You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jspwiki.apache.org by ju...@apache.org on 2020/03/24 22:10:18 UTC
[jspwiki] 02/15: JSPWIKI-303: add Pages' ACLs
This is an automated email from the ASF dual-hosted git repository.
juanpablo pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/jspwiki.git
commit 49af134fd57f249f46cfcd1bf9f5159816463727
Author: juanpablo <ju...@apache.org>
AuthorDate: Tue Mar 24 15:45:22 2020 +0100
JSPWIKI-303: add Pages' ACLs
---
.../main/java/org/apache/wiki/api/core/Acl.java | 4 +-
.../main/java/org/apache/wiki/api/core/Page.java | 4 +-
.../src/main/java/org/apache/wiki/WikiPage.java | 18 +++-
.../org/apache/wiki/auth/AuthorizationManager.java | 2 +-
.../wiki/auth/DefaultAuthorizationManager.java | 10 +-
.../main/java/org/apache/wiki/auth/acl/Acl.java | 116 +++++++++------------
.../java/org/apache/wiki/auth/acl/AclEntry.java | 87 ++--------------
.../java/org/apache/wiki/auth/acl/AclImpl.java | 110 +++++++------------
.../java/org/apache/wiki/auth/acl/AclManager.java | 9 +-
.../apache/wiki/auth/acl/DefaultAclManager.java | 18 ++--
.../org/apache/wiki/pages/DefaultPageManager.java | 12 +--
.../apache/wiki/parser/JSPWikiMarkupParser.java | 2 +-
.../wiki/auth/acl/DefaultAclManagerTest.java | 10 +-
.../AccessRuleLinkNodePostProcessorState.java | 6 +-
14 files changed, 155 insertions(+), 253 deletions(-)
diff --git a/jspwiki-api/src/main/java/org/apache/wiki/api/core/Acl.java b/jspwiki-api/src/main/java/org/apache/wiki/api/core/Acl.java
index be51eb9..71f798f 100644
--- a/jspwiki-api/src/main/java/org/apache/wiki/api/core/Acl.java
+++ b/jspwiki-api/src/main/java/org/apache/wiki/api/core/Acl.java
@@ -62,7 +62,7 @@ public interface Acl {
*
* @return an enumeration of the entries in this ACL.
*/
- Enumeration< AclEntry > entries();
+ Enumeration< AclEntry > aclEntries();
/**
* Returns <code>true</code>, if this Acl is empty.
@@ -88,7 +88,7 @@ public interface Acl {
* @param principal the principal to search for
* @return the AclEntry associated with the principal, or <code>null</code>
*/
- AclEntry getEntry( Principal principal );
+ AclEntry getAclEntry( Principal principal );
/**
* Removes an ACL entry from this ACL.
diff --git a/jspwiki-api/src/main/java/org/apache/wiki/api/core/Page.java b/jspwiki-api/src/main/java/org/apache/wiki/api/core/Page.java
index 65975e5..a83ecd8 100644
--- a/jspwiki-api/src/main/java/org/apache/wiki/api/core/Page.java
+++ b/jspwiki-api/src/main/java/org/apache/wiki/api/core/Page.java
@@ -169,7 +169,7 @@ public interface Page extends Cloneable, Comparable< Page > {
*
* @return The access control list. May return null, if there is no acl.
*/
- //Acl getAcl();
+ Acl getAcl();
/**
* Sets the Acl for this page. Note that method does <em>not</em> persist the Acl itself to back-end storage or in page markup;
@@ -178,7 +178,7 @@ public interface Page extends Cloneable, Comparable< Page > {
*
* @param acl The Acl to set
*/
- //void setAcl( Acl acl );
+ void setAcl( Acl acl );
/** {@inheritDoc} */
Page clone();
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/WikiPage.java b/jspwiki-main/src/main/java/org/apache/wiki/WikiPage.java
index ce0d220..f278d5b 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/WikiPage.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/WikiPage.java
@@ -203,7 +203,7 @@ public class WikiPage implements Page {
* @return The access control list. May return null, if there is no acl.
*/
public Acl getAcl() {
- return m_accessList;
+ return (org.apache.wiki.auth.acl.Acl)m_accessList;
}
/**
@@ -212,9 +212,23 @@ public class WikiPage implements Page {
* {@link org.apache.wiki.auth.acl.AclManager#setPermissions(WikiPage, Acl)}.
*
* @param acl The Acl to set
+ * @deprecated use {@link #setAcl(org.apache.wiki.api.core.Acl)}
+ * @see #setAcl(org.apache.wiki.api.core.Acl)
*/
+ @Deprecated
public void setAcl( final Acl acl ) {
- m_accessList = acl;
+ setAcl( ( org.apache.wiki.api.core.Acl )acl );
+ }
+
+ /**
+ * Sets the Acl for this page. Note that method does <em>not</em> persist the Acl itself to back-end storage or in page markup;
+ * it merely sets the internal field that stores the Acl. To persist the Acl, callers should invoke
+ * {@link org.apache.wiki.auth.acl.AclManager#setPermissions(WikiPage, Acl)}.
