
+import org.apache.jackrabbit.core.security.authorization.PrivilegeManagerImpl;
import org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry;
import org.apache.jackrabbit.core.security.authorization.UnmodifiableAccessControlList;
import org.apache.jackrabbit.spi.Path;
@@ -100,7 +101,8 @@ public class ACLProvider extends Abstrac
editor = new ACLEditor(session, resolver.getQPath(acRoot.getPath()));
entriesCache = new EntriesCache(session, editor, acRoot.getPath());
- readBits = ((WorkspaceImpl) session.getWorkspace()).getPrivilegeManager().getBits(new String[] {Privilege.JCR_READ});
+ JackrabbitWorkspace wsp = (JackrabbitWorkspace) session.getWorkspace();
+ readBits = ((PrivilegeManagerImpl) wsp.getPrivilegeManager()).getBits(new String[] {Privilege.JCR_READ});
// TODO: replace by configurable default policy (see JCR-2331)
if (!configuration.containsKey(PARAM_OMIT_DEFAULT_PERMISSIONS)) {
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java Thu Mar 3 12:24:20 2011
@@ -16,14 +16,14 @@
*/
package org.apache.jackrabbit.core.security.authorization.principalbased;
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.core.NodeImpl;
import org.apache.jackrabbit.core.SessionImpl;
-import org.apache.jackrabbit.core.WorkspaceImpl;
import org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl;
import org.apache.jackrabbit.core.security.authorization.AbstractACLTemplate;
import org.apache.jackrabbit.core.security.authorization.GlobPattern;
-import org.apache.jackrabbit.core.security.authorization.PrivilegeManager;
+import org.apache.jackrabbit.core.security.authorization.PrivilegeManagerImpl;
import org.apache.jackrabbit.spi.Name;
import org.apache.jackrabbit.spi.commons.conversion.NamePathResolver;
import org.apache.jackrabbit.spi.commons.conversion.NameResolver;
@@ -76,7 +76,7 @@ class ACLTemplate extends AbstractACLTem
private final String jcrGlobName;
private final NameResolver resolver;
- private final PrivilegeManager privilegeMgr;
+ private final PrivilegeManagerImpl privilegeMgr;
ACLTemplate(Principal principal, String path, NamePathResolver resolver, ValueFactory vf)
throws RepositoryException {
@@ -100,7 +100,7 @@ class ACLTemplate extends AbstractACLTem
this.resolver = resolver;
Session session = (acNode != null) ? acNode.getSession() : (Session) resolver;
- this.privilegeMgr = ((WorkspaceImpl) session.getWorkspace()).getPrivilegeManager();
+ this.privilegeMgr = (PrivilegeManagerImpl) ((JackrabbitWorkspace) session.getWorkspace()).getPrivilegeManager();
if (acNode != null && acNode.hasNode(N_POLICY)) {
// build the list of policy entries;
@@ -343,7 +343,7 @@ class ACLTemplate extends AbstractACLTem
}
@Override
- protected PrivilegeManager getPrivilegeManager() {
+ protected PrivilegeManagerImpl getPrivilegeManager() {
return privilegeMgr;
}
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/simple/SimpleAccessManager.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/simple/SimpleAccessManager.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/simple/SimpleAccessManager.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/simple/SimpleAccessManager.java Thu Mar 3 12:24:20 2011
@@ -20,8 +20,10 @@ import javax.jcr.UnsupportedRepositoryOp
import javax.jcr.security.AccessControlException;
import javax.jcr.security.AccessControlPolicy;
import javax.jcr.security.Privilege;
+
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.core.HierarchyManager;
-import org.apache.jackrabbit.core.WorkspaceImpl;
import org.apache.jackrabbit.core.id.ItemId;
import org.apache.jackrabbit.core.security.AMContext;
import org.apache.jackrabbit.core.security.AbstractAccessControlManager;
@@ -31,7 +33,6 @@ import org.apache.jackrabbit.core.securi
import org.apache.jackrabbit.core.security.authorization.AccessControlProvider;
import org.apache.jackrabbit.core.security.authorization.NamedAccessControlPolicyImpl;
import org.apache.jackrabbit.core.security.authorization.Permission;
-import org.apache.jackrabbit.core.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager;
import org.apache.jackrabbit.spi.Name;
import org.apache.jackrabbit.spi.Path;
@@ -102,7 +103,7 @@ public class SimpleAccessManager extends
subject = context.getSubject();
hierMgr = context.getHierarchyManager();
resolver = context.getNamePathResolver();
- privilegeManager = ((WorkspaceImpl) context.getSession().getWorkspace()).getPrivilegeManager();
+ privilegeManager = ((JackrabbitWorkspace) context.getSession().getWorkspace()).getPrivilegeManager();
wspAccessMgr = wspAccessManager;
anonymous = !subject.getPrincipals(AnonymousPrincipal.class).isEmpty();
