stephan 2002/08/19 07:06:50
Modified: src/scratchpad/webapp/samples/slide
description2html4permissions.xsl
src/scratchpad/src/org/apache/cocoon/components/source/impl
SlideSource.java
src/scratchpad/src/org/apache/cocoon/components/source
RestrictableSource.java
src/scratchpad/src/org/apache/cocoon/acting
SourceMultiAction.java
Log:
Complete the implementation of the AddSourcePermission and
RemoveSourcePermission.
Revision Changes Path
1.5 +13 -9
xml-cocoon2/src/scratchpad/webapp/samples/slide/description2html4permissions.xsl
Index: description2html4permissions.xsl
===================================================================
RCS file:
/home/cvs/xml-cocoon2/src/scratchpad/webapp/samples/slide/description2html4permissions.xsl,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- description2html4permissions.xsl 19 Aug 2002 08:08:11 -0000 1.4
+++ description2html4permissions.xsl 19 Aug 2002 14:06:50 -0000 1.5
@@ -148,12 +148,14 @@
<td align="left"><xsl:value-of select="@negative"/></td>
<td align="right">
<form action="" method="post">
- <input type="hidden" name="method"
value="doDeletePrincipalPermission"/>
+ <input type="hidden" name="method"
value="doRemovePrincipalPermission"/>
<input type="hidden" name="cocoon-source-uri"
value="{../../@source:systemid}"/>
<input type="hidden" name="cocoon-source-permission-principal"
value="{@principal}"/>
<input type="hidden" name="cocoon-source-permission-privilege"
value="{@privilege}"/>
+ <input type="hidden" name="cocoon-source-permission-inheritable"
value="{@inheritable}"/>
+ <input type="hidden" name="cocoon-source-permission-negative"
value="{@negative}"/>
- <input type="submit" name="doDeletePrincipalPermission"
value="Delete"/>
+ <input type="submit" name="doRemovePrincipalPermission"
value="Delete"/>
</form>
</td>
</tr>
@@ -161,10 +163,10 @@
<tr>
<form action="" method="post">
- <input type="hidden" name="method"
value="doSetPrincipalPermission"/>
+ <input type="hidden" name="method"
value="doAddPrincipalPermission"/>
<input type="hidden" name="cocoon-source-uri"
value="{@source:systemid}"/>
<td align="left">
- <select name="cocoon-source-permission-principal-group">
+ <select name="cocoon-source-permission-principal">
<option>ALL</option>
<option>SELF</option>
<option>GUEST</option>
@@ -210,7 +212,7 @@
</select>
</td>
<td align="right">
- <input type="submit" name="doSetPrincipalPermission"
value="Add/Modify"/>
+ <input type="submit" name="doAddPrincipalPermission"
value="Add/Modify"/>
</td>
</form>
</tr>
@@ -256,12 +258,14 @@
<td align="left"><xsl:value-of select="@negative"/></td>
<td align="right">
<form action="" method="post">
- <input type="hidden" name="method"
value="doDeletePrincipalGroupPermission"/>
+ <input type="hidden" name="method"
value="doRemovePrincipalGroupPermission"/>
<input type="hidden" name="cocoon-source-uri"
value="{../../@source:systemid}"/>
<input type="hidden"
name="cocoon-source-permission-principal-group" value="{@group}"/>
<input type="hidden" name="cocoon-source-permission-privilege"
value="{@privilege}"/>
+ <input type="hidden" name="cocoon-source-permission-inheritable"
value="{@inheritable}"/>
+ <input type="hidden" name="cocoon-source-permission-negative"
value="{@negative}"/>
- <input type="submit" name="cocoon-action-deletepermission"
value="Delete"/>
+ <input type="submit" name="doRemovePrincipalGroupPermission"
value="Delete"/>
</form>
</td>
</tr>
@@ -269,7 +273,7 @@
<tr>
<form action="" method="post">
- <input type="hidden" name="method"
value="doSetPrincipalGroupPermission"/>
+ <input type="hidden" name="method"
value="doAddPrincipalGroupPermission"/>
<input type="hidden" name="cocoon-source-uri"
value="{@source:systemid}"/>
<td align="left">
<select name="cocoon-source-permission-principal-group">
@@ -315,7 +319,7 @@
</select>
</td>
<td align="right">
- <input type="submit" name="doSetPrincipalPermission"
value="Add/Modify"/>
+ <input type="submit" name="doAddPrincipalPermission"
value="Add/Modify"/>
</td>
</form>
</tr>
1.19 +138 -15
xml-cocoon2/src/scratchpad/src/org/apache/cocoon/components/source/impl/SlideSource.java
Index: SlideSource.java
===================================================================
RCS file:
/home/cvs/xml-cocoon2/src/scratchpad/src/org/apache/cocoon/components/source/impl/SlideSource.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- SlideSource.java 19 Aug 2002 11:49:41 -0000 1.18
