svn commit: r1858932 - in /jackrabbit/oak/branches/1.10: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java oak-core/src/test/java/org/apache/jackrabbit/oak/s
Author: stillalex
Date: Wed May 8 16:08:59 2019
New Revision: 1858932
URL: http://svn.apache.org/viewvc?rev=1858932=rev
Log:
OAK-8306 Empty PrincipalProvider cache breaks membership collection
Modified:
jackrabbit/oak/branches/1.10/ (props changed)
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java
Propchange: jackrabbit/oak/branches/1.10/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed May 8 16:08:59 2019
@@ -1,3 +1,3 @@
/jackrabbit/oak/branches/1.0:1665962
-/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1851533-1851535,1851619,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853083,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854455,1854461-1854462,1854466,1854468,1854515,1854533,1854539,1854701,1854773-1854774,1854827,1854848,1854859,1854930,1854990-1854991,1855032,1855221,1855477-1855478,1855776,1855993,1856049,1856056,1856538,1856545,1857000,1857010,1857104,1857159,1857212,1857221,1857238,1857247,1857253,1857294,1857314,1857577,1857635,1857638,1857640,1857687,1857936,1858032,1858053,1858123,1858139,1858571,1858578,1858810
+/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1851533-1851535,1851619,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853083,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854455,1854461-1854462,1854466,1854468,1854515,1854533,1854539,1854701,1854773-1854774,1854827,1854848,1854859,1854930,1854990-1854991,1855032,1855221,1855477-1855478,1855776,1855993,1856049,1856056,1856538,1856545,1857000,1857010,1857104,1857159,1857212,1857221,1857238,1857247,1857253,1857294,1857314,1857577,1857635,1857638,1857640,1857687,1857936,1858032,1858053,1858123,1858139,1858571,1858578,1858810,1858931
/jackrabbit/trunk:1345480
Modified:
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java?rev=1858932=1858931=1858932=diff
==
---
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
(original)
+++
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
Wed May 8 16:08:59 2019
@@ -316,7 +316,7 @@ class UserPrincipalProvider implements P
String str = TreeUtil.getString(principalCache,
CacheConstants.REP_GROUP_PRINCIPAL_NAMES);
if (str == null || str.isEmpty()) {
-return Collections.emptySet();
+return new HashSet<>(1);
}
Set groups = new HashSet<>();
Modified:
jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java?rev=1858932=1858931=1858932=diff
==
---
jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java
(original)
+++
jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java
Wed May 8 16:08:59 2019
@@ -51,7 +51,6 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
-import org.apache.jackrabbit.oak.util.NodeUtil;
import org.apache.jackrabbit.oak.plugins.tree.TreeUtil;
import org.jetbrains.annotations.Nullable;
import org.junit.Test;
@@ -414,8 +413,13 @@ public class UserPrincipalProviderWithCa
// verify that the cache has really been updated
cache = getCacheTree(systemRoot);
-assertNotSame(2, new
NodeUtil(cache).getLong(CacheConstants.REP_EXPIRATION, 2));
+assertNotSame(2, TreeUtil.getLong(cache,
CacheConstants.REP_EXPIRATION, 2));
assertEquals("", Tr
svn commit: r1858931 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java test/java/org/apache/jackrabbit/oak/security/user/UserPrincip
Author: stillalex
Date: Wed May 8 15:42:19 2019
New Revision: 1858931
URL: http://svn.apache.org/viewvc?rev=1858931=rev
Log:
OAK-8306 Empty PrincipalProvider cache breaks membership collection
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java?rev=1858931=1858930=1858931=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
Wed May 8 15:42:19 2019
@@ -352,7 +352,7 @@ class UserPrincipalProvider implements P
String str = TreeUtil.getString(principalCache,
CacheConstants.REP_GROUP_PRINCIPAL_NAMES);
if (str == null || str.isEmpty()) {
-return Collections.emptySet();
+return new HashSet<>(1);
}
Set groups = new HashSet<>();
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java?rev=1858931=1858930=1858931=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java
Wed May 8 15:42:19 2019
@@ -51,7 +51,6 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
-import org.apache.jackrabbit.oak.util.NodeUtil;
import org.apache.jackrabbit.oak.plugins.tree.TreeUtil;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
@@ -416,8 +415,13 @@ public class UserPrincipalProviderWithCa
// verify that the cache has really been updated
cache = getCacheTree(systemRoot);
-assertNotSame(2, new
NodeUtil(cache).getLong(CacheConstants.REP_EXPIRATION, 2));
+assertNotSame(2, TreeUtil.getLong(cache,
CacheConstants.REP_EXPIRATION, 2));
assertEquals("", TreeUtil.getString(cache,
CacheConstants.REP_GROUP_PRINCIPAL_NAMES));
+
+// check that an cached empty membership set doesn't break the
retrieval (OAK-8306)
+principalsAgain = pp.getPrincipals(userId);
+assertFalse(principals.equals(principalsAgain));
+assertPrincipals(principalsAgain, EveryonePrincipal.getInstance(),
getTestUser().getPrincipal());
}
@Test
svn commit: r1858836 - in /jackrabbit/oak/branches/1.8: ./ oak-jcr/ oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/secu
Author: stillalex Date: Tue May 7 09:53:00 2019 New Revision: 1858836 URL: http://svn.apache.org/viewvc?rev=1858836=rev Log: OAK-7778 PasswordUtil#isPlainTextPassword doesn't validate PBKDF2 scheme Modified: jackrabbit/oak/branches/1.8/ (props changed) jackrabbit/oak/branches/1.8/oak-jcr/ (props changed) jackrabbit/oak/branches/1.8/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java jackrabbit/oak/branches/1.8/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java Propchange: jackrabbit/oak/branches/1.8/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Tue May 7 09:53:00 2019 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822182,1822201,1822207,1822527,1822642,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826833,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828827,1828868,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239 ,1830347,1830748,1830911,1830923,1831157-1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833702,1833833,1834109,1834112,1834117,1834287,1834291,1834302,1834312,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189-1836196,1836206,1836487,1836493,1836548,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837596,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840462,1840574,1840769,1841314,1841352,1842089,1842677,1843175,1843222,1843231,1843398,1843618,1843621,1843637,1843652,1843669,1843905,1843911,1844070,1844110,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845135,1845336,1845405,1845415,1845730-1845731,1845863,1845865,1846057,1846396,1846429,1846581,1846617,1847088,1847 096,1848073,1848181-1848182,1848191,1848217,1848822-1848823,1850221,1850837,1850874,1851533-1851535,1851619,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1853141,1853229,1853393,1853429,1853433,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854455,1854461-1854462,1854466,1854515,1854539,1854701,1854773,1854827,1854848,1854859,1854930,1855032,1855776,1856818,1857010,1857247,1857253,1857294,1857314,1857638,1857936,1858032,1858571,1858578,1858810 +/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822182,1822201,1822207,1822527,1822642,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826833,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828827,1828868,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239 ,1830347,1830748,1830911,1830923,1831157-1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833702,1833833,1834109,1834112,1834117,1834287,1834291,1834302,1834312,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189
svn commit: r1858758 - in /jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons: LazyValue.java package-info.java
Author: stillalex
Date: Mon May 6 08:26:19 2019
New Revision: 1858758
URL: http://svn.apache.org/viewvc?rev=1858758=rev
Log:
OAK-8283 Make LazyValue implement Supplier
Modified:
jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/LazyValue.java
jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/package-info.java
Modified:
jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/LazyValue.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/LazyValue.java?rev=1858758=1858757=1858758=diff
==
---
jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/LazyValue.java
(original)
+++
jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/LazyValue.java
Mon May 6 08:26:19 2019
@@ -16,6 +16,8 @@
*/
package org.apache.jackrabbit.oak.commons;
+import java.util.function.Supplier;
+
/**
* An instances of this class represents a lazy value of type {@code T}.