+ *
+ * @param acl The Acl to set
+ */
+ public void setAcl( final org.apache.wiki.api.core.Acl acl ) {
+ m_accessList = ( Acl )acl;
}
/**
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/auth/AuthorizationManager.java b/jspwiki-main/src/main/java/org/apache/wiki/auth/AuthorizationManager.java
index a0c1e80..328d266 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/auth/AuthorizationManager.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/auth/AuthorizationManager.java
@@ -77,7 +77,7 @@ public interface AuthorizationManager {
* Returns <code>true</code> or <code>false</code>, depending on whether a Permission is allowed for the Subject associated with
* a supplied Session. The access control algorithm works this way:
* <ol>
- * <li>The {@link org.apache.wiki.auth.acl.Acl} for the page is obtained</li>
+ * <li>The {@link org.apache.wiki.api.core.Acl} for the page is obtained</li>
* <li>The Subject associated with the current {@link org.apache.wiki.api.core.Session} is obtained</li>
* <li>If the Subject's Principal set includes the Role Principal that is the administrator group, always allow the Permission</li>
* <li>For all permissions, check to see if the Permission is allowed according to the default security policy. If it isn't, deny
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/auth/DefaultAuthorizationManager.java b/jspwiki-main/src/main/java/org/apache/wiki/auth/DefaultAuthorizationManager.java
index 5ca590a..fef2949 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/auth/DefaultAuthorizationManager.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/auth/DefaultAuthorizationManager.java
@@ -20,14 +20,14 @@ package org.apache.wiki.auth;
import org.apache.log4j.Logger;
import org.apache.wiki.WikiContext;
-import org.apache.wiki.WikiPage;
+import org.apache.wiki.api.core.Acl;
+import org.apache.wiki.api.core.AclEntry;
import org.apache.wiki.api.core.Context;
import org.apache.wiki.api.core.Engine;
+import org.apache.wiki.api.core.Page;
import org.apache.wiki.api.core.Session;
import org.apache.wiki.api.exceptions.NoRequiredPropertyException;
import org.apache.wiki.api.exceptions.WikiException;
-import org.apache.wiki.auth.acl.Acl;
-import org.apache.wiki.auth.acl.AclEntry;
import org.apache.wiki.auth.acl.AclManager;
import org.apache.wiki.auth.acl.UnresolvedPrincipal;
import org.apache.wiki.auth.authorize.GroupManager;
@@ -127,7 +127,7 @@ public class DefaultAuthorizationManager implements AuthorizationManager {
// If the page or ACL is null, it's allowed.
final String pageName = ((PagePermission)permission).getPage();
- final WikiPage page = ( WikiPage )m_engine.getManager( PageManager.class ).getPage( pageName );
+ final Page page = m_engine.getManager( PageManager.class ).getPage( pageName );
final Acl acl = ( page == null) ? null : m_engine.getManager( AclManager.class ).getPermissions( page );
if( page == null || acl == null || acl.isEmpty() ) {
fireEvent( WikiSecurityEvent.ACCESS_ALLOWED, user, permission );
@@ -146,7 +146,7 @@ public class DefaultAuthorizationManager implements AuthorizationManager {
for( Principal aclPrincipal : aclPrincipals ) {
// If the ACL principal we're looking at is unresolved, try to resolve it here & correct the Acl
if ( aclPrincipal instanceof UnresolvedPrincipal ) {
- final AclEntry aclEntry = acl.getEntry( aclPrincipal );
+ final AclEntry aclEntry = acl.getAclEntry( aclPrincipal );
aclPrincipal = resolvePrincipal( aclPrincipal.getName() );
if ( aclEntry != null && !( aclPrincipal instanceof UnresolvedPrincipal ) ) {
aclEntry.setPrincipal( aclPrincipal );
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/Acl.java b/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/Acl.java
index 91b398a..5237bcc 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/Acl.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/Acl.java
@@ -18,97 +18,81 @@
*/
package org.apache.wiki.auth.acl;
-import java.security.Permission;
import java.security.Principal;
+import java.util.Collections;
import java.util.Enumeration;
+import java.util.List;
+import java.util.stream.Collectors;
+
/**
* <p>
- * Defines an access control list (ACL) for wiki pages. An Access Control List
- * is a data structure used to guard access to resources. An ACL can be thought
- * of as a data structure with multiple ACL entries. Each ACL entry, of
- * interface type AclEntry, contains a set of positive permissions associated
- * with a particular principal. (A principal represents an entity such as an
- * individual user or a group). The ACL Entries in each ACL observe the
- * following rules:
- * </p>
- * <ul>
- * <li>Each principal can have at most one ACL entry; that is, multiple ACL
- * entries are not allowed for any principal. Each entry specifies the set of
- * permissions that are to be granted</li>
- * <li>If there is no entry for a particular principal, then the principal is
- * considered to have a null (empty) permission set</li>
- * </ul>
- * <p>
- * This interface is a highly stripped-down derivation of the
- * java.security.acl.Acl interface. In particular, the notion of an Acl "owner"
- * has been eliminated, since JWPWiki pages do not have owners. An additional
- * simplification compared to the standard Java package is that negative
- * permissions have been eliminated. Instead, JSPWiki assumes a "default-deny"
- * security stance: principals are granted no permissions by default, and
- * posesses only those that have been explicitly granted to them. And finally,
- * the getPermissions() and checkPermission() methods have been eliminated due
- * to the complexities associated with resolving Role principal membership.
