You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2020/09/25 09:45:39 UTC
svn commit: r1882009 -
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Author: angela
Date: Fri Sep 25 09:45:39 2020
New Revision: 1882009
URL: http://svn.apache.org/viewvc?rev=1882009&view=rev
Log:
OAK-9234 : CompiledPermissionImpl: minor improvements
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java?rev=1882009&r1=1882008&r2=1882009&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java Fri Sep 25 09:45:39 2020
@@ -123,6 +123,7 @@ final class CompiledPermissionImpl imple
typeProvider = new TreeTypeProvider(ctx);
}
+ @NotNull
static CompiledPermissions create(@NotNull Root root,
@NotNull String workspaceName,
@NotNull PermissionStore store,
@@ -157,12 +158,9 @@ final class CompiledPermissionImpl imple
@NotNull
@Override
public RepositoryPermission getRepositoryPermission() {
- return new RepositoryPermission() {
- @Override
- public boolean isGranted(long repositoryPermissions) {
- EntryPredicate predicate = EntryPredicate.create();
- return hasPermissions(getEntryIterator(predicate), predicate, repositoryPermissions, null);
- }
+ return repositoryPermissions -> {
+ EntryPredicate predicate = EntryPredicate.create();
+ return hasPermissions(getEntryIterator(predicate), predicate, repositoryPermissions, null);
};
}
@@ -259,17 +257,17 @@ final class CompiledPermissionImpl imple
case HIDDEN:
return true;
case VERSION:
- Tree versionTree = getEvaluationTree(tree);
- if (versionTree == null) {
+ Tree evalTree = getEvaluationTree(tree);
+ if (evalTree == null) {
// unable to determine the location of the versionable item -> deny access.
return false;
}
- if (versionTree.exists()) {
- return internalIsGranted(versionTree, property, permissions);
+ if (evalTree.exists()) {
+ return internalIsGranted(evalTree, property, permissions);
} else {
- // versionable node does not exist (anymore) in this workspace;
+ // the versionable node does not exist (anymore) in this workspace
// use best effort calculation based on the item path.
- String path = versionTree.getPath();
+ String path = evalTree.getPath();
if (property != null) {
path = PathUtils.concat(path, property.getName());
}
@@ -378,17 +376,21 @@ final class CompiledPermissionImpl imple
@NotNull
private PrivilegeBits internalGetPrivileges(@Nullable Tree tree) {
- TreeType type = (tree == null) ? TreeType.DEFAULT : typeProvider.getType(tree);
+ if (tree == null) {
+ return getPrivilegeBits(null);
+ }
+
+ TreeType type = typeProvider.getType(tree);
switch (type) {
case HIDDEN:
return PrivilegeBits.EMPTY;
case VERSION:
- Tree versionTree = getEvaluationTree(tree);
- if (versionTree == null || !versionTree.exists()) {
+ Tree evalTree = getEvaluationTree(tree);
+ if (evalTree == null || !evalTree.exists()) {
// unable to determine the location of the versionable item -> deny access.
