Author: mduerig
Date: Thu Apr 18 14:19:40 2013
New Revision: 1469339
URL: http://svn.apache.org/r1469339
Log:
OAK-709: Consider moving permission evaluation to the node state level
Specialise rebase handle for applying differences between secure node states on
top of a non secure builder.
Added:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java
(with props)
Removed:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/OurChangesRebaseDiff.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java?rev=1469339&r1=1469338&r2=1469339&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java
Thu Apr 18 14:19:40 2013
@@ -18,12 +18,19 @@
*/
package org.apache.jackrabbit.oak.core;
+import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.base.Preconditions.checkNotNull;
+import static org.apache.jackrabbit.oak.commons.PathUtils.elements;
+import static org.apache.jackrabbit.oak.commons.PathUtils.getName;
+import static org.apache.jackrabbit.oak.commons.PathUtils.getParentPath;
+
import java.io.IOException;
import java.io.InputStream;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+
import javax.annotation.Nonnull;
import javax.security.auth.Subject;
@@ -61,12 +68,6 @@ import org.apache.jackrabbit.oak.spi.sta
import org.apache.jackrabbit.oak.spi.state.NodeStore;
import org.apache.jackrabbit.oak.spi.state.NodeStoreBranch;
-import static com.google.common.base.Preconditions.checkArgument;
-import static com.google.common.base.Preconditions.checkNotNull;
-import static org.apache.jackrabbit.oak.commons.PathUtils.elements;
-import static org.apache.jackrabbit.oak.commons.PathUtils.getName;
-import static org.apache.jackrabbit.oak.commons.PathUtils.getParentPath;
-
public class RootImpl implements Root {
/**
@@ -410,7 +411,7 @@ public class RootImpl implements Root {
@Nonnull
private NodeState getRootState() {
NodeBuilder builder = branch.getHead().builder();
- return OurChangesRebaseDiff.rebase(secureHead, getSecureRootState(),
builder);
+ return SecuredNodeRebaseDiff.rebase(secureHead, getSecureRootState(),
builder);
}
/**
Added:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java?rev=1469339&view=auto
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java
(added)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java
Thu Apr 18 14:19:40 2013
@@ -0,0 +1,121 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.jackrabbit.oak.core;
+
+import org.apache.jackrabbit.oak.api.PropertyState;
+import org.apache.jackrabbit.oak.spi.state.AbstractRebaseDiff;
+import org.apache.jackrabbit.oak.spi.state.NodeBuilder;
+import org.apache.jackrabbit.oak.spi.state.NodeState;
+
+/**
+ * This implementation of {@code RebaseDiff} implements a
+ * {@link org.apache.jackrabbit.oak.spi.state.NodeStateDiff}
+ * for applying changes made on top of secure node states
+ * to a node builder for the underlying non secure node state
+ * of the before state. That is, the only expected conflicts
+ * are adding an existing property and adding an existing node.
+ * These conflicts correspond to the shadowing of hidden properties
+ * and nodes in transient space, respectively.
+ *
+ * @see SecureNodeState
+ */
+class SecuredNodeRebaseDiff extends AbstractRebaseDiff {
+ private SecuredNodeRebaseDiff(NodeBuilder builder) {
+ super(builder);
+ }
+
+ /**
+ * Rebase the differences between {@code before} and {@code after} on top
of
+ * {@code builder}. Add existing node and add existing property conflicts
give
+ * precedence to the {@code after} state. All other conflicts are
unexpected
+ * and result in an {@code IllegalStateException}.
+ *
+ * @param before before state
+ * @param after after state
+ * @param builder builder based on the before state
+ * @return node state resulting from applying the differences between
+ * {@code before} and {@code after} to {@code builder}
+ * @throws IllegalStateException if an unexpected conflict occurs due to
+ * {@code builder} not being based on {@code before}.