+ * Deprecated, interface kept in order to keep backwards compatibility with versions up to 2.11.0.M6. {@link org.apache.wiki.api.core.Acl}
+ * should be used instead.
* </p>
+ * {@inheritDoc}
* @since 2.3
+ * @deprecated use {@link org.apache.wiki.api.core.Acl} insteaad
+ * @see org.apache.wiki.api.core.Acl
*/
-public interface Acl
-{
+@Deprecated
+public interface Acl extends org.apache.wiki.api.core.Acl {
+
/**
- * Adds an ACL entry to this ACL. An entry associates a principal (e.g., an
- * individual or a group) with a set of permissions. Each principal can have
- * at most one positive ACL entry, specifying permissions to be granted to
- * the principal. If there is already an ACL entry already in the ACL, false
- * is returned.
+ * Adds an ACL entry to this ACL. An entry associates a principal (e.g., an individual or a group) with a set of permissions. Each
+ * principal can have at most one positive ACL entry, specifying permissions to be granted to the principal. If there is already an
+ * ACL entry already in the ACL, false is returned.
+ *
* @param entry - the ACL entry to be added to this ACL
- * @return true on success, false if an entry of the same type (positive or
- * negative) for the same principal is already present in this ACL
+ * @return true on success, false if an entry of the same type (positive or negative) for the same principal is already present in this ACL
+ * @deprecated use {@link #addEntry(org.apache.wiki.api.core.AclEntry)} instead.
+ * @see #addEntry(org.apache.wiki.api.core.AclEntry
*/
- boolean addEntry( AclEntry entry );
+ @Deprecated
+ default boolean addEntry( final AclEntry entry ) {
+ return addEntry( ( org.apache.wiki.api.core.AclEntry )entry );
+ }
/**
- * Returns an enumeration of the entries in this ACL. Each element in the
- * enumeration is of type AclEntry.
+ * Returns an enumeration of the entries in this ACL. Each element in the enumeration is of type AclEntry.
+ *
* @return an enumeration of the entries in this ACL.
+ * @deprecated use {@link #aclEntries()} instead.
+ * @see #aclEntries()
*/
- Enumeration< AclEntry > entries();
-
- /**
- * Returns <code>true</code>, if this Acl is empty.
- * @return the result
- * @since 2.4.68
- */
- boolean isEmpty();
+ @Deprecated
+ default Enumeration< AclEntry > entries() {
+ final List< AclEntry> entries = Collections.list( aclEntries() ) // iterates list two times - this is ok as we don't expect too many elements inside aclEntries()
+ .stream()
+ .map( entry -> ( AclEntry )entry )
+ .collect( Collectors.toList() );
+ return Collections.enumeration( entries );
+ }
/**
- * Returns all Principal objects assigned a given Permission in the access
- * control list. The Princiapls returned are those that have been granted
- * either the supplied permission, or a permission implied by the supplied
- * permission. Principals are not "expanded" if they are a role or group.
- * @param permission the permission to search for
- * @return an array of Principals posessing the permission
- */
- Principal[] findPrincipals( Permission permission );
-
- /**
- * Returns an AclEntry for a supplied Principal, or <code>null</code> if
- * the Principal does not have a matching AclEntry.
+ * Returns an AclEntry for a supplied Principal, or <code>null</code> if the Principal does not have a matching AclEntry.
+ *
* @param principal the principal to search for
* @return the AclEntry associated with the principal, or <code>null</code>
+ * @deprecated use {@link #getAclEntry(Principal)} instead.
+ * @see #getAclEntry(Principal)
*/
- AclEntry getEntry( Principal principal );
+ @Deprecated
+ default AclEntry getEntry( final Principal principal ) {
+ return ( AclEntry )getAclEntry( principal );
+ }
/**
* Removes an ACL entry from this ACL.