system = !subject.getPrincipals(SystemPrincipal.class).isEmpty();
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/user/UserAccessControlProvider.java Thu Mar 3 12:24:20 2011
@@ -16,13 +16,13 @@
*/
package org.apache.jackrabbit.core.security.user;
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
import org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.core.ItemImpl;
import org.apache.jackrabbit.core.NodeImpl;
import org.apache.jackrabbit.core.SessionImpl;
-import org.apache.jackrabbit.core.WorkspaceImpl;
import org.apache.jackrabbit.core.id.ItemId;
import org.apache.jackrabbit.core.nodetype.NodeTypeImpl;
import org.apache.jackrabbit.core.observation.SynchronousEventListener;
@@ -34,6 +34,7 @@ import org.apache.jackrabbit.core.securi
import org.apache.jackrabbit.core.security.authorization.CompiledPermissions;
import org.apache.jackrabbit.core.security.authorization.NamedAccessControlPolicyImpl;
import org.apache.jackrabbit.core.security.authorization.Permission;
+import org.apache.jackrabbit.core.security.authorization.PrivilegeManagerImpl;
import org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry;
import org.apache.jackrabbit.core.security.principal.PrincipalImpl;
import org.apache.jackrabbit.spi.Path;
@@ -314,7 +315,8 @@ public class UserAccessControlProvider e
}
private int getPrivilegeBits(String privName) throws RepositoryException {
- return ((WorkspaceImpl) session.getWorkspace()).getPrivilegeManager().getBits(new String[] {privName});
+ PrivilegeManagerImpl impl = (PrivilegeManagerImpl) ((JackrabbitWorkspace) session.getWorkspace()).getPrivilegeManager();
+ return impl.getBits(new String[] {privName});
}
private static boolean containsGroup(Set<Principal> principals, Principal group) {
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/session/SessionContext.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/session/SessionContext.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/session/SessionContext.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/session/SessionContext.java Thu Mar 3 12:24:20 2011
@@ -20,6 +20,7 @@ import javax.jcr.NamespaceException;
import javax.jcr.RepositoryException;
import javax.jcr.ValueFactory;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
import org.apache.jackrabbit.core.HierarchyManager;
import org.apache.jackrabbit.core.ItemManager;
import org.apache.jackrabbit.core.ItemValidator;
@@ -35,7 +36,7 @@ import org.apache.jackrabbit.core.nodety
import org.apache.jackrabbit.core.nodetype.NodeTypeRegistry;
import org.apache.jackrabbit.core.observation.ObservationManagerImpl;
import org.apache.jackrabbit.core.security.AccessManager;
-import org.apache.jackrabbit.core.security.authorization.PrivilegeManager;
+import org.apache.jackrabbit.core.security.authorization.PrivilegeManagerImpl;
import org.apache.jackrabbit.core.state.SessionItemStateManager;
import org.apache.jackrabbit.core.value.ValueFactoryImpl;
import org.apache.jackrabbit.spi.Name;
@@ -130,7 +131,7 @@ public class SessionContext implements N
new ValueFactoryImpl(session, repositoryContext.getDataStore());
this.itemValidator = new ItemValidator(this);
this.nodeTypeManager = new NodeTypeManagerImpl(this);
- this.privilegeManager = new PrivilegeManager(repositoryContext.getPrivilegeRegistry(), session);
+ this.privilegeManager = new PrivilegeManagerImpl(repositoryContext.getPrivilegeRegistry(), session);
this.workspace = new WorkspaceImpl(this, workspaceConfig);
}
Added: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManagerTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManagerTest.java?rev=1076600&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManagerTest.java (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManagerTest.java Thu Mar 3 12:24:20 2011
@@ -0,0 +1,178 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.api.security.authorization;
+
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
+import org.apache.jackrabbit.core.SessionImpl;
+import org.apache.jackrabbit.core.security.authorization.PrivilegeManagerImpl;
+import org.apache.jackrabbit.core.security.authorization.PrivilegeRegistry;
+import org.apache.jackrabbit.spi.commons.conversion.IllegalNameException;
+import org.apache.jackrabbit.spi.commons.conversion.NameResolver;
+import org.apache.jackrabbit.test.AbstractJCRTest;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.jcr.NamespaceException;
+import javax.jcr.RepositoryException;
+import javax.jcr.security.AccessControlException;
+import javax.jcr.security.Privilege;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * <code>PrivilegeManagerTest</code>...
