Author: angela
Date: Tue Dec 11 10:03:46 2018
New Revision: 1848662
URL: http://svn.apache.org/viewvc?rev=1848662&view=rev
Log:
OAK-7944 : Minor improvements to oak security code base
adjust access were it can be weaker
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositePermissionProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionStoreEditor.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/ReadStatus.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/DeclaredMembershipPredicate.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/MembershipProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/autosave/AutoSaveEnabledManager.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/autosave/GroupImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/Condition.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/GroupPredicate.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
Tue Dec 11 10:03:46 2018
@@ -89,7 +89,7 @@ public class SecurityProviderImpl implem
/**
* Default constructor used in OSGi environments.
*/
- public SecurityProviderImpl() {
+ SecurityProviderImpl() {
this(ConfigurationParameters.EMPTY);
}
@@ -99,7 +99,7 @@ public class SecurityProviderImpl implem
*
* @param configuration security configuration
*/
- public SecurityProviderImpl(@NotNull ConfigurationParameters
configuration) {
+ private SecurityProviderImpl(@NotNull ConfigurationParameters
configuration) {
checkNotNull(configuration);
this.configuration = configuration;
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositeAuthorizationConfiguration.java
Tue Dec 11 10:03:46 2018
@@ -99,7 +99,7 @@ public class CompositeAuthorizationConfi
* @return corresponding composition type, or {@code AND} if the
* provided type is {@code null}
*/
- public static CompositionType fromString(@Nullable String type) {
+ static CompositionType fromString(@Nullable String type) {
String or = OR.name();
if (or.equals(type) || or.toLowerCase().equals(type)) {
return OR;
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositePermissionProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositePermissionProvider.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositePermissionProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/composite/CompositePermissionProvider.java
Tue Dec 11 10:03:46 2018
@@ -236,8 +236,8 @@ class CompositePermissionProvider implem
private final CompositionType compositionType;
- public CompositeRepositoryPermission(@NotNull
AggregatedPermissionProvider[] pps,
- @NotNull CompositionType compositionType) {
+ CompositeRepositoryPermission(@NotNull AggregatedPermissionProvider[]
pps,
+ @NotNull CompositionType
compositionType) {
this.pps = pps;
this.compositionType = compositionType;
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java
Tue Dec 11 10:03:46 2018
@@ -71,7 +71,7 @@ public class MountPermissionProvider ext
private final List<PermissionStoreImpl> stores;
- public MountPermissionStore(List<PermissionStoreImpl> stores) {
+ MountPermissionStore(List<PermissionStoreImpl> stores) {
this.stores = stores;
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryProviderImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryProviderImpl.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryProviderImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryProviderImpl.java
Tue Dec 11 10:03:46 2018
@@ -28,7 +28,7 @@ import org.jetbrains.annotations.NotNull
class PermissionEntryProviderImpl implements PermissionEntryProvider {
- public static final String EAGER_CACHE_SIZE_PARAM = "eagerCacheSize";
+ private static final String EAGER_CACHE_SIZE_PARAM = "eagerCacheSize";
private static final long DEFAULT_SIZE = 250;
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionStoreEditor.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionStoreEditor.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionStoreEditor.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionStoreEditor.java
Tue Dec 11 10:03:46 2018
@@ -293,7 +293,7 @@ final class PermissionStoreEditor implem
}
}
- protected PropertyState getPrivilegeBitsProperty() {
+ PropertyState getPrivilegeBitsProperty() {
return privilegeBits.asPropertyState(REP_PRIVILEGE_BITS);
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/ReadStatus.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/ReadStatus.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/ReadStatus.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/ReadStatus.java
Tue Dec 11 10:03:46 2018
@@ -29,11 +29,11 @@ final class ReadStatus {
private static final int THIS_PROPERTIES = THIS | PROPERTIES;
private static final int ALL = THIS | PROPERTIES | CHILD_NODES;
- static final ReadStatus ALLOW_THIS = new ReadStatus(THIS, true);
- static final ReadStatus ALLOW_THIS_PROPERTIES = new
ReadStatus(THIS_PROPERTIES, true);
+ private static final ReadStatus ALLOW_THIS = new ReadStatus(THIS, true);
+ private static final ReadStatus ALLOW_THIS_PROPERTIES = new
ReadStatus(THIS_PROPERTIES, true);
static final ReadStatus ALLOW_ALL = new ReadStatus(ALL, true);
static final ReadStatus DENY_THIS = new ReadStatus(THIS, false);
- static final ReadStatus DENY_THIS_PROPERTIES = new
ReadStatus(THIS_PROPERTIES, false);
+ private static final ReadStatus DENY_THIS_PROPERTIES = new
ReadStatus(THIS_PROPERTIES, false);
static final ReadStatus DENY_ALL = new ReadStatus(ALL, false);
