svn commit: r1669160 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak: security/authorization/accesscontrol/ security/authorization/permission/ security/user/ spi/security/privilege/

angela Wed, 25 Mar 2015 10:14:10 -0700

Author: angela
Date: Wed Mar 25 17:13:21 2015
New Revision: 1669160

URL: http://svn.apache.org/r1669160
Log:
OAK-2674 : Fix FindBug Issues in oak security


Modified:
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/MembershipProvider.java
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserContext.java
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java?rev=1669160&r1=1669159&r2=1669160&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlValidator.java
 Wed Mar 25 17:13:21 2015
@@ -281,7 +281,7 @@ class AccessControlValidator extends Def
         return new CommitFailedException(ACCESS_CONTROL, code, message);
     }
 
-    private class Entry {
+    private final class Entry {
 
         private final String principalName;
         private final PrivilegeBits privilegeBits;

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java?rev=1669160&r1=1669159&r2=1669160&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidator.java
 Wed Mar 25 17:13:21 2015
@@ -322,11 +322,9 @@ class PermissionValidator extends Defaul
         NodeState parentNs = getNodeState(parent);
         if (JcrConstants.JCR_UUID.equals(name) && 
isReferenceable.apply(parentNs)) {
             return true;
-        } else if ((JCR_CREATED.equals(name) || JCR_CREATEDBY.equals(name))
-                && isCreated.apply(parentNs)) {
-            return true;
         } else {
-            return false;
+            return (JCR_CREATED.equals(name) || JCR_CREATEDBY.equals(name))
+                    && isCreated.apply(parentNs);
         }
     }
 

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/MembershipProvider.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/MembershipProvider.java?rev=1669160&r1=1669159&r2=1669160&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/MembershipProvider.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/MembershipProvider.java
 Wed Mar 25 17:13:21 2015
@@ -360,7 +360,7 @@ class MembershipProvider extends Authori
     /**
      * Iterator that provides member references based on the rep:members 
properties of a underlying tree iterator.
      */
-    private static class MemberReferenceIterator extends 
AbstractLazyIterator<String> {
+    private static final class MemberReferenceIterator extends 
AbstractLazyIterator<String> {
 
         private final Set<String> processedRefs;
 

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserContext.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserContext.java?rev=1669160&r1=1669159&r2=1669160&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserContext.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserContext.java
 Wed Mar 25 17:13:21 2015
@@ -76,18 +76,14 @@ final class UserContext implements Conte
         } else {
             String path = location.getPath();
             String name = Text.getName(path);
-            if (USER_PROPERTY_NAMES.contains(name)
+            // NOTE: if none of the conditions below match, we are not able to
+            // reliably determine if the specified location defines a user or
+            // group node (missing node type information on non-existing 
location)
+            return USER_PROPERTY_NAMES.contains(name)
                     || GROUP_PROPERTY_NAMES.contains(name)
                     || path.contains(REP_MEMBERS)
                     || path.contains(REP_MEMBERS_LIST)
-                    || path.contains(REP_PWD)) {
-                return true;
-            } else {
-                // undefined: unable to determine if the specified location
-                // defines a user or group node (missing node type information
-                // on non-existing location
-                return false;
-            }
+                    || path.contains(REP_PWD);
         }
     }
 

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java?rev=1669160&r1=1669159&r2=1669160&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
 Wed Mar 25 17:13:21 2015
@@ -96,8 +96,7 @@ public final class PrivilegeBits impleme
         BUILT_IN.put(REP_WRITE, PrivilegeBits.getInstance(WRITE2));
     }
 
-    public static PrivilegeBits NEXT_AFTER_BUILT_INS =
-            getInstance(INDEX_DEFINITION_MNGMT).nextBits();
+    public static final PrivilegeBits NEXT_AFTER_BUILT_INS = 
getInstance(INDEX_DEFINITION_MNGMT).nextBits();
 
     private final Data d;

svn commit: r1669160 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak: security/authorization/accesscontrol/ security/authorization/permission/ security/user/ spi/security/privilege/

Reply via email to