You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/02/27 18:06:58 UTC
svn commit: r1450848 - in
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization:
AccessControlManagerImpl.java restriction/PrincipalRestrictionProvider.java
restriction/RestrictionProviderImpl.java
Author: angela
Date: Wed Feb 27 17:06:58 2013
New Revision: 1450848
URL: http://svn.apache.org/r1450848
Log:
OAK-51 : Access Control Management (wip, annotations, minor improvement)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java?rev=1450848&r1=1450847&r2=1450848&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java Wed Feb 27 17:06:58 2013
@@ -384,8 +384,8 @@ public class AccessControlManagerImpl im
return ntMgr.isNodeType(tree, nodeTypeName);
}
- private boolean isACE(@Nonnull Tree tree) {
- return ntMgr.isNodeType(tree, NT_REP_ACE);
+ private boolean isACE(@Nullable Tree tree) {
+ return tree != null && ntMgr.isNodeType(tree, NT_REP_ACE);
}
/**
@@ -520,7 +520,7 @@ public class AccessControlManagerImpl im
@Nonnull
private Set<Privilege> getPrivileges(@Nonnull Tree aceTree) throws RepositoryException {
- String[] privNames = TreeUtil.getStrings(aceTree, REP_PRIVILEGES);
+ String[] privNames = checkNotNull(TreeUtil.getStrings(aceTree, REP_PRIVILEGES));
Set<Privilege> privileges = new HashSet<Privilege>(privNames.length);
for (String name : privNames) {
privileges.add(privilegeManager.getPrivilege(name));
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java?rev=1450848&r1=1450847&r2=1450848&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java Wed Feb 27 17:06:58 2013
@@ -20,6 +20,7 @@ import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
import javax.jcr.PropertyType;
import javax.jcr.RepositoryException;
import javax.jcr.Value;
@@ -50,7 +51,7 @@ public class PrincipalRestrictionProvide
@Nonnull
@Override
- public Set<RestrictionDefinition> getSupportedRestrictions(String oakPath) {
+ public Set<RestrictionDefinition> getSupportedRestrictions(@Nullable String oakPath) {
Set<RestrictionDefinition> definitions = new HashSet<RestrictionDefinition>(base.getSupportedRestrictions(oakPath));
definitions.add(new RestrictionDefinitionImpl(REP_NODE_PATH, PropertyType.PATH, true, namePathMapper));
return definitions;
@@ -58,12 +59,12 @@ public class PrincipalRestrictionProvide
@Nonnull
@Override
- public Restriction createRestriction(String oakPath, @Nonnull String jcrName, @Nonnull Value value) throws RepositoryException {
+ public Restriction createRestriction(@Nullable String oakPath, @Nonnull String jcrName, @Nonnull Value value) throws RepositoryException {
return base.createRestriction(oakPath, jcrName, value);
}
@Override
- public Set<Restriction> readRestrictions(String oakPath, Tree aceTree) {
+ public Set<Restriction> readRestrictions(@Nullable String oakPath, @Nonnull Tree aceTree) {
Set<Restriction> restrictions = new HashSet<Restriction>(base.readRestrictions(oakPath, aceTree));
String value = (oakPath == null) ? "" : oakPath;
PropertyState nodePathProp = PropertyStates.createProperty(REP_NODE_PATH, value, Type.PATH);
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java?rev=1450848&r1=1450847&r2=1450848&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java Wed Feb 27 17:06:58 2013
@@ -60,7 +60,7 @@ public class RestrictionProviderImpl imp
@Nonnull
@Override
public Set<RestrictionDefinition> getSupportedRestrictions(String oakPath) {
- if (oakPath == null) {
+ if (isUnsupportedPath(oakPath)) {
return Collections.emptySet();
} else {
return ImmutableSet.copyOf(supported.values());
@@ -69,7 +69,7 @@ public class RestrictionProviderImpl imp
@Override
public Restriction createRestriction(String oakPath, String jcrName, Value value) throws RepositoryException {
- if (oakPath == null) {
+ if (isUnsupportedPath(oakPath)) {
throw new AccessControlException("Unsupported restriction: " + oakPath);
}
@@ -88,7 +88,7 @@ public class RestrictionProviderImpl imp
@Override
public Set<Restriction> readRestrictions(String oakPath, Tree aceTree) {
- if (oakPath == null) {
+ if (isUnsupportedPath(oakPath)) {
return Collections.emptySet();
} else {
Set<Restriction> restrictions = new HashSet<Restriction>();
@@ -121,7 +121,7 @@ public class RestrictionProviderImpl imp
@Override
public void validateRestrictions(String oakPath, Tree aceTree) throws javax.jcr.security.AccessControlException {
Map<String, PropertyState> restrictionProperties = getRestrictionProperties(aceTree);
- if (oakPath == null && !restrictionProperties.isEmpty()) {
+ if (isUnsupportedPath(oakPath) && !restrictionProperties.isEmpty()) {
throw new AccessControlException("Restrictions not supported with 'null' path.");
}
for (Map.Entry<String, PropertyState> entry : restrictionProperties.entrySet()) {
@@ -175,4 +175,8 @@ public class RestrictionProviderImpl imp
return !AccessControlConstants.ACE_PROPERTY_NAMES.contains(propertyName) &&
!NamespaceRegistry.PREFIX_JCR.equals(Text.getNamespacePrefix(propertyName));
}
+
+ private static boolean isUnsupportedPath(String oakPath) {
+ return oakPath == null;
+ }
}