+++ SlideSource.java 19 Aug 2002 14:06:50 -0000 1.19
@@ -846,13 +846,13 @@
}
/**
- * Set a permission to this source
+ * Add a permission to this source
*
* @param sourcepermission Permission, which should be set
*
* @throws SourceException If an exception occurs during this operation
**/
- public void setSourcePermission(SourcePermission sourcepermission) throws
SourceException {
+ public void addSourcePermission(SourcePermission sourcepermission) throws
SourceException {
NamespaceConfig config = this.nat.getNamespaceConfig();
@@ -860,13 +860,15 @@
if (sourcepermission instanceof PrincipalSourcePermission) {
subject =
config.getUsersPath()+"/"+((PrincipalSourcePermission)sourcepermission).getPrincipal();
- // Test if user exists
+ // Test if principal exists
try {
ObjectNode objectnode = structure.retrieve(this.slideToken,
subject);
if (!(objectnode instanceof SubjectNode))
- return;
- } catch (SlideException e) {
- return;
+ throw new SourceException("Principal '"+
+
((PrincipalSourcePermission)sourcepermission).getPrincipal()+"' doesn't exists");
+ } catch (SlideException se) {
+ throw new SourceException("Could not retrieve object for principal
'"+
+
((PrincipalSourcePermission)sourcepermission).getPrincipal()+"'", se);
}
} else if (sourcepermission instanceof GroupSourcePermission) {
@@ -876,14 +878,16 @@
try {
ObjectNode objectnode = structure.retrieve(this.slideToken,
subject);
if (!(objectnode instanceof GroupNode))
- return;
- } catch (SlideException e) {
- return;
+ throw new SourceException("Group '"+
+ ((GroupSourcePermission)sourcepermission).getGroup()+"'
doesn't exists");
+ } catch (SlideException se) {
+ throw new SourceException("Could not retrieve object for group '"+
+ ((GroupSourcePermission)sourcepermission).getGroup()+"'", se);
}
subject = "+"+subject; // Additional '+' to expand the group
} else
- return; // If not user or group
+ throw new SourceException("Does't support category of permission");
boolean negative = sourcepermission.isNegative();
boolean inheritable = sourcepermission.isInheritable();
@@ -944,7 +948,7 @@
}
/**
- * Add permission to the list of permissions to set.
+ * Add permission to the list of permissions.
*/
private void addPermission(String subject, String action,
boolean negative, boolean inheritable) throws
SourceException {
@@ -959,7 +963,128 @@
content.store(slideToken, this.config.getFilesPath()+this.uri,
revisionDescriptor, null);
} catch (SlideException se) {
- getLogger().warn("Couldn't grant permission", se);
+ throw new SourceException("Couldn't grant permission", se);
+ }
+ }
+
+ /**
+ * Remove a permission from this source
+ *
+ * @param sourcepermission Permission, which should be removed
+ *
+ * @throws SourceException If an exception occurs during this operation
+ **/
+ public void removeSourcePermission(SourcePermission sourcepermission) throws
SourceException {
+
+ NamespaceConfig config = this.nat.getNamespaceConfig();
+
+ String subject = null;
+ if (sourcepermission instanceof PrincipalSourcePermission) {
+ subject =
config.getUsersPath()+"/"+((PrincipalSourcePermission)sourcepermission).getPrincipal();
+
+ // Test if principal exists
+ try {
+ ObjectNode objectnode = structure.retrieve(this.slideToken,
subject);
+ if (!(objectnode instanceof SubjectNode))
+ throw new SourceException("Principal '"+
+
((PrincipalSourcePermission)sourcepermission).getPrincipal()+"' doesn't exists");
+ } catch (SlideException se) {
+ throw new SourceException("Could not retrieve object for principal
'"+
+
((PrincipalSourcePermission)sourcepermission).getPrincipal()+"'", se);
+ }
+
+ } else if (sourcepermission instanceof GroupSourcePermission) {
+ subject =
config.getUsersPath()+"/"+((GroupSourcePermission)sourcepermission).getGroup();
+
+ // Test if group exists
+ try {
+ ObjectNode objectnode = structure.retrieve(this.slideToken,
subject);
+ if (!(objectnode instanceof GroupNode))
+ throw new SourceException("Group '"+
+ ((GroupSourcePermission)sourcepermission).getGroup()+"'
doesn't exists");
+ } catch (SlideException se) {
+ throw new SourceException("Could not retrieve object for group '"+
+ ((GroupSourcePermission)sourcepermission).getGroup()+"'", se);
+ }
+
+ subject = "+"+subject; // Additional '+' to expand the group
+ } else
+ throw new SourceException("Does't support category of permission");