* {@code LazyValue} implements an evaluate by need semantics:
@@ -24,7 +26,7 @@ package org.apache.jackrabbit.oak.common
*
* {@code LazyValue} instances are thread safe.
*/
-public abstract class LazyValue {
+public abstract class LazyValue implements Supplier {
private volatile T value;
/**
@@ -44,6 +46,7 @@ public abstract class LazyValue {
* Get value. Calls {@link #createValue()} if called for the first time.
* @return the value
*/
+@Override
public T get () {
// Double checked locking is fine since Java 5 as long as value is
volatile.
// See
http://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html
Modified:
jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/package-info.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/package-info.java?rev=1858758=1858757=1858758=diff
==
---
jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/package-info.java
(original)
+++
jackrabbit/oak/trunk/oak-commons/src/main/java/org/apache/jackrabbit/oak/commons/package-info.java
Mon May 6 08:26:19 2019
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-@Version("1.3.0")
+@Version("1.4.0")
package org.apache.jackrabbit.oak.commons;
import org.osgi.annotation.versioning.Version;
svn commit: r1858530 - in /jackrabbit/oak/trunk: oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/ oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/ oak-jcr/src/main/
Author: stillalex
Date: Thu May 2 11:48:10 2019
New Revision: 1858530
URL: http://svn.apache.org/viewvc?rev=1858530=rev
Log:
OAK-8249 NodeImpl#isNodeType could load mixin info lazily
Modified:
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/EffectiveNodeTypeProvider.java
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/package-info.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/ReadOnlyNodeTypeManager.java
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/security/AccessManager.java
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/session/NodeImpl.java
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/session/SessionContext.java
Modified:
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/EffectiveNodeTypeProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/EffectiveNodeTypeProvider.java?rev=1858530=1858529=1858530=diff
==
---
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/EffectiveNodeTypeProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/EffectiveNodeTypeProvider.java
Thu May 2 11:48:10 2019
@@ -16,7 +16,10 @@
*/
package org.apache.jackrabbit.oak.spi.nodetype;
+import java.util.ArrayList;
import java.util.Iterator;
+import java.util.List;
+
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.nodetype.NoSuchNodeTypeException;
@@ -36,6 +39,11 @@ public interface EffectiveNodeTypeProvid
* type or mixin type, or a subtype thereof respecting the effective node
* type of the {@code tree}. Returns {@code false} otherwise.
*
+ * Note: caution must be taken while calling this api because it doesn't
+ * offer the same strict guarantees as the {@code Node#isNodeType(String)}
+ * method in the case where the session doesn't have access to the
+ * {@code jcr:mixinTypes} property.
+ *
* @param tree The tree to be tested.
* @param nodeTypeName The internal oak name of the node type to be tested.
* @return true if the specified node is of the given node type.
@@ -54,8 +62,29 @@ public interface EffectiveNodeTypeProvid
* refer to an existing node type.
* @throws RepositoryException If the given node type name is invalid or if
* some other error occurs.
+ * @deprecated use {@link #isNodeType(String, Iterable, String)} instead
+ */
+@Deprecated
+default boolean isNodeType(@NotNull String primaryTypeName, @NotNull
Iterator mixinTypes, @NotNull String nodeTypeName) throws
NoSuchNodeTypeException, RepositoryException {
+List mixins = new ArrayList<>();
+mixinTypes.forEachRemaining(mixins::add);
+return isNodeType(primaryTypeName, mixins, nodeTypeName);
+}
+
+/**
+ * Returns {@code true} if {@code typeName} is of the specified primary
node
+ * type or mixin type, or a subtype thereof. Returns {@code false}
otherwise.
+ *
+ * @param primaryTypeName the internal oak name of the node to test
+ * @param mixinTypes the internal oak names of the node to test.
+ * @param nodeTypeName The internal oak name of the node type to be tested.
+ * @return {@code true} if the specified node type is of the given node
type.
+ * @throws NoSuchNodeTypeException If the specified node type name doesn't
+ * refer to an existing node type.
+ * @throws RepositoryException If the given node type name is invalid or if
+ * some other error occurs.
