jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1597717 - /jackrabbit/trunk/jackrabbit-jcr-commons/src/main/java/org/apache/jackrabbit/commons/jackrabbit/authorization/AccessControlUtils.java
Date Tue, 27 May 2014 08:25:21 GMT
Author: angela
Date: Tue May 27 08:25:21 2014
New Revision: 1597717

URL: http://svn.apache.org/r1597717
Log:
    JCR-3777

Add simple allow/deny/clear convenience methods to AccessControlUtils

Modified:
    jackrabbit/trunk/jackrabbit-jcr-commons/src/main/java/org/apache/jackrabbit/commons/jackrabbit/authorization/AccessControlUtils.java

Modified: jackrabbit/trunk/jackrabbit-jcr-commons/src/main/java/org/apache/jackrabbit/commons/jackrabbit/authorization/AccessControlUtils.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-commons/src/main/java/org/apache/jackrabbit/commons/jackrabbit/authorization/AccessControlUtils.java?rev=1597717&r1=1597716&r2=1597717&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-commons/src/main/java/org/apache/jackrabbit/commons/jackrabbit/authorization/AccessControlUtils.java
(original)
+++ jackrabbit/trunk/jackrabbit-jcr-commons/src/main/java/org/apache/jackrabbit/commons/jackrabbit/authorization/AccessControlUtils.java
Tue May 27 08:25:21 2014
@@ -269,54 +269,95 @@ public class AccessControlUtils {
     }
 
     /**
-     * Removes all ACL entries for a principal on a given node.
-     *
-     * <p>To activate the ACL change, session.save() must be called.</p>
+     * Removes all ACL entries for a principal at a given absolute path. If the specified
+     * {@code principalName} is {@code null} the policy will be removed altogether.
+     * <p>Modifications only take effect upon {@code Session.save()}.</p>
      *
-     * @param node node from which to remove ACL entries; underlying session is used to write
the changes
-     * @param principalName user or group id whose entries should be removed; use {@code
null} to remove entries for all users
-     * @return {@code true} if the node's ACL had entries that were removed, {@code false}
if it did not have any entries
+     * @param session The editing session.
+     * @param absPath Absolute path of an existing node from which to remove ACL entries
(or the policy)
+     * @param principalName Name of the principal whose entries should be removed;
+     * use {@code null} to clear the policy.
+     * @return {@code true} if the policy has been modified; {@code false} otherwise.
      * @throws RepositoryException If an unexpected repository error occurs
      */
-    public static boolean clear(Node node, String principalName) throws RepositoryException
{
-        boolean removeAll = (principalName == null);
-        Principal principal = getPrincipal(node.getSession(), principalName);
-        if (principal == null) {
-            return false;
-        }
-
-        AccessControlManager acm = node.getSession().getAccessControlManager();
-        JackrabbitAccessControlList acl = getAccessControlList(acm, node.getPath());
+    public static boolean clear(Session session, String absPath, String principalName) throws
RepositoryException {
+        AccessControlManager acm = session.getAccessControlManager();
+        JackrabbitAccessControlList acl = getAccessControlList(acm, absPath);
         if (acl != null) {
-            boolean removedEntries = false;
-            // remove all existing entries for principal
-            for (AccessControlEntry ace : acl.getAccessControlEntries()) {
-                if (removeAll || ace.getPrincipal().equals(principal)) {
-                    removedEntries = true;
-                    acl.removeAccessControlEntry(ace);
+            if (principalName == null) {
+                acm.removePolicy(absPath, acl);
+                return true;
+            } else {
+                Principal principal = getPrincipal(session, principalName);
+                if (principal == null) {
+                    return false;
+                }
+                boolean removedEntries = false;
+                // remove all existing entries for principal
+                for (AccessControlEntry ace : acl.getAccessControlEntries()) {
+                    if (ace.getPrincipal().equals(principal)) {
+                        acl.removeAccessControlEntry(ace);
+                        removedEntries = true;
+                    }
+                }
+                if (removedEntries) {
+                    acm.setPolicy(absPath, acl);
+                    return true;
                 }
             }
-            acm.setPolicy(node.getPath(), acl);
-            return removedEntries;
         }
-
         return false;
     }
 
     /**
-     * Removes all ACL entries for a given node.
+     * Removes all ACL entries for a principal on a given node.
      *
-     * <p>To activate the ACL change, session.save() must be called.</p>
+     * <p>Modification to the policy only take effect upon {@code Session.save()} must
be called.</p>
+     *
+     * @param node node from which to remove ACL entries; underlying session is used to write
the changes
+     * @param principalName Name of the principal whose entries should be removed; use {@code
null} to clear the policy altogether.
+     * @return {@code true} if the node's ACL was modified, {@code false} otherwise.
+     * @throws RepositoryException If an unexpected repository error occurs
+     */
+    public static boolean clear(Node node, String principalName) throws RepositoryException
{
+        return clear(node.getSession(), node.getPath(), principalName);
+    }
+
+    /**
+     * Removes the access control list at a given node.
+     * <p>To persist the modifications, {@code Session.save()} must be called.</p>
      *
-     * @param node node from which to remove all ACL entries; underlying session is used
to write the changes
-     * @return {@code true} if the node's ACL had entries that were removed, {@code false}
if it did not have any entries
+     * @param node node from which to remove the ACL; underlying session is used to write
the changes
+     * @return {@code true} if the node's ACL was removed, {@code false} otherwise.
      * @throws RepositoryException If an unexpected repository error occurs
      */
     public static boolean clear(Node node) throws RepositoryException {
         return clear(node, null);
     }
 
-    private static Principal getPrincipal(Session session, String principalName) throws RepositoryException
{
+    /**
+     * Removes the access control list at the specified absolute path.
+     * <p>To persist the modification, session.save() must be called.</p>
+     *
+     * @param session The editing session.
+     * @param absPath An absolute path of a valid node accessible to the editing session
from which to remove the ACL.
+     * @return {@code true} if the node's ACL got removed, {@code false} otherwise.
+     * @throws RepositoryException If an unexpected repository error occurs
+     */
+    public static boolean clear(Session session, String absPath) throws RepositoryException
{
+        return clear(session, absPath, null);
+    }
+
+    /**
+     * Retrieves the principal with the specified {@code principalName}. Shortcut
+     * for calling {@link PrincipalManager#getPrincipal(String)}.
+     *
+     * @param session The editing session which must be a {@code JackrabbitSession}.
+     * @param principalName The name of the principal.
+     * @return The principal with the specified name or {@code null} if no such principal
exists.
+     * @throws RepositoryException If an error occurs or if the session is not a {@code JackrabbitSession}.
+     */
+    public static Principal getPrincipal(Session session, String principalName) throws RepositoryException
{
         if (session instanceof JackrabbitSession) {
             return ((JackrabbitSession) session).getPrincipalManager().getPrincipal(principalName);
         } else {
@@ -324,7 +365,14 @@ public class AccessControlUtils {
         }
     }
 
-    private static Principal getEveryonePrincipal(Session session) throws RepositoryException
{
+    /**
+     * Shortcut for calling {@link PrincipalManager#getEveryone()}.
+     *
+     * @param session The editing session which must be a {@code JackrabbitSession}.
+     * @return The group principal presenting everyone.
+     * @throws RepositoryException If an error occurs or if the session is not a {@code JackrabbitSession}.
+     */
+    public static Principal getEveryonePrincipal(Session session) throws RepositoryException
{
         if (session instanceof JackrabbitSession) {
             return ((JackrabbitSession) session).getPrincipalManager().getEveryone();
         } else {



Mime
View raw message