jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1640531 - in /jackrabbit/trunk/jackrabbit-jcr-server: ./ src/main/java/org/apache/jackrabbit/webdav/jcr/ src/main/java/org/apache/jackrabbit/webdav/jcr/property/ src/main/java/org/apache/jackrabbit/webdav/jcr/security/ src/test/java/org/ap...
Date Wed, 19 Nov 2014 11:38:29 GMT
Author: angela
Date: Wed Nov 19 11:38:29 2014
New Revision: 1640531

URL: http://svn.apache.org/r1640531
Log:
JCR-3830 : Allow for privilege discovery in jcr-server

Added:
    jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/
    jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/JcrSupportedPrivilegesProperty.java
    jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/JcrUserPrivilegesProperty.java
    jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/SecurityUtils.java
    jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/
    jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/AbstractSecurityTest.java
    jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/JcrSupportedPrivilegePropertyTest.java
    jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/JcrUserPrivilegesPropertyTest.java
    jackrabbit/trunk/jackrabbit-jcr-server/src/test/resources/repositoryStubImpl.properties
      - copied unchanged from r1640512, jackrabbit/trunk/jackrabbit-core/src/test/resources/repositoryStubImpl.properties
Modified:
    jackrabbit/trunk/jackrabbit-jcr-server/pom.xml
    jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/AbstractItemResource.java
    jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/DefaultItemCollection.java
    jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/ItemResourceConstants.java
    jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/WorkspaceResourceImpl.java
    jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/property/JcrDavPropertyNameSet.java

Modified: jackrabbit/trunk/jackrabbit-jcr-server/pom.xml
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/pom.xml?rev=1640531&r1=1640530&r2=1640531&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/pom.xml (original)
+++ jackrabbit/trunk/jackrabbit-jcr-server/pom.xml Wed Nov 19 11:38:29 2014
@@ -235,6 +235,12 @@
       <scope>test</scope>
     </dependency>
     <dependency>
+      <groupId>org.apache.jackrabbit</groupId>
+      <artifactId>jackrabbit-jcr-tests</artifactId>
+      <version>${project.version}</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
       <groupId>org.mortbay.jetty</groupId>
       <artifactId>jetty</artifactId>
       <scope>test</scope>

Modified: jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/AbstractItemResource.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/AbstractItemResource.java?rev=1640531&r1=1640530&r2=1640531&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/AbstractItemResource.java
(original)
+++ jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/AbstractItemResource.java
Wed Nov 19 11:38:29 2014
@@ -17,30 +17,27 @@
 package org.apache.jackrabbit.webdav.jcr;
 
