secu...

angela Fri, 28 Mar 2014 02:55:40 -0700

Author: angela
Date: Fri Mar 28 09:54:15 2014
New Revision: 1582665

URL: http://svn.apache.org/r1582665
Log:
javadoc


Modified:
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissions.java
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissions.java
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/NoPermissions.java
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionProvider.java
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/RepositoryPermission.java
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/TreePermission.java
    
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/AbstractCompositeConfigurationTest.java

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissions.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissions.java?rev=1582665&r1=1582664&r2=1582665&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissions.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissions.java
 Fri Mar 28 09:54:15 2014
@@ -58,7 +58,7 @@ public final class AllPermissions implem
     }
 
     @Override
-    public boolean isGranted(ImmutableTree parent, PropertyState property, 
long permissions) {
+    public boolean isGranted(ImmutableTree tree, PropertyState property, long 
permissions) {
         return true;
     }
 

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissions.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissions.java?rev=1582665&r1=1582664&r2=1582665&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissions.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissions.java
 Fri Mar 28 09:54:15 2014
@@ -27,48 +27,84 @@ import org.apache.jackrabbit.oak.spi.sec
 import 
org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission;
 
 /**
- * CompiledPermissions... TODO
+ * Internal interface to process methods defined by
+ * {@link 
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider}.
+ * Depending on the set of {@link java.security.Principal}s a given 
implementation
+ * be may able to simplify the evaluation. See e.g. {@link 
org.apache.jackrabbit.oak.security.authorization.permission.AllPermissions}
+ * and {@link 
org.apache.jackrabbit.oak.security.authorization.permission.NoPermissions}
  */
 public interface CompiledPermissions {
 
+    /**
+     * Refresh this instance to reflect the permissions as present with the
+     * specified {@code Root}.
+     *
+     * @param root The root
+     * @param workspaceName The workspace name.
+     * @see {@link 
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider#refresh()}
+     */
     void refresh(@Nonnull ImmutableRoot root, @Nonnull String workspaceName);
 
+    /**
+     * Returns the {@link 
org.apache.jackrabbit.oak.spi.security.authorization.permission.RepositoryPermission}
+     * associated with the {@code Root} as specified in {@link 
#refresh(org.apache.jackrabbit.oak.core.ImmutableRoot, String)}
+     *
+     * @return an instance of {@code RepositoryPermission}.
+     * @see {@link 
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider#getRepositoryPermission()}
+     */
+    @Nonnull
     RepositoryPermission getRepositoryPermission();
 
+    /**
+     * Returns the tree permissions for the specified {@code tree}.
+     *
+     * @param tree The tree for which to obtain the permissions.
+     * @param parentPermission The permissions as present with the parent.
+     * @return The permissions for the specified tree.
+     * @see {@link 
org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission#getChildPermission(String,
 org.apache.jackrabbit.oak.spi.state.NodeState)}
+     */
+    @Nonnull
     TreePermission getTreePermission(@Nonnull ImmutableTree tree, @Nonnull 
TreePermission parentPermission);
 
     /**
+     * Returns {@code true} if the given {@code permissions} are granted on the
+     * item identified by {@code parent} and optionally {@code property}.
      *
-     *
-     * @param parent
-     * @param property
-     * @param permissions
+     * @param tree The tree (or parent tree) for which the permissions should 
be evaluated.
+     * @param property An optional property state.
+     * @param permissions The permissions to be tested.
      * @return {@code true} if granted.
+     * @see {@link 
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider#isGranted(org.apache.jackrabbit.oak.api.Tree,
 org.apache.jackrabbit.oak.api.PropertyState, long)}
      */
-    boolean isGranted(@Nonnull ImmutableTree parent, @Nullable PropertyState 
property, long permissions);
+    boolean isGranted(@Nonnull ImmutableTree tree, @Nullable PropertyState 
property, long permissions);
 
     /**
+     * Returns {@code true} if the given {@code permissions} are granted on the
+     * tree identified by the specified {@code path}.
      *
-     * @param path Path of an OAK tree
-     * @param permissions
+     * @param path Path of a tree
+     * @param permissions The permissions to be tested.
      * @return {@code true} if granted.
+     * @see {@link 
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider#isGranted(String,
 String)}
      */
     boolean isGranted(@Nonnull String path, long permissions);
 
