incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From my...@apache.org
Subject svn commit: r1488990 - in /sling/trunk/bundles: api/src/main/java/org/apache/sling/api/resource/ resourceresolver/ resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ resourceresolver/src/main/java/org/apache/sling/resourceresolver/i...
Date Mon, 03 Jun 2013 13:39:13 GMT
Author: mykee
Date: Mon Jun  3 13:39:13 2013
New Revision: 1488990

URL: http://svn.apache.org/r1488990
Log:
SLING-2875 - Easy way for enabling ResourceAccessSecurity for resource providers without underlaying
ACLs

Modified:
    sling/trunk/bundles/api/src/main/java/org/apache/sling/api/resource/ResourceProvider.java
    sling/trunk/bundles/resourceresolver/pom.xml
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverFactoryImpl.java
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverImpl.java
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/ResourceResolverContext.java
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/SortedProviderList.java
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderFactoryHandler.java
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderHandler.java
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/RootResourceProviderEntry.java

Modified: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/resource/ResourceProvider.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/api/src/main/java/org/apache/sling/api/resource/ResourceProvider.java?rev=1488990&r1=1488989&r2=1488990&view=diff
==============================================================================
--- sling/trunk/bundles/api/src/main/java/org/apache/sling/api/resource/ResourceProvider.java
(original)
+++ sling/trunk/bundles/api/src/main/java/org/apache/sling/api/resource/ResourceProvider.java
Mon Jun  3 13:39:13 2013
@@ -65,6 +65,17 @@ public interface ResourceProvider {
     String OWNS_ROOTS = "provider.ownsRoots";
 
     /**
+     * The name of the service registration property containing the a boolean
+     * flag indicating if the ResourceAccessSecurity service should be used for
+     * this provider or not. ResourceProvider implementations are encouraged 
+     * to use the ResourceAccessSecurity service for access control unless
+     * the underlying storage already provides it.
+     * The default for this value is <code>false</code>. 
+     * (value is "provider.useResourceAccessSecurity")
+     */
+    String USE_RESOURCE_ACCESS_SECURITY = "provider.useResourceAccessSecurity";
+
+    /**
      * The resource type be set on resources returned by the
      * {@link #listChildren(Resource)} method to enable traversing the
      * resource

Modified: sling/trunk/bundles/resourceresolver/pom.xml
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/pom.xml?rev=1488990&r1=1488989&r2=1488990&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/pom.xml (original)
+++ sling/trunk/bundles/resourceresolver/pom.xml Mon Jun  3 13:39:13 2013
@@ -115,7 +115,7 @@
         <dependency>
             <groupId>org.apache.sling</groupId>
             <artifactId>org.apache.sling.api</artifactId>
-            <version>2.4.0</version>
+            <version>2.4.3-SNAPSHOT</version>
             <scope>provided</scope>
         </dependency>
         <dependency>

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverFactoryImpl.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverFactoryImpl.java?rev=1488990&r1=1488989&r2=1488990&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverFactoryImpl.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverFactoryImpl.java
Mon Jun  3 13:39:13 2013
@@ -24,6 +24,7 @@ import org.apache.commons.collections.Bi
 import org.apache.sling.api.resource.LoginException;
 import org.apache.sling.api.resource.ResourceResolver;
 import org.apache.sling.api.resource.ResourceResolverFactory;
+import org.apache.sling.api.security.ResourceAccessSecurity;
 import org.apache.sling.resourceresolver.impl.console.ResourceResolverWebConsolePlugin;
 import org.apache.sling.resourceresolver.impl.helper.ResourceDecoratorTracker;
 import org.apache.sling.resourceresolver.impl.helper.ResourceResolverContext;
@@ -32,6 +33,7 @@ import org.apache.sling.resourceresolver
 import org.apache.sling.resourceresolver.impl.mapping.Mapping;
 import org.apache.sling.resourceresolver.impl.tree.RootResourceProviderEntry;
 import org.osgi.framework.BundleContext;
+import org.osgi.util.tracker.ServiceTracker;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -55,6 +57,8 @@ public class ResourceResolverFactoryImpl
 
