Return-Path: X-Original-To: apmail-jackrabbit-oak-commits-archive@minotaur.apache.org Delivered-To: apmail-jackrabbit-oak-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 9FF91F0A6 for ; Thu, 18 Apr 2013 14:36:51 +0000 (UTC) Received: (qmail 85809 invoked by uid 500); 18 Apr 2013 14:20:38 -0000 Delivered-To: apmail-jackrabbit-oak-commits-archive@jackrabbit.apache.org Received: (qmail 85549 invoked by uid 500); 18 Apr 2013 14:20:26 -0000 Mailing-List: contact oak-commits-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: oak-dev@jackrabbit.apache.org Delivered-To: mailing list oak-commits@jackrabbit.apache.org Received: (qmail 85148 invoked by uid 99); 18 Apr 2013 14:20:07 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Apr 2013 14:20:07 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Apr 2013 14:20:02 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 44B0223888FE; Thu, 18 Apr 2013 14:19:41 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1469339 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/core/ test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ Date: Thu, 18 Apr 2013 14:19:41 -0000 To: oak-commits@jackrabbit.apache.org From: mduerig@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130418141941.44B0223888FE@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: mduerig Date: Thu Apr 18 14:19:40 2013 New Revision: 1469339 URL: http://svn.apache.org/r1469339 Log: OAK-709: Consider moving permission evaluation to the node state level Specialise rebase handle for applying differences between secure node states on top of a non secure builder. Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java (with props) Removed: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/OurChangesRebaseDiff.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java?rev=1469339&r1=1469338&r2=1469339&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java Thu Apr 18 14:19:40 2013 @@ -18,12 +18,19 @@ */ package org.apache.jackrabbit.oak.core; +import static com.google.common.base.Preconditions.checkArgument; +import static com.google.common.base.Preconditions.checkNotNull; +import static org.apache.jackrabbit.oak.commons.PathUtils.elements; +import static org.apache.jackrabbit.oak.commons.PathUtils.getName; +import static org.apache.jackrabbit.oak.commons.PathUtils.getParentPath; + import java.io.IOException; import java.io.InputStream; import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.Collections; import java.util.List; + import javax.annotation.Nonnull; import javax.security.auth.Subject; @@ -61,12 +68,6 @@ import org.apache.jackrabbit.oak.spi.sta import org.apache.jackrabbit.oak.spi.state.NodeStore; import org.apache.jackrabbit.oak.spi.state.NodeStoreBranch; -import static com.google.common.base.Preconditions.checkArgument; -import static com.google.common.base.Preconditions.checkNotNull; -import static org.apache.jackrabbit.oak.commons.PathUtils.elements; -import static org.apache.jackrabbit.oak.commons.PathUtils.getName; -import static org.apache.jackrabbit.oak.commons.PathUtils.getParentPath; - public class RootImpl implements Root { /** @@ -410,7 +411,7 @@ public class RootImpl implements Root { @Nonnull private NodeState getRootState() { NodeBuilder builder = branch.getHead().builder(); - return OurChangesRebaseDiff.rebase(secureHead, getSecureRootState(), builder); + return SecuredNodeRebaseDiff.rebase(secureHead, getSecureRootState(), builder); } /** Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java?rev=1469339&view=auto ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java (added) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java Thu Apr 18 14:19:40 2013 @@ -0,0 +1,121 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.jackrabbit.oak.core; + +import org.apache.jackrabbit.oak.api.PropertyState; +import org.apache.jackrabbit.oak.spi.state.AbstractRebaseDiff; +import org.apache.jackrabbit.oak.spi.state.NodeBuilder; +import org.apache.jackrabbit.oak.spi.state.NodeState; + +/** + * This implementation of {@code RebaseDiff} implements a + * {@link org.apache.jackrabbit.oak.spi.state.NodeStateDiff} + * for applying changes made on top of secure node states + * to a node builder for the underlying non secure node state + * of the before state. That is, the only expected conflicts + * are adding an existing property and adding an existing node. + * These conflicts correspond to the shadowing of hidden properties + * and nodes in transient space, respectively. + * + * @see SecureNodeState + */ +class SecuredNodeRebaseDiff extends AbstractRebaseDiff { + private SecuredNodeRebaseDiff(NodeBuilder builder) { + super(builder); + } + + /** + * Rebase the differences between {@code before} and {@code after} on top of + * {@code builder}. Add existing node and add existing property conflicts give + * precedence to the {@code after} state. All other conflicts are unexpected + * and result in an {@code IllegalStateException}. + * + * @param before before state + * @param after after state + * @param builder builder based on the before state + * @return node state resulting from applying the differences between + * {@code before} and {@code after} to {@code builder} + * @throws IllegalStateException if an unexpected conflict occurs due to + * {@code builder} not being based on {@code before}. + */ + public static NodeState rebase(NodeState before, NodeState after, NodeBuilder builder) { + after.compareAgainstBaseState(before, new SecuredNodeRebaseDiff(builder)); + return builder.getNodeState(); + } + + @Override + protected SecuredNodeRebaseDiff createDiff(NodeBuilder builder, String name) { + return new SecuredNodeRebaseDiff(builder.child(name)); + } + + @Override + protected void addExistingProperty(NodeBuilder builder, PropertyState before, PropertyState after) { + builder.setProperty(after); + } + + @Override + protected void changeDeletedProperty(NodeBuilder builder, PropertyState after) { + throw new IllegalStateException("Unexpected conflict: change deleted property: " + after); + } + + @Override + protected void changeChangedProperty(NodeBuilder builder, PropertyState before, PropertyState after) { + throw new IllegalStateException("Unexpected conflict: change changed property from " + + before + " to " + after); + } + + @Override + protected void deleteDeletedProperty(NodeBuilder builder, PropertyState before) { + throw new IllegalStateException("Unexpected conflict: delete deleted property: " + before); + } + + @Override + protected void deleteChangedProperty(NodeBuilder builder, PropertyState before) { + throw new IllegalStateException("Unexpected conflict: delete changed property: " + before); + } + + @Override + protected void addExistingNode(NodeBuilder builder, String name, NodeState before, NodeState after) { + // FIXME (OAK-709) after might be a secured node instead of the underlying non secured node. + // Pushing this on the non secured builder is wrong. + // AFAICS this is only relevant when the after node state has been moved here + builder.setNode(name, after); + } + + @Override + protected void changeDeletedNode(NodeBuilder builder, String name, NodeState after) { + throw new IllegalStateException("Unexpected conflict: change deleted node: " + + name + " : " + after); + } + + @Override + protected void deleteDeletedNode(NodeBuilder builder, String name, NodeState before) { + throw new IllegalStateException("Unexpected conflict: delete deleted node: " + + name + " : " + before); + } + + @Override + protected void deleteChangedNode(NodeBuilder builder, String name, NodeState before) { + // FIXME Should never be called. OAK-781 should fix this. +// throw new IllegalStateException("Unexpected conflict: delete changed node: " + +// name + " : " + before); + } + +} Propchange: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Rev URL Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java?rev=1469339&r1=1469338&r2=1469339&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java Thu Apr 18 14:19:40 2013 @@ -18,6 +18,12 @@ */ package org.apache.jackrabbit.oak.security.authorization.evaluation; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + import org.apache.jackrabbit.oak.api.CommitFailedException; import org.apache.jackrabbit.oak.api.Root; import org.apache.jackrabbit.oak.api.Tree; @@ -25,11 +31,6 @@ import org.apache.jackrabbit.oak.securit import org.junit.Ignore; import org.junit.Test; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertTrue; - public class ShadowInvisibleContentTest extends AbstractOakCoreTest { @Test @@ -51,6 +52,7 @@ public class ShadowInvisibleContentTest try { testRoot.commit(); + fail(); } catch (CommitFailedException e) { assertTrue(e.isAccessViolation()); } @@ -74,6 +76,7 @@ public class ShadowInvisibleContentTest try { testRoot.commit(); + fail(); } catch (CommitFailedException e) { assertTrue(e.isAccessViolation()); } @@ -97,6 +100,7 @@ public class ShadowInvisibleContentTest try { testRoot.commit(); + fail(); } catch (CommitFailedException e) { assertTrue(e.isAccessViolation()); }