incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cziege...@apache.org
Subject svn commit: r1558741 - in /sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl: CommonResourceResolverFactoryImpl.java ResourceAccessSecurityTracker.java helper/ResourceResolverContext.java tree/ProviderHandler.java
Date Thu, 16 Jan 2014 10:29:23 GMT
Author: cziegeler
Date: Thu Jan 16 10:29:22 2014
New Revision: 1558741

URL: http://svn.apache.org/r1558741
Log:
SLING-2698 - resource access security service for resource providers. Distinguish between
context application and provider

Added:
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceAccessSecurityTracker.java
  (with props)
Modified:
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/CommonResourceResolverFactoryImpl.java
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/ResourceResolverContext.java
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/CommonResourceResolverFactoryImpl.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/CommonResourceResolverFactoryImpl.java?rev=1558741&r1=1558740&r2=1558741&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/CommonResourceResolverFactoryImpl.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/CommonResourceResolverFactoryImpl.java
Thu Jan 16 10:29:22 2014
@@ -26,7 +26,6 @@ import org.apache.sling.api.resource.Log
 import org.apache.sling.api.resource.ResourceProviderFactory;
 import org.apache.sling.api.resource.ResourceResolver;
 import org.apache.sling.api.resource.ResourceResolverFactory;
-import org.apache.sling.api.security.ResourceAccessSecurity;
 import org.apache.sling.resourceresolver.impl.console.ResourceResolverWebConsolePlugin;
 import org.apache.sling.resourceresolver.impl.helper.ResourceDecoratorTracker;
 import org.apache.sling.resourceresolver.impl.helper.ResourceResolverContext;
@@ -35,7 +34,6 @@ import org.apache.sling.resourceresolver
 import org.apache.sling.resourceresolver.impl.mapping.Mapping;
 import org.apache.sling.resourceresolver.impl.tree.RootResourceProviderEntry;
 import org.osgi.framework.BundleContext;
-import org.osgi.util.tracker.ServiceTracker;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -55,7 +53,7 @@ public class CommonResourceResolverFacto
     /** The activator */
     private final ResourceResolverFactoryActivator activator;
 
-    private ServiceTracker resourceAccessSecurityTracker;
+    private ResourceAccessSecurityTracker resourceAccessSecurityTracker;
 
     public CommonResourceResolverFactoryImpl(final ResourceResolverFactoryActivator activator)
{
         this.activator = activator;
@@ -134,8 +132,7 @@ public class CommonResourceResolverFacto
         }
 
         // create and open service tracker for ResourceAccessSecurity
-        resourceAccessSecurityTracker = new ServiceTracker(bundleContext, ResourceAccessSecurity.class.getName(),
null);
-        resourceAccessSecurityTracker.open();
+        resourceAccessSecurityTracker = new ResourceAccessSecurityTracker(bundleContext);
     }
 
     /**
@@ -152,7 +149,8 @@ public class CommonResourceResolverFacto
             mapEntries = MapEntries.EMPTY;
         }
 
-        resourceAccessSecurityTracker.close();
+        this.resourceAccessSecurityTracker.dispose();
+        this.resourceAccessSecurityTracker = null;
     }
 
     public ResourceDecoratorTracker getResourceDecoratorTracker() {
@@ -190,8 +188,7 @@ public class CommonResourceResolverFacto
     /**
      * get's the ServiceTracker of the ResourceAccessSecurity service
      */
-
-    public ServiceTracker getResourceAccessSecurityTracker () {
+    public ResourceAccessSecurityTracker getResourceAccessSecurityTracker () {
         return resourceAccessSecurityTracker;
     }
 