 import org.apache.jackrabbit.util.Text;
+import org.apache.jackrabbit.webdav.DavCompliance;
 import org.apache.jackrabbit.webdav.DavException;
 import org.apache.jackrabbit.webdav.DavResource;
 import org.apache.jackrabbit.webdav.DavResourceFactory;
 import org.apache.jackrabbit.webdav.DavResourceLocator;
 import org.apache.jackrabbit.webdav.DavServletResponse;
-import org.apache.jackrabbit.webdav.DavCompliance;
 import org.apache.jackrabbit.webdav.io.OutputContext;
+import org.apache.jackrabbit.webdav.jcr.nodetype.ItemDefinitionImpl;
+import org.apache.jackrabbit.webdav.jcr.nodetype.NodeDefinitionImpl;
+import org.apache.jackrabbit.webdav.jcr.nodetype.PropertyDefinitionImpl;
 import org.apache.jackrabbit.webdav.jcr.property.JcrDavPropertyNameSet;
+import org.apache.jackrabbit.webdav.observation.EventDiscovery;
 import org.apache.jackrabbit.webdav.observation.ObservationConstants;
 import org.apache.jackrabbit.webdav.observation.ObservationResource;
-import org.apache.jackrabbit.webdav.observation.SubscriptionManager;
 import org.apache.jackrabbit.webdav.observation.Subscription;
 import org.apache.jackrabbit.webdav.observation.SubscriptionInfo;
-import org.apache.jackrabbit.webdav.observation.EventDiscovery;
-import org.apache.jackrabbit.webdav.jcr.nodetype.ItemDefinitionImpl;
-import org.apache.jackrabbit.webdav.jcr.nodetype.NodeDefinitionImpl;
-import org.apache.jackrabbit.webdav.jcr.nodetype.PropertyDefinitionImpl;
-import org.apache.jackrabbit.webdav.property.DefaultDavProperty;
-import org.apache.jackrabbit.webdav.property.HrefProperty;
+import org.apache.jackrabbit.webdav.observation.SubscriptionManager;
 import org.apache.jackrabbit.webdav.property.DavProperty;
 import org.apache.jackrabbit.webdav.property.DavPropertyName;
-import org.apache.jackrabbit.webdav.security.CurrentUserPrivilegeSetProperty;
-import org.apache.jackrabbit.webdav.security.Privilege;
-import org.apache.jackrabbit.webdav.security.SecurityConstants;
+import org.apache.jackrabbit.webdav.property.DefaultDavProperty;
+import org.apache.jackrabbit.webdav.property.HrefProperty;
 import org.apache.jackrabbit.webdav.transaction.TxLockEntry;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -51,8 +48,6 @@ import javax.jcr.PathNotFoundException;
 import javax.jcr.Property;
 import javax.jcr.RepositoryException;
 import javax.jcr.Workspace;
-import java.util.ArrayList;
-import java.util.List;
 import java.io.IOException;
 
 /**
@@ -133,24 +128,6 @@ abstract class AbstractItemResource exte
             } else if (ObservationConstants.SUBSCRIPTIONDISCOVERY.equals(name)) {
                 // observation resource
                 prop = subsMgr.getSubscriptionDiscovery(this);
-            } else if (SecurityConstants.CURRENT_USER_PRIVILEGE_SET.equals(name)) {
-                // TODO complete set of properties defined by RFC 3744
-                Privilege[] allPrivs = new Privilege[] {PRIVILEGE_JCR_READ,
-                        PRIVILEGE_JCR_ADD_NODE,
-                        PRIVILEGE_JCR_SET_PROPERTY,
-                        PRIVILEGE_JCR_REMOVE};
-                List<Privilege> currentPrivs = new ArrayList<Privilege>();
-                for (Privilege priv : allPrivs) {
-                    try {
-                        String path = getLocator().getRepositoryPath();
-                        getRepositorySession().hasPermission(path, priv.getName());
-                        currentPrivs.add(priv);
-                    } catch (RepositoryException e) {
-                        // ignore
-                        log.debug(e.toString());
-                    }
-                }
-                prop =  new CurrentUserPrivilegeSetProperty(currentPrivs.toArray(new Privilege[currentPrivs.size()]));
             }
         }
 

Modified: jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/DefaultItemCollection.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/DefaultItemCollection.java?rev=1640531&r1=1640530&r2=1640531&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/DefaultItemCollection.java
(original)
+++ jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/DefaultItemCollection.java
Wed Nov 19 11:38:29 2014
@@ -62,6 +62,10 @@ import org.apache.jackrabbit.webdav.DavR
 import org.apache.jackrabbit.webdav.DavServletResponse;
 import org.apache.jackrabbit.webdav.MultiStatusResponse;
 import org.apache.jackrabbit.webdav.jcr.property.JcrDavPropertyNameSet;
+import org.apache.jackrabbit.webdav.jcr.security.JcrUserPrivilegesProperty;
+import org.apache.jackrabbit.webdav.jcr.security.JcrSupportedPrivilegesProperty;
+import org.apache.jackrabbit.webdav.jcr.security.SecurityUtils;
+import org.apache.jackrabbit.webdav.security.SecurityConstants;
 import org.apache.jackrabbit.webdav.util.HttpDateFormat;
 import org.apache.jackrabbit.webdav.io.InputContext;
 import org.apache.jackrabbit.webdav.io.OutputContext;
@@ -230,6 +234,10 @@ public class DefaultItemCollection exten
                 } else if (OrderingConstants.ORDERING_TYPE.equals(name) && isOrderable())
{
                     // property defined by RFC 3648: this resource always has custom ordering!
                   