private static final PrivilegeBits READ_BITS =
PrivilegeBits.BUILT_IN.get(PrivilegeConstants.JCR_READ);
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java
Tue Dec 11 10:03:46 2018
@@ -55,7 +55,7 @@ abstract class AuthorizableBaseProvider
}
@Nullable
- Tree getByContentID(@NotNull String contentId, @NotNull AuthorizableType
authorizableType) {
+ private Tree getByContentID(@NotNull String contentId, @NotNull
AuthorizableType authorizableType) {
Tree tree = identifierManager.getTree(contentId);
if (UserUtil.isType(tree, authorizableType)) {
return tree;
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java
Tue Dec 11 10:03:46 2018
@@ -88,7 +88,7 @@ final class AuthorizableIterator impleme
private final UserManagerImpl userManager;
private final Predicate predicate;
- public PathToAuthorizable(UserManagerImpl userManager,
AuthorizableType type) {
+ PathToAuthorizable(UserManagerImpl userManager, AuthorizableType type)
{
this.userManager = userManager;
this.predicate = new AuthorizableTypePredicate(type);
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/DeclaredMembershipPredicate.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/DeclaredMembershipPredicate.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/DeclaredMembershipPredicate.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/DeclaredMembershipPredicate.java
Tue Dec 11 10:03:46 2018
@@ -35,7 +35,7 @@ import org.slf4j.LoggerFactory;
*/
public class DeclaredMembershipPredicate implements Predicate<Authorizable> {
- static final Logger log =
LoggerFactory.getLogger(DeclaredMembershipPredicate.class);
+ private static final Logger log =
LoggerFactory.getLogger(DeclaredMembershipPredicate.class);
private final MembershipProvider membershipProvider;
private final Iterator<String> contentIdIterator;
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/MembershipProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/MembershipProvider.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/MembershipProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/MembershipProvider.java
Tue Dec 11 10:03:46 2018
@@ -480,7 +480,7 @@ class MembershipProvider extends Authori
* @param groupTree A tree associated with a group
* @see #getNextIterator(Tree)
*/
- protected void remember(@NotNull Tree groupTree) {
+ void remember(@NotNull Tree groupTree) {
if (groupTrees == null) {
groupTrees = new ArrayList<>();
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
Tue Dec 11 10:03:46 2018
@@ -43,7 +43,7 @@ import com.google.common.collect.Sets;
* <li>{@code deleteChangedProperty}: {@code Resolution.OURS} removing the
members property takes precedence.
* </ul>
*/
-public class RepMembersConflictHandler implements ThreeWayConflictHandler {
+class RepMembersConflictHandler implements ThreeWayConflictHandler {
@NotNull
@Override
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/autosave/AutoSaveEnabledManager.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/autosave/AutoSaveEnabledManager.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/autosave/AutoSaveEnabledManager.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/autosave/AutoSaveEnabledManager.java
Tue Dec 11 10:03:46 2018
@@ -199,12 +199,12 @@ public class AutoSaveEnabledManager impl
}
@NotNull
- User wrap(@NotNull User user) {
+ private User wrap(@NotNull User user) {
return new UserImpl(user, this);
}
@NotNull
- Group wrap(@NotNull Group group) {
+ private Group wrap(@NotNull Group group) {
return new GroupImpl(group, this);
}
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/autosave/GroupImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/autosave/GroupImpl.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/autosave/GroupImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/autosave/GroupImpl.java
Tue Dec 11 10:03:46 2018
@@ -30,7 +30,7 @@ class GroupImpl extends AuthorizableImpl
super(dlg, mgr);
}
- Group getDelegate() {
+ private Group getDelegate() {
return (Group) getDlg();
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/Condition.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/Condition.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/Condition.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/Condition.java
Tue Dec 11 10:03:46 2018
@@ -160,7 +160,7 @@ interface Condition {
private final List<Condition> conditions = new ArrayList<>();
- public Compound(Condition condition1, Condition condition2) {
+ Compound(Condition condition1, Condition condition2) {
conditions.add(condition1);
conditions.add(condition2);
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/GroupPredicate.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/GroupPredicate.java?rev=1848662&r1=1848661&r2=1848662&view=diff
==============================================================================
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/GroupPredicate.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/GroupPredicate.java
Tue Dec 11 10:03:46 2018
@@ -35,7 +35,7 @@ import org.slf4j.LoggerFactory;
*/
class GroupPredicate implements Predicate<Authorizable> {
- static final Logger log = LoggerFactory.getLogger(GroupPredicate.class);
+ private static final Logger log =
LoggerFactory.getLogger(GroupPredicate.class);
private final Iterator<Authorizable> membersIterator;
private final Set<String> memberIds = new HashSet<>();
