jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1411599 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak: security/user/UserProvider.java spi/security/user/AuthorizableNodeName.java spi/security/user/UserConstants.java
Date Tue, 20 Nov 2012 09:15:17 GMT
Author: angela
Date: Tue Nov 20 09:15:16 2012
New Revision: 1411599

URL: http://svn.apache.org/viewvc?rev=1411599&view=rev
Log:
OAK-50 : Implement User Management (WIP)

Added:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/AuthorizableNodeName.java
Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserProvider.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserProvider.java?rev=1411599&r1=1411598&r2=1411599&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserProvider.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserProvider.java
Tue Nov 20 09:15:16 2012
@@ -36,6 +36,7 @@ import org.apache.jackrabbit.oak.namepat
 import org.apache.jackrabbit.oak.spi.query.PropertyValues;
 import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
 import org.apache.jackrabbit.oak.spi.security.principal.TreeBasedPrincipal;
+import org.apache.jackrabbit.oak.spi.security.user.AuthorizableNodeName;
 import org.apache.jackrabbit.oak.spi.security.user.AuthorizableType;
 import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
 import org.apache.jackrabbit.oak.spi.security.user.util.UserUtility;
@@ -77,8 +78,11 @@ import static org.apache.jackrabbit.oak.
  * ->        + aSmith        [rep:User]
  * </pre>
  * </li>
- * <li>The node name is calculated from the specified authorizable ID
- * {@link org.apache.jackrabbit.util.Text#escapeIllegalJcrChars(String) escaping} any illegal
JCR chars.</li>
+ * <li>The node name is calculated from the specified authorizable ID according
+ * to the logic provided by the configured {@link AuthorizableNodeName}
+ * implementation. If no name generator is present in the configuration
+ * the {@link AuthorizableNodeName#DEFAULT default} implementation is used. The
+ * name of the configuration option is {@link UserConstants#PARAM_AUTHORIZABLE_NODE_NAME}</li>
  * <li>If no intermediate path is passed the names of the intermediate
  * folders are calculated from the leading chars of the escaped node name.</li>
  * <li>If the escaped node name is shorter than the {@code defaultDepth}
@@ -109,15 +113,19 @@ import static org.apache.jackrabbit.oak.
  *
  * <h3>Configuration Options</h3>
  * <ul>
- *     <li>{@link org.apache.jackrabbit.oak.spi.security.user.UserConstants#PARAM_USER_PATH}:
Underneath this structure
+ *     <li>{@link UserConstants#PARAM_USER_PATH}: Underneath this structure
  *     all user nodes are created. Default value is
  *     "/rep:security/rep:authorizables/rep:users"</li>
- *     <li>{@link org.apache.jackrabbit.oak.spi.security.user.UserConstants#PARAM_GROUP_PATH}:
Underneath this structure
+ *     <li>{@link UserConstants#PARAM_GROUP_PATH}: Underneath this structure
  *     all group nodes are created. Default value is
  *     "/rep:security/rep:authorizables/rep:groups"</li>
- *     <li>{@link org.apache.jackrabbit.oak.spi.security.user.UserConstants#PARAM_DEFAULT_DEPTH}:
A positive {@code integer}
+ *     <li>{@link UserConstants#PARAM_DEFAULT_DEPTH}: A positive {@code integer}
  *     greater than zero defining the depth of the default structure that is
  *     always created. Default value: 2</li>
+ *     <li>{@link UserConstants#PARAM_AUTHORIZABLE_NODE_NAME}: An implementation
+ *     of {@link AuthorizableNodeName} used to create a node name for a given
+ *     authorizableId. By {@link AuthorizableNodeName.Default default} the
+ *     ID itself is used as node name. (since OAK 1.0)</li>
  * </ul>
  *
  * <h3>Compatibility with Jackrabbit 2.x</h3>
@@ -205,6 +213,7 @@ class UserProvider extends AuthorizableB
             StringBuilder stmt = new StringBuilder();
             stmt.append("SELECT * FROM [").append(UserConstants.NT_REP_AUTHORIZABLE).append(']');
             stmt.append("WHERE [").append(UserConstants.REP_PRINCIPAL_NAME).append("] = $principalName");
+
             Result result = root.getQueryEngine().executeQuery(stmt.toString(),
                     Query.JCR_SQL2, 1, 0,
                     Collections.singletonMap("principalName", PropertyValues.newString(principal.getName())),
@@ -239,7 +248,7 @@ class UserProvider extends AuthorizableB
     //------------------------------------------------------------< private >---
 