+
+ boolean negative = sourcepermission.isNegative();
+ boolean inheritable = sourcepermission.isInheritable();
+
+ if (sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_ALL))
{
+ removePermission(subject, "/", negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_READ)) {
+ removePermission(subject, config.getReadObjectAction().getUri(),
negative, inheritable);
+ removePermission(subject, config.getReadLocksAction().getUri(),
negative, inheritable);
+ removePermission(subject,
config.getReadRevisionMetadataAction().getUri(), negative, inheritable);
+ removePermission(subject,
config.getReadRevisionContentAction().getUri(), negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_READ_SOURCE)) {
+ removePermission(subject, config.getReadObjectAction().getUri(),
negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_READ_LOCKS)) {
+ removePermission(subject, config.getReadLocksAction().getUri(),
negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_READ_PROPERTY)) {
+ removePermission(subject,
config.getReadRevisionMetadataAction().getUri(), negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_READ_CONTENT)) {
+ removePermission(subject,
config.getReadRevisionContentAction().getUri(), negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_WRITE)) {
+ removePermission(subject, config.getCreateObjectAction().getUri(),
negative, inheritable);
+ removePermission(subject, config.getRemoveObjectAction().getUri(),
negative, inheritable);
+ removePermission(subject, config.getLockObjectAction().getUri(),
negative, inheritable);
+ removePermission(subject,
config.getCreateRevisionMetadataAction().getUri(), negative, inheritable);
+ removePermission(subject,
config.getModifyRevisionMetadataAction().getUri(), negative, inheritable);
+ removePermission(subject,
config.getRemoveRevisionMetadataAction().getUri(), negative, inheritable);
+ removePermission(subject,
config.getCreateRevisionContentAction().getUri(), negative, inheritable);
+ removePermission(subject,
config.getModifyRevisionContentAction().getUri(), negative, inheritable);
+ removePermission(subject,
config.getRemoveRevisionContentAction().getUri(), negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_CREATE_SOURCE)) {
+ removePermission(subject, config.getCreateObjectAction().getUri(),
negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_REMOVE_SOURCE)) {
+ removePermission(subject, config.getRemoveObjectAction().getUri(),
negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_LOCK_SOURCE)) {
+ removePermission(subject, config.getLockObjectAction().getUri(),
negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_CREATE_PROPERTY)) {
+ removePermission(subject,
config.getCreateRevisionMetadataAction().getUri(), negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_MODIFY_PROPERTY)) {
+ removePermission(subject,
config.getModifyRevisionMetadataAction().getUri(), negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_REMOVE_PROPERTY)) {
+ removePermission(subject,
config.getRemoveRevisionMetadataAction().getUri(), negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_CREATE_CONTENT)) {
+ removePermission(subject,
config.getCreateRevisionContentAction().getUri(), negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_MODIFY_CONTENT)) {
+ removePermission(subject,
config.getModifyRevisionContentAction().getUri(), negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_REMOVE_CONTENT)) {
+ removePermission(subject,
config.getRemoveRevisionContentAction().getUri(), negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_READ_ACL)) {
+ removePermission(subject, config.getReadPermissionsAction().getUri(),
negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_WRITE_ACL)) {
+ removePermission(subject, config.getGrantPermissionAction().getUri(),
negative, inheritable);
+ removePermission(subject, config.getRevokePermissionAction().getUri(),
negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_GRANT_PERMISSION)) {
+ removePermission(subject, config.getGrantPermissionAction().getUri(),
negative, inheritable);
+ } else if
(sourcepermission.getPrivilege().equals(SourcePermission.PRIVILEGE_REVOKE_PERMISSION))
{
+ removePermission (subject, config.getRevokePermissionAction().getUri(),
negative, inheritable);
+ }
+ }
+
+ /**
+ * Remove a permission from the list of permissions.
