incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From enor...@apache.org
Subject svn commit: r1124538 - in /sling/trunk: bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/ bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/ launchpad/b...
Date Thu, 19 May 2011 05:24:08 GMT
Author: enorman
Date: Thu May 19 05:24:07 2011
New Revision: 1124538

URL: http://svn.apache.org/viewvc?rev=1124538&view=rev
Log:
SLING-2083 AccessManager permissions manipulation services that mirror the functionality of
the REST operations for programmatic access management code.

Added:
    sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/DeleteAces.java
  (with props)
    sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetAcl.java
  (with props)
    sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetEffectiveAcl.java
  (with props)
    sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/ModifyAce.java
  (with props)
Modified:
    sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/AbstractGetAclServlet.java
    sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.java
    sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/GetAclServlet.java
    sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/GetEffectiveAclServlet.java
    sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/ModifyAceServlet.java
    sling/trunk/launchpad/builder/src/main/bundles/list.xml

Added: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/DeleteAces.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/DeleteAces.java?rev=1124538&view=auto
==============================================================================
--- sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/DeleteAces.java
(added)
+++ sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/DeleteAces.java
Thu May 19 05:24:07 2011
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.jcr.jackrabbit.accessmanager;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+
+/**
+ * The <code>DeleteAces</code> service api.
+ * <p>
+ * This interface is not intended to be implemented by bundles. It is
+ * implemented by this bundle and may be used by client bundles.
+ * </p>
+ */
+public interface DeleteAces {
+
+	/**
+	 * Deletes one or more ACEs from the access control list of a resource.
+	 * 
+	 * @param jcrSession the JCR session of the user updating the user
+	 * @param resourcePath The path of the resource to update the ACL for (required)
+	 * @param principalNamesToDelete An array of ace principal names to delete.. (required)
+	 * @throws RepositoryException
+	 */
+	public void deleteAces(Session jcrSession,
+							String resourcePath,
+							String [] principalNamesToDelete
+				) throws RepositoryException;
+	
+}

Propchange: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/DeleteAces.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetAcl.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetAcl.java?rev=1124538&view=auto
==============================================================================
--- sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetAcl.java
(added)
+++ sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetAcl.java
Thu May 19 05:24:07 2011
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.jcr.jackrabbit.accessmanager;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+
+import org.apache.sling.commons.json.JSONException;
+import org.apache.sling.commons.json.JSONObject;
+
+/**
+ * The <code>GetAcl</code> service api.
+ * <p>
+ * This interface is not intended to be implemented by bundles. It is
+ * implemented by this bundle and may be used by client bundles.
+ * </p>
+ */
+public interface GetAcl {
+
+	/**
+	 * Gets the access control list for a resource.
+	 * 
+	 * @param jcrSession the JCR session of the user updating the user
+	 * @param resourcePath The path of the resource to get the ACL for (required)
+     * @return the ACL as a JSON object 
+	 * @throws RepositoryException
+	 */
+	public JSONObject getAcl(Session jcrSession,
+							String resourcePath
+				) throws RepositoryException, JSONException;
+	
+}

Propchange: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetAcl.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetEffectiveAcl.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetEffectiveAcl.java?rev=1124538&view=auto
==============================================================================
--- sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetEffectiveAcl.java
(added)
+++ sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetEffectiveAcl.java
Thu May 19 05:24:07 2011
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.jcr.jackrabbit.accessmanager;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+
+import org.apache.sling.commons.json.JSONException;
+import org.apache.sling.commons.json.JSONObject;
+
+/**
+ * The <code>GetAcl</code> service api.
+ * <p>
+ * This interface is not intended to be implemented by bundles. It is
+ * implemented by this bundle and may be used by client bundles.
+ * </p>
+ */
+public interface GetEffectiveAcl {
+
+	/**
+	 * Gets the effective access control list for a resource.
+	 * 
+	 * @param jcrSession the JCR session of the user updating the user
+	 * @param resourcePath The path of the resource to get the ACL for (required)
+     * @return the ACL as a JSON object 
+	 * @throws RepositoryException
+	 */
+	public JSONObject getEffectiveAcl(Session jcrSession,
+							String resourcePath
+				) throws RepositoryException, JSONException;
+	
+}

