You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/03/13 17:41:48 UTC
svn commit: r1456043 - in
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak:
core/ImmutableTree.java
security/authorization/permission/PermissionProviderImpl.java
Author: angela
Date: Wed Mar 13 16:41:48 2013
New Revision: 1456043
URL: http://svn.apache.org/r1456043
Log:
OAK-527: permissions (wip, mark all nodestates underneath a hidden node as hidden)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java?rev=1456043&r1=1456042&r2=1456043&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ImmutableTree.java Wed Mar 13 16:41:48 2013
@@ -189,6 +189,7 @@ public final class ImmutableTree extends
int TYPE_DEFAULT = 1;
int TYPE_VERSION = 2;
int TYPE_AC = 4;
+ int TYPE_HIDDEN = 8;
TypeProvider EMPTY = new TypeProvider() {
@Override
@@ -217,14 +218,20 @@ public final class ImmutableTree extends
int type;
switch (parent.getType()) {
+ case TYPE_HIDDEN:
+ type = TYPE_HIDDEN;
+ break;
case TYPE_VERSION:
- type = parent.getType();
+ type = TYPE_VERSION;
break;
case TYPE_AC:
- type = parent.getType();
+ type = TYPE_AC;
break;
default:
- if (VersionConstants.VERSION_NODE_NAMES.contains(tree.getName()) ||
+ String name = tree.getName();
+ if (NodeStateUtils.isHidden(name)) {
+ type = TYPE_HIDDEN;
+ } else if (VersionConstants.VERSION_NODE_NAMES.contains(name) ||
VersionConstants.VERSION_NODE_TYPE_NAMES.contains(NodeStateUtils.getPrimaryTypeName(tree.getNodeState()))) {
type = TYPE_VERSION;
} else if (contextInfo.definesTree(tree)) {
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java?rev=1456043&r1=1456042&r2=1456043&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java Wed Mar 13 16:41:48 2013
@@ -42,6 +42,7 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.authorization.Permissions;
import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
import org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal;
+import org.apache.jackrabbit.oak.spi.state.NodeStateUtils;
import org.apache.jackrabbit.oak.util.TreeUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -102,7 +103,9 @@ public class PermissionProviderImpl impl
@Override
public boolean canRead(@Nonnull Tree tree) {
- if (isAccessControlContent(tree)) {
+ if (isHidden(tree, null)) {
+ return false;
+ } else if (isAccessControlContent(tree)) {
return canReadAccessControlContent(tree, null);
} else if (isVersionContent(tree)) {
return canReadVersionContent(tree, null);
@@ -113,7 +116,9 @@ public class PermissionProviderImpl impl
@Override
public boolean canRead(@Nonnull Tree tree, @Nonnull PropertyState property) {
- if (isAccessControlContent(tree)) {
+ if (isHidden(tree, property)) {
+ return false;
+ } else if (isAccessControlContent(tree)) {
return canReadAccessControlContent(tree, property);
} else if (isVersionContent(tree)) {
return canReadVersionContent(tree, property);
@@ -198,7 +203,12 @@ public class PermissionProviderImpl impl
return new PrivilegeBitsProvider(getImmutableRoot());
}
- private boolean isAccessControlContent(@Nonnull Tree tree) {
+ private static boolean isHidden(@Nonnull Tree tree, @Nullable PropertyState propertyState) {
+ return ImmutableTree.TypeProvider.TYPE_HIDDEN == ImmutableTree.getType(tree)
+ || (propertyState != null && NodeStateUtils.isHidden(propertyState.getName()));
+ }
+
+ private static boolean isAccessControlContent(@Nonnull Tree tree) {
return ImmutableTree.TypeProvider.TYPE_AC == ImmutableTree.getType(tree);
}