jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1466001 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Date Tue, 09 Apr 2013 12:52:01 GMT
Author: angela
Date: Tue Apr  9 12:52:01 2013
New Revision: 1466001

URL: http://svn.apache.org/r1466001
Log:
OAK-527: permissions (wip)

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java?rev=1466001&r1=1466000&r2=1466001&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Tue Apr  9 12:52:01 2013
@@ -126,19 +126,17 @@ class CompiledPermissionImpl implements 
 
     @Override
     public boolean isGranted(long permissions) {
-        return hasPermissions(repoEntries.values().iterator(), permissions, null);
+        return hasPermissions(repoEntries.values().iterator(), permissions, null, null);
     }
 
     @Override
     public boolean isGranted(@Nonnull Tree tree, @Nullable PropertyState property, long permissions)
{
-        return hasPermissions(getEntryIterator(tree, property), permissions, tree);
+        return hasPermissions(getEntryIterator(tree, property), permissions, tree, null);
     }
 
     @Override
     public boolean isGranted(@Nonnull String path, long permissions) {
-        Iterator<PermissionEntry> it = getEntryIterator(path);
-        // TODO
-        return false;
+        return hasPermissions(getEntryIterator(path), permissions, null, path);
     }
 
     @Override
@@ -183,12 +181,12 @@ class CompiledPermissionImpl implements 
     }
 
     private boolean hasPermissions(@Nonnull Iterator<PermissionEntry> entries,
-                                   long permissions, @Nullable Tree tree) {
+                                   long permissions, @Nullable Tree tree, @Nullable String
path) {
         if (!entries.hasNext()) {
             return false;
         }
 
-        boolean respectParent = (tree != null) &&
+        boolean respectParent = (tree != null || path != null) &&
                 (Permissions.includes(permissions, Permissions.ADD_NODE) ||
                 Permissions.includes(permissions, Permissions.REMOVE_NODE) ||
                 Permissions.includes(permissions, Permissions.MODIFY_CHILD_NODE_COLLECTION));
@@ -200,22 +198,27 @@ class CompiledPermissionImpl implements 
         PrivilegeBits denyBits = PrivilegeBits.getInstance();
         PrivilegeBits parentAllowBits;
         PrivilegeBits parentDenyBits;
+
         Tree parent;
+        String parentPath;
 
         if (respectParent) {
             parentAllowBits = PrivilegeBits.getInstance();
             parentDenyBits = PrivilegeBits.getInstance();
-            parent = tree.getParent();
+            parent = (tree != null) ? tree.getParent() : null;
+            parentPath = (path != null) ? Strings.emptyToNull(Text.getRelativeParent(path,
1)) : null;
         } else {
             parentAllowBits = PrivilegeBits.EMPTY;
             parentDenyBits = PrivilegeBits.EMPTY;
             parent = null;
+            parentPath = null;
         }
 
         while (entries.hasNext()) {
             PermissionEntry entry = entries.next();
-            if (respectParent && parent != null) {
-                if (entry.matches(parent, null)) {
+            if (respectParent && (parent != null || parentPath != null)) {
+                boolean matchesParent = (parent != null) ? entry.matches(parent, null) :
entry.matches(parentPath);
+                if (matchesParent) {
                     if (entry.isAllow) {
                         parentAllowBits.addDifference(entry.privilegeBits, parentDenyBits);
                     } else {



Mime
View raw message