+ */
+public class PrivilegeManagerTest extends AbstractJCRTest {
+
+ private NameResolver resolver;
+ protected PrivilegeManager privilegeMgr;
+
+ @Override
+ protected void setUp() throws Exception {
+ super.setUp();
+ resolver = (SessionImpl) superuser;
+ privilegeMgr = ((JackrabbitWorkspace) superuser.getWorkspace()).getPrivilegeManager();
+ }
+
+ protected void assertSamePrivilegeName(String expected, String present) throws NamespaceException, IllegalNameException {
+ assertEquals("Privilege names are not the same", resolver.getQName(expected), resolver.getQName(present));
+ }
+
+ public void testRegisteredPrivileges() throws RepositoryException {
+ Privilege[] ps = privilegeMgr.getRegisteredPrivileges();
+
+ List<Privilege> l = new ArrayList<Privilege>(Arrays.asList(ps));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_ADD_CHILD_NODES)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_REMOVE_CHILD_NODES)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_MODIFY_PROPERTIES)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_REMOVE_NODE)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ_ACCESS_CONTROL)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_MODIFY_ACCESS_CONTROL)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_WRITE)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_ALL)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LIFECYCLE_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LOCK_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_NODE_TYPE_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_RETENTION_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_VERSION_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(PrivilegeRegistry.REP_WRITE)));
+ assertTrue(l.isEmpty());
+ }
+
+ public void testAllPrivilege() throws RepositoryException {
+ Privilege p = privilegeMgr.getPrivilege(Privilege.JCR_ALL);
+ assertSamePrivilegeName(p.getName(), Privilege.JCR_ALL);
+ assertTrue(p.isAggregate());
+ assertFalse(p.isAbstract());
+
+ List<Privilege> l = new ArrayList<Privilege>(Arrays.asList(p.getAggregatePrivileges()));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_ADD_CHILD_NODES)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_REMOVE_CHILD_NODES)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_MODIFY_PROPERTIES)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_REMOVE_NODE)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ_ACCESS_CONTROL)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_MODIFY_ACCESS_CONTROL)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LIFECYCLE_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LOCK_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_NODE_TYPE_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_RETENTION_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_VERSION_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_WRITE)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(PrivilegeRegistry.REP_WRITE)));
+ assertTrue(l.isEmpty());
+
+ l = new ArrayList<Privilege>(Arrays.asList(p.getDeclaredAggregatePrivileges()));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_WRITE)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(PrivilegeRegistry.REP_WRITE)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ_ACCESS_CONTROL)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_MODIFY_ACCESS_CONTROL)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LIFECYCLE_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LOCK_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_RETENTION_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_VERSION_MANAGEMENT)));
+ assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_NODE_TYPE_MANAGEMENT)));
+ assertTrue(l.isEmpty());
+ }
+
+ public void testGetPrivilegeFromName() throws AccessControlException, RepositoryException {
+ Privilege p = privilegeMgr.getPrivilege(Privilege.JCR_READ);
+
+ assertTrue(p != null);
+ assertSamePrivilegeName(Privilege.JCR_READ, p.getName());
+ assertFalse(p.isAggregate());
+
+ p = privilegeMgr.getPrivilege(Privilege.JCR_WRITE);
+
+ assertTrue(p != null);
+ assertSamePrivilegeName(p.getName(), Privilege.JCR_WRITE);
+ assertTrue(p.isAggregate());
+ }
+
+ public void testGetPrivilegesFromInvalidName() throws RepositoryException {
+ try {
+ privilegeMgr.getPrivilege("unknown");
+ fail("invalid privilege name");
+ } catch (AccessControlException e) {
+ // OK
+ }
+ }
+
+ public void testGetPrivilegesFromEmptyNames() {
+ try {
+ privilegeMgr.getPrivilege("");
