You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by an...@apache.org on 2009/03/25 15:10:02 UTC
svn commit: r758265 - in /jackrabbit/trunk/jackrabbit-core/src:
main/java/org/apache/jackrabbit/core/security/authorization/
main/java/org/apache/jackrabbit/core/security/authorization/acl/
main/java/org/apache/jackrabbit/core/security/authorization/pr...
Author: angela
Date: Wed Mar 25 14:09:53 2009
New Revision: 758265
URL: http://svn.apache.org/viewvc?rev=758265&view=rev
Log:
JCR-1588: Access Control
- use valuefactory from session rather that ValueFactoryImpl
Modified:
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AccessControlEntryImpl.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/EntryTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplateTest.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EntryTest.java
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AccessControlEntryImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AccessControlEntryImpl.java?rev=758265&r1=758264&r2=758265&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AccessControlEntryImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/AccessControlEntryImpl.java Wed Mar 25 14:09:53 2009
@@ -20,7 +20,6 @@
import org.apache.jackrabbit.api.jsr283.security.Privilege;
import org.apache.jackrabbit.value.StringValue;
import org.apache.jackrabbit.value.ValueHelper;
-import org.apache.jackrabbit.value.ValueFactoryImpl;
import javax.jcr.Value;
import javax.jcr.ValueFactory;
@@ -37,8 +36,6 @@
*/
public abstract class AccessControlEntryImpl implements JackrabbitAccessControlEntry {
- private static final ValueFactory VALUE_FACTORY = ValueFactoryImpl.getInstance();
-
/**
* Privileges contained in this entry
*/
@@ -67,6 +64,11 @@
private final Map restrictions;
/**
+ * Value factory
+ */
+ private final ValueFactory valueFactory;
+
+ /**
* Hash code being calculated on demand.
*/
private int hashCode = -1;
@@ -80,7 +82,7 @@
*/
protected AccessControlEntryImpl(Principal principal, Privilege[] privileges)
throws AccessControlException {
- this(principal, privileges, true, null);
+ this(principal, privileges, true, null, null);
}
/**
@@ -93,10 +95,11 @@
* @param restrictions A map of restriction name (String) to restriction
* (Value). See {@link org.apache.jackrabbit.core.security.authorization.JackrabbitAccessControlList#getRestrictionNames()}
* and {@link org.apache.jackrabbit.core.security.authorization.JackrabbitAccessControlList#getRestrictionType(String)}.
+ * @param valueFactory the value factory.
* @throws AccessControlException if either principal or privileges are invalid.
*/
protected AccessControlEntryImpl(Principal principal, Privilege[] privileges,
- boolean isAllow, Map restrictions)
+ boolean isAllow, Map restrictions, ValueFactory valueFactory)
throws AccessControlException {
if (principal == null) {
throw new IllegalArgumentException();
@@ -111,6 +114,8 @@
this.privileges = privileges;
this.privilegeBits = PrivilegeRegistry.getBits(privileges);
this.allow = isAllow;
+ this.valueFactory = valueFactory;
+
if (restrictions == null) {
this.restrictions = Collections.EMPTY_MAP;
} else {
@@ -122,7 +127,7 @@
Value value;
if (v instanceof Value) {
// create copy of the value
- value = ValueHelper.copy((Value) v, VALUE_FACTORY);
+ value = ValueHelper.copy((Value) v, valueFactory);
} else {
// fallback
value = new StringValue(v.toString());
@@ -131,7 +136,7 @@
}
}
}
-
+
/**
* @return the int representation of the privileges defined for this entry.
*/
@@ -189,7 +194,7 @@
*/
public Value getRestriction(String restrictionName) {
if (restrictions.containsKey(restrictionName)) {
- return ValueHelper.copy((Value) restrictions.get(restrictionName), VALUE_FACTORY);
+ return ValueHelper.copy((Value) restrictions.get(restrictionName), valueFactory);
} else {
return null;
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java?rev=758265&r1=758264&r2=758265&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLEditor.java Wed Mar 25 14:09:53 2009
@@ -121,7 +121,8 @@
// rep:AccessControllable mixin set (e.g. due to a lock)
String mixin = session.getJCRName(NT_REP_ACCESS_CONTROLLABLE);
if (controlledNode.isNodeType(mixin) || controlledNode.canAddMixin(mixin)) {
- acl = new ACLTemplate(nodePath, session.getPrincipalManager(), privilegeRegistry);
+ acl = new ACLTemplate(nodePath, session.getPrincipalManager(),
+ privilegeRegistry, session.getValueFactory());
}
} else {
acl = getACL(aclNode);
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java?rev=758265&r1=758264&r2=758265&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplate.java Wed Mar 25 14:09:53 2009
@@ -38,6 +38,7 @@
import javax.jcr.RepositoryException;
import javax.jcr.Value;
import javax.jcr.PropertyType;
+import javax.jcr.ValueFactory;
import java.security.Principal;
import java.security.acl.Group;
import java.util.ArrayList;
@@ -80,16 +81,23 @@
private final PrivilegeRegistry privilegeRegistry;
/**
+ * The value factory
+ */
+ private final ValueFactory valueFactory;
+
+ /**
* Construct a new empty {@link ACLTemplate}.