Propchange: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/GetEffectiveAcl.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/ModifyAce.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/ModifyAce.java?rev=1124538&view=auto
==============================================================================
--- sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/ModifyAce.java
(added)
+++ sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/ModifyAce.java
Thu May 19 05:24:07 2011
@@ -0,0 +1,54 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.jcr.jackrabbit.accessmanager;
+
+import java.util.Map;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+
+/**
+ * The <code>ModifyAce</code> service api.
+ * <p>
+ * This interface is not intended to be implemented by bundles. It is
+ * implemented by this bundle and may be used by client bundles.
+ * </p>
+ */
+public interface ModifyAce {
+
+	/**
+	 * Add or modify the access control entry for the specified user 
+	 * or group.
+	 * 
+	 * @param jcrSession the JCR session of the user updating the user
+	 * @param resourcePath The absolute path of the resource to apply the ACE to (required)
+	 * @param principalId The name of the user/group to provision (required)
+	 * @param privileges Map of privileges to apply. (optional)
+     * @param changes The list of changes for this operation (optional)
+     * @return the user that was updated or null if not found 
+	 * @throws RepositoryException
+	 */
+	public void modifyAce(Session jcrSession,
+							String resourcePath,
+							String principalId,
+							Map<String, String> privileges,
+							String order
+				) throws RepositoryException;
+	
+}

Propchange: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/ModifyAce.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/AbstractGetAclServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/AbstractGetAclServlet.java?rev=1124538&r1=1124537&r2=1124538&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/AbstractGetAclServlet.java
(original)
+++ sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/AbstractGetAclServlet.java
Thu May 19 05:24:07 2011
@@ -23,8 +23,8 @@ import java.util.LinkedHashMap;
 import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Map;
-import java.util.Map.Entry;
 import java.util.Set;
+import java.util.Map.Entry;
 
 import javax.jcr.AccessDeniedException;
 import javax.jcr.Item;
@@ -37,9 +37,9 @@ import javax.servlet.http.HttpServletRes
 
 import org.apache.sling.api.SlingHttpServletRequest;
 import org.apache.sling.api.SlingHttpServletResponse;
-import org.apache.sling.api.resource.Resource;
 import org.apache.sling.api.resource.ResourceNotFoundException;
 import org.apache.sling.api.servlets.SlingAllMethodsServlet;
+import org.apache.sling.commons.json.JSONException;
 import org.apache.sling.commons.json.JSONObject;
 import org.apache.sling.jcr.base.util.AccessControlUtil;
 import org.slf4j.Logger;
@@ -56,98 +56,20 @@ public abstract class AbstractGetAclServ
     /* (non-Javadoc)
      * @see org.apache.sling.api.servlets.SlingSafeMethodsServlet#doGet(org.apache.sling.api.SlingHttpServletRequest,
org.apache.sling.api.SlingHttpServletResponse)
      */
-    @SuppressWarnings("unchecked")
     @Override
     protected void doGet(SlingHttpServletRequest request,
             SlingHttpServletResponse response) throws ServletException,
             IOException {
 
