jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1538944 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ oak-jcr/src/test/java/org/apa...
Date Tue, 05 Nov 2013 11:14:36 GMT
Author: angela
Date: Tue Nov  5 11:14:35 2013
New Revision: 1538944

URL: http://svn.apache.org/r1538944
Log:
OAK-51 : Access Control Management (minor improvement)

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACL.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImplTest.java
    jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACL.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACL.java?rev=1538944&r1=1538943&r2=1538944&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACL.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACL.java
Tue Nov  5 11:14:35 2013
@@ -52,25 +52,25 @@ abstract class ACL extends AbstractAcces
 
     private final List<ACE> entries = new ArrayList<ACE>();
 
-    ACL(@Nullable String oakPath, @Nonnull NamePathMapper namePathMapper) {
-        this(oakPath, null, namePathMapper);
-    }
+    private final PrincipalManager principalManager;
+    private final PrivilegeManager privilegeManager;
+    private final PrivilegeBitsProvider privilegeBitsProvider;
 
     ACL(@Nullable String oakPath, @Nullable List<ACE> entries,
-        @Nonnull NamePathMapper namePathMapper) {
+        @Nonnull NamePathMapper namePathMapper,
+        @Nonnull PrincipalManager principalManager,
+        @Nonnull PrivilegeManager privilegeManager,
+        @Nonnull PrivilegeBitsProvider privilegeBitsProvider) {
         super(oakPath, namePathMapper);
         if (entries != null) {
             this.entries.addAll(entries);
         }
+        this.principalManager = principalManager;
+        this.privilegeManager = privilegeManager;
+        this.privilegeBitsProvider = privilegeBitsProvider;
     }
 
-    abstract PrincipalManager getPrincipalManager();
-
-    abstract PrivilegeManager getPrivilegeManager();
-
-    abstract PrivilegeBitsProvider getPrivilegeBitsProvider();
-
-    abstract ACE createACE(Principal principal, PrivilegeBits privilegeBits, boolean isAllow,
Set<Restriction> restrictions, NamePathMapper namePathMapper) throws RepositoryException;
+    abstract ACE createACE(Principal principal, PrivilegeBits privilegeBits, boolean isAllow,
Set<Restriction> restrictions) throws RepositoryException;
 
     //------------------------------------------< AbstractAccessControlList >---
     @Nonnull
@@ -98,13 +98,13 @@ abstract class ACL extends AbstractAcces
             throw new AccessControlException("Privileges may not be null nor an empty array");
         }
         for (Privilege p : privileges) {
-            Privilege pv = getPrivilegeManager().getPrivilege(p.getName());
+            Privilege pv = privilegeManager.getPrivilege(p.getName());
             if (pv.isAbstract()) {
                 throw new AccessControlException("Privilege " + p + " is abstract.");
             }
         }
 
-        Util.checkValidPrincipal(principal, getPrincipalManager());
+        Util.checkValidPrincipal(principal, principalManager);
 
         for (RestrictionDefinition def : getRestrictionProvider().getSupportedRestrictions(getOakPath()))
{
             String jcrName = getNamePathMapper().getJcrName(def.getName());
@@ -132,7 +132,7 @@ abstract class ACL extends AbstractAcces
             }
         }
 
-        ACE entry = createACE(principal, getPrivilegeBits(privileges), isAllow, rs, getNamePathMapper());
+        ACE entry = createACE(principal, getPrivilegeBits(privileges), isAllow, rs);
         if (entries.contains(entry)) {
             log.debug("Entry is already contained in policy -> no modification.");
             return false;
@@ -239,10 +239,10 @@ abstract class ACL extends AbstractAcces
     }
 
     private ACE createACE(@Nonnull ACE existing, @Nonnull PrivilegeBits newPrivilegeBits)
throws RepositoryException {
-        return createACE(existing.getPrincipal(), newPrivilegeBits, existing.isAllow(), existing.getRestrictions(),
getNamePathMapper());
+        return createACE(existing.getPrincipal(), newPrivilegeBits, existing.isAllow(), existing.getRestrictions());
     }
 
     private PrivilegeBits getPrivilegeBits(Privilege[] privileges) {
-        return getPrivilegeBitsProvider().getBits(privileges, getNamePathMapper());
+        return privilegeBitsProvider.getBits(privileges, getNamePathMapper());
     }
 }

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java?rev=1538944&r1=1538943&r2=1538944&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java
Tue Nov  5 11:14:35 2013
@@ -696,11 +696,11 @@ public class AccessControlManagerImpl im
     private class NodeACL extends ACL {
 
         NodeACL(@Nullable String oakPath) {
-            super(oakPath, namePathMapper);
+            this(oakPath, null);
         }
 
         NodeACL(@Nullable String oakPath, @Nullable List<ACE> entries) {
-            super(oakPath, entries, namePathMapper);
+            super(oakPath, entries, namePathMapper, principalManager, privilegeManager, bitsProvider);
         }
 
         @Nonnull
@@ -710,23 +710,8 @@ public class AccessControlManagerImpl im
         }
 
         @Override
-        PrincipalManager getPrincipalManager() {
-            return principalManager;
-        }
-
-        @Override
-        PrivilegeManager getPrivilegeManager() {
-            return privilegeManager;
-        }
-
-        @Override
-        PrivilegeBitsProvider getPrivilegeBitsProvider() {
-            return bitsProvider;
-        }
-
-        @Override
-        ACE createACE(Principal principal, PrivilegeBits privilegeBits, boolean isAllow,
Set<Restriction> restrictions, NamePathMapper namePathMapper) throws RepositoryException
{
-            return new Entry(principal, privilegeBits, isAllow, restrictions, namePathMapper);
+        ACE createACE(Principal principal, PrivilegeBits privilegeBits, boolean isAllow,
Set<Restriction> restrictions) throws RepositoryException {
+            return new Entry(principal, privilegeBits, isAllow, restrictions, getNamePathMapper());
         }
 
