You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by ju...@apache.org on 2013/04/09 14:01:38 UTC
svn commit: r1465980 - in /jackrabbit/oak/trunk:
oak-core/src/main/java/org/apache/jackrabbit/oak/api/
oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/
oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/
oak-core/src/...
Author: jukka
Date: Tue Apr 9 12:01:37 2013
New Revision: 1465980
URL: http://svn.apache.org/r1465980
Log:
OAK-764: Oak error codes
Some extra documentation and type-safety. WIP...
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/api/CommitFailedException.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistry.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidator.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorTest.java
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/SessionDelegate.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/api/CommitFailedException.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/api/CommitFailedException.java?rev=1465980&r1=1465979&r2=1465980&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/api/CommitFailedException.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/api/CommitFailedException.java Tue Apr 9 12:01:37 2013
@@ -16,46 +16,107 @@
*/
package org.apache.jackrabbit.oak.api;
+import static java.lang.String.format;
+
/**
* Main exception thrown by methods defined on the {@code ContentSession}
* interface indicating that committing a given set of changes failed.
*/
public class CommitFailedException extends Exception {
+ /**
+ * Source name for exceptions thrown by components in the Oak project.
+ */
+ public static final String OAK = "Oak";
+
+ /**
+ * Type name for access violation (i.e. permission denied) errors.
+ */
+ public static final String ACCESS = "Access";
+
+ /**
+ * Type name for constraint violation errors.
+ */
+ public static final String CONSTRAINT = "Constraint";
+
/** Serial version UID */
private static final long serialVersionUID = 2727602333350620918L;
+ private final String source;
+
private final String type;
private final int code;
public CommitFailedException(
- String type, int code, String message, Throwable cause) {
- super(String.format("Oak%s%04d: %s", type, code, message), cause);
+ String source, String type, int code, String message,
+ Throwable cause) {
+ super(format("%s%s%04d: %s", source, type, code, message), cause);
+ this.source = source;
this.type = type;
this.code = code;
}
+ public CommitFailedException(
+ String type, int code, String message, Throwable cause) {
+ this(OAK, type, code, message, cause);
+ }
+
public CommitFailedException(String type, int code, String message) {
this(type, code, message, null);
}
- public boolean hasType(String type) {
+ /**
+ * Checks whether this exception is of the given type.
+ *
+ * @param type type name
+ * @return {@code true} iff this exception is of the given type
+ */
+ public boolean isOfType(String type) {
return this.type.equals(type);
}
- public boolean hasCode(int code) {
- return this.code == code;
- }
-
- public boolean hasTypeAndCode(String type, int code) {
- return hasType(type) && hasCode(code);
- }
-
+ /**
+ * Checks whether this is an access violation exception.
+ *
+ * @return {@code true} iff this is an access violation exception
+ */
+ public boolean isAccessViolation() {
+ return isOfType(ACCESS);
+ }
+
+ /**
+ * Checks whether this is a constraint violation exception.
+ *
+ * @return {@code true} iff this is a constraint violation exception
+ */
+ public boolean isConstraintViolation() {
+ return isOfType(CONSTRAINT);
+ }
+
+ /**
+ * Returns the name of the source of this exception.
+ *
+ * @return source name
+ */
+ public String getSource() {
+ return source;
+ }
+
+ /**
+ * Return the name of the type of this exception.
+ *
+ * @return type name
+ */
public String getType() {
return type;
}
+ /**
+ * Returns the type-specific error code of this exception.