-        try {
-            Session session = request.getResourceResolver().adaptTo(Session.class);
-            if (session == null) {
-                throw new RepositoryException("JCR Session not found");
-            }
-
-            String resourcePath = null;
-            Resource resource = request.getResource();
-            if (resource == null) {
-                throw new ResourceNotFoundException("Resource not found.");
-            } else {
-                Item item = resource.adaptTo(Item.class);
-                if (item != null) {
-                    resourcePath = item.getPath();
-                } else {
-                    throw new ResourceNotFoundException("Resource is not a JCR Node");
-                }
-            }
-
-            AccessControlEntry[] declaredAccessControlEntries = getAccessControlEntries(session,
resourcePath);
-            Map<String, Map<String, Object>> aclMap = new LinkedHashMap<String,
Map<String,Object>>();
-                int sequence = 0;
-            for (AccessControlEntry ace : declaredAccessControlEntries) {
-                Principal principal = ace.getPrincipal();
-                Map<String, Object> map = aclMap.get(principal.getName());
-                if (map == null) {
-                    map = new LinkedHashMap<String, Object>();
-                    aclMap.put(principal.getName(), map);
-                    map.put("order", sequence++);
-                }
+		try {
+			Session session = request.getResourceResolver().adaptTo(Session.class);
+	    	String resourcePath = request.getResource().getPath();
+
+	    	JSONObject acl = internalGetAcl(session, resourcePath);
+	        response.setContentType("application/json");
+	        response.setCharacterEncoding("UTF-8");
 
-                boolean allow = AccessControlUtil.isAllow(ace);
-                if (allow) {
-                    Set<String> grantedSet = (Set<String>) map.get("granted");
-                    if (grantedSet == null) {
-                        grantedSet = new LinkedHashSet<String>();
-                        map.put("granted", grantedSet);
-                    }
-                    Privilege[] privileges = ace.getPrivileges();
-                    for (Privilege privilege : privileges) {
-                        grantedSet.add(privilege.getName());
-                    }
-                } else {
-                    Set<String> deniedSet = (Set<String>) map.get("denied");
-                    if (deniedSet == null) {
-                        deniedSet = new LinkedHashSet<String>();
-                        map.put("denied", deniedSet);
-                    }
-                    Privilege[] privileges = ace.getPrivileges();
-                    for (Privilege privilege : privileges) {
-                        deniedSet.add(privilege.getName());
-                    }
-                }
-            }
-
-
-            response.setContentType("application/json");
-            response.setCharacterEncoding("UTF-8");
-
-            List<JSONObject> aclList = new ArrayList<JSONObject>();
-            Set<Entry<String, Map<String, Object>>> entrySet = aclMap.entrySet();
-            for (Entry<String, Map<String, Object>> entry : entrySet) {
-                String principalName = entry.getKey();
-                Map<String, Object> value = entry.getValue();
-
-                JSONObject aceObject = new JSONObject();
-                aceObject.put("principal", principalName);
-
-                Set<String> grantedSet = (Set<String>) value.get("granted");
-                if (grantedSet != null) {
-                    aceObject.put("granted", grantedSet);
-                }
-
-                Set<String> deniedSet = (Set<String>) value.get("denied");
-                if (deniedSet != null) {
-                    aceObject.put("denied", deniedSet);
-                }
-                aceObject.put("order", value.get("order"));
-                aclList.add(aceObject);
-            }
-                JSONObject jsonAclMap = new JSONObject(aclMap);
-                for ( JSONObject jsonObj : aclList) {
-                   jsonAclMap.put(jsonObj.getString("principal"), jsonObj);
-                }
-                jsonAclMap.write(response.getWriter());
-            // do the dump
+	        acl.write(response.getWriter());
         } catch (AccessDeniedException ade) {
             response.sendError(HttpServletResponse.SC_NOT_FOUND);
         } catch (ResourceNotFoundException rnfe) {
@@ -160,6 +82,86 @@ public abstract class AbstractGetAclServ
         }
     }
     
