incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cziege...@apache.org
Subject svn commit: r1558777 - in /sling/trunk/bundles/resourceaccesssecurity: ./ src/main/java/org/apache/sling/resourceaccesssecurity/impl/
Date Thu, 16 Jan 2014 12:54:44 GMT
Author: cziegeler
Date: Thu Jan 16 12:54:44 2014
New Revision: 1558777

URL: http://svn.apache.org/r1558777
Log:
SLING-2698 - resource access security service for resource providers. Distinguish between
context application and provider

Added:
    sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ApplicationResourceAccessSecurityImpl.java
  (with props)
    sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ProviderResourceAccessSecurityImpl.java
  (with props)
Removed:
    sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/Activator.java
    sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ResourceAccessGateTracker.java
Modified:
    sling/trunk/bundles/resourceaccesssecurity/pom.xml
    sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ResourceAccessGateHandler.java
    sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ResourceAccessSecurityImpl.java

Modified: sling/trunk/bundles/resourceaccesssecurity/pom.xml
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceaccesssecurity/pom.xml?rev=1558777&r1=1558776&r2=1558777&view=diff
==============================================================================
--- sling/trunk/bundles/resourceaccesssecurity/pom.xml (original)
+++ sling/trunk/bundles/resourceaccesssecurity/pom.xml Thu Jan 16 12:54:44 2014
@@ -77,9 +77,6 @@
                 <extensions>true</extensions>
                 <configuration>
                     <instructions>
-                        <Bundle-Activator>
-                            org.apache.sling.resourceaccesssecurity.impl.Activator
-                        </Bundle-Activator>
                     </instructions>
                 </configuration>
             </plugin>

Added: sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ApplicationResourceAccessSecurityImpl.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ApplicationResourceAccessSecurityImpl.java?rev=1558777&view=auto
==============================================================================
--- sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ApplicationResourceAccessSecurityImpl.java
(added)
+++ sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ApplicationResourceAccessSecurityImpl.java
Thu Jan 16 12:54:44 2014
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.resourceaccesssecurity.impl;
+
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.Property;
+import org.apache.felix.scr.annotations.Reference;
+import org.apache.felix.scr.annotations.ReferenceCardinality;
+import org.apache.felix.scr.annotations.ReferencePolicy;
+import org.apache.felix.scr.annotations.Service;
+import org.apache.sling.api.security.ResourceAccessSecurity;
+import org.apache.sling.resourceaccesssecurity.ResourceAccessGate;
+
+@Component
+@Service(value=ResourceAccessSecurity.class)
+@Property(name=ResourceAccessSecurity.CONTEXT, value=ResourceAccessSecurity.APPLICATION_CONTEXT)
+@Reference(name="ResourceAccessGate", referenceInterface=ResourceAccessGate.class,
+           cardinality=ReferenceCardinality.MANDATORY_MULTIPLE,
+           policy=ReferencePolicy.DYNAMIC,
+           target="(" + ResourceAccessGate.CONTEXT + "=" + ResourceAccessGate.APPLICATION_CONTEXT
+ ")")
+public class ApplicationResourceAccessSecurityImpl extends ResourceAccessSecurityImpl {
+
+}

Propchange: sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ApplicationResourceAccessSecurityImpl.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ApplicationResourceAccessSecurityImpl.java
------------------------------------------------------------------------------
    svn:keywords = author date id revision rev url

