jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1396506 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/ oak-jcr/
Date Wed, 10 Oct 2012 08:13:47 GMT
Author: angela
Date: Wed Oct 10 08:13:46 2012
New Revision: 1396506

URL: http://svn.apache.org/viewvc?rev=1396506&view=rev
Log:
OAK-50 : Implement User Management (WIP)

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/GroupImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/AuthorizableType.java
    jackrabbit/oak/trunk/oak-jcr/pom.xml

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java?rev=1396506&r1=1396505&r2=1396506&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableImpl.java
Wed Oct 10 08:13:46 2012
@@ -37,6 +37,7 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.commons.iterator.RangeIteratorAdapter;
 import org.apache.jackrabbit.oak.api.Tree;
 import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
+import org.apache.jackrabbit.oak.spi.security.user.AuthorizableType;
 import org.apache.jackrabbit.oak.spi.security.user.MembershipProvider;
 import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
 import org.apache.jackrabbit.oak.spi.security.user.UserProvider;
@@ -330,6 +331,14 @@ abstract class AuthorizableImpl implemen
     }
 
     /**
+     * @return The membership provider associated with this authorizable
+     */
+    @Nonnull
+    MembershipProvider getMembershipProvider() {
+        return userManager.getMembershipProvider();
+    }
+
+    /**
      * @return The principal name of this authorizable.
      * @throws RepositoryException If no principal name can be retrieved.
      */
@@ -447,10 +456,10 @@ abstract class AuthorizableImpl implemen
             return Collections.<Group>emptySet().iterator();
         }
 
-        MembershipProvider mMgr = userManager.getMembershipProvider();
+        MembershipProvider mMgr = getMembershipProvider();
         Iterator<String> oakPaths = mMgr.getMembership(getTree(), includeInherited);
         if (oakPaths.hasNext()) {
-            AuthorizableIterator groups = AuthorizableIterator.create(oakPaths, userManager,
UserManager.SEARCH_TYPE_GROUP);
+            AuthorizableIterator groups = AuthorizableIterator.create(oakPaths, userManager,
AuthorizableType.GROUP);
             return new RangeIteratorAdapter(groups, groups.getSize());
         } else {
             return RangeIteratorAdapter.EMPTY;

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java?rev=1396506&r1=1396505&r2=1396506&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java
Wed Oct 10 08:13:46 2012
@@ -25,8 +25,8 @@ import com.google.common.base.Predicate;
 import com.google.common.base.Predicates;
 import com.google.common.collect.Iterators;
 import org.apache.jackrabbit.api.security.user.Authorizable;
-import org.apache.jackrabbit.api.security.user.UserManager;
 import org.apache.jackrabbit.oak.api.Tree;
+import org.apache.jackrabbit.oak.spi.security.user.AuthorizableType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -42,7 +42,9 @@ class AuthorizableIterator implements It
 
     private Authorizable next;
 
-    static AuthorizableIterator create(Iterator<String> authorizableOakPaths, UserManagerImpl
userManager, int authorizableType) {
+    static AuthorizableIterator create(Iterator<String> authorizableOakPaths,
+                                       UserManagerImpl userManager,
+                                       AuthorizableType authorizableType) {
         Iterator it = Iterators.transform(authorizableOakPaths, new PathToAuthorizable(userManager,
authorizableType));
         long size = getSize(authorizableOakPaths);
         return new AuthorizableIterator(Iterators.filter(it, Predicates.notNull()), size);
@@ -96,7 +98,7 @@ class AuthorizableIterator implements It
         private final UserManagerImpl userManager;
         private final Predicate predicate;
 
-        public PathToAuthorizable(UserManagerImpl userManager, int type) {
+        public PathToAuthorizable(UserManagerImpl userManager, AuthorizableType type) {
             this.userManager = userManager;
             this.predicate = new AuthorizableTypePredicate(type);
         }
@@ -137,28 +139,15 @@ class AuthorizableIterator implements It
 
     private static class AuthorizableTypePredicate implements Predicate<Authorizable>
{
 
-        private final int authorizableType;
+        private final AuthorizableType authorizableType;
 
-        AuthorizableTypePredicate(int authorizableType) {
+        AuthorizableTypePredicate(AuthorizableType authorizableType) {
             this.authorizableType = authorizableType;
         }
 
         @Override
         public boolean apply(Authorizable authorizable) {
-            if (authorizable == null) {
-                return false;
-            }
-            switch (authorizableType) {
-                case UserManager.SEARCH_TYPE_AUTHORIZABLE:
-                    return true;
-                case UserManager.SEARCH_TYPE_GROUP:
-                    return authorizable.isGroup();
-                case UserManager.SEARCH_TYPE_USER:
-                    return !authorizable.isGroup();
-                default:
-                    log.warn("Illegal authorizable type " + authorizableType);
-                    return false;
-            }
+            return authorizableType.isType(authorizable);
         }
     }
 }
\ No newline at end of file

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/GroupImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/GroupImpl.java?rev=1396506&r1=1396505&r2=1396506&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/GroupImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/GroupImpl.java
Wed Oct 10 08:13:46 2012
@@ -140,7 +140,7 @@ class GroupImpl extends AuthorizableImpl
             return false;
         }
 