+    @SuppressWarnings("unchecked")
+	protected JSONObject internalGetAcl(Session jcrSession, String resourcePath) 
+    			throws RepositoryException, JSONException {
+		
+        if (jcrSession == null) {
+            throw new RepositoryException("JCR Session not found");
+        }
+
+		Item item = jcrSession.getItem(resourcePath);
+		if (item != null) {
+			resourcePath = item.getPath();
+		} else {
+			throw new ResourceNotFoundException("Resource is not a JCR Node");
+		}
+
+        AccessControlEntry[] declaredAccessControlEntries = getAccessControlEntries(jcrSession,
resourcePath);
+        Map<String, Map<String, Object>> aclMap = new LinkedHashMap<String,
Map<String,Object>>();
+            int sequence = 0;
+        for (AccessControlEntry ace : declaredAccessControlEntries) {
+            Principal principal = ace.getPrincipal();
+            Map<String, Object> map = aclMap.get(principal.getName());
+            if (map == null) {
+                map = new LinkedHashMap<String, Object>();
+                aclMap.put(principal.getName(), map);
+                map.put("order", sequence++);
+            }
+
+            boolean allow = AccessControlUtil.isAllow(ace);
+            if (allow) {
+                Set<String> grantedSet = (Set<String>) map.get("granted");
+                if (grantedSet == null) {
+                    grantedSet = new LinkedHashSet<String>();
+                    map.put("granted", grantedSet);
+                }
+                Privilege[] privileges = ace.getPrivileges();
+                for (Privilege privilege : privileges) {
+                    grantedSet.add(privilege.getName());
+                }
+            } else {
+                Set<String> deniedSet = (Set<String>) map.get("denied");
+                if (deniedSet == null) {
+                    deniedSet = new LinkedHashSet<String>();
+                    map.put("denied", deniedSet);
+                }
+                Privilege[] privileges = ace.getPrivileges();
+                for (Privilege privilege : privileges) {
+                    deniedSet.add(privilege.getName());
+                }
+            }
+        }
+
+        List<JSONObject> aclList = new ArrayList<JSONObject>();
+        Set<Entry<String, Map<String, Object>>> entrySet = aclMap.entrySet();
+        for (Entry<String, Map<String, Object>> entry : entrySet) {
+            String principalName = entry.getKey();
+            Map<String, Object> value = entry.getValue();
+
+            JSONObject aceObject = new JSONObject();
+            aceObject.put("principal", principalName);
+
+            Set<String> grantedSet = (Set<String>) value.get("granted");
+            if (grantedSet != null) {
+                aceObject.put("granted", grantedSet);
+            }
+
+            Set<String> deniedSet = (Set<String>) value.get("denied");
+            if (deniedSet != null) {
+                aceObject.put("denied", deniedSet);
+            }
+            aceObject.put("order", value.get("order"));
+            aclList.add(aceObject);
+        }
+        JSONObject jsonAclMap = new JSONObject(aclMap);
+        for ( JSONObject jsonObj : aclList) {
+        	jsonAclMap.put(jsonObj.getString("principal"), jsonObj);
+        }
+        
+        return jsonAclMap;
+    }
+    
     protected abstract AccessControlEntry[] getAccessControlEntries(Session session, String
absPath) throws RepositoryException;
 
 }

Modified: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.java?rev=1124538&r1=1124537&r2=1124538&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.java
(original)
+++ sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.java
Thu May 19 05:24:07 2011
@@ -25,15 +25,15 @@ import java.util.Set;
 import javax.jcr.Item;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
-
 import javax.jcr.security.AccessControlEntry;
 import javax.jcr.security.AccessControlList;
 import javax.jcr.security.AccessControlManager;
+
 import org.apache.sling.api.SlingHttpServletRequest;
-import org.apache.sling.api.resource.Resource;
 import org.apache.sling.api.resource.ResourceNotFoundException;
 import org.apache.sling.api.servlets.HtmlResponse;
 import org.apache.sling.jcr.base.util.AccessControlUtil;
+import org.apache.sling.jcr.jackrabbit.accessmanager.DeleteAces;
 import org.apache.sling.servlets.post.Modification;
 import org.apache.sling.servlets.post.SlingPostConstants;
 
@@ -70,11 +70,12 @@ import org.apache.sling.servlets.post.Sl
  *
  * @scr.component immediate="true"
  * @scr.service interface="javax.servlet.Servlet"
+ * @scr.service interface="org.apache.sling.jcr.jackrabbit.accessmanager.DeleteAces"
  * @scr.property name="sling.servlet.resourceTypes" value="sling/servlet/default"
  * @scr.property name="sling.servlet.methods" value="POST"
  * @scr.property name="sling.servlet.selectors" value="deleteAce"
  */
-public class DeleteAcesServlet extends AbstractAccessPostServlet {
+public class DeleteAcesServlet extends AbstractAccessPostServlet implements DeleteAces {
 	private static final long serialVersionUID = 3784866802938282971L;
 