return PrivilegeBits.EMPTY;
} else {
- return getPrivilegeBits(versionTree);
+ return getPrivilegeBits(evalTree);
}
case INTERNAL:
return PrivilegeBits.EMPTY;
@@ -425,17 +427,15 @@ final class CompiledPermissionImpl imple
@NotNull
private Iterator<PermissionEntry> getEntryIterator(@NotNull EntryPredicate predicate) {
- if (userStore != null && groupStore != null) {
- Iterator<PermissionEntry> userEntries = userStore.getEntryIterator(predicate);
- Iterator<PermissionEntry> groupEntries = groupStore.getEntryIterator(predicate);
- return concat(userEntries, groupEntries);
- } else if (userStore != null) {
- return userStore.getEntryIterator(predicate);
- } else if (groupStore != null) {
- return groupStore.getEntryIterator(predicate);
- } else {
- return Collections.emptyIterator();
+ Iterator<PermissionEntry> userEntries = Collections.emptyIterator();
+ Iterator<PermissionEntry> groupEntries = Collections.emptyIterator();
+ if (userStore != null) {
+ userEntries = userStore.getEntryIterator(predicate);
+ }
+ if (groupStore != null) {
+ groupEntries = groupStore.getEntryIterator(predicate);
}
+ return concat(userEntries, groupEntries);
}
@Nullable
@@ -455,6 +455,7 @@ final class CompiledPermissionImpl imple
return versionManager;
}
+ @NotNull
private static TreeType getParentType(@NotNull TreePermission parentPermission) {
if (parentPermission instanceof TreePermissionImpl) {
return ((TreePermissionImpl) parentPermission).type;
@@ -471,6 +472,7 @@ final class CompiledPermissionImpl imple
}
}
+ @NotNull
private TreePermissionImpl createRootPermission(@NotNull Tree rootTree) {
return new TreePermissionImpl(rootTree, TreeType.DEFAULT, EMPTY);
}
@@ -489,7 +491,7 @@ final class CompiledPermissionImpl imple
private boolean skipped;
private ReadStatus readStatus;
- private TreePermissionImpl(Tree tree, TreeType type, TreePermission parentPermission) {
+ private TreePermissionImpl(@NotNull Tree tree, @NotNull TreeType type, @NotNull TreePermission parentPermission) {
this.tree = tree;
this.type = type;
if (parentPermission instanceof TreePermissionImpl) {
@@ -581,23 +583,26 @@ final class CompiledPermissionImpl imple
}
//--------------------------------------------------------< private >---
+ @NotNull
private Iterator<PermissionEntry> getIterator(@Nullable PropertyState property, long permissions) {
EntryPredicate predicate = EntryPredicate.create(tree, property, Permissions.respectParentPermissions(permissions));
return getIterator(predicate);
}
+ @NotNull
private Iterator<PermissionEntry> getIterator(@NotNull EntryPredicate predicate) {
- if (userStore != null && groupStore != null) {
- return concat(new LazyIterator(this, true, predicate), new LazyIterator(this, false, predicate));
- } else if (userStore != null) {
- return new LazyIterator(this, true, predicate);
- } else if (groupStore != null) {
- return new LazyIterator(this, false, predicate);
- } else {
- return Collections.emptyIterator();
+ Iterator<PermissionEntry> userIt = Collections.emptyIterator();
+ Iterator<PermissionEntry> groupIt = Collections.emptyIterator();
+ if (userStore != null) {
+ userIt = new LazyIterator(this, true, predicate);
+ }
+ if (groupStore != null) {
+ groupIt = new LazyIterator(this, false, predicate);
}
+ return concat(userIt, groupIt);
}
+ @NotNull
private Iterator<PermissionEntry> getUserEntries() {
if (userEntries == null) {
userEntries = userStore != null ? userStore.getEntries(tree) : Collections.emptyList();
@@ -605,6 +610,7 @@ final class CompiledPermissionImpl imple
return userEntries.iterator();
}
+ @NotNull
private Iterator<PermissionEntry> getGroupEntries() {
if (groupEntries == null) {
groupEntries = groupStore != null ? groupStore.getEntries(tree) : Collections.emptyList();
@@ -637,6 +643,7 @@ final class CompiledPermissionImpl imple
tp = treePermission;
}
+ @Nullable
@Override
protected PermissionEntry getNext() {
PermissionEntry next = null;
@@ -695,7 +702,7 @@ final class CompiledPermissionImpl imple
private final String[] altReadPaths;
private final boolean isDefaultPaths;
- private DefaultReadPolicy(Set<String> readPaths) {
+ private DefaultReadPolicy(@NotNull Set<String> readPaths) {
this.readPaths = readPaths.toArray(new String[0]);
altReadPaths = new String[readPaths.size()];
int i = 0;