         @Override
@@ -760,7 +745,7 @@ public class AccessControlManagerImpl im
         private PrincipalACL(@Nullable String oakPath, @Nonnull Principal principal,
                              @Nullable List<ACE> entries,
                              @Nonnull RestrictionProvider restrictionProvider) {
-            super(oakPath, entries, namePathMapper);
+            super(oakPath, entries, namePathMapper, principalManager, privilegeManager, bitsProvider);
             this.principal = principal;
             rProvider = restrictionProvider;
         }
@@ -772,23 +757,8 @@ public class AccessControlManagerImpl im
         }
 
         @Override
-        PrincipalManager getPrincipalManager() {
-            return principalManager;
-        }
-
-        @Override
-        PrivilegeManager getPrivilegeManager() {
-            return privilegeManager;
-        }
-
-        @Override
-        PrivilegeBitsProvider getPrivilegeBitsProvider() {
-            return bitsProvider;
-        }
-
-        @Override
-        ACE createACE(Principal principal, PrivilegeBits privilegeBits, boolean isAllow,
Set<Restriction> restrictions, NamePathMapper namePathMapper) throws RepositoryException
{
-            return new Entry(principal, privilegeBits, isAllow, restrictions, namePathMapper);
+        ACE createACE(Principal principal, PrivilegeBits privilegeBits, boolean isAllow,
Set<Restriction> restrictions) throws RepositoryException {
+            return new Entry(principal, privilegeBits, isAllow, restrictions, getNamePathMapper());
         }
 
         @Override

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java?rev=1538944&r1=1538943&r2=1538944&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java
Tue Nov  5 11:14:35 2013
@@ -58,7 +58,6 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
 import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits;
-import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBitsProvider;
 import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
 import org.junit.Before;
 import org.junit.Test;
@@ -101,29 +100,14 @@ public class ACLTest extends AbstractAcc
                                                   @Nonnull NamePathMapper namePathMapper,
                                                   final @Nonnull RestrictionProvider restrictionProvider)
{
         String path = (jcrPath == null) ? null : namePathMapper.getOakPathKeepIndex(jcrPath);
-        return new ACL(path, entries, namePathMapper) {
+        return new ACL(path, entries, namePathMapper, principalManager, privilegeManager,
getBitsProvider()) {
             @Override
             public RestrictionProvider getRestrictionProvider() {
                 return restrictionProvider;
             }
 
             @Override
-            PrincipalManager getPrincipalManager() {
-                return principalManager;
-            }
-
-            @Override
-            PrivilegeManager getPrivilegeManager() {
-                return privilegeManager;
-            }
-
-            @Override
-            PrivilegeBitsProvider getPrivilegeBitsProvider() {
-                return getBitsProvider();
-            }
-
-            @Override
-            ACE createACE(Principal principal, PrivilegeBits privilegeBits, boolean isAllow,
Set<Restriction> restrictions, NamePathMapper namePathMapper) throws RepositoryException
{
+            ACE createACE(Principal principal, PrivilegeBits privilegeBits, boolean isAllow,
Set<Restriction> restrictions) throws RepositoryException {
                 return createEntry(principal, privilegeBits, isAllow, restrictions);
             }
         };

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImplTest.java?rev=1538944&r1=1538943&r2=1538944&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImplTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImplTest.java
Tue Nov  5 11:14:35 2013
@@ -50,7 +50,6 @@ import org.apache.jackrabbit.JcrConstant
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy;
-import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
 import org.apache.jackrabbit.api.security.principal.PrincipalManager;
 import org.apache.jackrabbit.oak.TestNameMapper;
 import org.apache.jackrabbit.oak.api.ContentSession;
@@ -71,7 +70,6 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
 import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits;
-import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBitsProvider;
 import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
 import org.apache.jackrabbit.oak.util.NodeUtil;
 import org.apache.jackrabbit.oak.util.TreeUtil;
@@ -178,24 +176,10 @@ public class AccessControlManagerImplTes
     private ACL createPolicy(@Nullable String path) {
         final PrincipalManager pm = getPrincipalManager(root);
         final RestrictionProvider rp = getRestrictionProvider();
-        return new ACL(path, getNamePathMapper()) {
-            @Override
-            PrincipalManager getPrincipalManager() {
-                return pm;
-            }
-
-            @Override
-            PrivilegeManager getPrivilegeManager() {
-                return AccessControlManagerImplTest.this.getPrivilegeManager(root);
-            }
-
-            @Override
-            PrivilegeBitsProvider getPrivilegeBitsProvider() {
-                return new PrivilegeBitsProvider(root);
-            }
+        return new ACL(path, null, getNamePathMapper(), pm, AccessControlManagerImplTest.this.getPrivilegeManager(root),
getBitsProvider()) {
 
             @Override
-            ACE createACE(Principal principal, PrivilegeBits privilegeBits, boolean isAllow,
Set<Restriction> restrictions, NamePathMapper namePathMapper) throws RepositoryException
{
+            ACE createACE(Principal principal, PrivilegeBits privilegeBits, boolean isAllow,
Set<Restriction> restrictions) {
                 throw new UnsupportedOperationException();
             }
 

Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java?rev=1538944&r1=1538943&r2=1538944&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java
(original)
+++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/AccessControlManagementTest.java
Tue Nov  5 11:14:35 2013
@@ -33,7 +33,6 @@ import javax.jcr.security.Privilege;
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
 import org.apache.jackrabbit.test.NotExecutableException;
 import org.apache.jackrabbit.util.Text;
-import org.junit.Ignore;
 import org.junit.Test;
 
 /**



Mime
View raw message