incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cziege...@apache.org
Subject svn commit: r1559039 - in /sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl: ResourceResolverImpl.java tree/ProviderHandler.java tree/ResourceProviderEntry.java
Date Fri, 17 Jan 2014 07:44:46 GMT
Author: cziegeler
Date: Fri Jan 17 07:44:46 2014
New Revision: 1559039

URL: http://svn.apache.org/r1559039
Log:
SLING-2698 - resource access security service for resource providers. Implement checks for
create and delete

Modified:
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverImpl.java
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java
    sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderEntry.java

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverImpl.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverImpl.java?rev=1559039&r1=1559038&r2=1559039&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverImpl.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/ResourceResolverImpl.java
Fri Jan 17 07:44:46 2014
@@ -37,7 +37,6 @@ import org.apache.sling.adapter.annotati
 import org.apache.sling.api.SlingException;
 import org.apache.sling.api.adapter.SlingAdaptable;
 import org.apache.sling.api.resource.LoginException;
-import org.apache.sling.api.resource.ModifyingResourceProvider;
 import org.apache.sling.api.resource.NonExistingResource;
 import org.apache.sling.api.resource.PersistenceException;
 import org.apache.sling.api.resource.Resource;
@@ -1032,14 +1031,7 @@ public class ResourceResolverImpl extend
             return;
         }
         // if resource is null, we get an NPE as stated in the API
-        final String path = resource.getPath();
-        final ModifyingResourceProvider mrp = this.factory.getRootProviderEntry().getModifyingProvider(this.context,
-                this,
-                path);
-        if ( mrp == null ) {
-            throw new UnsupportedOperationException("delete at '" + path + "'");
-        }
-        mrp.delete(this, path);
+        this.factory.getRootProviderEntry().delete(this.context, this, resource);
     }
 
     /**
@@ -1065,13 +1057,8 @@ public class ResourceResolverImpl extend
         if ( ResourceUtil.isSyntheticResource(parent) ) {
             this.create(parent.getParent(), parent.getName(), null);
         }
-        final ModifyingResourceProvider mrp = this.factory.getRootProviderEntry().getModifyingProvider(this.context,
-                this,
-                path);
-        if ( mrp == null ) {
-            throw new UnsupportedOperationException("Create '" + name + "' at " + parent.getPath());
-        }
-        return this.factory.getResourceDecoratorTracker().decorate(mrp.create(this, path,
properties));
+        final Resource rsrc = this.factory.getRootProviderEntry().create(this.context, this,
path, properties);
+        return this.factory.getResourceDecoratorTracker().decorate(rsrc);
     }
 
     /**

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java?rev=1559039&r1=1559038&r2=1559039&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ProviderHandler.java
Fri Jan 17 07:44:46 2014
@@ -111,6 +111,48 @@ public abstract class ProviderHandler im
         }
     }
 
+    public boolean canCreate(final ResourceResolverContext ctx, final ResourceResolver resolver,
final String path) {
+        final ResourceAccessSecurityTracker tracker = ctx.getResourceAccessSecurityTracker();
+        boolean allowed = true;
+        if ( useResourceAccessSecurity ) {
+            final ResourceAccessSecurity security = tracker.getProviderResourceAccessSecurity();
+            if ( security != null ) {
+                allowed = security.canCreate(path, resolver);
+            } else {
+                allowed = false;
+            }
+        }
+
+        if ( allowed ) {
+            final ResourceAccessSecurity security = tracker.getApplicationResourceAccessSecurity();
+            if (security != null) {
+                allowed = security.canCreate(path, resolver);
+            }
+        }
+        return allowed;
+    }
+
+    public boolean canDelete(final ResourceResolverContext ctx, final Resource resource)
{
+        final ResourceAccessSecurityTracker tracker = ctx.getResourceAccessSecurityTracker();
+        boolean allowed = true;
+        if ( useResourceAccessSecurity ) {
+            final ResourceAccessSecurity security = tracker.getProviderResourceAccessSecurity();
+            if ( security != null ) {
+                allowed = security.canDelete(resource);
+            } else {
+                allowed = false;
+            }
+        }
+
+        if ( allowed ) {
+            final ResourceAccessSecurity security = tracker.getApplicationResourceAccessSecurity();
+            if (security != null) {
+                allowed = security.canDelete(resource);
+            }
+        }
+        return allowed;
+    }
+
     /**
      * applies resource access security if configured
      */