+ fail("invalid privilege name array");
+ } catch (AccessControlException e) {
+ // OK
+ } catch (RepositoryException e) {
+ // OK
+ }
+ }
+
+ public void testGetPrivilegesFromNullNames() {
+ try {
+ privilegeMgr.getPrivilege(null);
+ fail("invalid privilege name (null)");
+ } catch (Exception e) {
+ // OK
+ }
+ }
+
+ public void testRegisterPrivilegeWithIllegalName() throws RepositoryException {
+ Map<String, String[]> illegal = new HashMap<String, String[]>();
+ illegal.put("invalid:privilegeName", new String[0]);
+ illegal.put("jcr:newPrivilege", new String[] {"invalid:privilegeName"});
+ illegal.put(".e:privilegeName", new String[0]);
+ illegal.put("jcr:newPrivilege", new String[] {".e:privilegeName"});
+
+ for (String illegalName : illegal.keySet()) {
+ try {
+ privilegeMgr.registerPrivilege(illegalName, true, illegal.get(illegalName));
+ fail("Illegal name -> Exception expected");
+ } catch (NamespaceException e) {
+ // success
+ } catch (IllegalNameException e) {
+ // success
+ }
+ }
+ }
+}
\ No newline at end of file
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManagerTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/PrivilegeManagerTest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision Rev URL
Copied: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/TestAll.java (from r1072151, jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/TestAll.java)
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/TestAll.java?p2=jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/TestAll.java&p1=jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/TestAll.java&r1=1072151&r2=1076600&rev=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/principal/TestAll.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/api/security/authorization/TestAll.java Thu Mar 3 12:24:20 2011
@@ -14,11 +14,12 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.jackrabbit.api.security.principal;
+package org.apache.jackrabbit.api.security.authorization;
import junit.framework.Test;
import junit.framework.TestCase;
import junit.framework.TestSuite;
+import org.apache.jackrabbit.api.security.principal.PrincipalManagerTest;
public class TestAll extends TestCase {
@@ -32,7 +33,7 @@ public class TestAll extends TestCase {
public static Test suite() {
TestSuite suite = new TestSuite("api.security.principal tests");
- suite.addTestSuite(PrincipalManagerTest.class);
+ suite.addTestSuite(PrivilegeManagerTest.class);
return suite;
}
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractACLTemplateTest.java Thu Mar 3 12:24:20 2011
@@ -26,12 +26,11 @@ import javax.jcr.security.AccessControlE
import javax.jcr.security.Privilege;
import org.apache.jackrabbit.api.JackrabbitSession;
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.principal.PrincipalIterator;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
-import org.apache.jackrabbit.core.SessionImpl;
-import org.apache.jackrabbit.core.WorkspaceImpl;
import org.apache.jackrabbit.core.security.TestPrincipal;
import org.apache.jackrabbit.test.NotExecutableException;
import org.apache.jackrabbit.test.api.security.AbstractAccessControlTest;
@@ -43,7 +42,7 @@ public abstract class AbstractACLTemplat
protected Principal testPrincipal;
protected PrincipalManager principalMgr;
- protected PrivilegeManager privilegeMgr;
+ protected PrivilegeManagerImpl privilegeMgr;
@Override
protected void setUp() throws Exception {
@@ -60,7 +59,7 @@ public abstract class AbstractACLTemplat
} else {
throw new NotExecutableException();
}
- privilegeMgr = ((WorkspaceImpl) superuser.getWorkspace()).getPrivilegeManager();
+ privilegeMgr = (PrivilegeManagerImpl) ((JackrabbitWorkspace) superuser.getWorkspace()).getPrivilegeManager();
}
protected void assertSamePrivileges(Privilege[] privs1, Privilege[] privs2) throws AccessControlException {
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractEntryTest.java Thu Mar 3 12:24:20 2011
@@ -26,8 +26,7 @@ import javax.jcr.Value;
import javax.jcr.security.AccessControlException;
import javax.jcr.security.Privilege;
-import org.apache.jackrabbit.core.SessionImpl;
-import org.apache.jackrabbit.core.WorkspaceImpl;
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
import org.apache.jackrabbit.test.NotExecutableException;
import org.apache.jackrabbit.test.api.security.AbstractAccessControlTest;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
@@ -86,7 +85,7 @@ public abstract class AbstractEntryTest
}
public void testGetPrivileges() throws RepositoryException, NotExecutableException {