*/
-boolean isNodeType(@NotNull String primaryTypeName, @NotNull
Iterator mixinTypes, @NotNull String nodeTypeName) throws
NoSuchNodeTypeException, RepositoryException;
+boolean isNodeType(@NotNull String primaryTypeName, @NotNull
Iterable mixinTypes, @NotNull String nodeTypeName) throws
NoSuchNodeTypeException, RepositoryException;
/**
* Returns {@code true} if {@code typeName} is of the specified primary
node
Modified:
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/package-info.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/package-info.java?rev=1858530=1858529=1858530=diff
==
---
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/package-info.java
(original)
+++
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/nodetype/package-info.java
Thu May 2 11:48:10 2019
@@ -14,7 +14,7 @@
svn commit: r1858054 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/authorization/ main/java/org/apache/jackrabbit/oak/security/authorization/permission/ test/ja
Author: stillalex
Date: Wed Apr 24 14:37:49 2019
New Revision: 1858054
URL: http://svn.apache.org/viewvc?rev=1858054=rev
Log:
OAK-8234 Reduce object allocation in PermissionProviderImpl for admin sessions
Added:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissionProviderImpl.java
(with props)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/AdministrativePermissionProviderTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java?rev=1858054=1858053=1858054=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java
Wed Apr 24 14:37:49 2019
@@ -29,10 +29,12 @@ import org.apache.jackrabbit.oak.securit
import
org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlImporter;
import
org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlManagerImpl;
import
org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlValidatorProvider;
+import
org.apache.jackrabbit.oak.security.authorization.permission.AllPermissionProviderImpl;
import
org.apache.jackrabbit.oak.security.authorization.permission.MountPermissionProvider;
import
org.apache.jackrabbit.oak.security.authorization.permission.PermissionHook;
import
org.apache.jackrabbit.oak.security.authorization.permission.PermissionProviderImpl;
import
org.apache.jackrabbit.oak.security.authorization.permission.PermissionStoreValidatorProvider;
+import
org.apache.jackrabbit.oak.security.authorization.permission.PermissionUtil;
import
org.apache.jackrabbit.oak.security.authorization.permission.PermissionValidatorProvider;
import
org.apache.jackrabbit.oak.security.authorization.restriction.RestrictionProviderImpl;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
@@ -199,6 +201,9 @@ public class AuthorizationConfigurationI
public PermissionProvider getPermissionProvider(@NotNull Root root,
@NotNull String workspaceName,
@NotNull Set
principals) {
Context ctx =
getSecurityProvider().getConfiguration(AuthorizationConfiguration.class).getContext();
+if (PermissionUtil.isAdminOrSystem(principals, getParameters())) {
+return new AllPermissionProviderImpl(root, this);
+}
if (mountInfoProvider.hasNonDefaultMounts()) {
return new MountPermissionProvider(root, workspaceName,
principals, getRestrictionProvider(),
Added:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissionProviderImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissionProviderImpl.java?rev=1858054=auto
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissionProviderImpl.java
(added)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/AllPermissionProviderImpl.java
Wed Apr 24 14:37:49 2019
@@ -0,0 +1,122 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.authorization.permission;
+
+import java.util.Collections;
+import java.util.Set;
+
+import org.apache.jackrabbit.oak.api.Pr
svn commit: r1857636 - in /jackrabbit/oak/branches/1.10: ./ oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java oak-benchmarks/src/main/java/org/apache/jackrabbit/oak
Author: stillalex
Date: Tue Apr 16 09:52:27 2019
New Revision: 1857636
URL: http://svn.apache.org/viewvc?rev=1857636=rev
Log:
OAK-8247 Add non-admin mode for Node.isNodeType() benchmark
backport to 1.10
Modified:
jackrabbit/oak/branches/1.10/ (props changed)
jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java
Propchange: jackrabbit/oak/branches/1.10/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Apr 16 09:52:27 2019
@@ -1,3 +1,3 @@
/jackrabbit/oak/branches/1.0:1665962
-/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1851533-1851535,1851619,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854455,1854461-1854462,1854466,1854468,1854515,1854533,1854539,1854701,1854773-1854774,1854827,1854848,1854859,1854930,1854990-1854991,1855032,1855221,1855477-1855478,1855776,1857010,1857104,1857159,1857212,1857221,1857238,1857247,1857253,1857294,1857314,1857577
+/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1851533-1851535,1851619,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854455,1854461-1854462,1854466,1854468,1854515,1854533,1854539,1854701,1854773-1854774,1854827,1854848,1854859,1854930,1854990-1854991,1855032,1855221,1855477-1855478,1855776,1857010,1857104,1857159,1857212,1857221,1857238,1857247,1857253,1857294,1857314,1857577,1857635
/jackrabbit/trunk:1345480
Modified:
jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java?rev=1857636=1857635=1857636=diff
==
---
jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
(original)
+++
jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
Tue Apr 16 09:52:27 2019
@@ -499,7 +499,7 @@ public class BenchmarkRunner {
new StringWriteTest(),
new BasicWriteTest(),
new CanReadNonExisting(),
-new IsNodeTypeTest(),
+new IsNodeTypeTest(runAsAdmin.value(options)),
new SetPropertyTransientTest()
};
Modified:
jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java?rev=1857636=1857635=1857636=diff
==
---
jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java
(original)
+++
jackrabbit/oak/branches/1.10/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java
Tue Apr 16 09:52:27 2019
@@ -16,9 +16,15 @@
*/
package org.apache.jackrabbit.oak.benchmark;
+import static javax.jcr.security.Privilege.JCR_READ;
+import static
org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils.addAccessControlEntry;
+import static org.junit.Assert.assertTrue;
+
import javax.jcr.Node;
import javax.jcr.Session;
+import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
+
/**
* Benchmark for Node.isNodeType(String).
*/
@@ -26,14 +32,21 @@ public class IsNodeTypeTest extends Abst
private static final String NT_FOLDER = "nt:folder";
+private final boolean runAsAdmin;
+
private String testNodeName = "test" + TEST_ID;
private Node testNode;
+public IsNodeTypeTest(boolean runAsAdmin) {
+this.runAsAdmin = runAsAdmin;
+}
+
@Override
public void beforeSuite() throws Exception {
Session session = getRepository().login(getCredentials());
session.getRootNode().addNode(testNodeName, NT_FOLDER);
+addAccessControlEntry(session, "/", EveryonePrincipal.getInstance(),
new String[] { JCR_READ }, true);
session.save();
session.logout();
testNode = prepareThreadExecutionContext();
@@ -50,7 +63,15 @@ public class IsNodeTypeTest
svn commit: r1857635 - in /jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark: BenchmarkRunner.java IsNodeTypeTest.java
Author: stillalex
Date: Tue Apr 16 09:43:36 2019
New Revision: 1857635
URL: http://svn.apache.org/viewvc?rev=1857635=rev
Log:
OAK-8247 Add non-admin mode for Node.isNodeType() benchmark
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java?rev=1857635=1857634=1857635=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
Tue Apr 16 09:43:36 2019
@@ -501,7 +501,7 @@ public class BenchmarkRunner {
new StringWriteTest(),
new BasicWriteTest(),
new CanReadNonExisting(),
-new IsNodeTypeTest(),
+new IsNodeTypeTest(runAsAdmin.value(options)),
new SetPropertyTransientTest()
};
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java?rev=1857635=1857634=1857635=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsNodeTypeTest.java
Tue Apr 16 09:43:36 2019
@@ -16,9 +16,15 @@
*/
package org.apache.jackrabbit.oak.benchmark;
+import static javax.jcr.security.Privilege.JCR_READ;
+import static
org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils.addAccessControlEntry;
+import static org.junit.Assert.assertTrue;
+
import javax.jcr.Node;
import javax.jcr.Session;
+import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
+
/**
* Benchmark for Node.isNodeType(String).
