jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1421428 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/ main/java/org/apache/jackrabbit/oak/spi/security/user/action/ test/java/org/apache/jackrabbit/oak/spi/security/user/action/
Date Thu, 13 Dec 2012 19:09:33 GMT
Author: angela
Date: Thu Dec 13 19:09:31 2012
New Revision: 1421428

URL: http://svn.apache.org/viewvc?rev=1421428&view=rev
Log:
OAK-483 : Implement AccessControlAction  (and adding some addition TODOs)

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProvider.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java?rev=1421428&r1=1421427&r2=1421428&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
Thu Dec 13 19:09:31 2012
@@ -84,8 +84,9 @@ public class UserConfigurationImpl exten
     @Nonnull
     @Override
     public AuthorizableActionProvider getAuthorizableActionProvider() {
-        return config.getConfigValue(UserConstants.PARAM_AUTHORIZABLE_ACTION_PROVIDER,
-                DefaultAuthorizableActionProvider.INSTANCE);
+        // TODO: add proper implementation
+        AuthorizableActionProvider defProvider = new DefaultAuthorizableActionProvider(securityProvider,
config);
+        return config.getConfigValue(UserConstants.PARAM_AUTHORIZABLE_ACTION_PROVIDER, defProvider);
     }
 
     @Nonnull

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java?rev=1421428&r1=1421427&r2=1421428&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AbstractAuthorizableAction.java
Thu Dec 13 19:09:31 2012
@@ -23,6 +23,8 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.oak.api.Root;
 import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 
 /**
  * Abstract implementation of the {@code AuthorizableAction} interface that
@@ -31,6 +33,10 @@ import org.apache.jackrabbit.oak.namepat
  */
 public abstract class AbstractAuthorizableAction implements AuthorizableAction {
 
+    // TODO: review again
+    protected abstract void init(SecurityProvider securityProvider, ConfigurationParameters
config);
+
+    //-------------------------------------------------< AuthorizableAction >---
     /**
      * Doesn't perform any action.
      *

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java?rev=1421428&r1=1421427&r2=1421428&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java
Thu Dec 13 19:09:31 2012
@@ -31,6 +31,7 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.oak.api.Root;
 import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 import org.apache.jackrabbit.util.Text;
 import org.slf4j.Logger;
@@ -94,20 +95,21 @@ import org.slf4j.LoggerFactory;
  */
 public class AccessControlAction extends AbstractAuthorizableAction {
 
-    /**
-     * logger instance
-     */
     private static final Logger log = LoggerFactory.getLogger(AccessControlAction.class);
 
+    public static final String USER_PRIVILEGE_NAMES = "userPrivilegeNames";
+    public static final String GROUP_PRIVILEGE_NAMES = "groupPrivilegeNames";
+
+    private SecurityProvider securityProvider;
     private String[] groupPrivilegeNames = new String[0];
     private String[] userPrivilegeNames = new String[0];
-    private final SecurityProvider securityProvider;
 
-    AccessControlAction(String[] groupPrivilegeNames, String[] userPrivilegeNames,
-                        SecurityProvider securityProvider) {
-        this.groupPrivilegeNames = groupPrivilegeNames;
-        this.userPrivilegeNames = userPrivilegeNames;
-        this.securityProvider = securityProvider;
+    //-----------------------------------------< AbstractAuthorizableAction >---
+    @Override
+    protected void init(SecurityProvider securityProvider, ConfigurationParameters config)
{
+        setSecurityProvider(securityProvider);
+        setUserPrivilegeNames(config.getConfigValue(USER_PRIVILEGE_NAMES, (String) null));
+        setGroupPrivilegeNames(config.getConfigValue(GROUP_PRIVILEGE_NAMES, (String) null));
     }
 
     //-------------------------------------------------< AuthorizableAction >---
@@ -122,6 +124,10 @@ public class AccessControlAction extends
     }
 