+ *
* @param entry the ACL entry to be removed from this ACL
* @return true on success, false if the entry is not part of this ACL
+ * @deprecated use {@link #removeEntry(org.apache.wiki.api.core.AclEntry)} instead.
+ * @see #removeEntry(org.apache.wiki.api.core.AclEntry
*/
- boolean removeEntry( AclEntry entry );
-
- /**
- * Returns a string representation of the contents of this Acl.
- * @return the string representation
- */
- String toString();
+ @Deprecated
+ default boolean removeEntry( final AclEntry entry ) {
+ return removeEntry( ( org.apache.wiki.api.core.AclEntry )entry );
+ }
}
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclEntry.java b/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclEntry.java
index 0946720..f46d2b4 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclEntry.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclEntry.java
@@ -18,88 +18,19 @@
*/
package org.apache.wiki.auth.acl;
-import java.security.Permission;
-import java.security.Principal;
-import java.util.Enumeration;
-
/**
* <p>
- * Represents one entry in an Access Control List (ACL).
- * </p>
- * <p>
- * An ACL can be thought of as a data structure with multiple ACL entry objects.
- * Each ACL entry object contains a set of positive page permissions associated
- * with a particular principal. (A principal represents an entity such as an
- * individual user, group, or role). Each principal can have at most one ACL
- * entry; that is, multiple ACL entries are not allowed for any principal.
- * </p>
- * <p>
- * This interface is functionally equivalent to the java.security.acl.AclEntry
- * interface, minus negative permissions.
+ * Deprecated, interface kept in order to keep backwards compatibility with versions up to 2.11.0.M6. {@link org.apache.wiki.api.core.AclEntry}
+ * should be used instead.
* </p>
+ *
+ * {@inheritDoc}
+ *
* @see Acl
* @since 2.3
+ * @deprecated use {@link org.apache.wiki.api.core.AclEntry} insteaad
+ * @see org.apache.wiki.api.core.AclEntry
*/
-public interface AclEntry
-{
-
- /**
- * Adds the specified permission to this ACL entry. The permission
- * <em>must</em> be of type
- * {@link org.apache.wiki.auth.permissions.PagePermission}. Note: An entry
- * can have multiple permissions.
- * @param permission the permission to be associated with the principal in
- * this entry
- * @return <code>true</code> if the permission was added,
- * <code>false</code> if the permission was
- * already part of this entry's permission set, and <code>false</code> if
- * the permission is not of type PagePermission
- */
- boolean addPermission(Permission permission);
-
- /**
- * Checks if the specified permission is part of the permission set in this
- * entry.
- * @param permission the permission to be checked for.
- * @return true if the permission is part of the permission set in this entry,
- * false otherwise.
- */
- boolean checkPermission(Permission permission);
-
- /**
- * Returns the principal for which permissions are granted by this
- * ACL entry. Returns null if there is no principal set for this entry yet.
- * @return the principal associated with this entry.
- */
- Principal getPrincipal();
-
- /**
- * Returns an enumeration of the permissions in this ACL entry.
- * @return an enumeration of the permissions
- */
- Enumeration< Permission > permissions();
-
- /**
- * Removes the specified permission from this ACL entry.
- * @param permission the permission to be removed from this entry.
- * @return true if the permission is removed, false if the permission was not
- * part of this entry's permission set.
- */
- boolean removePermission(Permission permission);
-
- /**
- * Specifies the principal for which permissions are granted or denied by
- * this ACL entry. If a principal was already set for this ACL entry, false
- * is returned, otherwise true is returned.
- * @param user the principal to be set for this entry
- * @return true if the principal is set, false if there was already a
- * principal set for this entry
- */
- boolean setPrincipal(Principal user);
-
- /**
- * Returns a string representation of the contents of this ACL entry.
- * @return a string representation of the contents.
- */
- String toString();
+@Deprecated
+public interface AclEntry extends org.apache.wiki.api.core.AclEntry {
}
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclImpl.java b/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclImpl.java
index 0a5d0ab..8688e0b 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclImpl.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclImpl.java
@@ -18,67 +18,62 @@
*/
package org.apache.wiki.auth.acl;
+import org.apache.wiki.api.core.AclEntry;
+
import java.io.Serializable;
import java.security.Permission;
import java.security.Principal;
import java.util.Enumeration;
import java.util.Vector;
+
/**
- * JSPWiki implementation of an Access Control List.
+ * JSPWiki implementation of an Access Control List.
*
- * @since 2.3
+ * @since 2.3
*/
-public class AclImpl implements Acl, Serializable
-{
+public class AclImpl implements Acl, Serializable {
+
private static final long serialVersionUID = 1L;
- private final Vector<AclEntry> m_entries = new Vector<>();
+ private final Vector< AclEntry > m_entries = new Vector<>();
/**
* Constructs a new AclImpl instance.
