You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by re...@apache.org on 2012/07/19 11:54:25 UTC
svn commit: r1363275 - in /jackrabbit/branches/2.2: ./
jackrabbit-core/src/main/java/org/apache/jackrabbit/core/
jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/
Author: reschke
Date: Thu Jul 19 09:54:25 2012
New Revision: 1363275
URL: http://svn.apache.org/viewvc?rev=1363275&view=rev
Log:
JCR-3352: Minor improvements for collecting ACEs (ported to 2.2)
Modified:
jackrabbit/branches/2.2/ (props changed)
jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/NodeImpl.java
jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java
jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLProvider.java
jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java
jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/EntryCollector.java
Propchange: jackrabbit/branches/2.2/
------------------------------------------------------------------------------
Merged /jackrabbit/branches/2.4:r1356255
Merged /jackrabbit/trunk:r1353920
Modified: jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/NodeImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/NodeImpl.java?rev=1363275&r1=1363274&r2=1363275&view=diff
==============================================================================
--- jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/NodeImpl.java (original)
+++ jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/NodeImpl.java Thu Jul 19 09:54:25 2012
@@ -594,8 +594,7 @@ public class NodeImpl extends ItemImpl i
protected void removeChildNode(NodeId childId) throws RepositoryException {
// modify the state of 'this', i.e. the parent node
NodeState thisState = (NodeState) getOrCreateTransientItemState();
- ChildNodeEntry entry =
- thisState.getChildNodeEntry(childId);
+ ChildNodeEntry entry = thisState.getChildNodeEntry(childId);
if (entry == null) {
String msg = "failed to remove child " + childId + " of " + this;
log.debug(msg);
@@ -921,9 +920,6 @@ public class NodeImpl extends ItemImpl i
* otherwise <code>false</code>
*/
public boolean isNodeType(Name ntName) throws RepositoryException {
- // check state of this instance
- sanityCheck();
-
// first do trivial checks without using type hierarchy
Name primary = data.getNodeState().getNodeTypeName();
if (ntName.equals(primary)) {
@@ -1357,6 +1353,33 @@ public class NodeImpl extends ItemImpl i
}
/**
+ * Returns the name of the primary node type as exposed on the node state
+ * without retrieving the node type.
+ *
+ * @return the name of the primary node type.
+ */
+ public Name getPrimaryNodeTypeName() {
+ return data.getNodeState().getNodeTypeName();
+ }
+
+ /**
+ * Test if the given node is access controlled. The node is access
+ * controlled if it is of node type
+ * {@link org.apache.jackrabbit.core.security.authorization.AccessControlConstants#NT_REP_ACCESS_CONTROLLABLE "rep:AccessControllable"}
+ * and if it has a child node named
+ * {@link org.apache.jackrabbit.core.security.authorization.AccessControlConstants#N_POLICY}.
+ *
+ * @param node the node to be tested
+ * @return <code>true</code> if the node is access controlled and has a
+ * rep:policy child; <code>false</code> otherwise.
+ * @throws RepositoryException if an error occurs
+ */
+ public boolean isAccessControllable() throws RepositoryException {
+ return data.getNodeState().hasChildNodeEntry(NameConstants.REP_POLICY, 1)
+ && isNodeType(NameConstants.REP_ACCESS_CONTROLLABLE);
+ }
+
+ /**
* Same as <code>{@link Node#orderBefore(String, String)}</code> except that
* this method takes a <code>Path.Element</code> arguments instead of
* <code>String</code>s.
@@ -2261,6 +2284,9 @@ public class NodeImpl extends ItemImpl i
* {@inheritDoc}
*/
public boolean isNodeType(String nodeTypeName) throws RepositoryException {
+ // check state of this instance
+ sanityCheck();
+
try {
return isNodeType(sessionContext.getQName(nodeTypeName));
} catch (NameException e) {
Modified: jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java
URL: http://svn.apache.org/viewvc/jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java?rev=1363275&r1=1363274&r2=1363275&view=diff
==============================================================================
--- jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java (original)
+++ jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java Thu Jul 19 09:54:25 2012
@@ -87,8 +87,8 @@ public class ACLEditor extends Protected
* @return the control list
* @throws RepositoryException if an error occurs
*/
- ACLTemplate getACL(NodeImpl aclNode) throws RepositoryException {
- return new ACLTemplate(aclNode, privilegeRegistry);
+ ACLTemplate getACL(NodeImpl aclNode, String path) throws RepositoryException {
+ return new ACLTemplate(aclNode, path, privilegeRegistry);
}
//------------------------------------------------< AccessControlEditor >---
@@ -102,7 +102,7 @@ public class ACLEditor extends Protected
if (aclNode == null) {
return new AccessControlPolicy[0];
} else {
- return new AccessControlPolicy[] {getACL(aclNode)};
+ return new AccessControlPolicy[] {getACL(aclNode, nodePath)};
}
}
Modified: jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLProvider.java?rev=1363275&r1=1363274&r2=1363275&view=diff
==============================================================================
--- jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLProvider.java (original)
+++ jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLProvider.java Thu Jul 19 09:54:25 2012
@@ -328,19 +328,15 @@ public class ACLProvider extends Abstrac
}
/**
- * Test if the given node is access controlled. The node is access
- * controlled if it is of node type
- * {@link AccessControlConstants#NT_REP_ACCESS_CONTROLLABLE "rep:AccessControllable"}
- * and if it has a child node named
- * {@link AccessControlConstants#N_POLICY "rep:ACL"}.