     //------------------------------------------------------< Configuration >---
+    public void setSecurityProvider(SecurityProvider securityProvider) {
+        this.securityProvider = securityProvider;
+    }
+
     /**
      * Sets the privileges a new group will be granted on the group's home directory.
      *
@@ -148,6 +154,9 @@ public class AccessControlAction extends
     //------------------------------------------------------------< private >---
 
     private void setAC(Authorizable authorizable, Root root, NamePathMapper namePathMapper)
throws RepositoryException {
+        if (securityProvider == null) {
+            throw new IllegalStateException("Not initialized");
+        }
         String path = authorizable.getPath();
         AccessControlManager acMgr = securityProvider.getAccessControlConfiguration().getAccessControlManager(root,
namePathMapper);
         JackrabbitAccessControlList acl = null;

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java?rev=1421428&r1=1421427&r2=1421428&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/ClearMembershipAction.java
Thu Dec 13 19:09:31 2012
@@ -23,6 +23,8 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.oak.api.Root;
 import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 
 /**
  * Authorizable action attempting to clear all group membership before removing
@@ -32,6 +34,12 @@ import org.apache.jackrabbit.oak.namepat
  */
 public class ClearMembershipAction extends AbstractAuthorizableAction {
 
+    //-----------------------------------------< AbstractAuthorizableAction >---
+    @Override
+    protected void init(SecurityProvider securityProvider, ConfigurationParameters config)
{
+        // nothing to do
+    }
+
     //-------------------------------------------------< AuthorizableAction >---
     @Override
     public void onRemove(Authorizable authorizable, Root root, NamePathMapper namePathMapper)
throws RepositoryException {

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProvider.java?rev=1421428&r1=1421427&r2=1421428&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProvider.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/DefaultAuthorizableActionProvider.java
Thu Dec 13 19:09:31 2012
@@ -19,17 +19,26 @@ package org.apache.jackrabbit.oak.spi.se
 import java.util.Collections;
 import java.util.List;
 
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+
 /**
  * DefaultAuthorizableActionProvider... TODO
  */
 public class DefaultAuthorizableActionProvider implements AuthorizableActionProvider {
 
-    public static final AuthorizableActionProvider INSTANCE = new DefaultAuthorizableActionProvider();
+    private final SecurityProvider securityProvider;
+    private final ConfigurationParameters config;
 
-    private DefaultAuthorizableActionProvider() {}
+    public DefaultAuthorizableActionProvider(SecurityProvider securityProvider,
+                                             ConfigurationParameters config) {
+        this.securityProvider = securityProvider;
+        this.config = config;
+    }
 
     @Override
     public List<AuthorizableAction> getAuthorizableActions() {
+        // TODO : create and initialize actions from configuration
         return Collections.emptyList();
     }
 }
\ No newline at end of file

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java?rev=1421428&r1=1421427&r2=1421428&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationAction.java
Thu Dec 13 19:09:31 2012
@@ -24,6 +24,8 @@ import javax.jcr.nodetype.ConstraintViol
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.oak.api.Root;
 import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtility;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -47,13 +49,21 @@ import org.slf4j.LoggerFactory;
  */
 public class PasswordValidationAction extends AbstractAuthorizableAction {
 
-    /**
-     * logger instance
-     */
     private static final Logger log = LoggerFactory.getLogger(PasswordValidationAction.class);
 
+    public static final String CONSTRAINT = "constraint";
+
     private Pattern pattern;
 
+    //-----------------------------------------< AbstractAuthorizableAction >---
+    @Override
+    protected void init(SecurityProvider securityProvider, ConfigurationParameters config)
{
+        String constraint = config.getConfigValue(CONSTRAINT, (String) null);
+        if (constraint != null) {
+            setConstraint(constraint);
+        }
+    }
+
     //-------------------------------------------------< AuthorizableAction >---
     @Override
     public void onCreate(User user, String password, Root root, NamePathMapper namePathMapper)
throws RepositoryException {

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java?rev=1421428&r1=1421427&r2=1421428&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
Thu Dec 13 19:09:31 2012
@@ -171,6 +171,11 @@ public class PasswordValidationActionTes
         }
 
         @Override
+        protected void init(SecurityProvider securityProvider, ConfigurationParameters config)
{
+            // nothing to do
+        }
+
+        @Override
         public void onCreate(User user, String password, Root root, NamePathMapper namePathMapper)
throws RepositoryException {
             onCreateCalled++;
         }



Mime
View raw message