     /** The activator */
     private final ResourceResolverFactoryActivator activator;
+    
+    private ServiceTracker resourceAccessSecurityTracker;
 
     public ResourceResolverFactoryImpl(final ResourceResolverFactoryActivator activator)
{
         this.activator = activator;
@@ -89,7 +93,7 @@ public class ResourceResolverFactoryImpl
                     final boolean isAdmin)
     throws LoginException {
         // create context
-        final ResourceResolverContext ctx = new ResourceResolverContext(isAdmin, authenticationInfo);
+        final ResourceResolverContext ctx = new ResourceResolverContext(isAdmin, authenticationInfo,
resourceAccessSecurityTracker);
 
         // login
         this.activator.getRootProviderEntry().loginToRequiredFactories(ctx);
@@ -117,6 +121,10 @@ public class ResourceResolverFactoryImpl
         } catch (final Exception e) {
             logger.error("activate: Cannot access repository, failed setting up Mapping Support",
e);
         }
+        
+        // create and open service tracker for ResourceAccessSecurity
+        resourceAccessSecurityTracker = new ServiceTracker(bundleContext, ResourceAccessSecurity.class.getName(),
null);
+        resourceAccessSecurityTracker.open();
     }
 
     /**
@@ -132,6 +140,8 @@ public class ResourceResolverFactoryImpl
             mapEntries.dispose();
             mapEntries = MapEntries.EMPTY;
         }
+
+        resourceAccessSecurityTracker.close();
     }
 
     public ResourceDecoratorTracker getResourceDecoratorTracker() {
@@ -165,4 +175,12 @@ public class ResourceResolverFactoryImpl
     public int getDefaultVanityPathRedirectStatus() {
         return this.activator.getDefaultVanityPathRedirectStatus();
     }
+    
+    /**
+     * get's the ServiceTracker of the ResourceAccessSecurity service
+     */
+    
+    public ServiceTracker getResourceAccessSecurityTracker () {
+        return resourceAccessSecurityTracker;
+    }
 }
\ No newline at end of file

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverImpl.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverImpl.java?rev=1488990&r1=1488989&r2=1488990&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverImpl.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverImpl.java
Mon Jun  3 13:39:13 2013
@@ -123,7 +123,8 @@ public class ResourceResolverImpl extend
         }
 
         // create new context
-        final ResourceResolverContext newContext = new ResourceResolverContext(this.context.isAdmin(),
newAuthenticationInfo);
+        final ResourceResolverContext newContext = new ResourceResolverContext(this.context.isAdmin(),

+                newAuthenticationInfo, factory.getResourceAccessSecurityTracker() );
         this.factory.getRootProviderEntry().loginToRequiredFactories(newContext);
 
         // create a regular resource resolver

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/ResourceResolverContext.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/ResourceResolverContext.java?rev=1488990&r1=1488989&r2=1488990&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/ResourceResolverContext.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/ResourceResolverContext.java
Mon Jun  3 13:39:13 2013
@@ -28,6 +28,7 @@ import org.apache.sling.api.resource.Per
 import org.apache.sling.api.resource.RefreshableResourceProvider;
 import org.apache.sling.api.resource.ResourceProvider;
 import org.apache.sling.api.resource.ResourceResolver;
+import org.osgi.util.tracker.ServiceTracker;
 
 /**
  * This class keeps track of the used resource providers for a
@@ -55,13 +56,17 @@ public class ResourceResolverContext {
      * The original authentication information - this is used for cloning and lazy logins.
      */
     private final Map<String, Object> originalAuthInfo;
+    
+    /** service tracker for ResourceAccessSecurity service */
+    private final ServiceTracker resourceAccessSecurityTracker;
 
     /**
      * Create a new resource resolver context.
      */
-    public ResourceResolverContext(final boolean isAdmin, final Map<String, Object>
originalAuthInfo) {
+    public ResourceResolverContext(final boolean isAdmin, final Map<String, Object>
originalAuthInfo, final ServiceTracker resourceAccessSecurityTracker) {
         this.isAdmin = isAdmin;
         this.originalAuthInfo = originalAuthInfo;
+        this.resourceAccessSecurityTracker = resourceAccessSecurityTracker;
     }
 