*/
- public AclImpl()
- {
+ public AclImpl() {
}
-
- /**
- * Returns all Principal objects assigned a given Permission in the access control list. The Principals returned are those that have
- * been granted either the supplied permission, or a permission implied by the supplied permission. Principals are not "expanded" if
- * they are a role or group.
- *
- * @param permission the permission to search for
- * @return an array of Principals possessing the permission
- */
+
+ /** {@inheritDoc} */
+ @Override
public Principal[] findPrincipals( final Permission permission ) {
final Vector< Principal > principals = new Vector<>();
- final Enumeration< AclEntry > entries = entries();
-
+ final Enumeration< AclEntry > entries = aclEntries();
while( entries.hasMoreElements() ) {
final AclEntry entry = entries.nextElement();
final Enumeration< Permission > permissions = entry.permissions();
while( permissions.hasMoreElements() ) {
final Permission perm = permissions.nextElement();
- if ( perm.implies( permission ) ) {
+ if( perm.implies( permission ) ) {
principals.add( entry.getPrincipal() );
}
}
}
return principals.toArray( new Principal[ principals.size() ] );
}
-
+
private boolean hasEntry( final AclEntry entry ) {
if( entry == null ) {
return false;
}
for( final AclEntry e : m_entries ) {
- final Principal ep = e.getPrincipal();
+ final Principal ep = e.getPrincipal();
final Principal entryp = entry.getPrincipal();
if( ep == null || entryp == null ) {
- throw new IllegalArgumentException( "Entry is null; check code, please (entry="+entry+"; e="+e+")" );
+ throw new IllegalArgumentException( "Entry is null; check code, please (entry=" + entry + "; e=" + e + ")" );
}
-
+
if( ep.getName().equals( entryp.getName() ) ) {
return true;
}
@@ -87,15 +82,8 @@ public class AclImpl implements Acl, Serializable
return false;
}
- /**
- * Adds an ACL entry to this ACL. An entry associates a principal (e.g., an individual or a group) with a set of permissions. Each
- * principal can have at most one positive ACL entry, specifying permissions to be granted to the principal. If there is already an
- * ACL entry already in the ACL, false is returned.
- *
- * @param entry - the ACL entry to be added to this ACL
- * @return true on success, false if an entry of the same type (positive or negative) for the same principal is already present in
- * this ACL
- */
+ /** {@inheritDoc} */
+ @Override
public synchronized boolean addEntry( final AclEntry entry ) {
if( entry.getPrincipal() == null ) {
throw new IllegalArgumentException( "Entry principal cannot be null" );
@@ -104,39 +92,27 @@ public class AclImpl implements Acl, Serializable
if( hasEntry( entry ) ) {
return false;
}
-
+
m_entries.add( entry );
return true;
}
- /**
- * Removes an ACL entry from this ACL.
- * @param entry the ACL entry to be removed from this ACL
- * @return true on success, false if the entry is not part of this ACL
- */
- public synchronized boolean removeEntry( final AclEntry entry )
- {
+ /** {@inheritDoc} */
+ @Override
+ public synchronized boolean removeEntry( final AclEntry entry ) {
return m_entries.remove( entry );
}
- /**
- * Returns an enumeration of the entries in this ACL. Each element in the
- * enumeration is of type AclEntry.
- * @return an enumeration of the entries in this ACL.
- */
- public Enumeration< AclEntry > entries()
- {
+ /** {@inheritDoc} */
+ @Override
+ public Enumeration< AclEntry > aclEntries() {
return m_entries.elements();
}
- /**
- * Returns an AclEntry for a supplied Principal, or <code>null</code> if the Principal does not have a matching AclEntry.
- *
- * @param principal the principal to search for
- * @return the AclEntry associated with the principal, or <code>null</code>
- */
- public AclEntry getEntry( final Principal principal ) {
+ /** {@inheritDoc} */
+ @Override
+ public AclEntry getAclEntry( final Principal principal ) {
for( final AclEntry entry : m_entries ) {
if( entry.getPrincipal().getName().equals( principal.getName() ) ) {
return entry;
@@ -146,13 +122,16 @@ public class AclImpl implements Acl, Serializable
return null;
}
- /**
- * Returns a string representation of the contents of this Acl.
- *
- * @return the string representation
- */
+ /** {@inheritDoc} */
+ @Override
+ public boolean isEmpty() {
+ return m_entries.isEmpty();
+ }
+
+ /** {@inheritDoc} */
+ @Override
public String toString() {
- final StringBuilder sb = new StringBuilder();
+ final StringBuilder sb = new StringBuilder();
for( final AclEntry entry : m_entries ) {
final Principal pal = entry.getPrincipal();
if( pal != null ) {
@@ -167,19 +146,8 @@ public class AclImpl implements Acl, Serializable
}
sb.append( ")\n" );
}
-
return sb.toString();
}
- /**
- * Returns <code>true</code>, if this Acl is empty.