*/
@@ -26,14 +32,21 @@ public class IsNodeTypeTest extends Abst
private static final String NT_FOLDER = "nt:folder";
+private final boolean runAsAdmin;
+
private String testNodeName = "test" + TEST_ID;
private Node testNode;
+public IsNodeTypeTest(boolean runAsAdmin) {
+this.runAsAdmin = runAsAdmin;
+}
+
@Override
public void beforeSuite() throws Exception {
Session session = getRepository().login(getCredentials());
session.getRootNode().addNode(testNodeName, NT_FOLDER);
+addAccessControlEntry(session, "/", EveryonePrincipal.getInstance(),
new String[] { JCR_READ }, true);
session.save();
session.logout();
testNode = prepareThreadExecutionContext();
@@ -50,7 +63,15 @@ public class IsNodeTypeTest extends Abst
@Override
protected Node prepareThreadExecutionContext() throws Exception {
-return loginWriter().getRootNode().getNode(testNodeName);
+return getTestSession().getRootNode().getNode(testNodeName);
+}
+
+private Session getTestSession() {
+if (runAsAdmin) {
+return loginWriter();
+} else {
+return loginAnonymous();
+}
}
@Override
@@ -62,7 +83,7 @@ public class IsNodeTypeTest extends Abst
@Override
protected void runTest(Node executionContext) throws Exception {
for (int i = 0; i < 10; i++) {
-executionContext.isNodeType(NT_FOLDER);
+assertTrue(executionContext.isNodeType(NT_FOLDER));
}
}
svn commit: r1856908 - in /jackrabbit/oak/trunk/oak-auth-external/src: main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ test/java/org/apache/jackrabbit/oak/spi/
Author: stillalex
Date: Thu Apr 4 08:02:23 2019
New Revision: 1856908
URL: http://svn.apache.org/viewvc?rev=1856908=rev
Log:
OAK-8055 Add conflict handler for rep:lastSynced property on external groups
Added:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityConflictHandler.java
(with props)
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncHandlerTest.java
Added:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityConflictHandler.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityConflictHandler.java?rev=1856908=auto
==
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityConflictHandler.java
(added)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityConflictHandler.java
Thu Apr 4 08:02:23 2019
@@ -0,0 +1,115 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal;
+
+import static org.apache.jackrabbit.util.ISO8601.parse;
+
+import java.util.Calendar;
+
+import org.apache.jackrabbit.oak.api.PropertyState;
+import org.apache.jackrabbit.oak.api.Type;
+import org.apache.jackrabbit.oak.spi.commit.ThreeWayConflictHandler;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalIdentityConstants;
+import org.apache.jackrabbit.oak.spi.state.NodeBuilder;
+import org.apache.jackrabbit.oak.spi.state.NodeState;
+import org.jetbrains.annotations.NotNull;
+
+/**
+ * Conflict handler that merges concurrent updates to external entities on the
+ * {@code ExternalIdentityConstants.REP_LAST_SYNCED} property by picking the
+ * older of the 2 conflicting dates.
+ */
+class ExternalIdentityConflictHandler implements ThreeWayConflictHandler {
+
+@NotNull
+@Override
+public Resolution addExistingProperty(NodeBuilder parent, PropertyState
ours, PropertyState theirs) {
+if (ExternalIdentityConstants.REP_LAST_SYNCED.equals(ours.getName())) {
+merge(parent, ours, theirs);
+return Resolution.MERGED;
+}
+return Resolution.IGNORED;
+}
+
+@NotNull
+@Override
+public Resolution changeChangedProperty(NodeBuilder parent, PropertyState
ours, PropertyState theirs,
+PropertyState base) {
+if (ExternalIdentityConstants.REP_LAST_SYNCED.equals(ours.getName())) {
+merge(parent, ours, theirs);
+return Resolution.MERGED;
+}
+return Resolution.IGNORED;
+}
+
+private static void merge(NodeBuilder parent, PropertyState ours,
PropertyState theirs) {
+Calendar o = parse(ours.getValue(Type.DATE));
+Calendar t = parse(theirs.getValue(Type.DATE));
+Calendar v = o.before(t) ? t : o;
+parent.setProperty(ours.getName(), v);
+}
+
+@Override
+@NotNull
+public Resolution changeDeletedProperty(@NotNull NodeBuilder parent,
@NotNull PropertyState ours,
+@NotNull PropertyState base) {
+return Resolution.IGNORED;
+}
+
+@Override
+@NotNull
+public Resolution deleteDeletedProperty(@NotNull NodeBuilder parent,
@NotNull PropertyState base) {
+return Resolution.IGNORED;
+}
+
+@Override
+@NotNull
+public Resolution deleteChangedProperty(@NotNull NodeBuilder parent,
@NotNull PropertyState theirs,
+@NotNull PropertyState bas
svn commit: r1856464 - in /jackrabbit/oak/trunk/oak-security-spi/src: main/java/org/apache/jackrabbit/oak/spi/security/principal/ test/java/org/apache/jackrabbit/oak/spi/security/principal/
Author: stillalex
Date: Thu Mar 28 09:19:06 2019
New Revision: 1856464
URL: http://svn.apache.org/viewvc?rev=1856464=rev
Log:
OAK-8142 CompositePrincipalProvider support for full text search
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/TestPrincipalProvider.java
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java?rev=1856464=1856463=1856464=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java
Thu Mar 28 09:19:06 2019
@@ -141,7 +141,7 @@ public class CompositePrincipalProvider
long offset, long limit) {
List> all = providers.stream()
-.map((p) -> p.findPrincipals(nameHint, fullText, searchType,
0, limit)).collect(Collectors.toList());
+.map((p) -> p.findPrincipals(nameHint, fullText, searchType,
0, limit + offset)).collect(Collectors.toList());
Iterator principals = Iterators.mergeSorted(all,
Comparator.comparing(Principal::getName));
Spliterator spliterator =
Spliterators.spliteratorUnknownSize(principals, 0);
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java?rev=1856464=1856463=1856464=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
Thu Mar 28 09:19:06 2019
@@ -18,13 +18,14 @@ package org.apache.jackrabbit.oak.spi.se
import java.security.Principal;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
-import java.util.Comparator;
import java.util.Iterator;
import java.util.List;
import java.util.Random;
import java.util.Set;
+import java.util.TreeSet;
import com.google.common.base.Predicate;
import com.google.common.collect.ImmutableList;
@@ -37,17 +38,14 @@ import org.apache.jackrabbit.api.securit
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.junit.Test;
-import org.mockito.invocation.InvocationOnMock;
-import org.mockito.stubbing.Answer;
+import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotSame;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.assertTrue;
-import static org.mockito.ArgumentMatchers.anyBoolean;
-import static org.mockito.ArgumentMatchers.anyInt;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@@ -237,50 +235,53 @@ public class CompositePrincipalProviderT
int inputSize = 3;
Random r = new Random(seed);
-Comparator comparator =
Comparator.comparing(Principal::getName);
List expected = new ArrayList<>();
-Collection> input = new ArrayList<>();
+Collection> input = new ArrayList<>();
for (int i = 0; i < inputSize; i++) {