                     prop = new OrderingType(OrderingConstants.ORDERING_TYPE_CUSTOM);
+                } else if (SecurityConstants.SUPPORTED_PRIVILEGE_SET.equals(name)) {
+                    prop = new JcrSupportedPrivilegesProperty(getRepositorySession(), n.getPath()).asDavProperty();
+                } else if (SecurityConstants.CURRENT_USER_PRIVILEGE_SET.equals(name)) {
+                    prop = new JcrUserPrivilegesProperty(getRepositorySession(), n.getPath()).asDavProperty();
                 }
             } catch (RepositoryException e) {
                 log.error("Failed to retrieve node-specific property: " + e);
@@ -953,6 +961,10 @@ public class DefaultItemCollection exten
             if (isOrderable()) {
                 names.add(OrderingConstants.ORDERING_TYPE);
             }
+            if (SecurityUtils.supportsAccessControl(getRepositorySession())) {
+                names.add(SecurityConstants.SUPPORTED_PRIVILEGE_SET);
+                names.add(SecurityConstants.CURRENT_USER_PRIVILEGE_SET);
+            }
         }
     }
                                               

Modified: jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/ItemResourceConstants.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/ItemResourceConstants.java?rev=1640531&r1=1640530&r2=1640531&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/ItemResourceConstants.java
(original)
+++ jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/ItemResourceConstants.java
Wed Nov 19 11:38:29 2014
@@ -16,6 +16,8 @@
  */
 package org.apache.jackrabbit.webdav.jcr;
 
+import javax.jcr.Session;
+
 import org.apache.jackrabbit.commons.webdav.JcrRemotingConstants;
 import org.apache.jackrabbit.webdav.DavResource;
 import org.apache.jackrabbit.webdav.lock.Scope;
@@ -93,18 +95,31 @@ public interface ItemResourceConstants e
     //-----------------------------------------< JSR170 specific privileges >---
     /**
      * Privilege representing the JSR170 'read' action.
+     * <p><strong>Note:</strong> the name of this constant is somewhat
misleading
+     * as it corresponds to {@link javax.jcr.Session#ACTION_READ} and not
+     * to {@link javax.jcr.security.Privilege#JCR_READ}.</p>
      */
-    public static final Privilege PRIVILEGE_JCR_READ = Privilege.getPrivilege("read", NAMESPACE);
+    public static final Privilege PRIVILEGE_JCR_READ = Privilege.getPrivilege(Session.ACTION_READ,
NAMESPACE);
     /**
      * Privilege representing the JSR170 'add_node' action.
+     * <p><strong>Note:</strong> the name of this constant is somewhat
misleading
+     * as it corresponds to {@link javax.jcr.Session#ACTION_ADD_NODE} and not
+     * to {@link javax.jcr.security.Privilege#JCR_ADD_CHILD_NODES}.</p>
      */
-    public static final Privilege PRIVILEGE_JCR_ADD_NODE = Privilege.getPrivilege("add_node",
NAMESPACE);
+    public static final Privilege PRIVILEGE_JCR_ADD_NODE = Privilege.getPrivilege(Session.ACTION_ADD_NODE,
NAMESPACE);
     /**
      * Privilege representing the JSR170 'set_property' action.
+     * <p><strong>Note:</strong> the name of this constant is somewhat
misleading
+     * as it corresponds to {@link javax.jcr.Session#ACTION_SET_PROPERTY} and not
+     * to {@link javax.jcr.security.Privilege#JCR_MODIFY_PROPERTIES}.</p>
      */
-    public static final Privilege PRIVILEGE_JCR_SET_PROPERTY = Privilege.getPrivilege("set_property",
NAMESPACE);
+    public static final Privilege PRIVILEGE_JCR_SET_PROPERTY = Privilege.getPrivilege(Session.ACTION_SET_PROPERTY,
NAMESPACE);
     /**
      * Privilege representing the JSR170 'remove' action.
+     * <p><strong>Note:</strong> the name of this constant is somewhat
misleading
+     * as it corresponds to {@link javax.jcr.Session#ACTION_REMOVE} and not
+     * to {@link javax.jcr.security.Privilege#JCR_REMOVE_NODE} or
+     * {@link javax.jcr.security.Privilege#JCR_REMOVE_CHILD_NODES}.</p>
      */
-    public static final Privilege PRIVILEGE_JCR_REMOVE = Privilege.getPrivilege("remove",
NAMESPACE);
+    public static final Privilege PRIVILEGE_JCR_REMOVE = Privilege.getPrivilege(Session.ACTION_REMOVE,
NAMESPACE);
 }