Added: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceAccessSecurityTracker.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceAccessSecurityTracker.java?rev=1558741&view=auto
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceAccessSecurityTracker.java
(added)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceAccessSecurityTracker.java
Thu Jan 16 10:29:22 2014
@@ -0,0 +1,49 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.resourceresolver.impl;
+
+import org.apache.sling.api.security.ResourceAccessSecurity;
+import org.osgi.framework.BundleContext;
+import org.osgi.util.tracker.ServiceTracker;
+
+/**
+ * This internal helper class keeps track of the resource access security services
+ * and always returns the one with the highest service ranking.
+ */
+public class ResourceAccessSecurityTracker {
+
+    private final ServiceTracker resourceAccessSecurityTracker;
+
+    public ResourceAccessSecurityTracker(final BundleContext bundleContext) {
+        resourceAccessSecurityTracker = new ServiceTracker(bundleContext, ResourceAccessSecurity.class.getName(),
null);
+        resourceAccessSecurityTracker.open();
+    }
+
+    public void dispose() {
+        this.resourceAccessSecurityTracker.close();
+    }
+
+    public ResourceAccessSecurity getApplicationResourceAccessSecurity() {
+        return (ResourceAccessSecurity) this.resourceAccessSecurityTracker.getService();
+    }
+
+    public ResourceAccessSecurity getProviderResourceAccessSecurity() {
+        return (ResourceAccessSecurity) this.resourceAccessSecurityTracker.getService();
+    }
+}

Propchange: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceAccessSecurityTracker.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceAccessSecurityTracker.java
------------------------------------------------------------------------------
    svn:keywords = author date id revision rev url

Propchange: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceAccessSecurityTracker.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/ResourceResolverContext.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/ResourceResolverContext.java?rev=1558741&r1=1558740&r2=1558741&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/ResourceResolverContext.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/helper/ResourceResolverContext.java
Thu Jan 16 10:29:22 2014
@@ -32,7 +32,7 @@ import org.apache.sling.api.resource.Res
 import org.apache.sling.api.resource.ResourceResolver;
 import org.apache.sling.api.resource.ResourceResolverFactory;
 import org.apache.sling.api.resource.ResourceUtil;
-import org.osgi.util.tracker.ServiceTracker;
+import org.apache.sling.resourceresolver.impl.ResourceAccessSecurityTracker;
 
 /**
  * This class keeps track of the used resource providers for a
@@ -62,7 +62,7 @@ public class ResourceResolverContext {
     private final Map<String, Object> originalAuthInfo;
 
     /** service tracker for ResourceAccessSecurity service */
-    private final ServiceTracker resourceAccessSecurityTracker;
+    private final ResourceAccessSecurityTracker resourceAccessSecurityTracker;
 
     /** Resource type resource resolver (admin resolver) */
     private ResourceResolver resourceTypeResourceResolver;
@@ -70,7 +70,7 @@ public class ResourceResolverContext {
     /**
      * Create a new resource resolver context.
      */
-    public ResourceResolverContext(final boolean isAdmin, final Map<String, Object>
originalAuthInfo, final ServiceTracker resourceAccessSecurityTracker) {
+    public ResourceResolverContext(final boolean isAdmin, final Map<String, Object>
originalAuthInfo, final ResourceAccessSecurityTracker resourceAccessSecurityTracker) {
         this.isAdmin = isAdmin;
         this.originalAuthInfo = originalAuthInfo;
         this.resourceAccessSecurityTracker = resourceAccessSecurityTracker;
@@ -189,7 +189,7 @@ public class ResourceResolverContext {
     /**
      * get's the ServiceTracker of the ResourceAccessSecurity service
      */
-    public ServiceTracker getResourceAccessSecurityTracker () {
+    public ResourceAccessSecurityTracker getResourceAccessSecurityTracker () {
         return resourceAccessSecurityTracker;
     }
 

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java?rev=1558741&r1=1558740&r2=1558741&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java
Thu Jan 16 10:29:22 2014
@@ -23,6 +23,7 @@ import java.util.HashSet;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
+import java.util.NoSuchElementException;
 import java.util.Set;
 
 import org.apache.sling.api.resource.QueriableResourceProvider;
@@ -33,7 +34,6 @@ import org.apache.sling.api.security.Res
 import org.apache.sling.commons.osgi.PropertiesUtil;
 import org.apache.sling.resourceresolver.impl.helper.ResourceResolverContext;
 import org.osgi.framework.Constants;
-import org.osgi.util.tracker.ServiceTracker;
 