- *
- * @return the result
- * @since 2.4.68
- */
- public boolean isEmpty() {
- return m_entries.isEmpty();
- }
-
}
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclManager.java b/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclManager.java
index 17ae713..357db2e 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclManager.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/AclManager.java
@@ -18,8 +18,9 @@
*/
package org.apache.wiki.auth.acl;
-import org.apache.wiki.WikiPage;
+import org.apache.wiki.api.core.Acl;
import org.apache.wiki.api.core.Engine;
+import org.apache.wiki.api.core.Page;
import org.apache.wiki.auth.WikiSecurityException;
import java.util.Properties;
@@ -50,7 +51,7 @@ public interface AclManager {
* @throws WikiSecurityException if the ruleLine was faulty somehow.
* @since 2.1.121
*/
- Acl parseAcl( WikiPage page, String ruleLine ) throws WikiSecurityException;
+ Acl parseAcl( Page page, String ruleLine ) throws WikiSecurityException;
/**
* Returns the access control list for the page. If the ACL has not been parsed yet, it is done on-the-fly. If the page has a
@@ -61,7 +62,7 @@ public interface AclManager {
* @since 2.2.121
* @return the Acl representing permissions for the page
*/
- Acl getPermissions( WikiPage page );
+ Acl getPermissions( Page page );
/**
* Sets the access control list for the page and persists it.
@@ -71,6 +72,6 @@ public interface AclManager {
* @since 2.5
* @throws WikiSecurityException if the ACL cannot be set or persisted
*/
- void setPermissions( WikiPage page, Acl acl ) throws WikiSecurityException;
+ void setPermissions( Page page, Acl acl ) throws WikiSecurityException;
}
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/DefaultAclManager.java b/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/DefaultAclManager.java
index 5f9a531..3ecda49 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/DefaultAclManager.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/auth/acl/DefaultAclManager.java
@@ -20,11 +20,13 @@ package org.apache.wiki.auth.acl;
import org.apache.log4j.Logger;
import org.apache.wiki.WikiContext;
-import org.apache.wiki.WikiPage;
+import org.apache.wiki.api.core.Acl;
+import org.apache.wiki.api.core.AclEntry;
+import org.apache.wiki.api.core.Attachment;
import org.apache.wiki.api.core.Context;
import org.apache.wiki.api.core.Engine;
+import org.apache.wiki.api.core.Page;
import org.apache.wiki.api.exceptions.ProviderException;
-import org.apache.wiki.attachment.Attachment;
import org.apache.wiki.auth.AuthorizationManager;
import org.apache.wiki.auth.WikiSecurityException;
import org.apache.wiki.auth.permissions.PagePermission;
@@ -85,7 +87,7 @@ public class DefaultAclManager implements AclManager {
/** {@inheritDoc} */
@Override
- public Acl parseAcl( final WikiPage page, final String ruleLine ) throws WikiSecurityException {
+ public Acl parseAcl( final Page page, final String ruleLine ) throws WikiSecurityException {
Acl acl = page.getAcl();
if (acl == null) {
acl = new AclImpl();
@@ -99,7 +101,7 @@ public class DefaultAclManager implements AclManager {
while( fieldToks.hasMoreTokens() ) {
final String principalName = fieldToks.nextToken(",").trim();
final Principal principal = m_auth.resolvePrincipal(principalName);
- final AclEntry oldEntry = acl.getEntry(principal);
+ final AclEntry oldEntry = acl.getAclEntry(principal);
if( oldEntry != null ) {
log.debug( "Adding to old acl list: " + principal + ", " + actions );
@@ -129,7 +131,7 @@ public class DefaultAclManager implements AclManager {
/** {@inheritDoc} */
@Override
- public Acl getPermissions( final WikiPage page ) {
+ public Acl getPermissions( final Page page ) {
// Does the page already have cached ACLs?
Acl acl = page.getAcl();
log.debug( "page=" + page.getName() + "\n" + acl );
@@ -137,7 +139,7 @@ public class DefaultAclManager implements AclManager {
if( acl == null ) {
// If null, try the parent.