Modified: jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/WorkspaceResourceImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/WorkspaceResourceImpl.java?rev=1640531&r1=1640530&r2=1640531&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/WorkspaceResourceImpl.java
(original)
+++ jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/WorkspaceResourceImpl.java
Wed Nov 19 11:38:29 2014
@@ -36,12 +36,16 @@ import org.apache.jackrabbit.webdav.io.I
 import org.apache.jackrabbit.webdav.io.OutputContext;
 import org.apache.jackrabbit.webdav.jcr.property.JcrDavPropertyNameSet;
 import org.apache.jackrabbit.webdav.jcr.property.NamespacesProperty;
+import org.apache.jackrabbit.webdav.jcr.security.JcrUserPrivilegesProperty;
+import org.apache.jackrabbit.webdav.jcr.security.JcrSupportedPrivilegesProperty;
+import org.apache.jackrabbit.webdav.jcr.security.SecurityUtils;
 import org.apache.jackrabbit.webdav.jcr.version.report.JcrPrivilegeReport;
 import org.apache.jackrabbit.webdav.property.DavProperty;
 import org.apache.jackrabbit.webdav.property.DavPropertyName;
 import org.apache.jackrabbit.webdav.property.DefaultDavProperty;
 import org.apache.jackrabbit.webdav.property.PropEntry;
 import org.apache.jackrabbit.webdav.search.SearchResource;
+import org.apache.jackrabbit.webdav.security.SecurityConstants;
 import org.apache.jackrabbit.webdav.version.DeltaVResource;
 import org.apache.jackrabbit.webdav.version.LabelInfo;
 import org.apache.jackrabbit.webdav.version.MergeInfo;
@@ -104,35 +108,43 @@ public class WorkspaceResourceImpl exten
     @Override
     public DavProperty<?> getProperty(DavPropertyName name) {
         DavProperty prop = super.getProperty(name);
-        if (prop == null && ItemResourceConstants.JCR_NODETYPES_CND.equals(name))
{
-            StringWriter writer = new StringWriter();
+        if (prop == null) {
+            StringWriter writer = null;
             try {
-                Session s = getRepositorySession();
-
-                CompactNodeTypeDefWriter cndWriter = new CompactNodeTypeDefWriter(writer,
s, true);
-                NodeTypeIterator ntIterator = s.getWorkspace().getNodeTypeManager().getAllNodeTypes();
-                while (ntIterator.hasNext()) {
-                    cndWriter.write(ntIterator.nextNodeType());
+                if (ItemResourceConstants.JCR_NODETYPES_CND.equals(name)) {
+                    writer = new StringWriter();
+                    Session s = getRepositorySession();
+
+                    CompactNodeTypeDefWriter cndWriter = new CompactNodeTypeDefWriter(writer,
s, true);
+                    NodeTypeIterator ntIterator = s.getWorkspace().getNodeTypeManager().getAllNodeTypes();
+                    while (ntIterator.hasNext()) {
+                        cndWriter.write(ntIterator.nextNodeType());
+                    }
+                    cndWriter.close();
+                    /*
+                    NOTE: avoid having JCR_NODETYPES_CND exposed upon allprop
+                          PROPFIND request since it needs to be calculated.
+                          nevertheless, this property can be altered using
+                          PROPPATCH, which is not consistent with the specification
+                    */
+                    prop = new DefaultDavProperty<String>(ItemResourceConstants.JCR_NODETYPES_CND,
writer.toString(), true);
+
+                } else if (SecurityConstants.SUPPORTED_PRIVILEGE_SET.equals(name)) {
+                    prop = new JcrSupportedPrivilegesProperty(getRepositorySession(), null).asDavProperty();
+                } else if (SecurityConstants.CURRENT_USER_PRIVILEGE_SET.equals(name)) {
+                    prop = new JcrUserPrivilegesProperty(getRepositorySession(), null).asDavProperty();
                 }
-                cndWriter.close();
-                /*
-                NOTE: avoid having JCR_NODETYPES_CND exposed upon allprop
-                      PROPFIND request since it needs to be calculated.
-                      nevertheless, this property can be altered using
-                      PROPPATCH, which is not consistent with the specification
-                 */
-                return new DefaultDavProperty<String>(ItemResourceConstants.JCR_NODETYPES_CND,
writer.toString(), true);
             } catch (RepositoryException e) {
                 log.error("Failed to access NodeTypeManager: " + e.getMessage());
-                return null;
             } catch (IOException e) {
                 log.error("Failed to write compact node definition: " + e.getMessage());
-                return null;
             } finally {
-                try {
-                    writer.close();
-                } catch (IOException e) {
-                    log.error(e.getMessage());
+                if (writer != null) {
+                    try {
+                        writer.close();
+                    } catch (IOException e) {
+                        log.error(e.getMessage());
+                    }
                 }
             }
         }
@@ -592,6 +604,10 @@ public class WorkspaceResourceImpl exten
     protected void initPropertyNames() {
         super.initPropertyNames();
         names.addAll(JcrDavPropertyNameSet.WORKSPACE_SET);
+        if (SecurityUtils.supportsAccessControl(getRepositorySession())) {
+            names.add(SecurityConstants.SUPPORTED_PRIVILEGE_SET);
+            names.add(SecurityConstants.CURRENT_USER_PRIVILEGE_SET);
+        }
     }
 
