Return-Path: X-Original-To: apmail-jackrabbit-oak-commits-archive@minotaur.apache.org Delivered-To: apmail-jackrabbit-oak-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4A63ED2A5 for ; Wed, 31 Oct 2012 10:29:46 +0000 (UTC) Received: (qmail 70843 invoked by uid 500); 31 Oct 2012 10:29:45 -0000 Delivered-To: apmail-jackrabbit-oak-commits-archive@jackrabbit.apache.org Received: (qmail 70771 invoked by uid 500); 31 Oct 2012 10:29:43 -0000 Mailing-List: contact oak-commits-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: oak-dev@jackrabbit.apache.org Delivered-To: mailing list oak-commits@jackrabbit.apache.org Received: (qmail 70727 invoked by uid 99); 31 Oct 2012 10:29:41 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 31 Oct 2012 10:29:41 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 31 Oct 2012 10:29:37 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 37A1B2388A33; Wed, 31 Oct 2012 10:28:52 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1404075 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/ main/java/org/apache/jackrabbit/oak/spi/security/user/ main/java/org/apache/jackrabbit/oak/spi/security/user/action/ test/java/org/apache/j... Date: Wed, 31 Oct 2012 10:28:51 -0000 To: oak-commits@jackrabbit.apache.org From: angela@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20121031102852.37A1B2388A33@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: angela Date: Wed Oct 31 10:28:50 2012 New Revision: 1404075 URL: http://svn.apache.org/viewvc?rev=1404075&view=rev Log: OAK-50 : Implement User Management (WIP) Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AuthorizableAction.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java?rev=1404075&r1=1404074&r2=1404075&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java Wed Oct 31 10:28:50 2012 @@ -239,7 +239,7 @@ public class UserManagerImpl implements */ void onCreate(User user, String password) throws RepositoryException { for (AuthorizableAction action : authorizableActions) { - action.onCreate(user, password, root); + action.onCreate(user, password, root, namePathMapper); } } @@ -253,7 +253,7 @@ public class UserManagerImpl implements */ void onCreate(Group group) throws RepositoryException { for (AuthorizableAction action : authorizableActions) { - action.onCreate(group, root); + action.onCreate(group, root, namePathMapper); } } @@ -267,7 +267,7 @@ public class UserManagerImpl implements */ void onRemove(Authorizable authorizable) throws RepositoryException { for (AuthorizableAction action : authorizableActions) { - action.onRemove(authorizable, root); + action.onRemove(authorizable, root, namePathMapper); } } @@ -282,7 +282,7 @@ public class UserManagerImpl implements */ void onPasswordChange(User user, String password) throws RepositoryException { for (AuthorizableAction action : authorizableActions) { - action.onPasswordChange(user, password, root); + action.onPasswordChange(user, password, root, namePathMapper); } } Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java?rev=1404075&r1=1404074&r2=1404075&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java Wed Oct 31 10:28:50 2012 @@ -116,10 +116,4 @@ public interface UserConstants { * password hash generation. */ String PARAM_PASSWORD_SALT_SIZE = "passwordSaltSize"; - /** - * Configuration parameter to set the authorizable actions. - * - * @see org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableAction - */ - String PARAM_AUTHORIZABLE_ACTIONS = "authorizableActions"; } \ No newline at end of file Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java?rev=1404075&r1=1404074&r2=1404075&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java Wed Oct 31 10:28:50 2012 @@ -22,6 +22,7 @@ import org.apache.jackrabbit.api.securit import org.apache.jackrabbit.api.security.user.Group; import org.apache.jackrabbit.api.security.user.User; import org.apache.jackrabbit.oak.api.Root; +import org.apache.jackrabbit.oak.namepath.NamePathMapper; /** * Abstract implementation of the {@code AuthorizableAction} interface that @@ -33,40 +34,40 @@ public abstract class AbstractAuthorizab /** * Doesn't perform any action. * - * @see AuthorizableAction#onCreate(org.apache.jackrabbit.api.security.user.Group, Root) + * @see AuthorizableAction#onCreate(org.apache.jackrabbit.api.security.user.Group, org.apache.jackrabbit.oak.api.Root, org.apache.jackrabbit.oak.namepath.NamePathMapper) */ @Override - public void onCreate(Group group, Root root) throws RepositoryException { + public void onCreate(Group group, Root root, NamePathMapper namePathMapper) throws RepositoryException { // nothing to do } /** * Doesn't perform any action. * - * @see AuthorizableAction#onCreate(org.apache.jackrabbit.api.security.user.User, String, Root) + * @see AuthorizableAction#onCreate(org.apache.jackrabbit.api.security.user.User, String, org.apache.jackrabbit.oak.api.Root, org.apache.jackrabbit.oak.namepath.NamePathMapper) */ @Override - public void onCreate(User user, String password, Root root) throws RepositoryException { + public void onCreate(User user, String password, Root root, NamePathMapper namePathMapper) throws RepositoryException { // nothing to do } /** * Doesn't perform any action. * - * @see AuthorizableAction#onRemove(org.apache.jackrabbit.api.security.user.Authorizable, Root) + * @see AuthorizableAction#onRemove(org.apache.jackrabbit.api.security.user.Authorizable, org.apache.jackrabbit.oak.api.Root, org.apache.jackrabbit.oak.namepath.NamePathMapper) */ @Override - public void onRemove(Authorizable authorizable, Root root) throws RepositoryException { + public void onRemove(Authorizable authorizable, Root root, NamePathMapper namePathMapper) throws RepositoryException { // nothing to do } /** * Doesn't perform any action. * - * @see AuthorizableAction#onPasswordChange(org.apache.jackrabbit.api.security.user.User, String, Root) + * @see AuthorizableAction#onPasswordChange(org.apache.jackrabbit.api.security.user.User, String, org.apache.jackrabbit.oak.api.Root, org.apache.jackrabbit.oak.namepath.NamePathMapper) */ @Override - public void onPasswordChange(User user, String newPassword, Root root) throws RepositoryException { + public void onPasswordChange(User user, String newPassword, Root root, NamePathMapper namePathMapper) throws RepositoryException { // nothing to do } } Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java?rev=1404075&r1=1404074&r2=1404075&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java Wed Oct 31 10:28:50 2012 @@ -26,6 +26,7 @@ import org.apache.jackrabbit.api.securit import org.apache.jackrabbit.api.security.user.Group; import org.apache.jackrabbit.api.security.user.User; import org.apache.jackrabbit.oak.api.Root; +import org.apache.jackrabbit.oak.namepath.NamePathMapper; import org.apache.jackrabbit.util.Text; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -98,12 +99,12 @@ public class AccessControlAction extends //-------------------------------------------------< AuthorizableAction >--- @Override - public void onCreate(Group group, Root root) throws RepositoryException { + public void onCreate(Group group, Root root, NamePathMapper namePathMapper) throws RepositoryException { setAC(group, root); } @Override - public void onCreate(User user, String password, Root root) throws RepositoryException { + public void onCreate(User user, String password, Root root, NamePathMapper namePathMapper) throws RepositoryException { setAC(user, root); } Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AuthorizableAction.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AuthorizableAction.java?rev=1404075&r1=1404074&r2=1404075&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AuthorizableAction.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AuthorizableAction.java Wed Oct 31 10:28:50 2012 @@ -22,6 +22,7 @@ import org.apache.jackrabbit.api.securit import org.apache.jackrabbit.api.security.user.Group; import org.apache.jackrabbit.api.security.user.User; import org.apache.jackrabbit.oak.api.Root; +import org.apache.jackrabbit.oak.namepath.NamePathMapper; /** * The {@code AuthorizableAction} interface provide an implementation @@ -47,25 +48,29 @@ public interface AuthorizableAction { * with the creation of a new group. Note, that this method is called * before any {@code Root#commit()} call. * + * * @param group The new group that has not yet been persisted; * e.g. the associated tree is still 'NEW'. * @param root The root associated with the user manager. + * @param namePathMapper * @throws javax.jcr.RepositoryException If an error occurs. */ - void onCreate(Group group, Root root) throws RepositoryException; + void onCreate(Group group, Root root, NamePathMapper namePathMapper) throws RepositoryException; /** * Allows to add application specific modifications or validation associated * with the creation of a new user. Note, that this method is called * before any {@code Root#commit()} call. * + * * @param user The new user that has not yet been persisted; * e.g. the associated tree is still 'NEW'. * @param password The password that was specified upon user creation. * @param root The root associated with the user manager. + * @param namePathMapper * @throws RepositoryException If an error occurs. */ - void onCreate(User user, String password, Root root) throws RepositoryException; + void onCreate(User user, String password, Root root, NamePathMapper namePathMapper) throws RepositoryException; /** * Allows to add application specific behavior associated with the removal @@ -73,21 +78,25 @@ public interface AuthorizableAction { * {@link org.apache.jackrabbit.api.security.user.Authorizable#remove} is executed (and persisted); thus the * target authorizable still exists. * + * * @param authorizable The authorizable to be removed. * @param root The root associated with the user manager. + * @param namePathMapper * @throws