if( page instanceof Attachment ) {
- final WikiPage parent = ( WikiPage )m_engine.getManager( PageManager.class ).getPage( ( ( Attachment ) page ).getParentName() );
+ final Page parent = m_engine.getManager( PageManager.class ).getPage( ( ( Attachment ) page ).getParentName() );
acl = getPermissions(parent);
} else {
// Or, try parsing the page
@@ -157,7 +159,7 @@ public class DefaultAclManager implements AclManager {
/** {@inheritDoc} */
@Override
- public void setPermissions( final WikiPage page, final Acl acl ) throws WikiSecurityException {
+ public void setPermissions( final Page page, final Acl acl ) throws WikiSecurityException {
final PageManager pageManager = m_engine.getManager( PageManager.class );
// Forcibly expire any page locks
@@ -188,7 +190,7 @@ public class DefaultAclManager implements AclManager {
protected static String printAcl( final Acl acl ) {
// Extract the ACL entries into a Map with keys == permissions, values == principals
final Map< String, List< Principal > > permissionPrincipals = new TreeMap<>();
- final Enumeration< AclEntry > entries = acl.entries();
+ final Enumeration< AclEntry > entries = acl.aclEntries();
while( entries.hasMoreElements() ) {
final AclEntry entry = entries.nextElement();
final Principal principal = entry.getPrincipal();
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/pages/DefaultPageManager.java b/jspwiki-main/src/main/java/org/apache/wiki/pages/DefaultPageManager.java
index eaa8934..0b17008 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/pages/DefaultPageManager.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/pages/DefaultPageManager.java
@@ -22,6 +22,8 @@ import org.apache.commons.lang3.ArrayUtils;
import org.apache.log4j.Logger;
import org.apache.wiki.WikiBackgroundThread;
import org.apache.wiki.WikiPage;
+import org.apache.wiki.api.core.Acl;
+import org.apache.wiki.api.core.AclEntry;
import org.apache.wiki.api.core.Attachment;
import org.apache.wiki.api.core.Context;
import org.apache.wiki.api.core.Engine;
@@ -34,8 +36,6 @@ import org.apache.wiki.api.providers.WikiProvider;
import org.apache.wiki.attachment.AttachmentManager;
import org.apache.wiki.auth.WikiPrincipal;
import org.apache.wiki.auth.WikiSecurityException;
-import org.apache.wiki.auth.acl.Acl;
-import org.apache.wiki.auth.acl.AclEntry;
import org.apache.wiki.auth.acl.AclEntryImpl;
import org.apache.wiki.auth.acl.AclManager;
import org.apache.wiki.auth.user.UserProfile;
@@ -707,11 +707,11 @@ public class DefaultPageManager implements PageManager {
int pagesChanged = 0;
final Collection< Page > pages = getAllPages();
for( final Page page : pages ) {
- final boolean aclChanged = changeAcl( ( WikiPage )page, oldPrincipals, newPrincipal );
+ final boolean aclChanged = changeAcl( page, oldPrincipals, newPrincipal );
if( aclChanged ) {
// If the Acl needed changing, change it now
try {
- m_engine.getManager( AclManager.class ).setPermissions( ( WikiPage )page, ( ( WikiPage )page ).getAcl() );
+ m_engine.getManager( AclManager.class ).setPermissions( page, page.getAcl() );
} catch( final WikiSecurityException e ) {
LOG.error("Could not change page ACL for page " + page.getName() + ": " + e.getMessage(), e);
}
@@ -735,11 +735,11 @@ public class DefaultPageManager implements PageManager {
* @param newPrincipal the Principal that should receive the old Principals' permissions
* @return <code>true</code> if the Acl was actually changed; <code>false</code> otherwise
*/
- protected boolean changeAcl( final WikiPage page, final Principal[] oldPrincipals, final Principal newPrincipal ) {
+ protected boolean changeAcl( final Page page, final Principal[] oldPrincipals, final Principal newPrincipal ) {
final Acl acl = page.getAcl();
boolean pageChanged = false;
if( acl != null ) {
- final Enumeration< AclEntry > entries = acl.entries();
+ final Enumeration< AclEntry > entries = acl.aclEntries();
final Collection< AclEntry > entriesToAdd = new ArrayList<>();
final Collection< AclEntry > entriesToRemove = new ArrayList<>();
while( entries.hasMoreElements() ) {
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/parser/JSPWikiMarkupParser.java b/jspwiki-main/src/main/java/org/apache/wiki/parser/JSPWikiMarkupParser.java
index 9aee850..17669f9 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/parser/JSPWikiMarkupParser.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/parser/JSPWikiMarkupParser.java
@@ -32,6 +32,7 @@ import org.apache.wiki.InternalWikiException;
import org.apache.wiki.StringTransmutator;
import org.apache.wiki.WikiContext;