+ */
+ public static NodeState rebase(NodeState before, NodeState after,
NodeBuilder builder) {
+ after.compareAgainstBaseState(before, new
SecuredNodeRebaseDiff(builder));
+ return builder.getNodeState();
+ }
+
+ @Override
+ protected SecuredNodeRebaseDiff createDiff(NodeBuilder builder, String
name) {
+ return new SecuredNodeRebaseDiff(builder.child(name));
+ }
+
+ @Override
+ protected void addExistingProperty(NodeBuilder builder, PropertyState
before, PropertyState after) {
+ builder.setProperty(after);
+ }
+
+ @Override
+ protected void changeDeletedProperty(NodeBuilder builder, PropertyState
after) {
+ throw new IllegalStateException("Unexpected conflict: change deleted
property: " + after);
+ }
+
+ @Override
+ protected void changeChangedProperty(NodeBuilder builder, PropertyState
before, PropertyState after) {
+ throw new IllegalStateException("Unexpected conflict: change changed
property from " +
+ before + " to " + after);
+ }
+
+ @Override
+ protected void deleteDeletedProperty(NodeBuilder builder, PropertyState
before) {
+ throw new IllegalStateException("Unexpected conflict: delete deleted
property: " + before);
+ }
+
+ @Override
+ protected void deleteChangedProperty(NodeBuilder builder, PropertyState
before) {
+ throw new IllegalStateException("Unexpected conflict: delete changed
property: " + before);
+ }
+
+ @Override
+ protected void addExistingNode(NodeBuilder builder, String name, NodeState
before, NodeState after) {
+ // FIXME (OAK-709) after might be a secured node instead of the
underlying non secured node.
+ // Pushing this on the non secured builder is wrong.
+ // AFAICS this is only relevant when the after node state has been
moved here
+ builder.setNode(name, after);
+ }
+
+ @Override
+ protected void changeDeletedNode(NodeBuilder builder, String name,
NodeState after) {
+ throw new IllegalStateException("Unexpected conflict: change deleted
node: " +
+ name + " : " + after);
+ }
+
+ @Override
+ protected void deleteDeletedNode(NodeBuilder builder, String name,
NodeState before) {
+ throw new IllegalStateException("Unexpected conflict: delete deleted
node: " +
+ name + " : " + before);
+ }
+
+ @Override
+ protected void deleteChangedNode(NodeBuilder builder, String name,
NodeState before) {
+ // FIXME Should never be called. OAK-781 should fix this.
+// throw new IllegalStateException("Unexpected conflict: delete changed
node: " +
+// name + " : " + before);
+ }
+
+}
Propchange:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/SecuredNodeRebaseDiff.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision Rev URL
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java?rev=1469339&r1=1469338&r2=1469339&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/ShadowInvisibleContentTest.java
Thu Apr 18 14:19:40 2013
@@ -18,6 +18,12 @@
*/
package org.apache.jackrabbit.oak.security.authorization.evaluation;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
import org.apache.jackrabbit.oak.api.CommitFailedException;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.api.Tree;
@@ -25,11 +31,6 @@ import org.apache.jackrabbit.oak.securit
import org.junit.Ignore;
import org.junit.Test;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertTrue;
-
public class ShadowInvisibleContentTest extends AbstractOakCoreTest {
@Test
@@ -51,6 +52,7 @@ public class ShadowInvisibleContentTest
try {
testRoot.commit();
+ fail();
} catch (CommitFailedException e) {
assertTrue(e.isAccessViolation());
}
@@ -74,6 +76,7 @@ public class ShadowInvisibleContentTest
try {
testRoot.commit();
+ fail();
} catch (CommitFailedException e) {
assertTrue(e.isAccessViolation());
}
@@ -97,6 +100,7 @@ public class ShadowInvisibleContentTest
try {
testRoot.commit();
+ fail();
} catch (CommitFailedException e) {
assertTrue(e.isAccessViolation());
}