- PrivilegeManager privMgr = ((WorkspaceImpl) superuser.getWorkspace()).getPrivilegeManager();
+ PrivilegeManagerImpl privMgr = (PrivilegeManagerImpl) ((JackrabbitWorkspace) superuser.getWorkspace()).getPrivilegeManager();
JackrabbitAccessControlEntry entry = createEntry(new String[] {Privilege.JCR_READ}, true);
Privilege[] privs = entry.getPrivileges();
@@ -172,7 +171,7 @@ public abstract class AbstractEntryTest
acMgr.privilegeFromName(Privilege.JCR_ALL)
};
- final PrivilegeManager privMgr = ((WorkspaceImpl) superuser.getWorkspace()).getPrivilegeManager();
+ final PrivilegeManagerImpl privMgr = (PrivilegeManagerImpl) ((JackrabbitWorkspace) superuser.getWorkspace()).getPrivilegeManager();
JackrabbitAccessControlEntry pe = new JackrabbitAccessControlEntry() {
public boolean isAllow() {
return true;
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/AbstractWriteTest.java Thu Mar 3 12:24:20 2011
@@ -17,9 +17,9 @@
package org.apache.jackrabbit.core.security.authorization;
import org.apache.jackrabbit.api.JackrabbitNode;
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.user.Group;
-import org.apache.jackrabbit.core.WorkspaceImpl;
import org.apache.jackrabbit.test.JUnitTest;
import org.apache.jackrabbit.test.NotExecutableException;
import org.apache.jackrabbit.test.api.observation.EventResult;
@@ -822,7 +822,7 @@ public abstract class AbstractWriteTest
/* make sure the same privileges/permissions are granted as at path. */
String childPath = n.getPath();
Privilege[] privs = testAcMgr.getPrivileges(childPath);
- PrivilegeManager privilegeMgr = ((WorkspaceImpl) getTestSession().getWorkspace()).getPrivilegeManager();
+ PrivilegeManagerImpl privilegeMgr = (PrivilegeManagerImpl) ((JackrabbitWorkspace) getTestSession().getWorkspace()).getPrivilegeManager();
assertEquals(privilegeMgr.getBits(privilegesFromName(Privilege.JCR_READ)),
privilegeMgr.getBits(privs));
getTestSession().checkPermission(childPath, javax.jcr.Session.ACTION_READ);
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/JackrabbitAccessControlListTest.java Thu Mar 3 12:24:20 2011
@@ -17,12 +17,11 @@
package org.apache.jackrabbit.core.security.authorization;
import org.apache.jackrabbit.api.JackrabbitSession;
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.principal.PrincipalIterator;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
-import org.apache.jackrabbit.core.SessionImpl;
-import org.apache.jackrabbit.core.WorkspaceImpl;
import org.apache.jackrabbit.test.NotExecutableException;
import org.apache.jackrabbit.test.api.security.AbstractAccessControlTest;
@@ -45,7 +44,7 @@ import java.util.List;
public class JackrabbitAccessControlListTest extends AbstractAccessControlTest {
private JackrabbitAccessControlList templ;
- private PrivilegeManager privilegeMgr;
+ private PrivilegeManagerImpl privilegeMgr;
@Override
protected void setUp() throws Exception {
@@ -66,7 +65,7 @@ public class JackrabbitAccessControlList
throw new NotExecutableException("No JackrabbitAccessControlList to test.");
}
- privilegeMgr = ((WorkspaceImpl) superuser.getWorkspace()).getPrivilegeManager();
+ privilegeMgr = (PrivilegeManagerImpl) ((JackrabbitWorkspace) superuser.getWorkspace()).getPrivilegeManager();
}
@Override
Copied: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java (from r1072154, jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerTest.java)
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java?p2=jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java&p1=jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerTest.java&r1=1072154&r2=1076600&rev=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java Thu Mar 3 12:24:20 2011
@@ -16,41 +16,32 @@
*/
package org.apache.jackrabbit.core.security.authorization;
-import org.apache.jackrabbit.core.SessionImpl;
-import org.apache.jackrabbit.core.WorkspaceImpl;
-import org.apache.jackrabbit.spi.commons.conversion.IllegalNameException;
-import org.apache.jackrabbit.spi.commons.conversion.NameResolver;
-import org.apache.jackrabbit.test.AbstractJCRTest;
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
+import org.apache.jackrabbit.api.security.authorization.PrivilegeManagerTest;
+import org.apache.jackrabbit.test.NotExecutableException;
import javax.jcr.AccessDeniedException;
-import javax.jcr.NamespaceException;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.security.AccessControlException;
import javax.jcr.security.Privilege;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
/**
* <code>PrivilegeManagerTest</code>...
