svn commit: r1579993 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/ test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/

angela Fri, 21 Mar 2014 10:55:13 -0700

Author: angela
Date: Fri Mar 21 17:53:01 2014
New Revision: 1579993

URL: http://svn.apache.org/r1579993
Log:
OAK-1595 : Permissions#getPermissions(String, TreeLocation, boolean) does not 
work for permissions names


Added:
    
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/
    
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionsTest.java
Modified:
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/Permissions.java

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/Permissions.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/Permissions.java?rev=1579993&r1=1579992&r2=1579993&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/Permissions.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/Permissions.java
 Fri Mar 21 17:53:01 2014
@@ -33,6 +33,7 @@ import org.apache.jackrabbit.oak.plugins
 import org.apache.jackrabbit.oak.plugins.version.VersionConstants;
 import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
 import org.apache.jackrabbit.oak.plugins.tree.TreeLocation;
+import org.apache.jackrabbit.util.Text;
 
 /**
  * Provides constants for permissions used in the OAK access evaluation as well
@@ -160,6 +161,35 @@ public final class Permissions {
         PERMISSION_NAMES.put(INDEX_DEFINITION_MANAGEMENT, 
"INDEX_DEFINITION_MANAGEMENT");
     }
 
+    private static final Map<String, Long> PERMISSION_LOOKUP = new 
LinkedHashMap<String, Long>();
+        static {
+            PERMISSION_LOOKUP.put("ALL", ALL);
+            PERMISSION_LOOKUP.put("READ", READ);
+            PERMISSION_LOOKUP.put("READ_NODE", READ_NODE);
+            PERMISSION_LOOKUP.put("READ_PROPERTY", READ_PROPERTY);
+            PERMISSION_LOOKUP.put("SET_PROPERTY", SET_PROPERTY);
+            PERMISSION_LOOKUP.put("ADD_PROPERTY", ADD_PROPERTY);
+            PERMISSION_LOOKUP.put("MODIFY_PROPERTY", MODIFY_PROPERTY);
+            PERMISSION_LOOKUP.put("REMOVE_PROPERTY", REMOVE_PROPERTY);
+            PERMISSION_LOOKUP.put("ADD_NODE", ADD_NODE);
+            PERMISSION_LOOKUP.put("REMOVE_NODE", REMOVE_NODE);
+            PERMISSION_LOOKUP.put("REMOVE", REMOVE);
+            PERMISSION_LOOKUP.put("MODIFY_CHILD_NODE_COLLECTION", 
MODIFY_CHILD_NODE_COLLECTION);
+            PERMISSION_LOOKUP.put("READ_ACCESS_CONTROL", READ_ACCESS_CONTROL);
+            PERMISSION_LOOKUP.put("MODIFY_ACCESS_CONTROL", 
MODIFY_ACCESS_CONTROL);
+            PERMISSION_LOOKUP.put("NODE_TYPE_MANAGEMENT", 
NODE_TYPE_MANAGEMENT);
+            PERMISSION_LOOKUP.put("VERSION_MANAGEMENT", VERSION_MANAGEMENT);
+            PERMISSION_LOOKUP.put("LOCK_MANAGEMENT", LOCK_MANAGEMENT);
+            PERMISSION_LOOKUP.put("LIFECYCLE_MANAGEMENT", 
LIFECYCLE_MANAGEMENT);
+            PERMISSION_LOOKUP.put("RETENTION_MANAGEMENT", 
RETENTION_MANAGEMENT);
+            PERMISSION_LOOKUP.put("NODE_TYPE_DEFINITION_MANAGEMENT", 
NODE_TYPE_DEFINITION_MANAGEMENT);
+            PERMISSION_LOOKUP.put("NAMESPACE_MANAGEMENT", 
NAMESPACE_MANAGEMENT);
+            PERMISSION_LOOKUP.put("WORKSPACE_MANAGEMENT", 
WORKSPACE_MANAGEMENT);
+            PERMISSION_LOOKUP.put("PRIVILEGE_MANAGEMENT", 
PRIVILEGE_MANAGEMENT);
+            PERMISSION_LOOKUP.put("USER_MANAGEMENT", USER_MANAGEMENT);
+            PERMISSION_LOOKUP.put("INDEX_DEFINITION_MANAGEMENT", 
INDEX_DEFINITION_MANAGEMENT);
+        }
+
     /**
      * Returns names of the specified permissions.
      *
@@ -262,7 +292,7 @@ public final class Permissions {
      */
     public static long getPermissions(String jcrActions, TreeLocation location,
                                       boolean isAccessControlContent) {
-        Set<String> actions = 
Sets.newHashSet(Arrays.asList(jcrActions.split(",")));
+        Set<String> actions = Sets.newHashSet(Text.explode(jcrActions, ',', 
false));
         long permissions = NO_PERMISSION;
         if (actions.remove(Session.ACTION_READ)) {
             if (isAccessControlContent) {
@@ -332,11 +362,12 @@ public final class Permissions {
 