     /**
@@ -169,4 +174,12 @@ public class ResourceResolverContext {
             provider.refresh();
         }
     }
+    
+    /**
+     * get's the ServiceTracker of the ResourceAccessSecurity service
+     */
+    public ServiceTracker getResourceAccessSecurityTracker () {
+        return resourceAccessSecurityTracker;
+    }
+    
 }

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/SortedProviderList.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/SortedProviderList.java?rev=1488990&r1=1488989&r2=1488990&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/SortedProviderList.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/SortedProviderList.java
Mon Jun  3 13:39:13 2013
@@ -25,6 +25,7 @@ import java.util.Iterator;
 import java.util.List;
 import java.util.NoSuchElementException;
 
+import org.apache.sling.api.resource.ResourceProvider;
 import org.apache.sling.resourceresolver.impl.tree.ProviderHandler;
 import org.apache.sling.resourceresolver.impl.tree.ResourceProviderFactoryHandler;
 import org.apache.sling.resourceresolver.impl.tree.ResourceProviderHandler;
@@ -183,6 +184,25 @@ public class SortedProviderList<T> {
     public void remove(final ResourceProviderFactoryHandler factory) {
         this.removeFromList(factory);
     }
+    
+    /**
+     * returns the ProviderHandler for a specific resource provider
+     */
+    public ProviderHandler getProviderHandler ( ResourceProvider resourceProvider )
+    {
+        ProviderHandler returnValue = null;
+        final List<Entry> list = new ArrayList<Entry>();
+        list.addAll(Arrays.asList(this.sortedList));
+        final Iterator<Entry> i = list.iterator();
+        while ( i.hasNext() ) {
+            final Entry entry = i.next();
+            if ( entry.handler.equals(resourceProvider) ) {
+                returnValue = entry.handler;
+                break;
+            }
+        }
+        return returnValue;
+    }
 
     private static final class Entry implements Comparable<Entry> {
 

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java?rev=1488990&r1=1488989&r2=1488990&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java
Mon Jun  3 13:39:13 2013
@@ -29,9 +29,11 @@ import org.apache.sling.api.resource.Que
 import org.apache.sling.api.resource.Resource;
 import org.apache.sling.api.resource.ResourceProvider;
 import org.apache.sling.api.resource.ResourceResolver;
+import org.apache.sling.api.security.ResourceAccessSecurity;
 import org.apache.sling.commons.osgi.PropertiesUtil;
 import org.apache.sling.resourceresolver.impl.helper.ResourceResolverContext;
 import org.osgi.framework.Constants;
+import org.osgi.util.tracker.ServiceTracker;
 
 /**
  * The provider handler is the common base class for the
@@ -54,6 +56,9 @@ public abstract class ProviderHandler im
 
     /** Owns roots? */
     private final boolean ownsRoots;
+    
+    /** use ResourceAccessSecurity? */
+    private final boolean useResourceAccessSecurity;
 
     /**
      * Create a new handler
@@ -85,6 +90,7 @@ public abstract class ProviderHandler im
             this.roots = configuredRoots.toArray(new String[configuredRoots.size()]);
         }
         this.ownsRoots = PropertiesUtil.toBoolean(properties.get(ResourceProvider.OWNS_ROOTS),
false);
+        this.useResourceAccessSecurity = PropertiesUtil.toBoolean(properties.get(ResourceProvider.USE_RESOURCE_ACCESS_SECURITY),
false);
         final Set<String> configuredLanguages = new HashSet<String>();
         final String[] languages = PropertiesUtil.toStringArray(properties.get(QueriableResourceProvider.LANGUAGES));
         if ( languages != null) {
@@ -103,6 +109,54 @@ public abstract class ProviderHandler im
             this.queryLanguages = configuredLanguages;
         }
     }
+    
+    /**
+     * applies resource access security if configured
+     */
+    protected Resource getReadableResource ( final ResourceResolverContext ctx, Resource
resource ) {
+        Resource returnValue = null;
+        
+        if (useResourceAccessSecurity && resource != null) {
+            ServiceTracker serviceTracker = ctx
+                    .getResourceAccessSecurityTracker();
+            if (serviceTracker != null) {
+                ResourceAccessSecurity resourceAccessSecurity = (ResourceAccessSecurity)
serviceTracker
+                        .getService();
+                if (resourceAccessSecurity != null) {
+                    returnValue = resourceAccessSecurity
+                            .getReadableResource(resource);
+                }
+            }
+        } else {
+            returnValue = resource;
+        }
+            
+        return returnValue;
+    }
+    
+    /**
+     * applies resource access security if configured
+     */
+    protected Iterator<Resource> getReadableChildrenIterator ( final ResourceResolverContext
ctx, Iterator<Resource> childrenIterator ) {
+        Iterator<Resource> returnValue = null;
+        if ( useResourceAccessSecurity && childrenIterator != null ) {
+            List<Resource> childs = new ArrayList<Resource>();
+            while ( childrenIterator.hasNext() )
+            {
+                Resource res = getReadableResource( ctx, childrenIterator.next() );
+                if ( res != null )
+                {
+                    childs.add(res);
+                }
+            }
+            returnValue = childs.iterator();
+        }
+        else {
+            returnValue = childrenIterator;
+        }
+            
+        return returnValue;
+    }
 