     @Override

Modified: jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/property/JcrDavPropertyNameSet.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/property/JcrDavPropertyNameSet.java?rev=1640531&r1=1640530&r2=1640531&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/property/JcrDavPropertyNameSet.java
(original)
+++ jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/property/JcrDavPropertyNameSet.java
Wed Nov 19 11:38:29 2014
@@ -20,7 +20,6 @@ import org.apache.jackrabbit.webdav.jcr.
 import org.apache.jackrabbit.webdav.observation.ObservationConstants;
 import org.apache.jackrabbit.webdav.property.DavPropertyName;
 import org.apache.jackrabbit.webdav.property.DavPropertyNameSet;
-import org.apache.jackrabbit.webdav.security.SecurityConstants;
 import org.apache.jackrabbit.webdav.version.DeltaVConstants;
 import org.apache.jackrabbit.webdav.version.VersionControlledResource;
 import org.apache.jackrabbit.webdav.version.VersionHistoryResource;
@@ -77,7 +76,6 @@ public final class JcrDavPropertyNameSet
         ITEM_BASE_SET.add(DavPropertyName.GETCONTENTTYPE);        
         ITEM_BASE_SET.add(DeltaVConstants.WORKSPACE);
         ITEM_BASE_SET.add(ObservationConstants.SUBSCRIPTIONDISCOVERY);
-        ITEM_BASE_SET.add(SecurityConstants.CURRENT_USER_PRIVILEGE_SET);
     }
 