     private Tree createAuthorizableNode(String authorizableId, boolean isGroup, String intermediatePath)
throws RepositoryException {
-        String nodeName = Text.escapeIllegalJcrChars(authorizableId);
+        String nodeName = getNodeName(authorizableId);
         NodeUtil folder = createFolderNodes(authorizableId, nodeName, isGroup, intermediatePath);
 
         String ntName = (isGroup) ? NT_REP_GROUP : NT_REP_USER;
@@ -327,4 +336,9 @@ class UserProvider extends AuthorizableB
         }
         return sb.toString();
     }
+
+    private String getNodeName(String authorizableId) {
+        AuthorizableNodeName generator = config.getConfigValue(PARAM_AUTHORIZABLE_NODE_NAME,
AuthorizableNodeName.DEFAULT);
+        return generator.generateNodeName(authorizableId);
+    }
 }
\ No newline at end of file

Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/AuthorizableNodeName.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/AuthorizableNodeName.java?rev=1411599&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/AuthorizableNodeName.java
(added)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/AuthorizableNodeName.java
Tue Nov 20 09:15:16 2012
@@ -0,0 +1,55 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.user;
+
+import org.apache.jackrabbit.util.Text;
+
+/**
+ * The {@code AuthorizableNodeName} is in charge of generating a valid node
+ * name from a given authorizable ID.
+ */
+public interface AuthorizableNodeName {
+
+    /**
+     * Default {@code AuthorizableNodeName} instance.
+     *
+     * @see AuthorizableNodeName.Default
+     */
+    public AuthorizableNodeName DEFAULT = new Default();
+
+    /**
+     * Generates a node name from the specified {@code authorizableId}.
+     *
+     * @param authorizableId The ID of the authorizable to be created.
+     * @return A valid node name.
+     */
+    String generateNodeName(String authorizableId);
+
+    /**
+     * Default implementation of the {@code AuthorizableNodeName} interface
+     * that uses the specified authorizable identifier as node name
+     * {@link org.apache.jackrabbit.util.Text#escapeIllegalJcrChars(String) escaping}
+     * any illegal JCR chars.
+     */
+    public static final class Default implements AuthorizableNodeName {
+
+        @Override
+        public String generateNodeName(String authorizableId) {
+            return Text.escapeIllegalJcrChars(authorizableId);
+        }
+    }
+}
\ No newline at end of file

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java?rev=1411599&r1=1411598&r2=1411599&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
Tue Nov 20 09:15:16 2012
@@ -120,19 +120,30 @@ public interface UserConstants {
      * </ul>
      */
     String PARAM_GROUP_MEMBERSHIP_SPLIT_SIZE = "groupMembershipSplitSize";
+
     /**
      * Configuration parameter to change the default algorithm used to generate
      * password hashes.
      */
     String PARAM_PASSWORD_HASH_ALGORITHM = "passwordHashAlgorithm";
+
     /**
      * Configuration parameter to change the number of iterations used for
      * password hash generation.
      */
     String PARAM_PASSWORD_HASH_ITERATIONS = "passwordHashIterations";
+
     /**
      * Configuration parameter to change the number of iterations used for
      * password hash generation.
      */
     String PARAM_PASSWORD_SALT_SIZE = "passwordSaltSize";
+
+    /**
+     * Configuration option to define how the name of the authorizable node
+     * is generated from the ID of the new authorizable that is being created.
+     * The value is expected to be an instance of {@link AuthorizableNodeName}.
+     * By default {@link AuthorizableNodeName#DEFAULT} is used.
+     */
+    String PARAM_AUTHORIZABLE_NODE_NAME = "authorizableNodeName";
 }



Mime
View raw message