This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.jcr.resourcesecurity-1.0.0 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-resourcesecurity.git
commit 4e46e646659ee71f9c2061da6fad0edfccef0565 Author: Carsten Ziegeler <[email protected]> AuthorDate: Mon Dec 16 04:49:51 2013 +0000 Add new project containing an access security gate which protectes resource providers based on JCR nodes. git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/contrib/jcr/resourcesecurity@1551115 13f79535-47bb-0310-9956-ffa450edef68 --- pom.xml | 111 +++++++++++++++++++++ .../impl/ResourceAccessGateFactory.java | 84 ++++++++++++++++ 2 files changed, 195 insertions(+) diff --git a/pom.xml b/pom.xml new file mode 100644 index 0000000..106280a --- /dev/null +++ b/pom.xml @@ -0,0 +1,111 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.apache.sling</groupId> + <artifactId>sling</artifactId> + <version>18</version> + <relativePath>../../../parent/pom.xml</relativePath> + </parent> + + <artifactId>org.apache.sling.jcr.resourcesecurity</artifactId> + <version>0.0.1-SNAPSHOT</version> + <packaging>bundle</packaging> + + <name>Apache Sling JCR Resource Security</name> + <description> + This bundle provides a resource access gate to protect resources based on JCR nodes. + </description> + + <scm> + <connection>scm:svn:http://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/resourcesecurity</connection> + <developerConnection>scm:svn:https://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/resourcesecurity</developerConnection> + <url>http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/resourcesecurity</url> + </scm> + + <build> + <plugins> + <plugin> + <groupId>org.apache.felix</groupId> + <artifactId>maven-scr-plugin</artifactId> + </plugin> + <plugin> + <groupId>org.apache.felix</groupId> + <artifactId>maven-bundle-plugin</artifactId> + <extensions>true</extensions> + <configuration> + <instructions> + </instructions> + </configuration> + </plugin> + </plugins> + </build> + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-javadoc-plugin</artifactId> + <configuration> + <excludePackageNames> + org.apache.sling.jcr.resourcesecurity.impl + </excludePackageNames> + </configuration> + </plugin> + </plugins> + </reporting> + <dependencies> + <dependency> + <groupId>org.osgi</groupId> + <artifactId>org.osgi.core</artifactId> + </dependency> + <dependency> + <groupId>org.osgi</groupId> + <artifactId>org.osgi.compendium</artifactId> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </dependency> + <dependency> + <groupId>javax.jcr</groupId> + <artifactId>jcr</artifactId> + <version>2.0</version> + </dependency> + <dependency> + <groupId>org.apache.sling</groupId> + <artifactId>org.apache.sling.api</artifactId> + <version>2.4.3-SNAPSHOT</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.apache.sling</groupId> + <artifactId>org.apache.sling.resourceaccesssecurity</artifactId> + <version>0.0.1-SNAPSHOT</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.apache.sling</groupId> + <artifactId>org.apache.sling.commons.osgi</artifactId> + <version>2.2.0</version> + <scope>provided</scope> + </dependency> + </dependencies> +</project> diff --git a/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java b/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java new file mode 100644 index 0000000..9309733 --- /dev/null +++ b/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java @@ -0,0 +1,84 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.sling.jcr.resourcesecurity.impl; + +import java.util.Map; + +import javax.jcr.RepositoryException; +import javax.jcr.Session; + +import org.apache.felix.scr.annotations.Activate; +import org.apache.felix.scr.annotations.Component; +import org.apache.felix.scr.annotations.ConfigurationPolicy; +import org.apache.felix.scr.annotations.Properties; +import org.apache.felix.scr.annotations.Property; +import org.apache.felix.scr.annotations.Service; +import org.apache.sling.api.resource.Resource; +import org.apache.sling.api.resource.ResourceResolver; +import org.apache.sling.commons.osgi.PropertiesUtil; +import org.apache.sling.resourceaccesssecurity.AllowingResourceAccessGate; +import org.apache.sling.resourceaccesssecurity.ResourceAccessGate; + + +@Component(configurationFactory=true, policy=ConfigurationPolicy.REQUIRE, metatype=true, + label="Apache Sling JCR Resource Access Gate", + description="This access gate can be used to handle the access to resources" + + " not backed by a JCR repository by providing ACLs in the " + + "reposiory") +@Service(value=ResourceAccessGate.class) +@Properties({ + @Property(name=ResourceAccessGate.PATH, label="Path", + description="The path is a regular expression for which resources the service should be called"), + @Property(name=ResourceAccessGateFactory.PROP_JCR_PATH, + label="JCR Node", + description="This node is checked for permissions to the resources."), + @Property(name=ResourceAccessGate.OPERATIONS, value="read", propertyPrivate=true) +}) +public class ResourceAccessGateFactory + extends AllowingResourceAccessGate + implements ResourceAccessGate { + + static final String PROP_JCR_PATH = "jcrPath"; + + private String jcrPath; + + @Activate + protected void activate(final Map<String, Object> props) { + this.jcrPath = PropertiesUtil.toString(props.get(PROP_JCR_PATH), null); + } + + @Override + public boolean hasReadRestrictions(ResourceResolver resourceResolver) { + return true; + } + + @Override + public GateResult canRead(final Resource resource) { + final Session session = resource.getResourceResolver().adaptTo(Session.class); + boolean canRead = false; + if ( session != null ) { + try { + canRead = session.nodeExists(this.jcrPath); + } catch (final RepositoryException re) { + // ignore + } + } + return canRead ? GateResult.GRANTED : GateResult.DENIED; + } +} -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