     /**

Added: jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/JcrSupportedPrivilegesProperty.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/JcrSupportedPrivilegesProperty.java?rev=1640531&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/JcrSupportedPrivilegesProperty.java
(added)
+++ jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/JcrSupportedPrivilegesProperty.java
Wed Nov 19 11:38:29 2014
@@ -0,0 +1,105 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.webdav.jcr.security;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.jcr.security.AccessControlManager;
+import javax.jcr.security.Privilege;
+
+import org.apache.jackrabbit.util.Text;
+import org.apache.jackrabbit.webdav.security.SupportedPrivilege;
+import org.apache.jackrabbit.webdav.security.SupportedPrivilegeSetProperty;
+import org.apache.jackrabbit.webdav.xml.Namespace;
+
+/**
+ * JcrSupportedPrivilegesProperty...
+ */
+public class JcrSupportedPrivilegesProperty {
+
+    private final Session session;
+    private final String absPath;
+
+    private final Map<String, SupportedPrivilege> supportedPrivileges = new HashMap<String,
SupportedPrivilege>();
+    private final HashSet<String> aggregated = new HashSet<String>();
+
+    /**
+     * @param session The reading session
+     * @param absPath An absolute path to an existing JCR node or {@code null}.
+     */
+    public JcrSupportedPrivilegesProperty(Session session, String absPath) {
+        this.session = session;
+        this.absPath = absPath;
+    }
+
+    /**
+     * Calculated the supported privileges at {@code absPath} and build a
+     * {@link org.apache.jackrabbit.webdav.security.SupportedPrivilegeSetProperty}
+     * from the result.
+     *
+     * @return a new {@code SupportedPrivilegeSetProperty} property.
+     * @throws RepositoryException
+     */
+    public SupportedPrivilegeSetProperty asDavProperty() throws RepositoryException {
+        AccessControlManager acMgr = session.getAccessControlManager();
+        Set<Privilege> privs = new HashSet<Privilege>(Arrays.asList(acMgr.getSupportedPrivileges(absPath)));
+        for (Privilege p : privs) {
+            if (!aggregated.contains(p.getName())) {
+                createSupportedPrivilege(p);
+            }
+        }
+        return new SupportedPrivilegeSetProperty(supportedPrivileges.values().toArray(new
SupportedPrivilege[supportedPrivileges.size()]));
+    }
+
+    private SupportedPrivilege createSupportedPrivilege(Privilege privilege) throws RepositoryException
{
+        String privilegeName = privilege.getName();
+
+        String prefix = Text.getNamespacePrefix(privilegeName);
+        Namespace ns = (prefix.isEmpty()) ? Namespace.EMPTY_NAMESPACE : Namespace.getNamespace(prefix,
session.getNamespaceURI(prefix));
+        org.apache.jackrabbit.webdav.security.Privilege davPrivilege = org.apache.jackrabbit.webdav.security.Privilege.getPrivilege(privilegeName,
ns);
+
+        SupportedPrivilege[] aggregates = (privilege.isAggregate()) ? getDeclaredAggregates(privilege)
: null;
+
+        SupportedPrivilege sp = new SupportedPrivilege(davPrivilege, null, null, privilege.isAbstract(),
aggregates);
+        if (!aggregated.contains(privilegeName)) {
+            supportedPrivileges.put(privilegeName, sp);
+        }
+        return sp;
+    }
+
+    private SupportedPrivilege[] getDeclaredAggregates(Privilege privilege) throws RepositoryException
{
+        List<SupportedPrivilege> declAggr = new ArrayList<SupportedPrivilege>();
+        for (Privilege decl : privilege.getDeclaredAggregatePrivileges()) {
+            String name = decl.getName();
+            if (aggregated.add(name)) {
+                if (supportedPrivileges.containsKey(name)) {
+                    declAggr.add(supportedPrivileges.remove(name));
+                } else {
+                    declAggr.add(createSupportedPrivilege(decl));
+                }
+            }
+        }
+        return declAggr.toArray(new SupportedPrivilege[declAggr.size()]);
+    }
+}
\ No newline at end of file