*
* @param path
* @param privilegeRegistry
* @param principalMgr
*/
- ACLTemplate(String path, PrincipalManager principalMgr, PrivilegeRegistry privilegeRegistry) {
+ ACLTemplate(String path, PrincipalManager principalMgr,
+ PrivilegeRegistry privilegeRegistry, ValueFactory valueFactory) {
this.path = path;
this.principalMgr = principalMgr;
this.privilegeRegistry = privilegeRegistry;
+ this.valueFactory = valueFactory;
}
/**
@@ -107,6 +115,8 @@
SessionImpl sImpl = (SessionImpl) aclNode.getSession();
path = aclNode.getParent().getPath();
principalMgr = sImpl.getPrincipalManager();
+ valueFactory = sImpl.getValueFactory();
+
this.privilegeRegistry = privilegeRegistry;
// load the entries:
@@ -138,7 +148,8 @@
Entry ace = new Entry(
princ,
privs,
- aceNode.isNodeType(AccessControlConstants.NT_REP_GRANT_ACE));
+ aceNode.isNodeType(AccessControlConstants.NT_REP_GRANT_ACE),
+ valueFactory);
// add the entry
internalAdd(ace);
} catch (RepositoryException e) {
@@ -191,7 +202,8 @@
Entry ace = new Entry(
princ,
privs,
- aceNode.isNodeType(AccessControlConstants.NT_REP_GRANT_ACE));
+ aceNode.isNodeType(AccessControlConstants.NT_REP_GRANT_ACE),
+ sImpl.getValueFactory());
// add it to the proper list (e.g. separated by principals)
((List) princToEntries.get(principalName)).add(ace);
}
@@ -246,7 +258,7 @@
int mergedBits = entries[i].getPrivilegeBits() | entry.getPrivilegeBits();
Privilege[] mergedPrivs = privilegeRegistry.getPrivileges(mergedBits);
// omit validation check.
- entry = new Entry(entry.getPrincipal(), mergedPrivs, entry.isAllow());
+ entry = new Entry(entry.getPrincipal(), mergedPrivs, entry.isAllow(), valueFactory);
} else {
complementEntry = entries[i];
}
@@ -265,7 +277,7 @@
// omit validation check
Entry tmpl = new Entry(entry.getPrincipal(),
privilegeRegistry.getPrivileges(resultPrivs),
- !entry.isAllow());
+ !entry.isAllow(), valueFactory);
l.add(tmpl);
} /* else: does not need to be modified.*/
}
@@ -389,7 +401,7 @@
}
checkValidEntry(principal, privileges, isAllow);
- Entry ace = new Entry(principal, privileges, isAllow);
+ Entry ace = new Entry(principal, privileges, isAllow, valueFactory);
return internalAdd(ace);
}
@@ -430,8 +442,8 @@
*/
static class Entry extends AccessControlEntryImpl {
- Entry(Principal principal, Privilege[] privileges, boolean allow) throws AccessControlException {
- super(principal, privileges, allow, Collections.EMPTY_MAP);
+ Entry(Principal principal, Privilege[] privileges, boolean allow, ValueFactory valueFactory) throws AccessControlException {
+ super(principal, privileges, allow, Collections.EMPTY_MAP, valueFactory);
}
}
}
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java?rev=758265&r1=758264&r2=758265&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplate.java Wed Mar 25 14:09:53 2009
@@ -28,7 +28,6 @@
import org.apache.jackrabbit.core.security.authorization.JackrabbitAccessControlList;
import org.apache.jackrabbit.spi.Name;
import org.apache.jackrabbit.spi.commons.conversion.NamePathResolver;
-import org.apache.jackrabbit.value.ValueFactoryImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -59,8 +58,6 @@
private static Logger log = LoggerFactory.getLogger(ACLTemplate.class);
- private static final ValueFactory V_FACTORY = ValueFactoryImpl.getInstance();
-
/**
* rep:nodePath property name (optional if the ACL is stored with the
* node itself).
@@ -75,23 +72,27 @@
private final Principal principal;
private final String path;
+ private final ValueFactory valueFactory;
+
private final List entries = new ArrayList();
private final String jcrNodePathName;
private final String jcrGlobName;
- ACLTemplate(Principal principal, String path, NamePathResolver resolver) throws RepositoryException {
- this(principal, path, null, resolver);
+ ACLTemplate(Principal principal, String path, NamePathResolver resolver, ValueFactory vf) throws RepositoryException {
+ this(principal, path, null, resolver, vf);
}
ACLTemplate(Principal principal, NodeImpl acNode) throws RepositoryException {
- this(principal, acNode.getPath(), acNode, (SessionImpl) acNode.getSession());
+ this(principal, acNode.getPath(), acNode, (SessionImpl) acNode.getSession(), acNode.getSession().getValueFactory());
}
- private ACLTemplate(Principal principal, String path, NodeImpl acNode, NamePathResolver resolver)
+ private ACLTemplate(Principal principal, String path, NodeImpl acNode,
+ NamePathResolver resolver, ValueFactory vf)
throws RepositoryException {
this.principal = principal;
this.path = path;
+ this.valueFactory = vf;
jcrNodePathName = resolver.getJCRName(P_NODE_PATH);
jcrGlobName = resolver.getJCRName(P_GLOB);
@@ -148,13 +149,13 @@
// make sure the nodePath restriction is of type PATH
Value v = (Value) restrictions.get(jcrNodePathName);
if (v.getType() != PropertyType.PATH) {
- v = V_FACTORY.createValue(v.getString(), PropertyType.PATH);
+ v = valueFactory.createValue(v.getString(), PropertyType.PATH);
restrictions.put(jcrNodePathName, v);
}
// ... and glob is of type STRING.