+ */
+ private void removePermission(String subject, String action,
+ boolean negative, boolean inheritable) throws
SourceException {
+ try {
+ NodePermission permission = new NodePermission
+ (this.config.getFilesPath()+this.uri, subject, action, inheritable,
negative);
+ this.security.revokePermission(this.slideToken, permission);
+
+ // Last modification date
+ revisionDescriptor.setLastModified(new Date());
+
+ content.store(slideToken, this.config.getFilesPath()+this.uri,
revisionDescriptor, null);
+
+ } catch (SlideException se) {
throw new SourceException("Couldn't grant permission", se);
}
}
@@ -1206,7 +1331,6 @@
sourcepermissions.add(sourcepermission);
}
} catch (SlideException se) {
- getLogger().error("Exception eccurs while retrieveing source
permission", se);
throw new SourceException("Exception eccurs while retrieveing
source permission", se);
}
@@ -1223,7 +1347,6 @@
return (SourcePermission[])
sourcepermissions.toArray((Object[])sourcepermissionArray);
} catch (SlideException se) {
- getLogger().error("Exception eccurs while retrieveing source
permission", se);
throw new SourceException("Exception eccurs while retrieveing source
permission", se);
}
}
1.5 +13 -4
xml-cocoon2/src/scratchpad/src/org/apache/cocoon/components/source/RestrictableSource.java
Index: RestrictableSource.java
===================================================================
RCS file:
/home/cvs/xml-cocoon2/src/scratchpad/src/org/apache/cocoon/components/source/RestrictableSource.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- RestrictableSource.java 1 Jul 2002 16:41:54 -0000 1.4
+++ RestrictableSource.java 19 Aug 2002 14:06:50 -0000 1.5
@@ -80,13 +80,22 @@
public void setSourceCredential(SourceCredential sourcecredential) throws
SourceException;
/**
- * Set a permission to this source
+ * Add a permission to this source
*
* @param sourcepermission Permission, which should be set
*
* @throws SourceException If an exception occurs during this operation
- */
- public void setSourcePermission(SourcePermission sourcepermission) throws
SourceException;
+ **/
+ public void addSourcePermission(SourcePermission sourcepermission) throws
SourceException;
+
+ /**
+ * Remove a permission from this source
+ *
+ * @param sourcepermission Permission, which should be removed
+ *
+ * @throws SourceException If an exception occurs during this operation
+ **/
+ public void removeSourcePermission(SourcePermission sourcepermission) throws
SourceException;
/**
* Returns a list of the existing permissions
1.9 +103 -5
xml-cocoon2/src/scratchpad/src/org/apache/cocoon/acting/SourceMultiAction.java
Index: SourceMultiAction.java
===================================================================
RCS file:
/home/cvs/xml-cocoon2/src/scratchpad/src/org/apache/cocoon/acting/SourceMultiAction.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- SourceMultiAction.java 19 Aug 2002 08:01:50 -0000 1.8
+++ SourceMultiAction.java 19 Aug 2002 14:06:50 -0000 1.9
@@ -351,7 +351,7 @@
return EMPTY_MAP;
}
- public Map doSetPrincipalPermission(Redirector redirector,
+ public Map doAddPrincipalPermission(Redirector redirector,
SourceResolver resolver,
Map objectModel,
String src,
@@ -388,7 +388,7 @@
SourcePermission permission =
new PrincipalSourcePermission(subject, privilege, inheritable,
negative);
- restrictablesource.setSourcePermission(permission);
+ restrictablesource.addSourcePermission(permission);
} else
throw new ProcessingException("Source isn't restrictable");
} catch (SourceException se) {
@@ -400,7 +400,56 @@
return EMPTY_MAP;
}
- public Map doSetPrincipalGroupPermission(Redirector redirector,
+ public Map doRemovePrincipalPermission(Redirector redirector,
+ SourceResolver resolver,
+ Map objectModel,
+ String src,
+ Parameters parameters) throws Exception {
+
+ getLogger().debug("remove principal permission called");
+
+ Request request = ObjectModelHelper.getRequest(objectModel);
+
+ String uri = parameters.getParameter(SOURCE_URI,
request.getParameter(SOURCE_URI));