-List l = new ArrayList<>();
+Set l = new TreeSet<>();
int size = r.nextInt(bound);
-for (int s = 0; s < size; s++) {
+while (size > 0) {
int v = r.nextInt(bound);
-Principal p = new PrincipalImpl("p" + v);
-expected.add(p.getName());
-l.add(p);
+String n = "p" + v;
+if (l.add(n)) {
+expected.add(n);
+size--;
+}
svn commit: r1856414 - in /jackrabbit/oak/trunk/oak-auth-external/src: main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ test/java/org/apache/jackrabbit/oak/spi/
Author: stillalex
Date: Wed Mar 27 15:03:57 2019
New Revision: 1856414
URL: http://svn.apache.org/viewvc?rev=1856414=rev
Log:
OAK-8175 ExternalGroupPrincipalProvider support for full text search
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java?rev=1856414=1856413=1856414=diff
==
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java
Wed Mar 27 15:03:57 2019
@@ -20,12 +20,18 @@ import java.security.Principal;
import java.text.ParseException;
import java.util.Collection;
import java.util.Collections;
+import java.util.Comparator;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
+import java.util.Spliterator;
+import java.util.Spliterators;
import java.util.concurrent.ConcurrentHashMap;
+import java.util.stream.Stream;
+import java.util.stream.StreamSupport;
+
import javax.jcr.PropertyType;
import javax.jcr.RepositoryException;
import javax.jcr.Value;
@@ -173,6 +179,27 @@ class ExternalGroupPrincipalProvider imp
return findPrincipals(null, searchType);
}
+@NotNull
+@Override
+public Iterator findPrincipals(@Nullable String
nameHint, boolean fullText, int searchType,
+long offset, long limit) {
+Iterator principals = findPrincipals(nameHint,
searchType);
+if (!principals.hasNext()) {
+return Collections.emptyIterator();
+}
+
+Spliterator spliterator =
Spliterators.spliteratorUnknownSize(principals, 0);
+Stream stream = StreamSupport.stream(spliterator,
false);
+stream = stream.sorted(Comparator.comparing(Principal::getName));
+if (offset > 0) {
+stream = stream.skip(offset);
+}
+if (limit >= 0) {
+stream = stream.limit(limit);
+}
+return stream.iterator();
+}
+
//< private
>---
@Nullable
private String getIdpName(@NotNull Tree userTree) {
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java?rev=1856414=1856413=1856414=diff
==
---
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java
Wed Mar 27 15:03:57 2019
@@ -17,11 +17,16 @@
package
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal;
import java.security.Principal;
+import java.util.Arrays;
import java.util.Collections;
+import java.util.Comparator;
import java.util.HashSet;
import java.util.Iterator;
+import java.util.List;
import java.util.Set;
import com.google.common.base.Function;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
@@ -32,6 +37,7 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdent
svn commit: r1856176 - in /jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external: AbstractExternalTest.java ExternalLoginTest.java
Author: stillalex
Date: Mon Mar 25 10:18:10 2019
New Revision: 1856176
URL: http://svn.apache.org/viewvc?rev=1856176=rev
Log:
OAK-8053 Add intermediate report to ExternalLoginTest
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java?rev=1856176=1856175=1856176=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java
Mon Mar 25 10:18:10 2019
@@ -101,7 +101,7 @@ abstract class AbstractExternalTest exte
final DefaultSyncConfig syncConfig = new DefaultSyncConfig();
final SyncHandler syncHandler = new DefaultSyncHandler(syncConfig);
-final ExternalIdentityProvider idp;
+final TestIdentityProvider idp;
final long delay;
SyncManagerImpl syncManager;
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java?rev=1856176=1856175=1856176=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
Mon Mar 25 10:18:10 2019
@@ -18,21 +18,32 @@ package org.apache.jackrabbit.oak.benchm
import static
javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
import static
javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
+import static org.junit.Assert.assertEquals;
+import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
+import java.util.TreeSet;
+import java.util.concurrent.atomic.AtomicLong;
+import java.util.stream.Collectors;
+import java.util.stream.StreamSupport;
+import javax.jcr.LoginException;
+import javax.jcr.Session;
import javax.jcr.SimpleCredentials;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
+import org.apache.commons.lang3.reflect.FieldUtils;
+import org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate;
import
org.apache.jackrabbit.oak.security.authentication.token.TokenLoginModule;
import org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl;
import
org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.GuestLoginModule;
import org.apache.jackrabbit.oak.spi.security.authentication.LoginModuleStats;
import
org.apache.jackrabbit.oak.spi.security.authentication.LoginModuleStatsCollector;
+import
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalLoginModule;
import org.apache.jackrabbit.oak.stats.StatisticsProvider;
import org.jetbrains.annotations.NotNull;
@@ -53,9 +64,10 @@ public class ExternalLoginTest extends A
private final int numberOfGroups;
private final Reporter reporter;
private final LoginModuleStats lmStats;
+private final List auto;
-private String id;
private Set uniques;
+private AtomicLong err;
public ExternalLoginTest(int numberOfUsers, int numberOfGroups, long
expTime, boolean dynamicMembership,
@NotNull List autoMembership, boolean report,
StatisticsProvider statsProvider) {
@@ -64,13 +76,15 @@ public class ExternalLoginTest extends A
this.numberOfGroups = numberOfGroups;
this.reporter = new Reporter(report);
this.lmStats = new LoginModuleStats(statsProvider);
+this.auto = autoMembership;
}
@Override
protected void beforeSuite() throws Exception {
super.beforeSuite();
reporter.beforeSuite();
-uniques = new HashSet<>(numberOfUsers);
+uniques = Collections.synchronizedSet(new H
svn commit: r1856069 - /jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md
Author: stillalex Date: Fri Mar 22 17:02:07 2019 New Revision: 1856069 URL: http://svn.apache.org/viewvc?rev=1856069=rev Log: OAK-301: Document Oak Memoirs in Garbage Collection (WIP) -- fixed header for new file Modified: jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md Modified: jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md?rev=1856069=1856068=1856069=diff == --- jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md (original) +++ jackrabbit/oak/trunk/oak-doc/src/site/markdown/nodestore/segment/onrc-memoirs.md Fri Mar 22 17:02:07 2019 @@ -1,3 +1,20 @@ + + Memoirs in Garbage Collection = This is a brief outline of the history of Online Revision Garbage Collection in Oak. By linking to further details where necessary this historical context helps making sense of the various bits of information that are scattered across Jira Issues, Wikis, source code etc.