     /**
      * Return the service properties.

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderFactoryHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderFactoryHandler.java?rev=1488990&r1=1488989&r2=1488990&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderFactoryHandler.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderFactoryHandler.java
Mon Jun  3 13:39:13 2013
@@ -104,7 +104,7 @@ public class ResourceProviderFactoryHand
     public Resource getResource(final ResourceResolverContext ctx, final ResourceResolver
resourceResolver, final String path) {
         final ResourceProvider rp = this.getResourceProvider(ctx);
         if ( rp != null ) {
-            return rp.getResource(resourceResolver, path);
+            return getReadableResource(ctx, rp.getResource(resourceResolver, path) );
         }
         return null;
     }
@@ -115,7 +115,7 @@ public class ResourceProviderFactoryHand
     public Iterator<Resource> listChildren(final ResourceResolverContext ctx, final
Resource parent) {
         final ResourceProvider rp = this.getResourceProvider(ctx);
         if ( rp != null ) {
-            return rp.listChildren(parent);
+            return getReadableChildrenIterator( ctx, rp.listChildren(parent) );
         }
         return null;
     }

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderHandler.java?rev=1488990&r1=1488989&r2=1488990&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderHandler.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderHandler.java
Mon Jun  3 13:39:13 2013
@@ -47,14 +47,14 @@ public class ResourceProviderHandler ext
      * @see ResourceProvider#getResource(ResourceResolver, String)
      */
     public Resource getResource(final ResourceResolverContext ctx, final ResourceResolver
resourceResolver, final String path) {
-        return this.resourceProvider.getResource(resourceResolver, path);
+        return getReadableResource(ctx, this.resourceProvider.getResource(resourceResolver,
path) );
     }
 
     /**
      * @see ResourceProvider#listChildren(Resource)
      */
     public Iterator<Resource> listChildren(final ResourceResolverContext ctx, final
Resource parent) {
-        return this.resourceProvider.listChildren(parent);
+        return getReadableChildrenIterator( ctx, this.resourceProvider.listChildren(parent)
);
     }
 
     /**

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/RootResourceProviderEntry.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/RootResourceProviderEntry.java?rev=1488990&r1=1488989&r2=1488990&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/RootResourceProviderEntry.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/RootResourceProviderEntry.java
Mon Jun  3 13:39:13 2013
@@ -134,6 +134,8 @@ public class RootResourceProviderEntry e
             private Resource nextObject = this.seek();
 
             private Iterator<Resource> nextResourceIter;
+            
+            private ProviderHandler actProviderHandler;
 
             private Resource seek() {
                 Resource result = null;
@@ -142,12 +144,14 @@ public class RootResourceProviderEntry e
                     while ( i.hasNext() && nextResourceIter == null ) {
                         final QueriableResourceProvider adap = i.next();
                         nextResourceIter = adap.findResources(resolver, query, language);
+                        actProviderHandler = queriableProviders.getProviderHandler(adap);
                     }
                 }
                 if ( nextResourceIter != null ) {
                     while ( nextResourceIter.hasNext() && result == null ) {
                         result = nextResourceIter.next();
                     }
+                    result = actProviderHandler.getReadableResource(ctx, result);
                     if ( result == null ) {
                         result = seek();
                     }



Mime
View raw message