You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/03/13 17:41:48 UTC

svn commit: r1456043 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak: core/ImmutableTree.java security/authorization/permission/PermissionProviderImpl.java

Author: angela
Date: Wed Mar 13 16:41:48 2013
New Revision: 1456043

URL: http://svn.apache.org/r1456043
Log:
OAK-527: permissions (wip, mark all nodestates underneath a hidden node as hidden)

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java?rev=1456043&r1=1456042&r2=1456043&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java Wed Mar 13 16:41:48 2013
@@ -189,6 +189,7 @@ public final class ImmutableTree extends
         int TYPE_DEFAULT = 1;
         int TYPE_VERSION = 2;
         int TYPE_AC = 4;
+        int TYPE_HIDDEN = 8;
 
         TypeProvider EMPTY = new TypeProvider() {
             @Override
@@ -217,14 +218,20 @@ public final class ImmutableTree extends
 
             int type;
             switch (parent.getType()) {
+                case TYPE_HIDDEN:
+                    type = TYPE_HIDDEN;
+                    break;
                 case TYPE_VERSION:
-                    type = parent.getType();
+                    type = TYPE_VERSION;
                     break;
                 case TYPE_AC:
-                    type = parent.getType();
+                    type = TYPE_AC;
                     break;
                 default:
-                    if (VersionConstants.VERSION_NODE_NAMES.contains(tree.getName()) ||
+                    String name = tree.getName();
+                    if (NodeStateUtils.isHidden(name)) {
+                        type = TYPE_HIDDEN;
+                    } else if (VersionConstants.VERSION_NODE_NAMES.contains(name) ||
                             VersionConstants.VERSION_NODE_TYPE_NAMES.contains(NodeStateUtils.getPrimaryTypeName(tree.getNodeState()))) {
                         type = TYPE_VERSION;
                     } else if (contextInfo.definesTree(tree)) {

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java?rev=1456043&r1=1456042&r2=1456043&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java Wed Mar 13 16:41:48 2013
@@ -42,6 +42,7 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.authorization.Permissions;
 import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
 import org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal;
+import org.apache.jackrabbit.oak.spi.state.NodeStateUtils;
 import org.apache.jackrabbit.oak.util.TreeUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -102,7 +103,9 @@ public class PermissionProviderImpl impl
 
     @Override
     public boolean canRead(@Nonnull Tree tree) {
-        if (isAccessControlContent(tree)) {
+        if (isHidden(tree, null)) {
+            return false;
+        } else if (isAccessControlContent(tree)) {
             return canReadAccessControlContent(tree, null);
         } else if (isVersionContent(tree)) {
             return canReadVersionContent(tree, null);
@@ -113,7 +116,9 @@ public class PermissionProviderImpl impl
 
     @Override
     public boolean canRead(@Nonnull Tree tree, @Nonnull PropertyState property) {
-        if (isAccessControlContent(tree)) {
+        if (isHidden(tree, property)) {
+            return false;
+        } else if (isAccessControlContent(tree)) {
             return canReadAccessControlContent(tree, property);
         } else if (isVersionContent(tree)) {
             return canReadVersionContent(tree, property);
@@ -198,7 +203,12 @@ public class PermissionProviderImpl impl
         return new PrivilegeBitsProvider(getImmutableRoot());
     }
 
-    private boolean isAccessControlContent(@Nonnull Tree tree) {
+    private static boolean isHidden(@Nonnull Tree tree, @Nullable PropertyState propertyState) {
+        return ImmutableTree.TypeProvider.TYPE_HIDDEN == ImmutableTree.getType(tree)
+                || (propertyState != null && NodeStateUtils.isHidden(propertyState.getName()));
+    }
+
+    private static boolean isAccessControlContent(@Nonnull Tree tree) {
         return ImmutableTree.TypeProvider.TYPE_AC == ImmutableTree.getType(tree);
     }