Propchange: sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ApplicationResourceAccessSecurityImpl.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ProviderResourceAccessSecurityImpl.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ProviderResourceAccessSecurityImpl.java?rev=1558777&view=auto
==============================================================================
--- sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ProviderResourceAccessSecurityImpl.java
(added)
+++ sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ProviderResourceAccessSecurityImpl.java
Thu Jan 16 12:54:44 2014
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.resourceaccesssecurity.impl;
+
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.Property;
+import org.apache.felix.scr.annotations.Reference;
+import org.apache.felix.scr.annotations.ReferenceCardinality;
+import org.apache.felix.scr.annotations.ReferencePolicy;
+import org.apache.felix.scr.annotations.Service;
+import org.apache.sling.api.security.ResourceAccessSecurity;
+import org.apache.sling.resourceaccesssecurity.ResourceAccessGate;
+
+@Component
+@Service(value=ResourceAccessSecurity.class)
+@Property(name=ResourceAccessSecurity.CONTEXT, value=ResourceAccessSecurity.PROVIDER_CONTEXT)
+@Reference(name="ResourceAccessGate", referenceInterface=ResourceAccessGate.class,
+           cardinality=ReferenceCardinality.MANDATORY_MULTIPLE,
+           policy=ReferencePolicy.DYNAMIC,
+           target="(" + ResourceAccessGate.CONTEXT + "=" + ResourceAccessGate.PROVIDER_CONTEXT
+ ")")
+public class ProviderResourceAccessSecurityImpl extends ResourceAccessSecurityImpl {
+
+}

Propchange: sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ProviderResourceAccessSecurityImpl.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ProviderResourceAccessSecurityImpl.java
------------------------------------------------------------------------------
    svn:keywords = author date id revision rev url

Propchange: sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ProviderResourceAccessSecurityImpl.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ResourceAccessGateHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ResourceAccessGateHandler.java?rev=1558777&r1=1558776&r2=1558777&view=diff
==============================================================================
--- sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ResourceAccessGateHandler.java
(original)
+++ sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ResourceAccessGateHandler.java
Thu Jan 16 12:54:44 2014
@@ -15,7 +15,8 @@
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
- */package org.apache.sling.resourceaccesssecurity.impl;
+ */
+package org.apache.sling.resourceaccesssecurity.impl;
 
 import java.util.HashSet;
 import java.util.Set;
@@ -26,10 +27,12 @@ import org.apache.sling.commons.osgi.Pro
 import org.apache.sling.resourceaccesssecurity.ResourceAccessGate;
 import org.osgi.framework.ServiceReference;
 
-public class ResourceAccessGateHandler {
+public class ResourceAccessGateHandler implements Comparable<ResourceAccessGateHandler>
{
 
     private final ResourceAccessGate resourceAccessGate;
 
+    private final ServiceReference reference;
+
     private final Pattern pathPattern;
     private final Set<ResourceAccessGate.Operation> operations = new HashSet<ResourceAccessGate.Operation>();
     private final Set<ResourceAccessGate.Operation> finalOperations = new HashSet<ResourceAccessGate.Operation>();
@@ -38,6 +41,7 @@ public class ResourceAccessGateHandler {
      * constructor
      */
     public ResourceAccessGateHandler ( final ServiceReference resourceAccessGateRef ) {
+        this.reference = resourceAccessGateRef;
 
         resourceAccessGate = (ResourceAccessGate) resourceAccessGateRef.getBundle().
                 getBundleContext().getService(resourceAccessGateRef);
@@ -45,9 +49,7 @@ public class ResourceAccessGateHandler {
         String path = (String) resourceAccessGateRef.getProperty(ResourceAccessGate.PATH);
         if ( path != null ) {
             pathPattern = Pattern.compile(path);
-        }
-        else
-        {
+        } else {
             pathPattern = Pattern.compile(".*");
         }
 
@@ -100,4 +102,21 @@ public class ResourceAccessGateHandler {
         return resourceAccessGate;
     }
 
+    @Override
+    public int compareTo(final ResourceAccessGateHandler o) {
+        return this.reference.compareTo(o.reference);
+    }
+
+    @Override
+    public boolean equals(final Object obj) {
+        if ( obj instanceof ResourceAccessGateHandler ) {
+            return ((ResourceAccessGateHandler)obj).reference.equals(this.reference);
+        }
+        return false;
+    }
+
+    @Override
+    public int hashCode() {
+        return this.reference.hashCode();
+    }
 }