 /**
  * The provider handler is the common base class for the
@@ -56,7 +56,7 @@ public abstract class ProviderHandler im
 
     /** Owns roots? */
     private final boolean ownsRoots;
-    
+
     /** use ResourceAccessSecurity? */
     private final boolean useResourceAccessSecurity;
 
@@ -96,7 +96,7 @@ public abstract class ProviderHandler im
         if ( languages != null) {
             for(final String l : languages) {
                 if (l != null) {
-                    String language = l.trim();
+                    final String language = l.trim();
                     if ( language.length() > 0 ) {
                         configuredLanguages.add(language);
                     }
@@ -109,52 +109,72 @@ public abstract class ProviderHandler im
             this.queryLanguages = configuredLanguages;
         }
     }
-    
+
     /**
      * applies resource access security if configured
      */
     protected Resource getReadableResource ( final ResourceResolverContext ctx, Resource
resource ) {
         Resource returnValue = null;
-        
+
         if (useResourceAccessSecurity && resource != null) {
-            ServiceTracker serviceTracker = ctx
-                    .getResourceAccessSecurityTracker();
-            if (serviceTracker != null) {
-                ResourceAccessSecurity resourceAccessSecurity = (ResourceAccessSecurity)
serviceTracker
-                        .getService();
-                if (resourceAccessSecurity != null) {
-                    returnValue = resourceAccessSecurity
-                            .getReadableResource(resource);
-                }
+            final ResourceAccessSecurity resourceAccessSecurity = ctx.getResourceAccessSecurityTracker().getProviderResourceAccessSecurity();
+            if (resourceAccessSecurity != null) {
+                returnValue = resourceAccessSecurity.getReadableResource(resource);
             }
         } else {
             returnValue = resource;
         }
-            
+
+        if ( returnValue != null ) {
+            final ResourceAccessSecurity resourceAccessSecurity = ctx.getResourceAccessSecurityTracker().getApplicationResourceAccessSecurity();
+            if (resourceAccessSecurity != null) {
+                returnValue = resourceAccessSecurity.getReadableResource(resource);
+            }
+        }
         return returnValue;
     }
-    
+
     /**
      * applies resource access security if configured
      */
-    protected Iterator<Resource> getReadableChildrenIterator ( final ResourceResolverContext
ctx, Iterator<Resource> childrenIterator ) {
+    protected Iterator<Resource> getReadableChildrenIterator ( final ResourceResolverContext
ctx, final Iterator<Resource> childrenIterator ) {
         Iterator<Resource> returnValue = null;
-        if ( useResourceAccessSecurity && childrenIterator != null ) {
-            List<Resource> childs = new ArrayList<Resource>();
-            while ( childrenIterator.hasNext() )
-            {
-                Resource res = getReadableResource( ctx, childrenIterator.next() );
-                if ( res != null )
+        if ( childrenIterator != null ) {
+            returnValue = new Iterator<Resource>() {
+
+                private Resource nextResource;
+
                 {
-                    childs.add(res);
+                    seek();
                 }
-            }
-            returnValue = childs.iterator();
-        }
-        else {
-            returnValue = childrenIterator;
+
+                private void seek() {
+                    while( nextResource == null && childrenIterator.hasNext() ) {
+                        nextResource = getReadableResource(ctx, childrenIterator.next());
+                    }
+                }
+
+                public boolean hasNext() {
+                    return nextResource != null;
+                }
+
+                public Resource next() {
+                    if ( nextResource == null ) {
+                        throw new NoSuchElementException();
+                    }
+                    final Resource result = nextResource;
+                    nextResource = null;
+                    seek();
+                    return result;
+                }
+
+                public void remove() {
+                    throw new UnsupportedOperationException();
+                }
+
+            };
         }
-            
+
         return returnValue;
     }
 



Mime
View raw message