You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by an...@apache.org on 2012/06/26 12:28:59 UTC
svn commit: r1353920 - in
/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core:
NodeImpl.java security/authorization/acl/ACLProvider.java
security/authorization/acl/ACLTemplate.java
security/authorization/acl/EntryCollector.java
Author: angela
Date: Tue Jun 26 10:28:57 2012
New Revision: 1353920
URL: http://svn.apache.org/viewvc?rev=1353920&view=rev
Log:
JCR-3352 : Minor improvements for collecting ACEs
Modified:
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/NodeImpl.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLProvider.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/EntryCollector.java
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/NodeImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/NodeImpl.java?rev=1353920&r1=1353919&r2=1353920&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/NodeImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/NodeImpl.java Tue Jun 26 10:28:57 2012
@@ -595,8 +595,7 @@ public class NodeImpl extends ItemImpl i
protected void removeChildNode(NodeId childId) throws RepositoryException {
// modify the state of 'this', i.e. the parent node
NodeState thisState = (NodeState) getOrCreateTransientItemState();
- ChildNodeEntry entry =
- thisState.getChildNodeEntry(childId);
+ ChildNodeEntry entry = thisState.getChildNodeEntry(childId);
if (entry == null) {
String msg = "failed to remove child " + childId + " of " + this;
log.debug(msg);
@@ -923,9 +922,6 @@ public class NodeImpl extends ItemImpl i
* otherwise <code>false</code>
*/
public boolean isNodeType(Name ntName) throws RepositoryException {
- // check state of this instance
- sanityCheck();
-
// first do trivial checks without using type hierarchy
Name primary = data.getNodeState().getNodeTypeName();
if (ntName.equals(primary)) {
@@ -1360,6 +1356,33 @@ public class NodeImpl extends ItemImpl i
}
/**
+ * Returns the name of the primary node type as exposed on the node state
+ * without retrieving the node type.
+ *
+ * @return the name of the primary node type.
+ */
+ public Name getPrimaryNodeTypeName() {
+ return data.getNodeState().getNodeTypeName();
+ }
+
+ /**
+ * Test if the given node is access controlled. The node is access
+ * controlled if it is of node type
+ * {@link org.apache.jackrabbit.core.security.authorization.AccessControlConstants#NT_REP_ACCESS_CONTROLLABLE "rep:AccessControllable"}
+ * and if it has a child node named
+ * {@link org.apache.jackrabbit.core.security.authorization.AccessControlConstants#N_POLICY}.
+ *
+ * @param node the node to be tested
+ * @return <code>true</code> if the node is access controlled and has a
+ * rep:policy child; <code>false</code> otherwise.
+ * @throws RepositoryException if an error occurs
+ */
+ public boolean isAccessControllable() throws RepositoryException {
+ return data.getNodeState().hasChildNodeEntry(NameConstants.REP_POLICY, 1)
+ && isNodeType(NameConstants.REP_ACCESS_CONTROLLABLE);
+ }
+
+ /**
* Same as <code>{@link Node#orderBefore(String, String)}</code> except that
* this method takes a <code>Path.Element</code> arguments instead of
* <code>String</code>s.
@@ -2268,6 +2291,9 @@ public class NodeImpl extends ItemImpl i
* {@inheritDoc}
*/
public boolean isNodeType(String nodeTypeName) throws RepositoryException {
+ // check state of this instance
+ sanityCheck();
+
try {
return isNodeType(sessionContext.getQName(nodeTypeName));
} catch (NameException e) {
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLProvider.java?rev=1353920&r1=1353919&r2=1353920&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLProvider.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLProvider.java Tue Jun 26 10:28:57 2012
@@ -354,19 +354,15 @@ public class ACLProvider extends Abstrac
}
/**
- * Test if the given node is access controlled. The node is access
- * controlled if it is of node type
- * {@link AccessControlConstants#NT_REP_ACCESS_CONTROLLABLE "rep:AccessControllable"}
- * and if it has a child node named
- * {@link AccessControlConstants#N_POLICY}.
+ * Test if the given node is access controlled.
*
* @param node the node to be tested
- * @return <code>true</code> if the node is access controlled and has a
- * rep:policy child; <code>false</code> otherwise.