*/
-public class PrivilegeManagerTest extends AbstractJCRTest {
-
- private NameResolver resolver;
- private PrivilegeManager privilegeMgr;
+public class PrivilegeManagerImplTest extends PrivilegeManagerTest {
@Override
protected void setUp() throws Exception {
super.setUp();
- resolver = (SessionImpl) superuser;
- privilegeMgr = ((WorkspaceImpl) superuser.getWorkspace()).getPrivilegeManager();
+
+ if (!(privilegeMgr instanceof PrivilegeManagerImpl)) {
+ throw new NotExecutableException("PrivilegeManagerImpl expected");
+ }
}
- private void assertSamePrivilegeName(String expected, String present) throws NamespaceException, IllegalNameException {
- assertEquals("Privilege names are not the same", resolver.getQName(expected), resolver.getQName(present));
+ private PrivilegeManagerImpl getPrivilegeManagerImpl() {
+ return (PrivilegeManagerImpl) privilegeMgr;
}
private Privilege[] privilegesFromNames(String[] privNames)
@@ -62,80 +53,21 @@ public class PrivilegeManagerTest extend
return privs;
}
- public void testRegisteredPrivileges() throws RepositoryException {
- Privilege[] ps = privilegeMgr.getRegisteredPrivileges();
-
- List<Privilege> l = new ArrayList<Privilege>(Arrays.asList(ps));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_ADD_CHILD_NODES)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_REMOVE_CHILD_NODES)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_MODIFY_PROPERTIES)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_REMOVE_NODE)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ_ACCESS_CONTROL)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_MODIFY_ACCESS_CONTROL)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_WRITE)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_ALL)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LIFECYCLE_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LOCK_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_NODE_TYPE_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_RETENTION_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_VERSION_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(PrivilegeRegistry.REP_WRITE)));
- assertTrue(l.isEmpty());
- }
-
- public void testAllPrivilege() throws RepositoryException {
- Privilege p = privilegeMgr.getPrivilege(Privilege.JCR_ALL);
- assertSamePrivilegeName(p.getName(), Privilege.JCR_ALL);
- assertTrue(p.isAggregate());
- assertFalse(p.isAbstract());
-
- List<Privilege> l = new ArrayList<Privilege>(Arrays.asList(p.getAggregatePrivileges()));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_ADD_CHILD_NODES)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_REMOVE_CHILD_NODES)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_MODIFY_PROPERTIES)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_REMOVE_NODE)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ_ACCESS_CONTROL)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_MODIFY_ACCESS_CONTROL)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LIFECYCLE_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LOCK_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_NODE_TYPE_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_RETENTION_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_VERSION_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_WRITE)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(PrivilegeRegistry.REP_WRITE)));
- assertTrue(l.isEmpty());
-
- l = new ArrayList<Privilege>(Arrays.asList(p.getDeclaredAggregatePrivileges()));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_WRITE)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(PrivilegeRegistry.REP_WRITE)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_READ_ACCESS_CONTROL)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_MODIFY_ACCESS_CONTROL)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LIFECYCLE_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_LOCK_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_RETENTION_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_VERSION_MANAGEMENT)));
- assertTrue(l.remove(privilegeMgr.getPrivilege(Privilege.JCR_NODE_TYPE_MANAGEMENT)));
