AccessControlValidator.java

jukka Tue, 14 Jan 2014 11:02:42 -0800

Author: jukka
Date: Tue Jan 14 18:52:06 2014
New Revision: 1558162

URL: http://svn.apache.org/r1558162
Log:
OAK-1296: Use TypePredicate instead of NodeType.isNodeType() for NodeState type 
checks


Avoid the broken String-to-TypePredicate equality check spotted by Angela.
The logic becomes clearer by moving the checkValidRepoAccessControlled 
invocation directly to checkValidPolicy().

Modified:
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java?rev=1558162&r1=1558161&r2=1558162&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java
 Tue Jan 14 18:52:06 2014
@@ -166,9 +166,12 @@ class AccessControlValidator extends Def
     }
 
     private void checkValidPolicy(ImmutableTree parent, Tree policyTree, 
NodeState policyNode) throws CommitFailedException {
-        TypePredicate requiredMixin = 
(REP_REPO_POLICY.equals(policyTree.getName())) ?
-                isRepoAccessControllable : isAccessControllable;
-        checkValidAccessControlledNode(parent, requiredMixin);
+        if (REP_REPO_POLICY.equals(policyTree.getName())) {
+            checkValidAccessControlledNode(parent, isRepoAccessControllable);
+            checkValidRepoAccessControlled(parent);
+        } else {
+            checkValidAccessControlledNode(parent, isAccessControllable);
+        }
 
         Collection<String> validPolicyNames = (parent.isRoot()) ?
                 POLICY_NODE_NAMES :
@@ -200,10 +203,6 @@ class AccessControlValidator extends Def
             String msg = "Isolated policy node. Parent is not of type " + 
requiredMixin;
             throw accessViolation(6, msg);
         }
-
-        if (MIX_REP_REPO_ACCESS_CONTROLLABLE.equals(requiredMixin)) {
-            checkValidRepoAccessControlled(accessControlledTree);
-        }
     }
 
     private void checkValidAccessControlEntry(Tree aceNode) throws 
CommitFailedException {

svn commit: r1558162 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java

Reply via email to