+ * Test if the given node is access controlled.
*
* @param node the node to be tested
- * @return <code>true</code> if the node is access controlled and has a
- * rep:policy child; <code>false</code> otherwise.
+ * @return <code>true</code> if the node is access controlled.
* @throws RepositoryException if an error occurs
+ * @see org.apache.jackrabbit.core.NodeImpl#isAccessControllable()
*/
static boolean isAccessControlled(NodeImpl node) throws RepositoryException {
- return node.hasNode(N_POLICY) && node.isNodeType(NT_REP_ACCESS_CONTROLLABLE);
+ return node.isAccessControllable();
}
/**
Modified: jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java
URL: http://svn.apache.org/viewvc/jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java?rev=1363275&r1=1363274&r2=1363275&view=diff
==============================================================================
--- jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java (original)
+++ jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java Thu Jul 19 09:54:25 2012
@@ -38,7 +38,6 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.core.NodeImpl;
import org.apache.jackrabbit.core.SessionImpl;
import org.apache.jackrabbit.core.id.NodeId;
-import org.apache.jackrabbit.core.nodetype.NodeTypeImpl;
import org.apache.jackrabbit.core.security.authorization.AbstractACLTemplate;
import org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl;
import org.apache.jackrabbit.core.security.authorization.Permission;
@@ -127,9 +126,9 @@ class ACLTemplate extends AbstractACLTem
* @param privilegeRegistry registry
* @throws RepositoryException if an error occurs
*/
- ACLTemplate(NodeImpl aclNode, PrivilegeRegistry privilegeRegistry) throws RepositoryException {
- super((aclNode != null) ? aclNode.getParent().getPath() : null, (aclNode != null) ? aclNode.getSession().getValueFactory() : null);
- if (aclNode == null || !NT_REP_ACL.equals(((NodeTypeImpl)aclNode.getPrimaryNodeType()).getQName())) {
+ ACLTemplate(NodeImpl aclNode, String path, PrivilegeRegistry privilegeRegistry) throws RepositoryException {
+ super(path, (aclNode != null) ? aclNode.getSession().getValueFactory() : null);
+ if (aclNode == null || !NT_REP_ACL.equals(aclNode.getPrimaryNodeTypeName())) {
throw new IllegalArgumentException("Node must be of type 'rep:ACL'");
}
SessionImpl sImpl = (SessionImpl) aclNode.getSession();
@@ -164,11 +163,8 @@ class ACLTemplate extends AbstractACLTem
restrictions = Collections.singletonMap(jcrRepGlob, aceNode.getProperty(P_GLOB).getValue());
}
// create a new ACEImpl (omitting validation check)
- Entry ace = createEntry(
- princ,
- privs,
- NT_REP_GRANT_ACE.equals(((NodeTypeImpl) aceNode.getPrimaryNodeType()).getQName()),
- restrictions);
+ boolean isAllow = NT_REP_GRANT_ACE.equals(aceNode.getPrimaryNodeTypeName());
+ Entry ace = createEntry(princ, privs, isAllow, restrictions);
// add the entry
internalAdd(ace);
} catch (RepositoryException e) {
Modified: jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/EntryCollector.java
URL: http://svn.apache.org/viewvc/jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/EntryCollector.java?rev=1363275&r1=1363274&r2=1363275&view=diff
==============================================================================
--- jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/EntryCollector.java (original)
+++ jackrabbit/branches/2.2/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/EntryCollector.java Thu Jul 19 09:54:25 2012
@@ -134,7 +134,7 @@ public class EntryCollector extends Acce
}
next = getParentId(next);
}
-
+
List<AccessControlEntry> entries = new ArrayList<AccessControlEntry>(userAces.size() + groupAces.size());
entries.addAll(userAces);
entries.addAll(groupAces);
@@ -156,7 +156,7 @@ public class EntryCollector extends Acce
if (ACLProvider.isAccessControlled(node)) {
// collect the aces of that node.
NodeImpl aclNode = node.getNode(N_POLICY);
- entries = new ACLTemplate(aclNode, privilegeRegistry).getEntries();
+ entries = new ACLTemplate(aclNode, node.getPath(), privilegeRegistry).getEntries();
} else {
// not access controlled
entries = Collections.emptyList();