v = (Value) restrictions.get(jcrGlobName);
if (v != null && v.getType() != PropertyType.STRING) {
- v = V_FACTORY.createValue(v.getString(), PropertyType.STRING);
+ v = valueFactory.createValue(v.getString(), PropertyType.STRING);
restrictions.put(jcrGlobName, v);
}
return new Entry(princ, privileges, allow, restrictions);
@@ -226,7 +227,7 @@
log.debug("Restrictions missing. Using default: rep:nodePath = " + getPath() + "; rep:glob = null.");
// default restrictions:
restrictions = Collections.singletonMap(jcrNodePathName,
- V_FACTORY.createValue(getPath(), PropertyType.PATH));
+ valueFactory.createValue(getPath(), PropertyType.PATH));
}
AccessControlEntry entry = createEntry(principal, privileges, isAllow, restrictions);
if (entries.contains(entry)) {
@@ -320,7 +321,7 @@
private Entry(Principal principal, Privilege[] privileges, boolean allow, Map restrictions)
throws AccessControlException, RepositoryException {
- super(principal, privileges, allow, restrictions);
+ super(principal, privileges, allow, restrictions, valueFactory);
// TODO: review again
Value np = getRestriction(jcrNodePathName);
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java?rev=758265&r1=758264&r2=758265&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/ACLTemplateTest.java Wed Mar 25 14:09:53 2009
@@ -46,7 +46,7 @@
SessionImpl sImpl = (SessionImpl) superuser;
PrincipalManager princicipalMgr = sImpl.getPrincipalManager();
PrivilegeRegistry privilegeRegistry = new PrivilegeRegistry(sImpl);
- return new ACLTemplate(path, princicipalMgr, privilegeRegistry);
+ return new ACLTemplate(path, princicipalMgr, privilegeRegistry, sImpl.getValueFactory());
}
public void testMultipleEntryEffect() throws RepositoryException, NotExecutableException {
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/EntryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/EntryTest.java?rev=758265&r1=758264&r2=758265&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/EntryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/acl/EntryTest.java Wed Mar 25 14:09:53 2009
@@ -16,11 +16,11 @@
*/
package org.apache.jackrabbit.core.security.authorization.acl;
-import org.apache.jackrabbit.api.jsr283.security.AccessControlException;
import org.apache.jackrabbit.api.jsr283.security.Privilege;
import org.apache.jackrabbit.core.security.authorization.AbstractEntryTest;
import org.apache.jackrabbit.core.security.authorization.JackrabbitAccessControlEntry;
+import javax.jcr.RepositoryException;
import java.security.Principal;
/**
@@ -29,7 +29,7 @@
public class EntryTest extends AbstractEntryTest {
protected JackrabbitAccessControlEntry createEntry(Principal principal, Privilege[] privileges, boolean isAllow)
- throws AccessControlException {
- return new ACLTemplate.Entry(principal, privileges, isAllow);
+ throws RepositoryException {
+ return new ACLTemplate.Entry(principal, privileges, isAllow, superuser.getValueFactory());
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplateTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplateTest.java?rev=758265&r1=758264&r2=758265&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplateTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/ACLTemplateTest.java Wed Mar 25 14:09:53 2009
@@ -39,7 +39,7 @@
protected JackrabbitAccessControlList createEmptyTemplate(String testPath)
throws RepositoryException {
- return new ACLTemplate(testPrincipal, testPath, (SessionImpl) superuser);
+ return new ACLTemplate(testPrincipal, testPath, (SessionImpl) superuser, superuser.getValueFactory());
}
public void testGetRestrictionNames() throws RepositoryException {
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EntryTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EntryTest.java?rev=758265&r1=758264&r2=758265&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EntryTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authorization/principalbased/EntryTest.java Wed Mar 25 14:09:53 2009
@@ -62,7 +62,7 @@
restrictions = new HashMap(2);
restrictions.put(nodePath, superuser.getValueFactory().createValue("/a/b/c/d", PropertyType.PATH));
restrictions.put(glob, superuser.getValueFactory().createValue("*"));
- acl = new ACLTemplate(testPrincipal, testPath, (SessionImpl) superuser);
+ acl = new ACLTemplate(testPrincipal, testPath, (SessionImpl) superuser, superuser.getValueFactory());
}
protected JackrabbitAccessControlEntry createEntry(Principal principal, Privilege[] privileges, boolean isAllow)