RepositoryException If an error occurs. */ - void onRemove(Authorizable authorizable, Root root) throws RepositoryException; + void onRemove(Authorizable authorizable, Root root, NamePathMapper namePathMapper) throws RepositoryException; /** * Allows to add application specific action or validation associated with * changing a user password. Note, that this method is called before * the password property is being modified in the content. * + * * @param user The user that whose password is going to change. - * @param newPassword The new password as specified in {@link User#changePassword} + * @param newPassword The new password as specified in {@link org.apache.jackrabbit.api.security.user.User#changePassword} * @param root The root associated with the user manager. + * @param namePathMapper * @throws RepositoryException If an exception or error occurs. */ - void onPasswordChange(User user, String newPassword, Root root) throws RepositoryException; + void onPasswordChange(User user, String newPassword, Root root, NamePathMapper namePathMapper) throws RepositoryException; } \ No newline at end of file Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java?rev=1404075&r1=1404074&r2=1404075&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java Wed Oct 31 10:28:50 2012 @@ -22,18 +22,19 @@ import javax.jcr.RepositoryException; import org.apache.jackrabbit.api.security.user.Authorizable; import org.apache.jackrabbit.api.security.user.Group; import org.apache.jackrabbit.oak.api.Root; +import org.apache.jackrabbit.oak.namepath.NamePathMapper; /** * Authorizable action attempting to clear all group membership before removing * the specified authorizable. If {@link Group#removeMember(Authorizable)} - * fails due to lack of permissions {@link #onRemove(Authorizable, Root)} + * fails due to lack of permissions {@link AuthorizableAction#onRemove(org.apache.jackrabbit.api.security.user.Authorizable, org.apache.jackrabbit.oak.api.Root, org.apache.jackrabbit.oak.namepath.NamePathMapper)} * throws an exception and removing the specified authorizable will be aborted. */ public class ClearMembershipAction extends AbstractAuthorizableAction { //-------------------------------------------------< AuthorizableAction >--- @Override - public void onRemove(Authorizable authorizable, Root root) throws RepositoryException { + public void onRemove(Authorizable authorizable, Root root, NamePathMapper namePathMapper) throws RepositoryException { clearMembership(authorizable); } Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java?rev=1404075&r1=1404074&r2=1404075&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java Wed Oct 31 10:28:50 2012 @@ -23,6 +23,7 @@ import javax.jcr.nodetype.ConstraintViol import org.apache.jackrabbit.api.security.user.User; import org.apache.jackrabbit.oak.api.Root; +import org.apache.jackrabbit.oak.namepath.NamePathMapper; import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -55,12 +56,12 @@ public class PasswordValidationAction ex //-------------------------------------------------< AuthorizableAction >--- @Override - public void onCreate(User user, String password, Root root) throws RepositoryException { + public void onCreate(User user, String password, Root root, NamePathMapper namePathMapper) throws RepositoryException { validatePassword(password, false); } @Override - public void onPasswordChange(User user, String newPassword, Root root) throws RepositoryException { + public void onPasswordChange(User user, String newPassword, Root root, NamePathMapper namePathMapper) throws RepositoryException { validatePassword(newPassword, true); } Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java?rev=1404075&r1=1404074&r2=1404075&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java Wed Oct 31 10:28:50 2012 @@ -112,7 +112,7 @@ public class PasswordValidationActionTes for (String pw : invalid) { try { - pwAction.onPasswordChange(user, pw, root); + pwAction.onPasswordChange(user, pw, root, NamePathMapper.DEFAULT); fail("should throw constraint violation"); } catch (ConstraintViolationException e) { // success @@ -127,7 +127,7 @@ public class PasswordValidationActionTes valid.add("&)(*&^%23qW"); for (String pw : valid) { - pwAction.onPasswordChange(user, pw, root); + pwAction.onPasswordChange(user, pw, root, NamePathMapper.DEFAULT); } } @@ -166,12 +166,12 @@ public class PasswordValidationActionTes private int onPasswordChangeCalled = 0; @Override - public void onCreate(User user, String password, Root root) throws RepositoryException { + public void onCreate(User user, String password, Root root, NamePathMapper namePathMapper) throws RepositoryException { onCreateCalled++; } @Override - public void onPasswordChange(User user, String newPassword, Root root) throws RepositoryException { + public void onPasswordChange(User user, String newPassword, Root root, NamePathMapper namePathMapper) throws RepositoryException { onPasswordChangeCalled++; } }