+ String subject = parameters.getParameter(SOURCE_PERMISSION_PRINCIPAL,
+ request.getParameter(SOURCE_PERMISSION_PRINCIPAL));
+ String privilege = parameters.getParameter(SOURCE_PERMISSION_PRIVILEGE,
+ request.getParameter(SOURCE_PERMISSION_PRIVILEGE));
+ boolean inheritable =
Boolean.getBoolean(parameters.getParameter(SOURCE_PERMISSION_INHERITABLE,
+ request.getParameter(SOURCE_PERMISSION_INHERITABLE)));
+ boolean negative =
Boolean.getBoolean(parameters.getParameter(SOURCE_PERMISSION_NEGATIVE,
+ request.getParameter(SOURCE_PERMISSION_NEGATIVE)));
+
+ String principal = parameters.getParameter(PRINCIPAL,
+ request.getParameter(PRINCIPAL));
+ String password = parameters.getParameter(PASSWORD,
+ request.getParameter(PASSWORD));
+
+ try {
+
+ Source source = resolver.resolveURI(uri);
+
+ if (source instanceof RestrictableSource) {
+ RestrictableSource restrictablesource = (RestrictableSource)source;
+
+ restrictablesource.setSourceCredential(new
SourceCredential(principal, password));
+
+ SourcePermission permission =
+ new PrincipalSourcePermission(subject, privilege, inheritable,
negative);
+
+ restrictablesource.removeSourcePermission(permission);
+ } else
+ throw new ProcessingException("Source isn't restrictable");
+ } catch (SourceException se) {
+ if (getLogger().isDebugEnabled())
+ getLogger().debug("Exception occurs while modifying the source",
se);
+ throw new ProcessingException("Exception occurs while modifying the
source", se);
+ }
+
+ return EMPTY_MAP;
+ }
+
+ public Map doAddPrincipalGroupPermission(Redirector redirector,
SourceResolver resolver,
Map objectModel,
String src,
@@ -437,7 +486,56 @@
SourcePermission permission =
new GroupSourcePermission(subject, privilege, inheritable,
negative);
- restrictablesource.setSourcePermission(permission);
+ restrictablesource.addSourcePermission(permission);
+ } else
+ throw new ProcessingException("Source isn't restrictable");
+ } catch (SourceException se) {
+ if (getLogger().isDebugEnabled())
+ getLogger().debug("Exception occurs while modifying the source",
se);
+ throw new ProcessingException("Exception occurs while modifying the
source", se);
+ }
+
+ return EMPTY_MAP;
+ }
+
+ public Map doRemovePrincipalGroupPermission(Redirector redirector,
+ SourceResolver resolver,
+ Map objectModel,
+ String src,
+ Parameters parameters) throws Exception {
+
+ getLogger().debug("remove principal group permission called");
+
+ Request request = ObjectModelHelper.getRequest(objectModel);
+
+ String uri = parameters.getParameter(SOURCE_URI,
request.getParameter(SOURCE_URI));
+ String subject = parameters.getParameter(SOURCE_PERMISSION_PRINCIPAL_GROUP,
+ request.getParameter(SOURCE_PERMISSION_PRINCIPAL_GROUP));
+ String privilege = parameters.getParameter(SOURCE_PERMISSION_PRIVILEGE,
+ request.getParameter(SOURCE_PERMISSION_PRIVILEGE));
+ boolean inheritable =
Boolean.getBoolean(parameters.getParameter(SOURCE_PERMISSION_INHERITABLE,
+ request.getParameter(SOURCE_PERMISSION_INHERITABLE)));
+ boolean negative =
Boolean.getBoolean(parameters.getParameter(SOURCE_PERMISSION_NEGATIVE,
+ request.getParameter(SOURCE_PERMISSION_NEGATIVE)));
+
+ String principal = parameters.getParameter(PRINCIPAL,
+ request.getParameter(PRINCIPAL));
+ String password = parameters.getParameter(PASSWORD,
+ request.getParameter(PASSWORD));
+
+ try {
+
+ Source source = resolver.resolveURI(uri);
+
+ if (source instanceof RestrictableSource) {
+ RestrictableSource restrictablesource = (RestrictableSource)source;
+
+ restrictablesource.setSourceCredential(new
SourceCredential(principal, password));
+
+ SourcePermission permission =
+ new GroupSourcePermission(subject, privilege, inheritable,
negative);
+
+ restrictablesource.removeSourcePermission(permission);
} else
throw new ProcessingException("Source isn't restrictable");
} catch (SourceException se) {
----------------------------------------------------------------------
In case of troubles, e-mail: [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