+ *
+ * @return error code
+ */
public int getCode() {
return code;
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistry.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistry.java?rev=1465980&r1=1465979&r2=1465980&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistry.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistry.java Tue Apr 9 12:01:37 2013
@@ -101,7 +101,7 @@ public abstract class ReadWriteNamespace
String message =
"Failed to register namespace mapping from "
+ prefix + " to " + uri;
- if (e.hasType("Namespace")) {
+ if (e.isOfType("Namespace")) {
throw new NamespaceException(message, e);
} else {
throw new RepositoryException(message, e);
@@ -125,7 +125,7 @@ public abstract class ReadWriteNamespace
refresh();
} catch (CommitFailedException e) {
String message = "Failed to unregister namespace mapping for prefix " + prefix;
- if (e.hasType("Namespace")) {
+ if (e.isOfType("Namespace")) {
throw new NamespaceException(message, e);
} else {
throw new RepositoryException(message, e);
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidator.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidator.java?rev=1465980&r1=1465979&r2=1465980&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidator.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidator.java Tue Apr 9 12:01:37 2013
@@ -37,6 +37,7 @@ import org.apache.jackrabbit.oak.util.Tr
import org.apache.jackrabbit.util.Text;
import static com.google.common.base.Preconditions.checkNotNull;
+import static org.apache.jackrabbit.oak.api.CommitFailedException.ACCESS;
/**
* AccessControlValidator... TODO
@@ -217,7 +218,7 @@ class AccessControlValidator extends Def
restrictionProvider.validateRestrictions(path, aceTree);
} catch (AccessControlException e) {
throw new CommitFailedException(
- "Access", 1, "Access control violation", e);
+ ACCESS, 1, "Access control violation", e);
}
}
@@ -236,6 +237,6 @@ class AccessControlValidator extends Def
}
private static CommitFailedException accessViolation(int code, String message) {
- return new CommitFailedException("Access", code, message);
+ return new CommitFailedException(ACCESS, code, message);
}
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java?rev=1465980&r1=1465979&r2=1465980&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java Tue Apr 9 12:01:37 2013
@@ -19,7 +19,6 @@ package org.apache.jackrabbit.oak.securi
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
-import javax.jcr.AccessDeniedException;
import org.apache.jackrabbit.JcrConstants;
import org.apache.jackrabbit.oak.api.CommitFailedException;
@@ -36,6 +35,7 @@ import org.apache.jackrabbit.oak.spi.sta
import org.apache.jackrabbit.oak.util.TreeUtil;
import static com.google.common.base.Preconditions.checkNotNull;
+import static org.apache.jackrabbit.oak.api.CommitFailedException.ACCESS;
/**
* Validator implementation that checks for sufficient permission for all
@@ -103,7 +103,7 @@ class PermissionValidator extends Defaul
child = getVersionHistoryTree(child);
if (child == null) {
throw new CommitFailedException(
- "Access", 21,
+ ACCESS, 21,
"New version storage node without version history: cannot verify permissions.");
}
}
@@ -127,7 +127,7 @@ class PermissionValidator extends Defaul
if (isVersionstorageTree(child)) {
// TODO: check again
throw new CommitFailedException(
- "Access", 22,
+ ACCESS, 22,
"Attempt to remove versionstorage node: Fail to verify delete permission.");
}
return checkPermissions(child, true, Permissions.REMOVE_NODE);
@@ -143,12 +143,12 @@ class PermissionValidator extends Defaul
long toTest = getPermission(tree, defaultPermission);
if (Permissions.isRepositoryPermission(toTest)) {
if (!permissionProvider.isGranted(toTest)) {
- throw new CommitFailedException("Access", 0, "Access denied");
+ throw new CommitFailedException(ACCESS, 0, "Access denied");
}
return null; // no need for further validation down the subtree
} else {
if (!permissionProvider.isGranted(tree, null, toTest)) {
- throw new CommitFailedException("Access", 0, "Access denied");
+ throw new CommitFailedException(ACCESS, 0, "Access denied");
}
if (noTraverse(toTest)) {
return null;
@@ -165,7 +165,7 @@ class PermissionValidator extends Defaul
if (!NodeStateUtils.isHidden((property.getName()))) {
long toTest = getPermission(parent, property, defaultPermission);
if (!permissionProvider.isGranted(parent, property, toTest)) {
- throw new CommitFailedException("Access", 0, "Access denied");
+ throw new CommitFailedException(ACCESS, 0, "Access denied");
}
}
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java?rev=1465980&r1=1465979&r2=1465980&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java Tue Apr 9 12:01:37 2013
@@ -117,7 +117,7 @@ class PrivilegeDefinitionWriter implemen
root.commit();
} catch (CommitFailedException e) {
- if (e.hasType("Access")) {
+ if (e.isAccessViolation()) {
throw new AccessDeniedException(e);
} else {
throw new RepositoryException(e);