 	/* (non-Javadoc)
@@ -85,34 +86,42 @@ public class DeleteAcesServlet extends A
 			HtmlResponse htmlResponse, List<Modification> changes)
 			throws RepositoryException {
 
+		Session session = request.getResourceResolver().adaptTo(Session.class);
+    	String resourcePath = request.getResource().getPath();
         String[] applyTo = request.getParameterValues(SlingPostConstants.RP_APPLY_TO);
-        if (applyTo == null) {
+        deleteAces(session, resourcePath, applyTo);
+	}
+
+	/* (non-Javadoc)
+	 * @see org.apache.sling.jcr.jackrabbit.accessmanager.DeleteAces#deleteAces(javax.jcr.Session,
java.lang.String, java.lang.String[])
+	 */
+	public void deleteAces(Session jcrSession, String resourcePath,
+			String[] principalNamesToDelete) throws RepositoryException {
+
+        if (principalNamesToDelete == null) {
 			throw new RepositoryException("principalIds were not sumitted.");
         } else {
-        	String resourcePath = null;
-        	Resource resource = request.getResource();
-        	if (resource == null) {
-    			throw new ResourceNotFoundException("Resource not found.");
-        	} else {
-        		Item item = resource.adaptTo(Item.class);
-        		if (item != null) {
-        			resourcePath = item.getPath();
-        		} else {
-        			throw new ResourceNotFoundException("Resource is not a JCR Node");
-        		}
+    		if (jcrSession == null) {
+    			throw new RepositoryException("JCR Session not found");
+    		}
+
+        	if (resourcePath == null) {
+    			throw new ResourceNotFoundException("Resource path was not supplied.");
         	}
 
-    		Session session = request.getResourceResolver().adaptTo(Session.class);
-    		if (session == null) {
-    			throw new RepositoryException("JCR Session not found");
+    		Item item = jcrSession.getItem(resourcePath);
+    		if (item != null) {
+    			resourcePath = item.getPath();
+    		} else {
+    			throw new ResourceNotFoundException("Resource is not a JCR Node");
     		}
 
     		//load the principalIds array into a set for quick lookup below
 			Set<String> pidSet = new HashSet<String>();
-			pidSet.addAll(Arrays.asList(applyTo));
+			pidSet.addAll(Arrays.asList(principalNamesToDelete));
 
 			try {
-				AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
+				AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(jcrSession);
 				AccessControlList updatedAcl = getAccessControlList(accessControlManager, resourcePath,
false);
 
 				//keep track of the existing Aces for the target principal
@@ -138,5 +147,5 @@ public class DeleteAcesServlet extends A
 			}
         }
 	}
-
+	
 }

Modified: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/GetAclServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/GetAclServlet.java?rev=1124538&r1=1124537&r2=1124538&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/GetAclServlet.java
(original)
+++ sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/GetAclServlet.java
Thu May 19 05:24:07 2011
@@ -23,7 +23,10 @@ import javax.jcr.security.AccessControlL
 import javax.jcr.security.AccessControlManager;
 import javax.jcr.security.AccessControlPolicy;
 
+import org.apache.sling.commons.json.JSONException;
+import org.apache.sling.commons.json.JSONObject;
 import org.apache.sling.jcr.base.util.AccessControlUtil;
+import org.apache.sling.jcr.jackrabbit.accessmanager.GetAcl;
 