svn commit: r1856039 - in /jackrabbit/oak/branches/1.8: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Fri Mar 22 10:53:01 2019 New Revision: 1856039 URL: http://svn.apache.org/viewvc?rev=1856039=rev Log: OAK-8054 RepMembersConflictHandler creates property with wrong type Modified: jackrabbit/oak/branches/1.8/ (props changed) jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java jackrabbit/oak/branches/1.8/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/GroupImplTest.java jackrabbit/oak/branches/1.8/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandlerTest.java Propchange: jackrabbit/oak/branches/1.8/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Mar 22 10:53:01 2019 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822182,1822201,1822207,1822527,1822642,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826833,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828827,1828868,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239 ,1830347,1830748,1830911,1830923,1831157-1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833702,1833833,1834109,1834112,1834117,1834287,1834291,1834302,1834312,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189-1836196,1836206,1836487,1836493,1836548,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837596,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840462,1840574,1840769,1841314,1841352,1842089,1842677,1843175,1843222,1843231,1843398,1843618,1843621,1843637,1843652,1843669,1843905,1843911,1844070,1844110,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845135,1845336,1845405,1845415,1845730-1845731,1845863,1845865,1846057,1846396,1846429,1846581,1846617,1847088,1847 096,1848073,1848181-1848182,1848191,1848217,1848822-1848823,1850221,1850837,1850874,1851533-1851535,1851619,1852120,1852451,1852492,1852528,1852582,1852584,1852601,1853141,1853229,1853393,1853429,1853433,1853866,1853870,1853893,1853969,1853997,1854034,1854044,1854055,1854455,1854461-1854462,1854466,1854515,1854539,1854701,1854773,1854827,1854848,1854859,1854930,1855032 +/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822182,1822201,1822207,1822527,1822642,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826833,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828827,1828868,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239 ,1830347,1830748,1830911,1830923,1831157-1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833702,1833833,1834109,1834112,1834117,1834287,1834291,1834302,1834312,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189-1836196,1836206,1836487,1836493,1836548,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837596,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840462,1840574,1840769
svn commit: r1855838 - in /jackrabbit/oak/trunk/oak-security-spi/src: main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java test/java/org/apache/jackrabbit/oak/spi
Author: stillalex
Date: Tue Mar 19 15:09:15 2019
New Revision: 1855838
URL: http://svn.apache.org/viewvc?rev=1855838=rev
Log:
OAK-8142 CompositePrincipalProvider support for full text search
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java?rev=1855838=1855837=1855838=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java
Tue Mar 19 15:09:15 2019
@@ -19,10 +19,16 @@ package org.apache.jackrabbit.oak.spi.se
import java.security.Principal;
import java.security.acl.Group;
import java.util.Collections;
+import java.util.Comparator;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
+import java.util.Spliterator;
+import java.util.Spliterators;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+import java.util.stream.StreamSupport;
import com.google.common.collect.Iterators;
import static com.google.common.base.Preconditions.checkNotNull;
@@ -128,4 +134,22 @@ public class CompositePrincipalProvider
public Iterator findPrincipals(int searchType) {
return findPrincipals(null, searchType);
}
+
+public Iterator findPrincipals(@Nullable String
nameHint, boolean fullText, int searchType,
+long offset, long limit) {
+
+List> all = providers.stream()
+.map((p) -> p.findPrincipals(nameHint, fullText, searchType,
0, limit)).collect(Collectors.toList());
+Iterator principals = Iterators.mergeSorted(all,
Comparator.comparing(Principal::getName));
+
+Spliterator spliterator =
Spliterators.spliteratorUnknownSize(principals, 0);
+Stream stream = StreamSupport.stream(spliterator,
false);
+if (offset > 0) {
+stream = stream.skip(offset);
+}
+if (limit >= 0) {
+stream = stream.limit(limit);
+}
+return stream.iterator();
+}
}
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java?rev=1855838=1855837=1855838=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
Tue Mar 19 15:09:15 2019
@@ -18,9 +18,12 @@ package org.apache.jackrabbit.oak.spi.se
import java.security.Principal;
import java.util.ArrayList;
+import java.util.Collection;
import java.util.Collections;
+import java.util.Comparator;
import java.util.Iterator;
import java.util.List;
+import java.util.Random;
import java.util.Set;
import com.google.common.base.Predicate;
@@ -34,6 +37,8 @@ import org.apache.jackrabbit.api.securit
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.junit.Test;
+import org.mockito.invocation.InvocationOnMock;
+import org.mockito.stubbing.Answer;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
@@ -215,4 +220,49 @@ public class CompositePrincipalProviderT
}
return l;
}
+
+@Test
+public void testFindPrincipalsRandom() {
+long seed = System.currentTimeMillis();
+int bound = 10;
+int inputSize = 3;
+Random r = new Random(seed);
+
+Comparator comparator =
Comparator.comparing(Principal::getName);
+List expected = new ArrayList<>();
+Collection> input = new ArrayList<>();
+for (int i = 0; i < inputSize; i++) {
+List l = new ArrayList<>();
+int size = r.nextInt(bound);
+for (int s = 0; s < size; s++) {
+int v = r.nextInt(bound);
+Principal p = new PrincipalImpl("p&qu
svn commit: r1855771 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java test/java/org/apache/jackrabbit/oak/security/principal/Abstra
Author: stillalex
Date: Mon Mar 18 14:25:06 2019
New Revision: 1855771
URL: http://svn.apache.org/viewvc?rev=1855771=rev
Log:
OAK-8140 UserPrincipalProvider support for full text search
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java?rev=1855771=1855770=1855771=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
Mon Mar 18 14:25:06 2019
@@ -171,14 +171,21 @@ class UserPrincipalProvider implements P
limit = Long.MAX_VALUE;
}
try {
+
+String lookupClause = "";
+if (nameHint != null && !nameHint.isEmpty()) {
+if (fullText) {
+lookupClause = String.format("[jcr:contains(.,'%s')]",
buildSearchPatternFT(nameHint));
+} else {
+lookupClause =
String.format("[jcr:like(@rep:principalName,'%s')]",
buildSearchPatternContains(nameHint));