- assertTrue(l.isEmpty());
- }
-
public void testGetBits() throws RepositoryException {
Privilege p1 = privilegeMgr.getPrivilege(Privilege.JCR_ADD_CHILD_NODES);
Privilege p2 = privilegeMgr.getPrivilege(Privilege.JCR_REMOVE_CHILD_NODES);
Privilege[] privs = new Privilege[] {p1, p2};
- int bits = privilegeMgr.getBits(privs);
+ int bits = getPrivilegeManagerImpl().getBits(privs);
assertTrue(bits > PrivilegeRegistry.NO_PRIVILEGE);
- assertTrue(bits == (privilegeMgr.getBits(new Privilege[] {p1}) |
- privilegeMgr.getBits(new Privilege[] {p2})));
+ assertTrue(bits == (getPrivilegeManagerImpl().getBits(new Privilege[] {p1}) |
+ getPrivilegeManagerImpl().getBits(new Privilege[] {p2})));
}
public void testGetBitsFromCustomPrivilege() throws AccessControlException {
Privilege p = buildCustomPrivilege(Privilege.JCR_READ, null);
try {
- privilegeMgr.getBits(new Privilege[] {p});
+ getPrivilegeManagerImpl().getBits(new Privilege[] {p});
fail("Retrieving bits from unknown privilege should fail.");
} catch (AccessControlException e) {
// ok
@@ -145,7 +77,7 @@ public class PrivilegeManagerTest extend
public void testGetBitsFromCustomAggregatePrivilege() throws RepositoryException {
Privilege p = buildCustomPrivilege("anyName", privilegeMgr.getPrivilege(Privilege.JCR_WRITE));
try {
- privilegeMgr.getBits(new Privilege[] {p});
+ getPrivilegeManagerImpl().getBits(new Privilege[] {p});
fail("Retrieving bits from unknown privilege should fail.");
} catch (AccessControlException e) {
// ok
@@ -154,7 +86,7 @@ public class PrivilegeManagerTest extend
public void testGetBitsFromNull() {
try {
- privilegeMgr.getBits((Privilege[]) null);
+ getPrivilegeManagerImpl().getBits((Privilege[]) null);
fail("Should throw AccessControlException");
} catch (AccessControlException e) {
// ok
@@ -163,7 +95,7 @@ public class PrivilegeManagerTest extend
public void testGetBitsFromNullString() {
try {
- privilegeMgr.getBits((String[]) null);
+ getPrivilegeManagerImpl().getBits((String[]) null);
fail("Should throw AccessControlException");
} catch (AccessControlException e) {
// ok
@@ -172,7 +104,7 @@ public class PrivilegeManagerTest extend
public void testGetBitsFromEmptyArray() throws AccessControlException {
try {
- privilegeMgr.getBits(new Privilege[0]);
+ getPrivilegeManagerImpl().getBits(new Privilege[0]);
fail("Should throw AccessControlException");
} catch (AccessControlException e) {
// ok
@@ -181,7 +113,7 @@ public class PrivilegeManagerTest extend
public void testGetBitsFromEmptyStringArray() throws AccessControlException {
try {
- privilegeMgr.getBits(new String[0]);
+ getPrivilegeManagerImpl().getBits(new String[0]);
fail("Should throw AccessControlException");
} catch (AccessControlException e) {
// ok
@@ -191,7 +123,7 @@ public class PrivilegeManagerTest extend
public void testGetBitsWithInvalidPrivilege() {
Privilege p = buildCustomPrivilege("anyName", null);
try {
- privilegeMgr.getBits(new Privilege[] {p});
+ getPrivilegeManagerImpl().getBits(new Privilege[] {p});
fail();
} catch (AccessControlException e) {
// ok
@@ -199,7 +131,7 @@ public class PrivilegeManagerTest extend
}
public void testGetPrivilegesFromBits() throws RepositoryException {
- Privilege[] pvs = privilegeMgr.getPrivileges(privilegeMgr.getBits(privilegesFromNames(new String[] {Privilege.JCR_READ_ACCESS_CONTROL})));
+ Privilege[] pvs = getPrivilegeManagerImpl().getPrivileges(getPrivilegeManagerImpl().getBits(privilegesFromNames(new String[] {Privilege.JCR_READ_ACCESS_CONTROL})));
assertTrue(pvs != null);
assertTrue(pvs.length == 1);
@@ -213,8 +145,8 @@ public class PrivilegeManagerTest extend
Privilege.JCR_REMOVE_NODE,
Privilege.JCR_MODIFY_PROPERTIES
};
- int writeBits = privilegeMgr.getBits(privilegesFromNames(names));
- Privilege[] pvs = privilegeMgr.getPrivileges(writeBits);
+ int writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
+ Privilege[] pvs = getPrivilegeManagerImpl().getPrivileges(writeBits);
assertTrue(pvs != null);
assertTrue(pvs.length == 1);
@@ -227,8 +159,8 @@ public class PrivilegeManagerTest extend
String[] names = new String[] {
PrivilegeRegistry.REP_WRITE
};
- int writeBits = privilegeMgr.getBits(privilegesFromNames(names));
