jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1448185 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization: AccessControlConfigurationImpl.java AccessControlInitializer.java PermissionHook.java
Date Wed, 20 Feb 2013 14:35:58 GMT
Author: angela
Date: Wed Feb 20 14:35:58 2013
New Revision: 1448185

URL: http://svn.apache.org/r1448185
Log:
OAK-51: Access control mgt:

- change ac-initializer from RepositoryInitializer to Workspace specific init as access control
setup may be workspace specific
- delegate init of the permission store to the permission hook (on demand only)

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java?rev=1448185&r1=1448184&r2=1448185&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java
Wed Feb 20 14:35:58 2013
@@ -31,7 +31,7 @@ import org.apache.jackrabbit.oak.spi.com
 import org.apache.jackrabbit.oak.spi.commit.CommitHookProvider;
 import org.apache.jackrabbit.oak.spi.commit.CompositeHook;
 import org.apache.jackrabbit.oak.spi.commit.ValidatingHook;
-import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
+import org.apache.jackrabbit.oak.spi.lifecycle.WorkspaceInitializer;
 import org.apache.jackrabbit.oak.spi.security.Context;
 import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
@@ -60,7 +60,7 @@ public class AccessControlConfigurationI
 
     @Nonnull
     @Override
-    public RepositoryInitializer getRepositoryInitializer() {
+    public WorkspaceInitializer getWorkspaceInitializer() {
         return new AccessControlInitializer();
     }
 

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java?rev=1448185&r1=1448184&r2=1448185&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlInitializer.java
Wed Feb 20 14:35:58 2013
@@ -16,30 +16,26 @@
  */
 package org.apache.jackrabbit.oak.security.authorization;
 
+import javax.annotation.Nonnull;
+
 import com.google.common.collect.ImmutableList;
+import org.apache.jackrabbit.oak.plugins.index.IndexHookProvider;
 import org.apache.jackrabbit.oak.plugins.index.IndexUtils;
-import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
+import org.apache.jackrabbit.oak.spi.commit.CommitHook;
+import org.apache.jackrabbit.oak.spi.lifecycle.WorkspaceInitializer;
+import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
 import org.apache.jackrabbit.oak.spi.state.NodeBuilder;
 import org.apache.jackrabbit.oak.spi.state.NodeState;
 
-import static org.apache.jackrabbit.JcrConstants.JCR_PRIMARYTYPE;
-import static org.apache.jackrabbit.JcrConstants.JCR_SYSTEM;
-
 /**
  * AccessControlInitializer... TODO
  */
-public class AccessControlInitializer implements RepositoryInitializer, AccessControlConstants
{
+public class AccessControlInitializer implements WorkspaceInitializer, AccessControlConstants
{
 
+    @Nonnull
     @Override
-    public NodeState initialize(NodeState state) {
-        NodeBuilder root = state.builder();
-
-        NodeBuilder system = root.child(JCR_SYSTEM);
-        if (!system.hasChildNode(REP_PERMISSION_STORE)) {
-            system.child(REP_PERMISSION_STORE)
-                    .setProperty(JCR_PRIMARYTYPE, NT_REP_PERMISSION_STORE);
-        }
-
+    public NodeState initialize(NodeState workspaceRoot, String workspaceName, IndexHookProvider
indexHook, QueryIndexProvider indexProvider, CommitHook commitHook) {
+        NodeBuilder root = workspaceRoot.builder();
         // property index for rep:principalName stored in ACEs
         NodeBuilder index = IndexUtils.getOrCreateOakIndex(root);
         IndexUtils.createIndexDefinition(index, "acPrincipalName", true, false,

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java?rev=1448185&r1=1448184&r2=1448185&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionHook.java
Wed Feb 20 14:35:58 2013
@@ -47,6 +47,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import static com.google.common.base.Preconditions.checkNotNull;
+import static org.apache.jackrabbit.JcrConstants.JCR_PRIMARYTYPE;
 
 /**
  * {@code CommitHook} implementation that processes any modification made to
@@ -78,13 +79,16 @@ public class PermissionHook implements C
 
     @Nonnull
     private NodeBuilder getPermissionRoot(NodeBuilder rootBuilder, String workspaceName)
{
-        NodeBuilder store = rootBuilder.child(NodeTypeConstants.JCR_SYSTEM).child(REP_PERMISSION_STORE);
+        NodeBuilder permissionStore = rootBuilder.child(NodeTypeConstants.JCR_SYSTEM).child(REP_PERMISSION_STORE);
+        if (permissionStore.getProperty(JCR_PRIMARYTYPE) == null) {
+            permissionStore.setProperty(JCR_PRIMARYTYPE, NT_REP_PERMISSION_STORE, Type.NAME);
+        }
         NodeBuilder permissionRoot;
-        if (!store.hasChildNode(workspaceName)) {
-            permissionRoot = store.child(workspaceName)
+        if (!permissionStore.hasChildNode(workspaceName)) {
+            permissionRoot = permissionStore.child(workspaceName)
                     .setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_PERMISSION_STORE);
         } else {
-            permissionRoot = store.child(workspaceName);
+            permissionRoot = permissionStore.child(workspaceName);
         }
         return permissionRoot;
     }



Mime
View raw message