Author: angela
Date: Wed Nov 20 19:15:27 2013
New Revision: 1543910
URL: http://svn.apache.org/r1543910
Log:
OAK-527: simplify commit info and drop extra commit subject.
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/AbstractRoot.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidatorProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/commit/CommitInfo.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/AbstractRoot.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/AbstractRoot.java?rev=1543910&r1=1543909&r2=1543910&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/AbstractRoot.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/AbstractRoot.java
Wed Nov 20 19:15:27 2013
@@ -21,14 +21,11 @@ package org.apache.jackrabbit.oak.core;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
-import java.util.Collections;
import java.util.List;
-import java.util.Set;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.security.auth.Subject;
-import com.google.common.collect.ImmutableSet;
import org.apache.jackrabbit.oak.api.Blob;
import org.apache.jackrabbit.oak.api.CommitFailedException;
import org.apache.jackrabbit.oak.api.ContentSession;
@@ -267,8 +264,8 @@ public abstract class AbstractRoot imple
ContentSession session = getContentSession();
CommitInfo info = new CommitInfo(
session.toString(),
- getCommitSubject(session),
- moveTracker, message);
+ session.getAuthInfo().getUserID(),
+ permissionProvider.get(), moveTracker, message);
base = store.merge(builder, getCommitHook(hook, info), info);
secureBuilder.baseChanged();
modCount = 0;
@@ -316,20 +313,6 @@ public abstract class AbstractRoot imple
return CompositeHook.compose(hooks);
}
- /**
- * Build a read only subject for the {@link #commit(String, CommitHook)}
call that makes the
- * principals, auth info and the permission provider available to the
commit hooks.
- *
- * @return a new read only subject.
- */
- private Subject getCommitSubject(ContentSession session) {
- Set<Object> publicCreds = ImmutableSet.of(
- permissionProvider.get(),
- session.getAuthInfo()
- );
- return new Subject(true, subject.getPrincipals(), publicCreds,
Collections.<Object>emptySet());
- }
-
@Override
public boolean hasPendingChanges() {
checkLive();
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidatorProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidatorProvider.java?rev=1543910&r1=1543909&r2=1543910&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidatorProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidatorProvider.java
Wed Nov 20 19:15:27 2013
@@ -16,9 +16,7 @@
*/
package org.apache.jackrabbit.oak.security.authorization.permission;
-import java.util.Set;
import javax.annotation.Nonnull;
-import javax.security.auth.Subject;
import org.apache.jackrabbit.oak.core.ImmutableTree;
import org.apache.jackrabbit.oak.core.TreeTypeProviderImpl;
@@ -113,12 +111,6 @@ public class PermissionValidatorProvider
}
private PermissionProvider getPermissionProvider() {
- Subject subject = commitInfo.getSubject();
- Set<PermissionProvider> pps =
subject.getPublicCredentials(PermissionProvider.class);
- if (pps.isEmpty()) {
- throw new IllegalStateException("Unable to validate permissions;
no permission provider associated with the commit call.");
- } else {
- return pps.iterator().next();
- }
+ return commitInfo.getPermissionProvider();
}
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/commit/CommitInfo.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/commit/CommitInfo.java?rev=1543910&r1=1543909&r2=1543910&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/commit/CommitInfo.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/commit/CommitInfo.java
Wed Nov 20 19:15:27 2013
@@ -19,13 +19,11 @@
package org.apache.jackrabbit.oak.spi.commit;
-import java.util.Iterator;
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
-import javax.security.auth.Subject;
-import org.apache.jackrabbit.oak.api.AuthInfo;
+import
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider;
import static com.google.common.base.Objects.toStringHelper;
@@ -38,7 +36,9 @@ public class CommitInfo {
private final String sessionId;
- private final Subject subject;
+ private final String userId;
+
+ private final PermissionProvider permissionProvider;
private final String message;
@@ -50,14 +50,18 @@ public class CommitInfo {
* Creates a commit info for the given session and user.
*
* @param sessionId session identifier
- * @param subject Subject identifying the user
+ * @param userId The user id.
+ * @param permissionProvider The permission provider associated with the
+ * root that is committing changes.
* @param moveTracker Information regarding move operations associated
with this commit.
* @param message message attached to this commit, or {@code null}
*/
- public CommitInfo(@Nonnull String sessionId, @Nonnull Subject subject,
+ public CommitInfo(@Nonnull String sessionId, @Nullable String userId,
+ @Nonnull PermissionProvider permissionProvider,
@Nonnull MoveTracker moveTracker, @Nullable String
message) {
this.sessionId = sessionId;
- this.subject = subject;
+ this.userId = (userId == null) ? OAK_UNKNOWN : userId;
+ this.permissionProvider = permissionProvider;
this.message = message;
this.moveTracker = moveTracker;
}
@@ -75,22 +79,17 @@ public class CommitInfo {
*/
@Nonnull
public String getUserId() {
- Iterator<AuthInfo> it =
subject.getPublicCredentials(AuthInfo.class).iterator();
- String userId = null;
- if (it.hasNext()) {
- userId = it.next().getUserID();
- }
- return (userId == null) ? OAK_UNKNOWN : userId;
+ return userId;
}
@Nonnull
- public Subject getSubject() {
- return subject;
+ public MoveTracker getMoveTracker() {
+ return moveTracker;
}
@Nonnull
- public MoveTracker getMoveTracker() {
- return moveTracker;
+ public PermissionProvider getPermissionProvider() {
+ return permissionProvider;
}
/**
@@ -112,11 +111,9 @@ public class CommitInfo {
public String toString() {
return toStringHelper(this)
.add("sessionId", sessionId)
- .add("userId", getUserId())
+ .add("userId", userId)
.add("userData", message)
.add("date", date)
- .add("moveTracker", moveTracker)
.toString();
}
-
}