 /**
  * <p>
@@ -92,14 +95,23 @@ import org.apache.sling.jcr.base.util.Ac
  *
  * @scr.component immediate="true"
  * @scr.service interface="javax.servlet.Servlet"
+ * @scr.service interface="org.apache.sling.jcr.jackrabbit.accessmanager.GetAcl"
  * @scr.property name="sling.servlet.resourceTypes" value="sling/servlet/default"
  * @scr.property name="sling.servlet.methods" value="GET"
  * @scr.property name="sling.servlet.selectors" value="acl"
  * @scr.property name="sling.servlet.extensions" value="json"
  */
-public class GetAclServlet extends AbstractGetAclServlet {
+public class GetAclServlet extends AbstractGetAclServlet implements GetAcl {
 	private static final long serialVersionUID = 3391376559396223185L;
 
+	/* (non-Javadoc)
+	 * @see org.apache.sling.jcr.jackrabbit.accessmanager.GetAcl#getAcl(javax.jcr.Session, java.lang.String)
+	 */
+	public JSONObject getAcl(Session jcrSession, String resourcePath)
+			throws RepositoryException, JSONException {
+		return internalGetAcl(jcrSession, resourcePath);
+	}
+
 	@Override
 	protected AccessControlEntry[] getAccessControlEntries(Session session, String absPath)
throws RepositoryException {
 		AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);

Modified: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/GetEffectiveAclServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/GetEffectiveAclServlet.java?rev=1124538&r1=1124537&r2=1124538&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/GetEffectiveAclServlet.java
(original)
+++ sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/GetEffectiveAclServlet.java
Thu May 19 05:24:07 2011
@@ -23,7 +23,10 @@ import javax.jcr.security.AccessControlL
 import javax.jcr.security.AccessControlManager;
 import javax.jcr.security.AccessControlPolicy;
 
+import org.apache.sling.commons.json.JSONException;
+import org.apache.sling.commons.json.JSONObject;
 import org.apache.sling.jcr.base.util.AccessControlUtil;
+import org.apache.sling.jcr.jackrabbit.accessmanager.GetEffectiveAcl;
 
 /**
  * <p>
@@ -92,15 +95,24 @@ import org.apache.sling.jcr.base.util.Ac
  *
  * @scr.component immediate="true"
  * @scr.service interface="javax.servlet.Servlet"
+ * @scr.service interface="org.apache.sling.jcr.jackrabbit.accessmanager.GetEffectiveAcl"
  * @scr.property name="sling.servlet.resourceTypes" value="sling/servlet/default"
  * @scr.property name="sling.servlet.methods" value="GET"
  * @scr.property name="sling.servlet.selectors" value="eacl"
  * @scr.property name="sling.servlet.extensions" value="json"
  */
 @SuppressWarnings("serial")
-public class GetEffectiveAclServlet extends AbstractGetAclServlet {
+public class GetEffectiveAclServlet extends AbstractGetAclServlet implements GetEffectiveAcl
{
 
-    @Override
+    /* (non-Javadoc)
+	 * @see org.apache.sling.jcr.jackrabbit.accessmanager.GetEffectiveAcl#getEffectiveAcl(javax.jcr.Session,
java.lang.String)
+	 */
+	public JSONObject getEffectiveAcl(Session jcrSession, String resourcePath)
+			throws RepositoryException, JSONException {
+		return internalGetAcl(jcrSession, resourcePath);
+	}
+
+	@Override
     protected AccessControlEntry[] getAccessControlEntries(Session session, String absPath)
throws RepositoryException {
         AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
         AccessControlPolicy[] policies = accessControlManager.getEffectivePolicies(absPath);

Modified: sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/ModifyAceServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/ModifyAceServlet.java?rev=1124538&r1=1124537&r2=1124538&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/ModifyAceServlet.java
(original)
+++ sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/ModifyAceServlet.java
Thu May 19 05:24:07 2011
@@ -16,24 +16,27 @@
  */
 package org.apache.sling.jcr.jackrabbit.accessmanager.post;
 