-        return getUserManager().getMembershipProvider().addMember(getTree(), authorizableImpl.getTree());
+        return getMembershipProvider().addMember(getTree(), authorizableImpl.getTree());
     }
 
     /**
@@ -155,8 +155,8 @@ class GroupImpl extends AuthorizableImpl
         if (isEveryone()) {
             return false;
         } else {
-            MembershipProvider mMgr = getUserManager().getMembershipProvider();
-            return mMgr.removeMember(getTree(), ((AuthorizableImpl) authorizable).getTree());
+            Tree memberTree = ((AuthorizableImpl) authorizable).getTree();
+            return getMembershipProvider().removeMember(getTree(), memberTree);
         }
     }
 
@@ -170,16 +170,14 @@ class GroupImpl extends AuthorizableImpl
      * @throws RepositoryException If an error occurs.
      */
     private Iterator<Authorizable> getMembers(boolean includeInherited) throws RepositoryException
{
-        UserManagerImpl uMgr = getUserManager();
+        UserManagerImpl userMgr = getUserManager();
         if (isEveryone()) {
-            // TODO: improve using authorizable-query
             String propName = getJcrName(REP_PRINCIPAL_NAME);
-            return uMgr.findAuthorizables(propName, null, UserManager.SEARCH_TYPE_AUTHORIZABLE);
+            return userMgr.findAuthorizables(propName, null, UserManager.SEARCH_TYPE_AUTHORIZABLE);
         } else {
-            MembershipProvider mMgr = uMgr.getMembershipProvider();
-            Iterator oakPaths = mMgr.getMembers(getTree(), AuthorizableType.AUTHORIZABLE,
includeInherited);
+            Iterator oakPaths = getMembershipProvider().getMembers(getTree(), AuthorizableType.AUTHORIZABLE,
includeInherited);
             if (oakPaths.hasNext()) {
-                AuthorizableIterator iterator = AuthorizableIterator.create(oakPaths, uMgr,
UserManager.SEARCH_TYPE_AUTHORIZABLE);
+                AuthorizableIterator iterator = AuthorizableIterator.create(oakPaths, userMgr,
AuthorizableType.AUTHORIZABLE);
                 return new RangeIteratorAdapter(iterator, iterator.getSize());
             } else {
                 return RangeIteratorAdapter.EMPTY;

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java?rev=1396506&r1=1396505&r2=1396506&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
Wed Oct 10 08:13:46 2012
@@ -77,6 +77,7 @@ public class UserManagerImpl implements 
      */
     @Override
     public Authorizable getAuthorizable(String id) throws RepositoryException {
+        checkIsLive();
         Authorizable authorizable = null;
         Tree tree = getUserProvider().getAuthorizable(id);
         if (tree != null) {
@@ -90,6 +91,7 @@ public class UserManagerImpl implements 
      */
     @Override
     public Authorizable getAuthorizable(Principal principal) throws RepositoryException {
+        checkIsLive();
         return getAuthorizable(getUserProvider().getAuthorizableByPrincipal(principal));
     }
 
@@ -98,6 +100,7 @@ public class UserManagerImpl implements 
      */
     @Override
     public Authorizable getAuthorizableByPath(String path) throws RepositoryException {
+        checkIsLive();
         String oakPath = namePathMapper.getOakPath(path);
         if (oakPath == null) {
             throw new RepositoryException("Invalid path " + path);
@@ -112,6 +115,7 @@ public class UserManagerImpl implements 
 
     @Override
     public Iterator<Authorizable> findAuthorizables(String relPath, String value, int
searchType) throws RepositoryException {
+        checkIsLive();
         String[] oakPaths =  new String[] {namePathMapper.getOakPath(relPath)};
         AuthorizableType authorizableType = getAuthorizableType(searchType);
         Iterator<Tree> result = userProvider.findAuthorizables(oakPaths, value, null,
true, Long.MAX_VALUE, authorizableType);
@@ -121,6 +125,7 @@ public class UserManagerImpl implements 
 
     @Override
     public Iterator<Authorizable> findAuthorizables(Query query) throws RepositoryException
{
+        checkIsLive();
         XPathQueryBuilder builder = new XPathQueryBuilder();
         query.build(builder);
         return new XPathQueryEvaluator(builder, this, session.getWorkspace().getQueryManager(),
namePathMapper).eval();
@@ -139,6 +144,7 @@ public class UserManagerImpl implements 
 
     @Override
     public User createUser(String userID, String password, Principal principal, String intermediatePath)
throws RepositoryException {
+        checkIsLive();
         checkValidID(userID);
         checkValidPrincipal(principal, false);
 
@@ -179,6 +185,7 @@ public class UserManagerImpl implements 
 
     @Override
     public Group createGroup(String groupID, Principal principal, String intermediatePath)
throws RepositoryException {
+        checkIsLive();
         checkValidID(groupID);
         checkValidPrincipal(principal, true);
 
