jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ju...@apache.org
Subject svn commit: r1558162 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java
Date Tue, 14 Jan 2014 18:52:06 GMT
Author: jukka
Date: Tue Jan 14 18:52:06 2014
New Revision: 1558162

URL: http://svn.apache.org/r1558162
Log:
OAK-1296: Use TypePredicate instead of NodeType.isNodeType() for NodeState type checks

Avoid the broken String-to-TypePredicate equality check spotted by Angela.
The logic becomes clearer by moving the checkValidRepoAccessControlled invocation directly
to checkValidPolicy().

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java?rev=1558162&r1=1558161&r2=1558162&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java
Tue Jan 14 18:52:06 2014
@@ -166,9 +166,12 @@ class AccessControlValidator extends Def
     }
 
     private void checkValidPolicy(ImmutableTree parent, Tree policyTree, NodeState policyNode)
throws CommitFailedException {
-        TypePredicate requiredMixin = (REP_REPO_POLICY.equals(policyTree.getName())) ?
-                isRepoAccessControllable : isAccessControllable;
-        checkValidAccessControlledNode(parent, requiredMixin);
+        if (REP_REPO_POLICY.equals(policyTree.getName())) {
+            checkValidAccessControlledNode(parent, isRepoAccessControllable);
+            checkValidRepoAccessControlled(parent);
+        } else {
+            checkValidAccessControlledNode(parent, isAccessControllable);
+        }
 
         Collection<String> validPolicyNames = (parent.isRoot()) ?
                 POLICY_NODE_NAMES :
@@ -200,10 +203,6 @@ class AccessControlValidator extends Def
             String msg = "Isolated policy node. Parent is not of type " + requiredMixin;
             throw accessViolation(6, msg);
         }
-
-        if (MIX_REP_REPO_ACCESS_CONTROLLABLE.equals(requiredMixin)) {
-            checkValidRepoAccessControlled(accessControlledTree);
-        }
     }
 
     private void checkValidAccessControlEntry(Tree aceNode) throws CommitFailedException
{



Mime
View raw message