     private static long getPermissions(@Nonnull Set<String> permissionNames) {
         long permissions = NO_PERMISSION;
-        Iterator<Map.Entry<Long, String>> entryItr = 
PERMISSION_NAMES.entrySet().iterator();
-        while (entryItr.hasNext() && !permissionNames.isEmpty()) {
-            Map.Entry<Long,String> entry = entryItr.next();
-            if (permissionNames.remove(entry.getValue())) {
-                permissions |= entry.getKey();
+        Iterator<String> it = permissionNames.iterator();
+        while (it.hasNext()) {
+            String name = it.next();
+            if (name != null && PERMISSION_LOOKUP.containsKey(name)) {
+                permissions |= PERMISSION_LOOKUP.get(name);
+                it.remove();
             }
         }
         return permissions;

Added: 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionsTest.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionsTest.java?rev=1579993&view=auto
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionsTest.java
 (added)
+++ 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionsTest.java
 Fri Mar 21 17:53:01 2014
@@ -0,0 +1,76 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.authorization.permission;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import javax.jcr.Session;
+
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
+import org.apache.jackrabbit.oak.AbstractSecurityTest;
+import org.apache.jackrabbit.oak.plugins.tree.TreeLocation;
+import org.apache.jackrabbit.util.Text;
+import org.junit.Test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.fail;
+
+
+public class PermissionsTest extends AbstractSecurityTest {
+
+    @Test
+    public void testGetPermissionsFromActions() {
+        TreeLocation tl = TreeLocation.create(root.getTree("/"));
+        Map<String, Long> map = ImmutableMap.of(
+                Session.ACTION_READ, Permissions.READ_NODE,
+                Session.ACTION_READ + "," + Session.ACTION_REMOVE, 
Permissions.READ_NODE|Permissions.REMOVE_NODE
+        );
+
+        for (Map.Entry<String, Long> entry : map.entrySet()) {
+            assertEquals(entry.getValue().longValue(), 
Permissions.getPermissions(entry.getKey(), tl, false));
+        }
+    }
+
+    @Test
+    public void testGetPermissionsFromPermissionNameActions() {
+        TreeLocation tl = TreeLocation.create(root.getTree("/"));
+        long permissions = 
Permissions.NODE_TYPE_MANAGEMENT|Permissions.LOCK_MANAGEMENT|Permissions.VERSION_MANAGEMENT;
+        Set<String> names = Permissions.getNames(permissions);
+        String jcrActions = Text.implode(names.toArray(new 
String[names.size()]), ",");
+        assertEquals(permissions, Permissions.getPermissions(jcrActions, tl, 
false));
+    }
+
+    @Test
+    public void testGetPermissionsFromInvalidActions() {
+        TreeLocation tl = TreeLocation.create(root.getTree("/"));
+        List<String> l = ImmutableList.of(
+                Session.ACTION_READ + ",invalid", "invalid", "invalid," + 
Session.ACTION_REMOVE
+        );
+
+        for (String invalid : l) {
+            try {
+                Permissions.getPermissions(invalid, tl, false);
+                fail();
+            } catch (IllegalArgumentException e) {
+                // success
+            }
+        }
+    }
+
+}
\ No newline at end of file

svn commit: r1579993 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/ test/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/

Reply via email to