@@ -351,6 +358,12 @@ public class UserManagerImpl implements 
         getUserProvider().setProtectedProperty(userTree, UserConstants.REP_PRINCIPAL_NAME,
principal.getName(), PropertyType.STRING);
     }
 
+    private void checkIsLive() throws RepositoryException {
+        if (!session.isLive()) {
+            throw new RepositoryException("UserManager has been closed.");
+        }
+    }
+
     private static AuthorizableType getAuthorizableType(int searchType) {
         switch (searchType) {
             case UserManager.SEARCH_TYPE_USER:

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/AuthorizableType.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/AuthorizableType.java?rev=1396506&r1=1396505&r2=1396506&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/AuthorizableType.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/AuthorizableType.java
Wed Oct 10 08:13:46 2012
@@ -18,6 +18,7 @@
  */
 package org.apache.jackrabbit.oak.spi.security.user;
 
+import org.apache.jackrabbit.api.security.user.Authorizable;
 import org.apache.jackrabbit.api.security.user.UserManager;
 
 /**
@@ -34,4 +35,19 @@ public enum AuthorizableType {
     private AuthorizableType(int userType) {
         this.userType = userType;
     }
+
+    public boolean isType(Authorizable authorizable) {
+        if (authorizable == null) {
+            return false;
+        }
+        switch (userType) {
+            case UserManager.SEARCH_TYPE_GROUP:
+                return authorizable.isGroup();
+            case UserManager.SEARCH_TYPE_USER:
+                return !authorizable.isGroup();
+            default:
+                // TYPE_AUTHORIZABLE:
+                return true;
+        }
+    }
 }

Modified: jackrabbit/oak/trunk/oak-jcr/pom.xml
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/pom.xml?rev=1396506&r1=1396505&r2=1396506&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-jcr/pom.xml Wed Oct 10 08:13:46 2012
@@ -259,8 +259,6 @@
       org.apache.jackrabbit.oak.jcr.security.user.UserManagerTest#testFindGroup         
          <!-- findAuthorizables not yet implemented -->
       org.apache.jackrabbit.oak.jcr.security.user.UserManagerTest#testFindAllUsers      
          <!-- findAuthorizables not yet implemented -->
       org.apache.jackrabbit.oak.jcr.security.user.UserManagerTest#testFindAllGroups     
          <!-- findAuthorizables not yet implemented -->
-      org.apache.jackrabbit.oak.jcr.security.user.UserManagerTest#testCleanup           
          <!-- missing cleanup -->
-      org.apache.jackrabbit.oak.jcr.security.user.UserManagerTest#testCleanupForAllWorkspaces
     <!-- missing cleanup -->
       org.apache.jackrabbit.oak.jcr.security.user.UserManagerTest#testGetNewAuthorizable
                <!-- OAK-343 -->
       org.apache.jackrabbit.oak.jcr.security.user.UserManagerTest#testCreateGroupWithExistingPrincipal2
 <!-- OAK-343 -->
       org.apache.jackrabbit.oak.jcr.security.user.UserManagerTest#testCreateGroupWithExistingPrincipal3
 <!-- OAK-343 -->
@@ -271,13 +269,13 @@
       org.apache.jackrabbit.oak.jcr.security.user.GroupTest#testCyclicGroups            
                <!-- OAK-343 -->
       org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testRemoveListedAuthorizable
         <!-- OAK-343 -->
       org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testSetPropertyInvalidRelativePath
   <!-- OAK-369 -->
-      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testSetSpecialProperties
                <!-- protected properties not detected -->
-      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testRemoveSpecialProperties
             <!-- protected properties not detected -->
-      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testProtectedUserProperties
             <!-- protected properties not detected -->
-      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testProtectedGroupProperties
            <!-- protected properties not detected -->
-      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testSetSpecialPropertiesDirectly
        <!-- protected properties not detected -->
-      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testRemoveSpecialUserPropertiesDirectly
 <!-- protected properties not detected -->
-      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testRemoveSpecialGroupPropertiesDirectly
<!-- protected properties not detected -->
+      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testSetSpecialProperties
                <!-- OAK-250 -->
+      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testRemoveSpecialProperties
             <!-- OAK-250 -->
+      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testProtectedUserProperties
             <!-- OAK-250 -->
+      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testProtectedGroupProperties
            <!-- OAK-250 -->
+      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testSetSpecialPropertiesDirectly
        <!-- OAK-250 -->
+      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testRemoveSpecialUserPropertiesDirectly
 <!-- OAK-250 -->
+      org.apache.jackrabbit.oak.jcr.security.user.AuthorizableTest#testRemoveSpecialGroupPropertiesDirectly
<!-- OAK-250 -->
       org.apache.jackrabbit.oak.jcr.security.user.UserManagerTest#testUnknownUserLogin  
          <!-- due to dummy login -->
       org.apache.jackrabbit.oak.jcr.security.user.UserTest#testChangePassword2          
          <!-- due to dummy login -->
       org.apache.jackrabbit.oak.jcr.security.user.UserTest#testChangePasswordWithOldPassword2
     <!-- due to dummy login -->



Mime
View raw message