+}
+}
AuthorizableType type = AuthorizableType.getType(searchType);
StringBuilder statement = new StringBuilder()
.append(QueryUtil.getSearchRoot(type,
config.getParameters()))
.append("//element(*,").append(QueryUtil.getNodeTypeName(type)).append(')')
-.append("[jcr:like(@rep:principalName,'")
-.append(buildSearchPattern(nameHint))
-.append("')] order by @rep:principalName");
-
+.append(lookupClause)
+.append(" order by @rep:principalName");
Result result = root.getQueryEngine().executeQuery(
statement.toString(), javax.jcr.query.Query.XPATH,
limit, offset, NO_BINDINGS,
namePathMapper.getSessionLocalMappings());
@@ -365,15 +372,19 @@ class UserPrincipalProvider implements P
return expirationTime > EXPIRATION_NO_CACHE && now < expirationTime;
}
-private static String buildSearchPattern(String nameHint) {
-if (nameHint == null) {
-return "%";
+private static String buildSearchPatternContains(@NotNull String nameHint)
{
+StringBuilder sb = new StringBuilder();
+sb.append('%');
+sb.append(nameHint.replace("%", "\\%").replace("_", "\\_"));
+sb.append('%');
+return sb.toString();
+}
+
+private static String buildSearchPatternFT(@NotNull String nameHint) {
+if (nameHint.contains("*")) {
+return QueryUtil.escapeForQuery(nameHint);
} else {
-StringBuilder sb = new StringBuilder();
-sb.append('%');
-sb.append(nameHint.replace("%", "\\%").replace("_", "\\_"));
-sb.append('%');
-return sb.toString();
+return QueryUtil.escapeForQuery(nameHint) + "*";
}
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java?rev=1855771=1855770=1855771=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
Mon Mar 18 14:25:06 2019
@@ -68,6 +68,9 @@ public abstract class AbstractPrincipalP
@Override
public void before() throws Exception {
+// because of full text search test #testFindRange
+getQueryEngineSettings().setFailTraversal(false);
+getQueryEngineSettings().setFullTextComparisonWithoutIndex(true);
super.before();
userPrincipal = getTestUser().getPrincipal();
@@ -415,9 +418,12 @@ public abstract class AbstractPrincipalP
to = Math.min(offset + limit, to);
}
svn commit: r1855536 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/principal/ main/java/org/apache/jackrabbit/oak/security/user/ test/java/org/apache/jackrabbit
Author: stillalex
Date: Thu Mar 14 16:03:13 2019
New Revision: 1855536
URL: http://svn.apache.org/viewvc?rev=1855536=rev
Log:
OAK-8131 Principal Management APIs full text support
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java?rev=1855536=1855535=1855536=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
Thu Mar 14 16:03:13 2019
@@ -131,12 +131,12 @@ class PrincipalProviderImpl implements P
@NotNull
@Override
public Iterator findPrincipals(@Nullable final String
nameHint, final int searchType) {
-return findPrincipals(nameHint, searchType, 0, -1);
+return findPrincipals(nameHint, false, searchType, 0, -1);
}
@NotNull
@Override
-public Iterator findPrincipals(final String nameHint,
final int searchType, long offset,
+public Iterator findPrincipals(final String nameHint,
final boolean fullText, final int searchType, long offset,
long limit) {
if (offset < 0) {
offset = 0;
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java?rev=1855536=1855535=1855536=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
Thu Mar 14 16:03:13 2019
@@ -157,12 +157,12 @@ class UserPrincipalProvider implements P
@Override
public Iterator findPrincipals(final String nameHint,
final int searchType) {
-return findPrincipals(nameHint, searchType, 0, -1);
+return findPrincipals(nameHint, false, searchType, 0, -1);
}
@NotNull
@Override
-public Iterator findPrincipals(final String nameHint,
final int searchType, long offset,
+public Iterator findPrincipals(final String nameHint,
final boolean fullText, final int searchType, long offset,
long limit) {
if (offset < 0) {
offset = 0;
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java?rev=1855536=1855535=1855536=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
Thu Mar 14 16:03:13 2019
@@ -416,7 +416,7 @@ public abstract class AbstractPrincipalP
}
List sub = expected.subList(offset, to);
Iterator i1 =
principalProvider.findPrincipals("testGroup",
-PrincipalManager.SEARCH_TYPE_ALL, offset, limit);
+false, PrincipalManager.SEARCH_TYPE_ALL, offset,
limit);
assertEquals(sub, getNames(i1));
}
}
svn commit: r1855533 - in /jackrabbit/oak/trunk: oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/ oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/ oak-secu
Author: stillalex
Date: Thu Mar 14 15:22:57 2019
New Revision: 1855533
URL: http://svn.apache.org/viewvc?rev=1855533=rev
Log:
OAK-8131 Principal Management APIs full text support
Modified:
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalQueryManager.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
Modified:
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java?rev=1855533=1855532=1855533=diff
==
---
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java
Thu Mar 14 15:22:57 2019
@@ -126,13 +126,13 @@ public class PrincipalManagerDelegator i
}
@Override
-public PrincipalIterator findPrincipals(String simpleFilter, int
searchType, long offset, long limit) {
+public PrincipalIterator findPrincipals(String simpleFilter, boolean
fullText, int searchType, long offset, long limit) {
return delegate.safePerform(new
SessionOperation("findPrincipals") {
@NotNull
@Override
public PrincipalIterator perform() {
if (principalManager instanceof PrincipalQueryManager) {
-return ((PrincipalQueryManager)
principalManager).findPrincipals(simpleFilter, searchType, offset,
+return ((PrincipalQueryManager)
principalManager).findPrincipals(simpleFilter, fullText, searchType, offset,
limit);
} else {
PrincipalIterator pi =
principalManager.findPrincipals(simpleFilter, searchType);
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java?rev=1855533=1855532=1855533=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java
Thu Mar 14 15:22:57 2019
@@ -80,7 +80,7 @@ public class PrincipalManagerImpl implem
}
@Override
-public PrincipalIterator findPrincipals(String simpleFilter, int
searchType, long offset, long limit) {
-return new
PrincipalIteratorAdapter(principalProvider.findPrincipals(simpleFilter,
searchType, offset, limit));
+public PrincipalIterator findPrincipals(String simpleFilter, boolean
fullText, int searchType, long offset, long limit) {
+return new
PrincipalIteratorAdapter(principalProvider.findPrincipals(simpleFilter,
fullText, searchType, offset, limit));
}
}
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java?rev=1855533=1855532=1855533=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
Thu Mar 14 15:22:57 2019
@@ -138,6 +138,7 @@ public interface PrincipalProvider {
* Find the principals that match the specified nameHint and search type.