Modified: sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ResourceAccessSecurityImpl.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ResourceAccessSecurityImpl.java?rev=1558777&r1=1558776&r2=1558777&view=diff
==============================================================================
--- sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ResourceAccessSecurityImpl.java
(original)
+++ sling/trunk/bundles/resourceaccesssecurity/src/main/java/org/apache/sling/resourceaccesssecurity/impl/ResourceAccessSecurityImpl.java
Thu Jan 16 12:54:44 2014
@@ -19,28 +19,31 @@
 package org.apache.sling.resourceaccesssecurity.impl;
 
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;
 import java.util.NoSuchElementException;
 
+import org.apache.felix.scr.annotations.Reference;
+import org.apache.felix.scr.annotations.ReferenceCardinality;
+import org.apache.felix.scr.annotations.ReferencePolicy;
+import org.apache.felix.scr.annotations.ReferencePolicyOption;
 import org.apache.sling.api.resource.Resource;
 import org.apache.sling.api.resource.ResourceResolver;
 import org.apache.sling.api.security.AccessSecurityException;
 import org.apache.sling.api.security.ResourceAccessSecurity;
 import org.apache.sling.resourceaccesssecurity.ResourceAccessGate;
 import org.apache.sling.resourceaccesssecurity.ResourceAccessGate.GateResult;
+import org.osgi.framework.ServiceReference;
 
-public class ResourceAccessSecurityImpl implements ResourceAccessSecurity {
-
-    private final ResourceAccessGateTracker resourceAccessGateTracker;
+@Reference(policyOption=ReferencePolicyOption.GREEDY,
+cardinality=ReferenceCardinality.OPTIONAL_UNARY,
+policy=ReferencePolicy.DYNAMIC,
+target="(" + ResourceAccessSecurity.CONTEXT + "=" + ResourceAccessSecurity.PROVIDER_CONTEXT
+ ")")
 
-    private final boolean appContext;
+public class ResourceAccessSecurityImpl implements ResourceAccessSecurity {
 
-    public ResourceAccessSecurityImpl(
-            final ResourceAccessGateTracker resourceAccessGateTracker, final boolean appContext)
{
-        this.resourceAccessGateTracker = resourceAccessGateTracker;
-        this.appContext = appContext;
-    }
+    private List<ResourceAccessGateHandler> allHandlers = Collections.emptyList();
 
     /**
      * This method returns either an iterator delivering the matching handlers
@@ -52,9 +55,7 @@ public class ResourceAccessSecurityImpl 
         // TODO: maybe caching some frequent paths with read operation would be
         // a good idea
         //
-        final List<ResourceAccessGateHandler> handlers = (this.appContext ? resourceAccessGateTracker.getApplicationResourceAccessGateHandlers()
-                                                                          : resourceAccessGateTracker.getProviderResourceAccessGateHandlers());
-
+        final List<ResourceAccessGateHandler> handlers = allHandlers;
         if (handlers.size() > 0) {
 
             final Iterator<ResourceAccessGateHandler> iter = handlers.iterator();
@@ -200,4 +201,25 @@ public class ResourceAccessSecurityImpl 
         return query;
     }
 
+
+    protected void bindResourceAccessGate(final ServiceReference ref) {
+        synchronized ( this ) {
+            final List<ResourceAccessGateHandler> newList = new ArrayList<ResourceAccessGateHandler>(this.allHandlers);
+
+            final ResourceAccessGateHandler h = new ResourceAccessGateHandler(ref);
+            newList.add(h);
+            Collections.sort(newList);
+            this.allHandlers = newList;
+        }
+    }
+
+    protected void unbindResourceAccessGate(final ServiceReference ref) {
+        synchronized ( this ) {
+            final List<ResourceAccessGateHandler> newList = new ArrayList<ResourceAccessGateHandler>(this.allHandlers);
+
+            final ResourceAccessGateHandler h = new ResourceAccessGateHandler(ref);
+            newList.remove(h);
+            this.allHandlers = newList;
+        }
+    }
 }



Mime
View raw message