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorTest.java?rev=1465980&r1=1465979&r2=1465980&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorTest.java Tue Apr 9 12:01:37 2013
@@ -17,7 +17,6 @@
package org.apache.jackrabbit.oak.security.authorization;
import java.security.Principal;
-import javax.jcr.security.AccessControlException;
import org.apache.jackrabbit.JcrConstants;
import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
@@ -106,7 +105,7 @@ public class AccessControlValidatorTest
fail("Policy node with child node ordering");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
assertEquals("OakAccess0004: Invalid policy node: Order of children is not stable.", e.getMessage());
}
}
@@ -121,7 +120,7 @@ public class AccessControlValidatorTest
fail("Only the root node can be made RepoAccessControllable.");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
}
}
@@ -135,7 +134,7 @@ public class AccessControlValidatorTest
fail("Attempt to add repo-policy with rep:AccessControllable node.");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
} finally {
policy.getTree().remove();
}
@@ -154,7 +153,7 @@ public class AccessControlValidatorTest
fail("Adding an ACL below access control content should fail");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
} finally {
policy.getTree().remove();
}
@@ -174,7 +173,7 @@ public class AccessControlValidatorTest
fail("Adding an ACL below access control content should fail");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
} finally {
policy.getTree().remove();
}
@@ -194,7 +193,7 @@ public class AccessControlValidatorTest
fail("Adding an ACE below an ACE or restriction should fail");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
} finally {
entry.getTree().remove();
}
@@ -214,7 +213,7 @@ public class AccessControlValidatorTest
fail("Adding an ACE below an ACE or restriction should fail");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
} finally {
entry.getTree().remove();
}
@@ -233,7 +232,7 @@ public class AccessControlValidatorTest
fail("Writing an isolated ACL without the parent being rep:AccessControllable should fail.");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
} finally {
// revert pending changes that cannot be saved.
policy.getTree().remove();
@@ -254,7 +253,7 @@ public class AccessControlValidatorTest
fail("Writing an isolated ACE should fail.");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
} finally {
// revert pending changes that cannot be saved.
ace.getTree().remove();
@@ -271,7 +270,7 @@ public class AccessControlValidatorTest
fail("Writing an isolated Restriction should fail.");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
} finally {
// revert pending changes that cannot be saved.
restriction.getTree().remove();
@@ -289,7 +288,7 @@ public class AccessControlValidatorTest
fail("Creating an ACE with invalid privilege should fail.");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
}
}
@@ -305,7 +304,7 @@ public class AccessControlValidatorTest
fail("Creating an ACE with an abstract privilege should fail.");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
}
}
@@ -318,7 +317,7 @@ public class AccessControlValidatorTest
fail("Creating an unsupported restriction should fail.");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
}
}
@@ -331,7 +330,7 @@ public class AccessControlValidatorTest
fail("Creating restriction with invalid type should fail.");
} catch (CommitFailedException e) {
// success
- assertTrue(e.hasType("Access"));
+ assertTrue(e.isAccessViolation());
}
}
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/SessionDelegate.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/SessionDelegate.java?rev=1465980&r1=1465979&r2=1465980&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/SessionDelegate.java (original)
+++ jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/SessionDelegate.java Tue Apr 9 12:01:37 2013
@@ -327,19 +327,19 @@ public class SessionDelegate {
private static RepositoryException newRepositoryException(
CommitFailedException exception) {
checkNotNull(exception);
- if (exception.hasType("Constraint")) {
+ if (exception.isConstraintViolation()) {
return new ConstraintViolationException(exception);
- } else if (exception.hasType("Type")) {
+ } else if (exception.isOfType("Type")) {
return new NoSuchNodeTypeException(exception);
- } else if (exception.hasType("Access")) {
+ } else if (exception.isAccessViolation()) {
return new AccessDeniedException(exception);
- } else if (exception.hasType("Integrity")) {
+ } else if (exception.isOfType("Integrity")) {
return new ReferentialIntegrityException(exception);
- } else if (exception.hasType("State")) {
+ } else if (exception.isOfType("State")) {
return new InvalidItemStateException(exception);
- } else if (exception.hasType("Version")) {
+ } else if (exception.isOfType("Version")) {
return new VersionException(exception);
- } else if (exception.hasType("Lock")) {
+ } else if (exception.isOfType("Lock")) {
return new LockException(exception);
} else {
return new RepositoryException(exception);