+ * @return <code>true</code> if the node is access controlled.
* @throws RepositoryException if an error occurs
+ * @see org.apache.jackrabbit.core.NodeImpl#isAccessControllable()
*/
static boolean isAccessControlled(NodeImpl node) throws RepositoryException {
- return node.hasNode(N_POLICY) && node.isNodeType(NT_REP_ACCESS_CONTROLLABLE);
+ return node.isAccessControllable();
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java?rev=1353920&r1=1353919&r2=1353920&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java Tue Jun 26 10:28:57 2012
@@ -21,7 +21,6 @@ import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
-import java.util.Set;
import javax.jcr.NamespaceException;
import javax.jcr.NodeIterator;
@@ -31,7 +30,6 @@ import javax.jcr.Value;
import javax.jcr.ValueFactory;
import javax.jcr.security.AccessControlEntry;
import javax.jcr.security.AccessControlException;
-import javax.jcr.security.AccessControlManager;
import javax.jcr.security.Privilege;
import org.apache.jackrabbit.api.JackrabbitWorkspace;
@@ -41,7 +39,6 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.core.NodeImpl;
import org.apache.jackrabbit.core.SessionImpl;
import org.apache.jackrabbit.core.id.NodeId;
-import org.apache.jackrabbit.core.nodetype.NodeTypeImpl;
import org.apache.jackrabbit.core.security.authorization.AbstractACLTemplate;
import org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl;
import org.apache.jackrabbit.core.security.authorization.PrivilegeBits;
@@ -145,7 +142,7 @@ class ACLTemplate extends AbstractACLTem
*/
ACLTemplate(NodeImpl aclNode, String path) throws RepositoryException {
super(path, (aclNode != null) ? aclNode.getSession().getValueFactory() : null);
- if (aclNode == null || !NT_REP_ACL.equals(((NodeTypeImpl)aclNode.getPrimaryNodeType()).getQName())) {
+ if (aclNode == null || !NT_REP_ACL.equals(aclNode.getPrimaryNodeTypeName())) {
throw new IllegalArgumentException("Node must be of type 'rep:ACL'");
}
SessionImpl sImpl = (SessionImpl) aclNode.getSession();
@@ -179,9 +176,8 @@ class ACLTemplate extends AbstractACLTem
restrictions = Collections.singletonMap(jcrRepGlob, aceNode.getProperty(P_GLOB).getValue());
}
// create a new ACEImpl (omitting validation check)
- Entry ace = new Entry(princ, privilegeMgr.getBits(privNames),
- NT_REP_GRANT_ACE.equals(((NodeTypeImpl) aceNode.getPrimaryNodeType()).getQName()),
- restrictions);
+ boolean isAllow = NT_REP_GRANT_ACE.equals(aceNode.getPrimaryNodeTypeName());
+ Entry ace = new Entry(princ, privilegeMgr.getBits(privNames), isAllow, restrictions);
// add the entry omitting any validation.
entries.add(ace);
} catch (RepositoryException e) {
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/EntryCollector.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/EntryCollector.java?rev=1353920&r1=1353919&r2=1353920&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/EntryCollector.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/EntryCollector.java Tue Jun 26 10:28:57 2012
@@ -139,7 +139,7 @@ public class EntryCollector extends Acce
NodeImpl root = (NodeImpl) systemSession.getRootNode();
if (ACLProvider.isRepoAccessControlled(root)) {
NodeImpl aclNode = root.getNode(N_REPO_POLICY);
- filterEntries(filter, new ACLTemplate(aclNode).getEntries(), userAces, groupAces);
+ filterEntries(filter, new ACLTemplate(aclNode, null).getEntries(), userAces, groupAces);
}
} else {
filterEntries(filter, getEntries(node).getACEs(), userAces, groupAces);
@@ -189,7 +189,7 @@ public class EntryCollector extends Acce
if (ACLProvider.isAccessControlled(node)) {
// collect the aces of that node.
NodeImpl aclNode = node.getNode(N_POLICY);
- aces = new ACLTemplate(aclNode).getEntries();
+ aces = new ACLTemplate(aclNode, node.getPath()).getEntries();
} else {
// not access controlled
aces = Collections.emptyList();