Added: jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/JcrUserPrivilegesProperty.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/JcrUserPrivilegesProperty.java?rev=1640531&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/JcrUserPrivilegesProperty.java
(added)
+++ jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/JcrUserPrivilegesProperty.java
Wed Nov 19 11:38:29 2014
@@ -0,0 +1,60 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.webdav.jcr.security;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+
+import org.apache.jackrabbit.util.Text;
+import org.apache.jackrabbit.webdav.security.CurrentUserPrivilegeSetProperty;
+import org.apache.jackrabbit.webdav.security.Privilege;
+import org.apache.jackrabbit.webdav.xml.Namespace;
+
+/**
+ * JcrPrivilegesProperty...
+ */
+public class JcrUserPrivilegesProperty {
+
+    private final Session session;
+    private final String absPath;
+
+    /**
+     *
+     * @param session The reading session
+     * @param absPath An absolute path to an existing JCR node or {@code null}.
+     * @param session1
+     */
+    public JcrUserPrivilegesProperty(Session session, String absPath) throws RepositoryException
{
+        this.session = session;
+        this.absPath = absPath;
+    }
+
+    public CurrentUserPrivilegeSetProperty asDavProperty() throws RepositoryException {
+        List<Privilege> davPrivs = new ArrayList<Privilege>();
+        for (javax.jcr.security.Privilege privilege : session.getAccessControlManager().getPrivileges(absPath))
{
+            String privilegeName = privilege.getName();
+
+            String prefix = Text.getNamespacePrefix(privilegeName);
+            Namespace ns = (prefix.isEmpty()) ? Namespace.EMPTY_NAMESPACE : Namespace.getNamespace(prefix,
session.getNamespaceURI(prefix));
+            davPrivs.add(Privilege.getPrivilege(privilegeName, ns));
+        }
+
+        return new CurrentUserPrivilegeSetProperty(davPrivs.toArray(new Privilege[davPrivs.size()]));
+    }
+}
\ No newline at end of file

Added: jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/SecurityUtils.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/SecurityUtils.java?rev=1640531&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/SecurityUtils.java
(added)
+++ jackrabbit/trunk/jackrabbit-jcr-server/src/main/java/org/apache/jackrabbit/webdav/jcr/security/SecurityUtils.java
Wed Nov 19 11:38:29 2014
@@ -0,0 +1,30 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.webdav.jcr.security;
+
+import javax.jcr.Repository;
+import javax.jcr.Session;
+
+public final class SecurityUtils {
+
+    private SecurityUtils() {}
+
+    public static boolean supportsAccessControl(Session session) {
+        String desc = session.getRepository().getDescriptor(Repository.OPTION_ACCESS_CONTROL_SUPPORTED);
+        return Boolean.valueOf(desc);
+    }
+}
\ No newline at end of file

Added: jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/AbstractSecurityTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/AbstractSecurityTest.java?rev=1640531&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/AbstractSecurityTest.java
(added)
+++ jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/AbstractSecurityTest.java
Wed Nov 19 11:38:29 2014
@@ -0,0 +1,40 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.webdav.jcr.security;
+
+import javax.jcr.Repository;
+import javax.jcr.security.AccessControlManager;
+
+import org.apache.jackrabbit.test.AbstractJCRTest;
+import org.apache.jackrabbit.test.NotExecutableException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public abstract class AbstractSecurityTest extends AbstractJCRTest {
+
+    protected AccessControlManager acMgr;
+
+    @Override
+    protected void setUp() throws Exception {
+        super.setUp();
+        if (isSupported(Repository.OPTION_ACCESS_CONTROL_SUPPORTED)) {
+            acMgr = superuser.getAccessControlManager();
+        } else {
+            throw new NotExecutableException();
+        }
+    }
+}
\ No newline at end of file