-import org.apache.jackrabbit.api.security.principal.PrincipalManager;
-import org.apache.sling.api.SlingHttpServletRequest;
-import org.apache.sling.api.resource.Resource;
-import org.apache.sling.api.resource.ResourceNotFoundException;
-import org.apache.sling.api.servlets.HtmlResponse;
-import org.apache.sling.jcr.base.util.AccessControlUtil;
-import org.apache.sling.servlets.post.Modification;
-
 import java.security.Principal;
 import java.util.Enumeration;
+import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Map;
 import java.util.Set;
+import java.util.Map.Entry;
 
 import javax.jcr.Item;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 
+import org.apache.jackrabbit.api.security.principal.PrincipalManager;
+import org.apache.sling.api.SlingHttpServletRequest;
+import org.apache.sling.api.resource.ResourceNotFoundException;
+import org.apache.sling.api.servlets.HtmlResponse;
+import org.apache.sling.jcr.base.util.AccessControlUtil;
+import org.apache.sling.jcr.jackrabbit.accessmanager.ModifyAce;
+import org.apache.sling.servlets.post.Modification;
+
 /**
  * <p>
  * Sling Post Servlet implementation for modifying the ACEs for a principal on a JCR
@@ -77,11 +80,12 @@ import javax.jcr.Session;
  *
  * @scr.component immediate="true"
  * @scr.service interface="javax.servlet.Servlet"
+ * @scr.service interface="org.apache.sling.jcr.jackrabbit.accessmanager.ModifyAce"
  * @scr.property name="sling.servlet.resourceTypes" value="sling/servlet/default"
  * @scr.property name="sling.servlet.methods" value="POST"
  * @scr.property name="sling.servlet.selectors" value="modifyAce"
  */
-public class ModifyAceServlet extends AbstractAccessPostServlet {
+public class ModifyAceServlet extends AbstractAccessPostServlet implements ModifyAce {
 	private static final long serialVersionUID = -9182485466670280437L;
 
 	/* (non-Javadoc)
@@ -92,68 +96,87 @@ public class ModifyAceServlet extends Ab
 			HtmlResponse htmlResponse, List<Modification> changes)
 			throws RepositoryException {
 		Session session = request.getResourceResolver().adaptTo(Session.class);
-		if (session == null) {
+    	String resourcePath = request.getResource().getPath();
+		String principalId = request.getParameter("principalId");
+		Map<String, String> privileges = new HashMap<String, String>();
+		Enumeration<?> parameterNames = request.getParameterNames();
+		while (parameterNames.hasMoreElements()) {
+			Object nextElement = parameterNames.nextElement();
+			if (nextElement instanceof String) {
+				String paramName = (String)nextElement;
+				if (paramName.startsWith("privilege@")) {
+					String privilegeName = paramName.substring(10);
+					String parameterValue = request.getParameter(paramName);
+					privileges.put(privilegeName, parameterValue);
+				}
+			}
+		}
+		String order = request.getParameter("order");
+    	modifyAce(session, resourcePath, principalId, privileges, order);
+	}
+	
+	/* (non-Javadoc)
+	 * @see org.apache.sling.jcr.jackrabbit.accessmanager.ModifyAce#modifyAce(javax.jcr.Session,
java.lang.String, java.lang.String, java.util.Map, java.lang.String)
+	 */
+	public void modifyAce(Session jcrSession, String resourcePath,
+			String principalId, Map<String, String> privileges, String order)
+			throws RepositoryException {
+		if (jcrSession == null) {
 			throw new RepositoryException("JCR Session not found");
 		}
 