import org.apache.wiki.WikiPage;
+import org.apache.wiki.api.core.Acl;
import org.apache.wiki.api.core.Context;
import org.apache.wiki.api.exceptions.PluginException;
import org.apache.wiki.api.plugin.Plugin;
@@ -39,7 +40,6 @@ import org.apache.wiki.attachment.AttachmentManager;
import org.apache.wiki.auth.AuthorizationManager;
import org.apache.wiki.auth.UserManager;
import org.apache.wiki.auth.WikiSecurityException;
-import org.apache.wiki.auth.acl.Acl;
import org.apache.wiki.auth.acl.AclManager;
import org.apache.wiki.i18n.InternationalizationManager;
import org.apache.wiki.preferences.Preferences;
diff --git a/jspwiki-main/src/test/java/org/apache/wiki/auth/acl/DefaultAclManagerTest.java b/jspwiki-main/src/test/java/org/apache/wiki/auth/acl/DefaultAclManagerTest.java
index d1fccb7..37323ba 100644
--- a/jspwiki-main/src/test/java/org/apache/wiki/auth/acl/DefaultAclManagerTest.java
+++ b/jspwiki-main/src/test/java/org/apache/wiki/auth/acl/DefaultAclManagerTest.java
@@ -20,7 +20,9 @@ package org.apache.wiki.auth.acl;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.wiki.TestEngine;
-import org.apache.wiki.WikiPage;
+import org.apache.wiki.api.core.Acl;
+import org.apache.wiki.api.core.AclEntry;
+import org.apache.wiki.api.core.Page;
import org.apache.wiki.api.exceptions.ProviderException;
import org.apache.wiki.auth.WikiPrincipal;
import org.apache.wiki.auth.permissions.PermissionFactory;
@@ -55,12 +57,12 @@ public class DefaultAclManagerTest
@Test
public void testGetPermissions()
{
- WikiPage page = ( WikiPage )m_engine.getManager( PageManager.class ).getPage( "TestDefaultPage" );
+ Page page = m_engine.getManager( PageManager.class ).getPage( "TestDefaultPage" );
Acl acl = m_engine.getManager( AclManager.class ).getPermissions( page );
Assertions.assertNotNull( page.getAcl() );
Assertions.assertTrue(page.getAcl().isEmpty());
- page = ( WikiPage )m_engine.getManager( PageManager.class ).getPage( "TestAclPage" );
+ page = m_engine.getManager( PageManager.class ).getPage( "TestAclPage" );
acl = m_engine.getManager( AclManager.class ).getPermissions( page );
Assertions.assertNotNull( page.getAcl() );
Assertions.assertFalse(page.getAcl().isEmpty());
@@ -161,7 +163,7 @@ public class DefaultAclManagerTest
public void testPrintAcl()
{
// Verify that the printed Acl for the test page is OK
- final WikiPage page = ( WikiPage )m_engine.getManager( PageManager.class ).getPage( "TestAclPage" );
+ final Page page = m_engine.getManager( PageManager.class ).getPage( "TestAclPage" );
Acl acl = m_engine.getManager( AclManager.class ).getPermissions( page );
final String aclString = DefaultAclManager.printAcl( acl );
Assertions.assertEquals( "[{ALLOW edit Charlie,Herman}]\n", aclString );
diff --git a/jspwiki-markdown/src/main/java/org/apache/wiki/markdown/extensions/jspwikilinks/postprocessor/AccessRuleLinkNodePostProcessorState.java b/jspwiki-markdown/src/main/java/org/apache/wiki/markdown/extensions/jspwikilinks/postprocessor/AccessRuleLinkNodePostProcessorState.java
index 3ee509e..86abb70 100755
--- a/jspwiki-markdown/src/main/java/org/apache/wiki/markdown/extensions/jspwikilinks/postprocessor/AccessRuleLinkNodePostProcessorState.java
+++ b/jspwiki-markdown/src/main/java/org/apache/wiki/markdown/extensions/jspwikilinks/postprocessor/AccessRuleLinkNodePostProcessorState.java
@@ -21,10 +21,10 @@ package org.apache.wiki.markdown.extensions.jspwikilinks.postprocessor;
import com.vladsch.flexmark.util.ast.Node;
import com.vladsch.flexmark.util.ast.NodeTracker;
import org.apache.log4j.Logger;
-import org.apache.wiki.WikiPage;
+import org.apache.wiki.api.core.Acl;
import org.apache.wiki.api.core.Context;
+import org.apache.wiki.api.core.Page;
import org.apache.wiki.auth.WikiSecurityException;
-import org.apache.wiki.auth.acl.Acl;
import org.apache.wiki.auth.acl.AclManager;
import org.apache.wiki.markdown.nodes.JSPWikiLink;
import org.apache.wiki.render.RenderingManager;
@@ -54,7 +54,7 @@ public class AccessRuleLinkNodePostProcessorState implements NodePostProcessorSt
public void process( final NodeTracker state, final JSPWikiLink link ) {
String ruleLine = NodePostProcessorStateCommonOperations.inlineLinkTextOnWysiwyg( state, link, m_wysiwygEditorMode );
if( wikiContext.getEngine().getManager( RenderingManager.class ).getParser( wikiContext, link.getUrl().toString() ).isParseAccessRules() ) {
- final WikiPage page = ( WikiPage )wikiContext.getRealPage();
+ final Page page = wikiContext.getRealPage();
if( ruleLine.startsWith( "{" ) ) {
ruleLine = ruleLine.substring( 1 );
}