Added: jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/JcrSupportedPrivilegePropertyTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/JcrSupportedPrivilegePropertyTest.java?rev=1640531&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/JcrSupportedPrivilegePropertyTest.java
(added)
+++ jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/JcrSupportedPrivilegePropertyTest.java
Wed Nov 19 11:38:29 2014
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.webdav.jcr.security;
+
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+import javax.jcr.RepositoryException;
+import javax.jcr.security.Privilege;
+
+import org.apache.jackrabbit.webdav.security.SupportedPrivilege;
+
+public class JcrSupportedPrivilegePropertyTest extends AbstractSecurityTest {
+
+    public void testSupportedPrivileges() throws RepositoryException {
+        Set<Privilege> privs = new HashSet<Privilege>(Arrays.asList(acMgr.getSupportedPrivileges(testRoot)));
+        JcrSupportedPrivilegesProperty prop = new JcrSupportedPrivilegesProperty(superuser,
testRoot);
+        List<SupportedPrivilege> value = prop.asDavProperty().getValue();
+
+        if (privs.contains(acMgr.privilegeFromName(Privilege.JCR_ALL))) {
+            assertEquals(1, value.size());
+        }
+    }
+}
\ No newline at end of file

Added: jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/JcrUserPrivilegesPropertyTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/JcrUserPrivilegesPropertyTest.java?rev=1640531&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/JcrUserPrivilegesPropertyTest.java
(added)
+++ jackrabbit/trunk/jackrabbit-jcr-server/src/test/java/org/apache/jackrabbit/webdav/jcr/security/JcrUserPrivilegesPropertyTest.java
Wed Nov 19 11:38:29 2014
@@ -0,0 +1,68 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.webdav.jcr.security;
+
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Set;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.jcr.security.AccessControlManager;
+
+import org.apache.jackrabbit.util.Text;
+import org.apache.jackrabbit.webdav.security.Privilege;
+import org.apache.jackrabbit.webdav.xml.Namespace;
+
+public class JcrUserPrivilegesPropertyTest extends AbstractSecurityTest {
+
+    private Set<Privilege> getExpected(AccessControlManager acMgr, Session s) throws
RepositoryException {
+        Set<Privilege> expected = new HashSet<Privilege>();
+        for (javax.jcr.security.Privilege p : acMgr.getPrivileges(testRoot)) {
+            String prefix = Text.getNamespacePrefix(p.getName());
+            Namespace ns = (prefix.isEmpty()) ? Namespace.EMPTY_NAMESPACE : Namespace.getNamespace(prefix,
s.getNamespaceURI(prefix));
+            expected.add(Privilege.getPrivilege(p.getName(), ns));
+        }
+        return expected;
+    }
+
+    public void testAdminPrivileges() throws RepositoryException {
+        Set<Privilege> expected = getExpected(acMgr, superuser);
+
+        JcrUserPrivilegesProperty upp = new JcrUserPrivilegesProperty(superuser, testRoot);
+        Collection<Privilege> davPrivs = upp.asDavProperty().getValue();
+
+        assertEquals(expected.size(), davPrivs.size());
+        assertTrue(davPrivs.containsAll(expected));
+    }
+
+    public void testReadOnlyPrivileges() throws RepositoryException {
+        Session readOnly = getHelper().getReadOnlySession();
+        try {
+            Set<Privilege> expected = getExpected(readOnly.getAccessControlManager(),
readOnly);
+
+            JcrUserPrivilegesProperty upp = new JcrUserPrivilegesProperty(readOnly, testRoot);
+            Collection<Privilege> davPrivs = upp.asDavProperty().getValue();
+
+            assertEquals(expected.size(), davPrivs.size());
+            assertTrue(davPrivs.containsAll(expected));
+        } finally {
+            if (readOnly != null) {
+                readOnly.logout();
+            }
+        }
+    }
+}
\ No newline at end of file



Mime
View raw message