jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From un...@apache.org
Subject svn commit: r1443652 - in /jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core: security/authorization/Permission.java version/VersionHistoryImpl.java
Date Thu, 07 Feb 2013 18:45:55 GMT
Author: unico
Date: Thu Feb  7 18:45:55 2013
New Revision: 1443652

URL: http://svn.apache.org/r1443652
Log:
JCR-3507 do an extra permissions check before deleting a version or a version history in order
that repositories can prevent such actions as a matter of repository-wide policy

Modified:
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/Permission.java
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/VersionHistoryImpl.java

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/Permission.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/Permission.java?rev=1443652&r1=1443651&r2=1443652&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/Permission.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authorization/Permission.java
Thu Feb  7 18:45:55 2013
@@ -57,11 +57,13 @@ public final class Permission {
 
     public static final int PRIVILEGE_MNGMT = WORKSPACE_MNGMT << 1;
 
+    public static final int REMOVE_VERSION = PRIVILEGE_MNGMT << 1;
+
     public static final int ALL = (READ | SET_PROPERTY | ADD_NODE | REMOVE_NODE
             | REMOVE_PROPERTY | READ_AC | MODIFY_AC | NODE_TYPE_MNGMT
             | VERSION_MNGMT | LOCK_MNGMT | LIFECYCLE_MNGMT | RETENTION_MNGMT
             | MODIFY_CHILD_NODE_COLLECTION | NODE_TYPE_DEF_MNGMT | NAMESPACE_MNGMT
-            | WORKSPACE_MNGMT | PRIVILEGE_MNGMT);
+            | WORKSPACE_MNGMT | PRIVILEGE_MNGMT | REMOVE_VERSION);
 
     /**
      * Returns those bits from <code>permissions</code> that are not present
in

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/VersionHistoryImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/VersionHistoryImpl.java?rev=1443652&r1=1443651&r2=1443652&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/VersionHistoryImpl.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/version/VersionHistoryImpl.java
Thu Feb  7 18:45:55 2013
@@ -258,6 +258,7 @@ public class VersionHistoryImpl extends 
             RepositoryException {
         try {
             // check permissions
+            checkRemoveVersionPermission();
             checkVersionManagementPermission();
             sessionContext.getSessionImpl().getInternalVersionManager().removeVersion(
                     getSession(),
@@ -269,6 +270,21 @@ public class VersionHistoryImpl extends 
     }
 
     /**
+     * Removes this VersionHistory from storage.
+     *
+     * @throws RepositoryException if an error occurs.
+     */
+    public void removeVersionHistory() throws RepositoryException {
+        checkRemoveVersionPermission();
+        checkVersionManagementPermission();
+        InternalVersionManager internalVersionManager =
+                sessionContext.getSessionImpl().getInternalVersionManager();
+        internalVersionManager.removeVersionHistory(
+                getSession(),
+                getInternalVersionHistory());
+    }
+
+    /**
      * @see javax.jcr.Item#isSame(javax.jcr.Item)
      */
     @Override
@@ -313,7 +329,11 @@ public class VersionHistoryImpl extends 
             // ignore.
         }
     }
-    
+
+    private void checkRemoveVersionPermission() throws RepositoryException {
+        sessionContext.getAccessManager().checkRepositoryPermission(Permission.REMOVE_VERSION);
+    }
+
     /**
      * Checks if the given version belongs to this history
      *



Mime
View raw message