-		String principalId = request.getParameter("principalId");
 		if (principalId == null) {
 			throw new RepositoryException("principalId was not submitted.");
 		}
-		PrincipalManager principalManager = AccessControlUtil.getPrincipalManager(session);
+		PrincipalManager principalManager = AccessControlUtil.getPrincipalManager(jcrSession);
 		Principal principal = principalManager.getPrincipal(principalId);
-		String resourcePath = null;
-		Resource resource = request.getResource();
-		if (resource == null) {
-			throw new ResourceNotFoundException("Resource not found.");
+		
+    	if (resourcePath == null) {
+			throw new ResourceNotFoundException("Resource path was not supplied.");
+    	}
+
+		Item item = jcrSession.getItem(resourcePath);
+		if (item != null) {
+			resourcePath = item.getPath();
 		} else {
-			Item item = resource.adaptTo(Item.class);
-			if (item != null) {
-				resourcePath = item.getPath();
-			} else {
-				throw new ResourceNotFoundException("Resource is not a JCR Node");
-			}
+			throw new ResourceNotFoundException("Resource is not a JCR Node");
 		}
-    
+		
 		// Collect the modified privileges from the request.
 		Set<String> grantedPrivilegeNames = new HashSet<String>();
 		Set<String> deniedPrivilegeNames = new HashSet<String>();
 		Set<String> removedPrivilegeNames = new HashSet<String>();
-		Enumeration<?> parameterNames = request.getParameterNames();
-		while (parameterNames.hasMoreElements()) {
-			Object nextElement = parameterNames.nextElement();
-			if (nextElement instanceof String) {
-				String paramName = (String)nextElement;
-				if (paramName.startsWith("privilege@")) {
-					String privilegeName = paramName.substring(10);
-					String parameterValue = request.getParameter(paramName);
-					if (parameterValue != null && parameterValue.length() > 0) {
-						if ("granted".equals(parameterValue)) {
-							grantedPrivilegeNames.add(privilegeName);
-						} else if ("denied".equals(parameterValue)) {
-							deniedPrivilegeNames.add(privilegeName);
-						} else if ("none".equals(parameterValue)){
-							removedPrivilegeNames.add(privilegeName);
-						}
-					}
+		Set<Entry<String, String>> entrySet = privileges.entrySet();
+		for (Entry<String, String> entry : entrySet) {
+			String privilegeName = entry.getKey();
+			if (privilegeName.startsWith("privilege@")) {
+				privilegeName = privilegeName.substring(10);
+			}
+			String parameterValue = entry.getValue();
+			if (parameterValue != null && parameterValue.length() > 0) {
+				if ("granted".equals(parameterValue)) {
+					grantedPrivilegeNames.add(privilegeName);
+				} else if ("denied".equals(parameterValue)) {
+					deniedPrivilegeNames.add(privilegeName);
+				} else if ("none".equals(parameterValue)){
+					removedPrivilegeNames.add(privilegeName);
 				}
 			}
 		}
 
-		String order = request.getParameter("order");
-		
 		// Make the actual changes.
 		try {
-			AccessControlUtil.replaceAccessControlEntry(session, resourcePath, principal,
+			AccessControlUtil.replaceAccessControlEntry(jcrSession, resourcePath, principal,
 					grantedPrivilegeNames.toArray(new String[grantedPrivilegeNames.size()]),
 					deniedPrivilegeNames.toArray(new String[deniedPrivilegeNames.size()]),
 					removedPrivilegeNames.toArray(new String[removedPrivilegeNames.size()]),
 					order);
-			if (session.hasPendingChanges()) {
-				session.save();
+			if (jcrSession.hasPendingChanges()) {
+				jcrSession.save();
 			}
 		} catch (RepositoryException re) {
 			throw new RepositoryException("Failed to create ace.", re);
 		}
 	}
+	
 }

Modified: sling/trunk/launchpad/builder/src/main/bundles/list.xml
URL: http://svn.apache.org/viewvc/sling/trunk/launchpad/builder/src/main/bundles/list.xml?rev=1124538&r1=1124537&r2=1124538&view=diff
==============================================================================
--- sling/trunk/launchpad/builder/src/main/bundles/list.xml (original)
+++ sling/trunk/launchpad/builder/src/main/bundles/list.xml Thu May 19 05:24:07 2011
@@ -358,7 +358,7 @@
         <bundle>
             <groupId>org.apache.sling</groupId>
             <artifactId>org.apache.sling.jcr.jackrabbit.accessmanager</artifactId>
-            <version>2.1.0</version>
+            <version>2.1.1-SNAPSHOT</version>
         </bundle>
         <bundle>
             <groupId>org.apache.jackrabbit</groupId>



Mime
View raw message