Modified: sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderEntry.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderEntry.java?rev=1559039&r1=1559038&r2=1559039&view=diff
==============================================================================
--- sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderEntry.java
(original)
+++ sling/trunk/bundles/resourceresolver/src/main/java/org/apache/sling/resourceresolver/impl/tree/ResourceProviderEntry.java
Fri Jan 17 07:44:46 2014
@@ -24,14 +24,17 @@ import java.util.Collection;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Map;
 import java.util.Set;
 
 import org.apache.commons.collections.FastTreeMap;
 import org.apache.sling.api.resource.ModifyingResourceProvider;
+import org.apache.sling.api.resource.PersistenceException;
 import org.apache.sling.api.resource.Resource;
 import org.apache.sling.api.resource.ResourceMetadata;
 import org.apache.sling.api.resource.ResourceProvider;
 import org.apache.sling.api.resource.ResourceResolver;
+import org.apache.sling.api.resource.ResourceUtil;
 import org.apache.sling.api.resource.SyntheticResource;
 import org.apache.sling.resourceresolver.impl.helper.ResourceResolverContext;
 import org.slf4j.Logger;
@@ -41,7 +44,7 @@ import org.slf4j.LoggerFactory;
  * The <code>ResourceProviderEntry</code> class represents a node in the tree
of
  * resource providers spanned by the root paths of the provider resources.
  * <p>
- * That means this class has a map of child ResourceProviderEntries, keyed by the child name

+ * That means this class has a map of child ResourceProviderEntries, keyed by the child name
  * and a list of ProviderHandlers that are mapped to the path that this ResourceProviderEntry
represents.
  * To locate a list of potential ResourceProviders the path is split into elements and then
that list used to
  * walk down the tree of ResourceProviders. eg: for a path /a/b/c/d the list of ProviderHandlers
would be accessed
@@ -199,7 +202,7 @@ public class ResourceProviderEntry imple
 	 * will expand the tree of ResourceProviderEntries down the supplied prefix
 	 * and add the provider to a ResourceProviderEntry that represents the last
 	 * element of the path.
-	 * 
+	 *
 	 * @return <code>true</code> if the provider could be entered into the
 	 *         subtree below this entry. Otherwise <code>false</code> is
 	 *         returned.
@@ -269,7 +272,7 @@ public class ResourceProviderEntry imple
 	 * the list, then it will inspect that child entry for a child "b", then
 	 * child "b" for child "c" etc until the list of elements is exhausted or
 	 * the child does not exist.
-	 * 
+	 *
 	 * @param entries
 	 *            List to add the entries to.
 	 * @param elements
@@ -399,7 +402,7 @@ public class ResourceProviderEntry imple
         return fallbackResource;
     }
 
-    public ModifyingResourceProvider getModifyingProvider(final ResourceResolverContext ctx,
+    private ProviderHandler getModifyingProviderHandler(final ResourceResolverContext ctx,
             final ResourceResolver resourceResolver,
             final String fullPath) {
         final String[] elements = split(fullPath);
@@ -411,7 +414,7 @@ public class ResourceProviderEntry imple
             for (final ProviderHandler rp : rps) {
                 final ResourceProvider provider = rp.getResourceProvider(ctx);
                 if ( provider instanceof ModifyingResourceProvider ) {
-                    return (ModifyingResourceProvider) provider;
+                    return rp;
                 }
                 if ( rp.ownsRoots() ) {
                     return null;
@@ -422,12 +425,36 @@ public class ResourceProviderEntry imple
         for(final ProviderHandler rp : this.providers) {
             final ResourceProvider provider = rp.getResourceProvider(ctx);
             if ( provider instanceof ModifyingResourceProvider) {
-                return (ModifyingResourceProvider) provider;
+                return rp;
             }
         }
         return null;
     }
 
+    public void delete(final ResourceResolverContext ctx,
+            final ResourceResolver resourceResolver,
+            final Resource resource) throws PersistenceException {
+        final String fullPath = resource.getPath();
+        final ProviderHandler handler = this.getModifyingProviderHandler(ctx, resourceResolver,
fullPath);
+        if ( handler == null || !handler.canDelete(ctx, resource) ) {
+            throw new UnsupportedOperationException("delete at '" + fullPath + "'");
+        }
+        final ModifyingResourceProvider mrp = (ModifyingResourceProvider) handler.getResourceProvider(ctx);
+        mrp.delete(resourceResolver, fullPath);
+    }
+
+    public Resource create(final ResourceResolverContext ctx,
+            final ResourceResolver resourceResolver,
+            final String fullPath,
+            final Map<String, Object> properties) throws PersistenceException {
+        final ProviderHandler handler = this.getModifyingProviderHandler(ctx, resourceResolver,
fullPath);
+        if ( handler == null || !handler.canCreate(ctx, resourceResolver, fullPath) ) {
+            throw new UnsupportedOperationException("Create '" + ResourceUtil.getName(fullPath)
+ "' at " + ResourceUtil.getParent(fullPath));
+        }
+        final ModifyingResourceProvider mrp = (ModifyingResourceProvider) handler.getResourceProvider(ctx);
+        return mrp.create(resourceResolver, fullPath, properties);
+    }
+
     private static final char SPLIT_SEP = '/';
     private static final String[] EMPTY_RESULT = new String[0];
 



Mime
View raw message