svn commit: r1450848 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization: AccessControlManagerImpl.java restriction/PrincipalRestrictionProvider.java restriction/RestrictionProviderImpl.java

Wed, 27 Feb 2013 09:07:20 -0800 

Author: angela
Date: Wed Feb 27 17:06:58 2013
New Revision: 1450848

URL: http://svn.apache.org/r1450848
Log:
OAK-51 : Access Control Management (wip, annotations, minor improvement)

Modified:
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java?rev=1450848&r1=1450847&r2=1450848&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java
 Wed Feb 27 17:06:58 2013
@@ -384,8 +384,8 @@ public class AccessControlManagerImpl im
         return ntMgr.isNodeType(tree, nodeTypeName);
     }
 
-    private boolean isACE(@Nonnull Tree tree) {
-        return ntMgr.isNodeType(tree, NT_REP_ACE);
+    private boolean isACE(@Nullable Tree tree) {
+        return tree != null && ntMgr.isNodeType(tree, NT_REP_ACE);
     }
 
     /**
@@ -520,7 +520,7 @@ public class AccessControlManagerImpl im
 
     @Nonnull
     private Set<Privilege> getPrivileges(@Nonnull Tree aceTree) throws 
RepositoryException {
-        String[] privNames = TreeUtil.getStrings(aceTree, REP_PRIVILEGES);
+        String[] privNames = checkNotNull(TreeUtil.getStrings(aceTree, 
REP_PRIVILEGES));
         Set<Privilege> privileges = new HashSet<Privilege>(privNames.length);
         for (String name : privNames) {
             privileges.add(privilegeManager.getPrivilege(name));

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java?rev=1450848&r1=1450847&r2=1450848&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/PrincipalRestrictionProvider.java
 Wed Feb 27 17:06:58 2013
@@ -20,6 +20,7 @@ import java.util.HashSet;
 import java.util.Iterator;
 import java.util.Set;
 import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
 import javax.jcr.PropertyType;
 import javax.jcr.RepositoryException;
 import javax.jcr.Value;
@@ -50,7 +51,7 @@ public class PrincipalRestrictionProvide
 
     @Nonnull
     @Override
-    public Set<RestrictionDefinition> getSupportedRestrictions(String oakPath) 
{
+    public Set<RestrictionDefinition> getSupportedRestrictions(@Nullable 
String oakPath) {
         Set<RestrictionDefinition> definitions = new 
HashSet<RestrictionDefinition>(base.getSupportedRestrictions(oakPath));
         definitions.add(new RestrictionDefinitionImpl(REP_NODE_PATH, 
PropertyType.PATH, true, namePathMapper));
         return definitions;
@@ -58,12 +59,12 @@ public class PrincipalRestrictionProvide
 
     @Nonnull
     @Override
-    public Restriction createRestriction(String oakPath, @Nonnull String 
jcrName, @Nonnull Value value) throws RepositoryException {
+    public Restriction createRestriction(@Nullable String oakPath, @Nonnull 
String jcrName, @Nonnull Value value) throws RepositoryException {
         return base.createRestriction(oakPath, jcrName, value);
     }
 
     @Override
-    public Set<Restriction> readRestrictions(String oakPath, Tree aceTree) {
+    public Set<Restriction> readRestrictions(@Nullable String oakPath, 
@Nonnull Tree aceTree) {
         Set<Restriction> restrictions = new 
HashSet<Restriction>(base.readRestrictions(oakPath, aceTree));
         String value = (oakPath == null) ? "" : oakPath;
         PropertyState nodePathProp = 
PropertyStates.createProperty(REP_NODE_PATH, value, Type.PATH);

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java?rev=1450848&r1=1450847&r2=1450848&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java
 Wed Feb 27 17:06:58 2013
@@ -60,7 +60,7 @@ public class RestrictionProviderImpl imp
     @Nonnull
     @Override
     public Set<RestrictionDefinition> getSupportedRestrictions(String oakPath) 
{
-        if (oakPath == null) {
+        if (isUnsupportedPath(oakPath)) {
             return Collections.emptySet();
         } else {
             return ImmutableSet.copyOf(supported.values());
@@ -69,7 +69,7 @@ public class RestrictionProviderImpl imp
 
     @Override
     public Restriction createRestriction(String oakPath, String jcrName, Value 
value) throws RepositoryException {
-        if (oakPath == null) {
+        if (isUnsupportedPath(oakPath)) {
             throw new AccessControlException("Unsupported restriction: " + 
oakPath);
         }
 
@@ -88,7 +88,7 @@ public class RestrictionProviderImpl imp
 
     @Override
     public Set<Restriction> readRestrictions(String oakPath, Tree aceTree) {
-        if (oakPath == null) {
+        if (isUnsupportedPath(oakPath)) {
             return Collections.emptySet();
         } else {
             Set<Restriction> restrictions = new HashSet<Restriction>();
@@ -121,7 +121,7 @@ public class RestrictionProviderImpl imp
     @Override
     public void validateRestrictions(String oakPath, Tree aceTree) throws 
javax.jcr.security.AccessControlException {
         Map<String, PropertyState> restrictionProperties = 
getRestrictionProperties(aceTree);
-        if (oakPath == null && !restrictionProperties.isEmpty()) {
+        if (isUnsupportedPath(oakPath) && !restrictionProperties.isEmpty()) {
             throw new AccessControlException("Restrictions not supported with 
'null' path.");
         }
         for (Map.Entry<String, PropertyState> entry : 
restrictionProperties.entrySet()) {
@@ -175,4 +175,8 @@ public class RestrictionProviderImpl imp
         return 
!AccessControlConstants.ACE_PROPERTY_NAMES.contains(propertyName) &&
                 
!NamespaceRegistry.PREFIX_JCR.equals(Text.getNamespacePrefix(propertyName));
     }
+
+    private static boolean isUnsupportedPath(String oakPath) {
+        return oakPath == null;
+    }
 }

Reply via email to