Author: angela
Date: Wed Feb 27 17:04:30 2013
New Revision: 1450844
URL: http://svn.apache.org/r1450844
Log:
OAK-527: permissions (wip)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidator.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidator.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidator.java?rev=1450844&r1=1450843&r2=1450844&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidator.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidator.java
Wed Feb 27 17:04:30 2013
@@ -33,6 +33,8 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.state.NodeState;
import org.apache.jackrabbit.oak.spi.state.NodeStateUtils;
+import static com.google.common.base.Preconditions.checkNotNull;
+
/**
* Validator implementation that checks for sufficient permission for all
* write operations executed by a given content session.
@@ -91,7 +93,7 @@ class PermissionValidator implements Val
@Override
public Validator childNodeAdded(String name, NodeState after) throws
CommitFailedException {
- Tree child = parentAfter.getChild(name);
+ Tree child = checkNotNull(parentAfter.getChild(name));
return checkPermissions(child, false, Permissions.ADD_NODE);
}
@@ -107,7 +109,7 @@ class PermissionValidator implements Val
@Override
public Validator childNodeDeleted(String name, NodeState before) throws
CommitFailedException {
- Tree child = parentBefore.getChild(name);
+ Tree child = checkNotNull(parentBefore.getChild(name));
return checkPermissions(child, true, Permissions.REMOVE_NODE);
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java?rev=1450844&r1=1450843&r2=1450844&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
Wed Feb 27 17:04:30 2013
@@ -46,6 +46,8 @@ import org.apache.jackrabbit.util.Text;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import static com.google.common.base.Preconditions.checkNotNull;
+
/**
* PermissionProviderImpl... TODO
* <p/>
@@ -124,7 +126,8 @@ public class PermissionProviderImpl impl
@Override
public boolean isGranted(@Nonnull Tree tree, long permissions) {
if (isVersionContent(tree)) {
- return compiledPermissions.isGranted(getVersionablePath(tree,
null), permissions);
+ String path = getVersionablePath(tree, null);
+ return path != null && compiledPermissions.isGranted(path,
permissions);
} else {
return compiledPermissions.isGranted(tree, permissions);
}
@@ -133,7 +136,8 @@ public class PermissionProviderImpl impl
@Override
public boolean isGranted(@Nonnull Tree parent, @Nonnull PropertyState
property, long permissions) {
if (isVersionContent(parent)) {
- return compiledPermissions.isGranted(getVersionablePath(parent,
property), permissions);
+ String path = getVersionablePath(parent, property);
+ return path != null && compiledPermissions.isGranted(path,
permissions);
} else {
return compiledPermissions.isGranted(parent, property,
permissions);
}
@@ -146,10 +150,15 @@ public class PermissionProviderImpl impl
if (!location.exists()) {
// TODO: deal with version content
return compiledPermissions.isGranted(oakPath, permissions);
- } else if (location.getProperty() != null) {
- return isGranted(location.getTree(), location.getProperty(),
permissions);
+ }
+
+ PropertyState property = location.getProperty();
+ if (property != null) {
+ Tree parent = location.getParent().getTree();
+ return parent != null && isGranted(parent, property, permissions);
} else {
- return isGranted(location.getTree(), permissions);
+ Tree tree = location.getTree();
+ return tree != null && isGranted(tree, permissions);
}
}
@@ -217,7 +226,7 @@ public class PermissionProviderImpl impl
Tree t = versionStoreTree;
while (t != null &&
!JcrConstants.JCR_VERSIONSTORAGE.equals(t.getName())) {
String name = t.getName();
- String ntName = TreeUtil.getPrimaryTypeName(t);
+ String ntName = checkNotNull(TreeUtil.getPrimaryTypeName(t));
if (VersionConstants.JCR_FROZENNODE.equals(name) && t !=
versionStoreTree) {
relPath = PathUtils.relativize(t.getPath(),
versionStoreTree.getPath());
} else if (JcrConstants.NT_VERSIONHISTORY.equals(ntName)) {