- Privilege[] pvs = privilegeMgr.getPrivileges(writeBits);
+ int writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
+ Privilege[] pvs = getPrivilegeManagerImpl().getPrivileges(writeBits);
assertTrue(pvs != null);
assertTrue(pvs.length == 1);
@@ -239,8 +171,8 @@ public class PrivilegeManagerTest extend
PrivilegeRegistry.REP_WRITE,
Privilege.JCR_WRITE
};
- writeBits = privilegeMgr.getBits(privilegesFromNames(names));
- pvs = privilegeMgr.getPrivileges(writeBits);
+ writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
+ pvs = getPrivilegeManagerImpl().getPrivileges(writeBits);
assertTrue(pvs != null);
assertTrue(pvs.length == 1);
@@ -254,79 +186,17 @@ public class PrivilegeManagerTest extend
PrivilegeRegistry.REP_WRITE,
Privilege.JCR_LIFECYCLE_MANAGEMENT
};
- int writeBits = privilegeMgr.getBits(privilegesFromNames(names));
- Privilege[] pvs = privilegeMgr.getPrivileges(writeBits);
+ int writeBits = getPrivilegeManagerImpl().getBits(privilegesFromNames(names));
+ Privilege[] pvs = getPrivilegeManagerImpl().getPrivileges(writeBits);
assertTrue(pvs != null);
assertTrue(pvs.length == 2);
}
- public void testGetPrivilegeFromName() throws AccessControlException, RepositoryException {
- Privilege p = privilegeMgr.getPrivilege(Privilege.JCR_READ);
-
- assertTrue(p != null);
- assertSamePrivilegeName(Privilege.JCR_READ, p.getName());
- assertFalse(p.isAggregate());
-
- p = privilegeMgr.getPrivilege(Privilege.JCR_WRITE);
-
- assertTrue(p != null);
- assertSamePrivilegeName(p.getName(), Privilege.JCR_WRITE);
- assertTrue(p.isAggregate());
- }
-
- public void testGetPrivilegesFromInvalidName() throws RepositoryException {
- try {
- privilegeMgr.getPrivilege("unknown");
- fail("invalid privilege name");
- } catch (AccessControlException e) {
- // OK
- }
- }
-
- public void testGetPrivilegesFromEmptyNames() {
- try {
- privilegeMgr.getPrivilege("");
- fail("invalid privilege name array");
- } catch (AccessControlException e) {
- // OK
- } catch (RepositoryException e) {
- // OK
- }
- }
-
- public void testGetPrivilegesFromNullNames() {
- try {
- privilegeMgr.getPrivilege(null);
- fail("invalid privilege name (null)");
- } catch (Exception e) {
- // OK
- }
- }
-
- public void testRegisterPrivilegeWithIllegalName() throws RepositoryException {
- Map<String, String[]> illegal = new HashMap<String, String[]>();
- illegal.put("invalid:privilegeName", new String[0]);
- illegal.put("jcr:newPrivilege", new String[] {"invalid:privilegeName"});
- illegal.put(".e:privilegeName", new String[0]);
- illegal.put("jcr:newPrivilege", new String[] {".e:privilegeName"});
-
- for (String illegalName : illegal.keySet()) {
- try {
- privilegeMgr.registerPrivilege(illegalName, true, illegal.get(illegalName));
- fail("Illegal name -> Exception expected");
- } catch (NamespaceException e) {
- // success
- } catch (IllegalNameException e) {
- // success
- }
- }
- }
-
public void testRegisterPrivilegeAsNonAdmin() throws RepositoryException {
Session s = getHelper().getReadOnlySession();
try {
- ((WorkspaceImpl) s.getWorkspace()).getPrivilegeManager().registerPrivilege("test", true, new String[0]);
+ ((JackrabbitWorkspace) s.getWorkspace()).getPrivilegeManager().registerPrivilege("test", true, new String[0]);
fail("Only admin is allowed to register privileges.");
} catch (AccessDeniedException e) {
// success
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/PrivilegeManagerImplTest.java
------------------------------------------------------------------------------
svn:keywords = author date id revision url
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java?rev=1076600&r1=1076599&r2=1076600&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/TestAll.java Thu Mar 3 12:24:20 2011
@@ -36,7 +36,7 @@ public class TestAll extends TestCase {
TestSuite suite = new TestSuite("core.security.authorization tests");
suite.addTestSuite(PrivilegeRegistryTest.class);
- suite.addTestSuite(PrivilegeManagerTest.class);
+ suite.addTestSuite(PrivilegeManagerImplTest.class);
suite.addTestSuite(JackrabbitAccessControlListTest.class);
suite.addTestSuite(GlobPatternTest.class);
suite.addTestSuite(PermissionTest.class);