     /**
+     * Retrieve the privileges granted at the specified {@code tree}.
      *
-     *
-     * @param tree
-     * @return the set of privileges
+     * @param tree The tree for which to retrieve the granted privileges.
+     * @return the set of privileges or an empty set if no privileges are 
granted.
+     * @see {@link 
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider#getPrivileges(org.apache.jackrabbit.oak.api.Tree)}
      */
     @Nonnull
     Set<String> getPrivileges(@Nullable ImmutableTree tree);
 
     /**
+     * Retruns true if all privileges identified by the given {@code 
privilegeNames}
+     * are granted at the given {@code tree}.
      *
-     *
-     * @param tree
-     * @param privilegeNames
+     * @param tree The target tree.
+     * @param privilegeNames The privilege names to be tested.
      * @return {@code true} if the tree has privileges
      */
     boolean hasPrivileges(@Nullable ImmutableTree tree, @Nonnull String... 
privilegeNames);

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/NoPermissions.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/NoPermissions.java?rev=1582665&r1=1582664&r2=1582665&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/NoPermissions.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/NoPermissions.java
 Fri Mar 28 09:54:15 2014
@@ -57,7 +57,7 @@ public final class NoPermissions impleme
     }
 
     @Override
-    public boolean isGranted(@Nonnull ImmutableTree parent, @Nullable 
PropertyState property, long permissions) {
+    public boolean isGranted(@Nonnull ImmutableTree tree, @Nullable 
PropertyState property, long permissions) {
         return false;
     }
 

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionProvider.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionProvider.java?rev=1582665&r1=1582664&r2=1582665&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionProvider.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/PermissionProvider.java
 Fri Mar 28 09:54:15 2014
@@ -24,7 +24,10 @@ import org.apache.jackrabbit.oak.api.Pro
 import org.apache.jackrabbit.oak.api.Tree;
 
 /**
- * TODO
+ * Main entry point for permission evaluation in Oak. This provider covers
+ * permission validation upon read and write access on the Oak API as well as
+ * the various permission related methods defined by the JCR API, namely on
+ * {@link javax.jcr.security.AccessControlManager} and {@link 
javax.jcr.Session}.
  *
  * @see 
org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration#getPermissionProvider(org.apache.jackrabbit.oak.api.Root,
 String, java.util.Set)
  */

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/RepositoryPermission.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/RepositoryPermission.java?rev=1582665&r1=1582664&r2=1582665&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/RepositoryPermission.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/RepositoryPermission.java
 Fri Mar 28 09:54:15 2014
@@ -17,7 +17,9 @@
 package org.apache.jackrabbit.oak.spi.security.authorization.permission;
 
 /**
- * RepositoryPermission... TODO
+ * The {@link RepositoryPermission} allows to evaluate permissions that have
+ * been defined on the repository level and which consequently are not bound
+ * to a particular item.
  *
  * @see 
org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider#getRepositoryPermission()
  */

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/TreePermission.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/TreePermission.java?rev=1582665&r1=1582664&r2=1582665&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/TreePermission.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/TreePermission.java
 Fri Mar 28 09:54:15 2014
@@ -23,7 +23,8 @@ import org.apache.jackrabbit.oak.api.Pro
 import org.apache.jackrabbit.oak.spi.state.NodeState;
 
 /**
- * TreePermission... TODO
+ * The {@code TreePermission} allow to evaluate permissions defined for a given
+ * {@code Tree} and it's properties.
  *
  * @see 
PermissionProvider#getTreePermission(org.apache.jackrabbit.oak.api.Tree, 
TreePermission)
  */

Modified: 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/AbstractCompositeConfigurationTest.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/AbstractCompositeConfigurationTest.java?rev=1582665&r1=1582664&r2=1582665&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/AbstractCompositeConfigurationTest.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/AbstractCompositeConfigurationTest.java
 Fri Mar 28 09:54:15 2014
@@ -20,9 +20,6 @@ import java.util.List;
 
 import org.apache.jackrabbit.oak.AbstractSecurityTest;
 
-/**
- * AbstractCompositeConfigurationTest... TODO
- */
 public abstract class AbstractCompositeConfigurationTest<T extends 
SecurityConfiguration> extends AbstractSecurityTest {
 
     private CompositeConfiguration<T> compositeConfiguration;

svn commit: r1582665 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/authorization/permission/ main/java/org/apache/jackrabbit/oak/spi/security/authorization/permission/ test/java/org/apache/jackrabbit/oak/spi/secu...

Reply via email to