jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1443636 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization: AccessControlInitializer.java PermissionHook.java
Date Thu, 07 Feb 2013 18:06:25 GMT
Author: angela
Date: Thu Feb  7 18:06:24 2013
New Revision: 1443636

URL: http://svn.apache.org/r1443636
Log:
OAK-527: permissions (wip)

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java?rev=1443636&r1=1443635&r2=1443636&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
Thu Feb  7 18:06:24 2013
@@ -26,6 +26,9 @@ import org.apache.jackrabbit.oak.spi.sta
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import static org.apache.jackrabbit.JcrConstants.JCR_PRIMARYTYPE;
+import static org.apache.jackrabbit.JcrConstants.JCR_SYSTEM;
+
 /**
  * AccessControlInitializer... TODO
  */
@@ -41,12 +44,17 @@ public class AccessControlInitializer im
         NodeStoreBranch branch = store.branch();
 
         NodeBuilder root = branch.getRoot().builder();
-        NodeBuilder index = IndexUtils.getOrCreateOakIndex(root);
+        NodeBuilder system = root.child(JCR_SYSTEM);
+        if (!system.hasChildNode(REP_PERMISSION_STORE)) {
+            system.child(REP_PERMISSION_STORE)
+                    .setProperty(JCR_PRIMARYTYPE, NT_REP_PERMISSION_STORE);
+        }
 
+        // property index for rep:principalName stored in ACEs
+        NodeBuilder index = IndexUtils.getOrCreateOakIndex(root);
         IndexUtils.createIndexDefinition(index, "acPrincipalName", true, false,
                 ImmutableList.<String>of(REP_PRINCIPAL_NAME),
                 ImmutableList.<String>of(NT_REP_DENY_ACE, NT_REP_GRANT_ACE));
-
         try {
             branch.setRoot(root.getNodeState());
             branch.merge();

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java?rev=1443636&r1=1443635&r2=1443636&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java
Thu Feb  7 18:06:24 2013
@@ -19,6 +19,7 @@ package org.apache.jackrabbit.oak.securi
 import javax.annotation.Nonnull;
 import javax.jcr.RepositoryException;
 
+import org.apache.jackrabbit.JcrConstants;
 import org.apache.jackrabbit.oak.api.CommitFailedException;
 import org.apache.jackrabbit.oak.api.PropertyState;
 import org.apache.jackrabbit.oak.api.Tree;
@@ -48,17 +49,27 @@ public class PermissionHook implements C
     @Nonnull
     @Override
     public NodeState processCommit(final NodeState before, NodeState after) throws CommitFailedException
{
-        // TODO OAK-526: add implementation
-        return after;
-//
-//        NodeBuilder rootBuilder = after.builder();
-//
-//        String workspaceName = "default"; // TODO
-//        NodeBuilder permissionRoot = rootBuilder.child(NodeTypeConstants.JCR_SYSTEM).child(REP_PERMISSION_STORE).child(workspaceName);
-//        ReadOnlyNodeTypeManager ntMgr = ReadOnlyNodeTypeManager.getInstance(before);
-//
-//        after.compareAgainstBaseState(before, new Diff(new Node(rootBuilder), permissionRoot,
ntMgr));
-//        return rootBuilder.getNodeState();
+        NodeBuilder rootBuilder = after.builder();
+
+        // TODO: retrieve workspace name
+        String workspaceName = "default";
+        NodeBuilder permissionRoot = getPermissionRoot(rootBuilder, workspaceName);
+        ReadOnlyNodeTypeManager ntMgr = ReadOnlyNodeTypeManager.getInstance(before);
+
+        after.compareAgainstBaseState(before, new Diff(new Node(rootBuilder), permissionRoot,
ntMgr));
+        return rootBuilder.getNodeState();
+    }
+
+    private NodeBuilder getPermissionRoot(NodeBuilder rootBuilder, String workspaceName)
{
+        NodeBuilder store = rootBuilder.child(NodeTypeConstants.JCR_SYSTEM).child(REP_PERMISSION_STORE);
+        NodeBuilder permissionRoot;
+        if (!store.hasChildNode(workspaceName)) {
+            permissionRoot = store.child(workspaceName)
+                    .setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_PERMISSION_STORE);
+        } else {
+            permissionRoot = store.child(workspaceName);
+        }
+        return permissionRoot;
     }
 
     private static class Diff implements NodeStateDiff {



Mime
View raw message