*
* @param nameHint A name hint to use for non-exact matching.
+ * @param fullText hint to use a full text query for search
* @param searchType Limit the search to certain types of principals. Valid
* values are any of
* {@link
org.apache.jackrabbit.api.security.principal.PrincipalManager#SEARCH_TYPE_ALL}
@@ -14
svn commit: r1855340 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/principal/ test/java/org/apache/jackrabbit/oak/security/principal/ test/java/org/apache/jackr
Author: stillalex
Date: Tue Mar 12 18:15:22 2019
New Revision: 1855340
URL: http://svn.apache.org/viewvc?rev=1855340=rev
Log:
OAK-8125 PrincipalProviderImpl support for range search
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java?rev=1855340=1855339=1855340=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java
Tue Mar 12 18:15:22 2019
@@ -25,6 +25,7 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.Query;
import org.apache.jackrabbit.api.security.user.QueryBuilder;
+import org.apache.jackrabbit.api.security.user.QueryBuilder.Direction;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
@@ -129,15 +130,29 @@ class PrincipalProviderImpl implements P
@NotNull
@Override
-public Iterator findPrincipals(@Nullable final String
nameHint,
-final int searchType) {
+public Iterator findPrincipals(@Nullable final String
nameHint, final int searchType) {
+return findPrincipals(nameHint, searchType, 0, -1);
+}
+
+@NotNull
+@Override
+public Iterator findPrincipals(final String nameHint,
final int searchType, long offset,
+long limit) {
+if (offset < 0) {
+offset = 0;
+}
+if (limit < 0) {
+limit = Long.MAX_VALUE;
+}
try {
-Iterator authorizables = findAuthorizables(nameHint,
searchType);
+Iterator authorizables = findAuthorizables(nameHint,
searchType, offset, limit);
Iterator principals = Iterators.transform(
Iterators.filter(authorizables, Predicates.notNull()),
new AuthorizableToPrincipal());
-if (matchesEveryone(nameHint, searchType)) {
+// everyone is injected only in complete set, not on pages
+boolean noRange = offset == 0 && limit == Long.MAX_VALUE;
+if (noRange && matchesEveryone(nameHint, searchType)) {
principals = Iterators.concat(principals,
Iterators.singletonIterator(EveryonePrincipal.getInstance()));
return Iterators.filter(principals, new EveryonePredicate());
} else {
@@ -183,12 +198,15 @@ class PrincipalProviderImpl implements P
}
private Iterator findAuthorizables(@Nullable final String
nameHint,
- final int searchType)
throws RepositoryException {
+ final int searchType,
final long offset,
+ final long limit) throws
RepositoryException {
Query userQuery = new Query() {
@Override
public void build(QueryBuilder builder) {
builder.setCondition(builder.like('@'
+UserConstants.REP_PRINCIPAL_NAME, buildSearchPattern(nameHint)));
builder.setSelector(AuthorizableType.getType(searchType).getAuthorizableClass());
+builder.setSortOrder(UserConstants.REP_PRINCIPAL_NAME,
Direction.ASCENDING);
+builder.setLimit(offset, limit);
}
};
return userManager.findAuthorizables(userQuery);
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java?rev=1855340=1855339=1855340=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.jav
svn commit: r1855333 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/ test/java/org/apache/jackrabbit/oak/security/principal/ test/java/org/apache/jackrabbit
Author: stillalex
Date: Tue Mar 12 14:40:14 2019
New Revision: 1855333
URL: http://svn.apache.org/viewvc?rev=1855333=rev
Log:
OAK-8078 UserPrincipalProvider support for range search
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java?rev=1855333=1855332=1855333=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
Tue Mar 12 14:40:14 2019
@@ -155,10 +155,21 @@ class UserPrincipalProvider implements P
return principals;
}
+@Override
+public Iterator findPrincipals(final String nameHint,
final int searchType) {
+return findPrincipals(nameHint, searchType, 0, -1);
+}
+
@NotNull
@Override
-public Iterator findPrincipals(final String nameHint,
-final int searchType) {
+public Iterator findPrincipals(final String nameHint,
final int searchType, long offset,
+long limit) {
+if (offset < 0) {
+offset = 0;
+}
+if (limit < 0) {
+limit = Long.MAX_VALUE;
+}
try {
AuthorizableType type = AuthorizableType.getType(searchType);
StringBuilder statement = new StringBuilder()
@@ -166,17 +177,19 @@ class UserPrincipalProvider implements P
.append("//element(*,").append(QueryUtil.getNodeTypeName(type)).append(')')
.append("[jcr:like(@rep:principalName,'")
.append(buildSearchPattern(nameHint))
-.append("')]");
+.append("')] order by @rep:principalName");
Result result = root.getQueryEngine().executeQuery(
statement.toString(), javax.jcr.query.Query.XPATH,
-NO_BINDINGS, namePathMapper.getSessionLocalMappings());
+limit, offset, NO_BINDINGS,
namePathMapper.getSessionLocalMappings());
Iterator principals = Iterators.filter(
Iterators.transform(result.getRows().iterator(), new
ResultRowToPrincipal()),
Predicates.notNull());
-if (matchesEveryone(nameHint, searchType)) {
+// everyone is injected only in complete set, not on pages
+boolean noRange = offset == 0 && limit == Long.MAX_VALUE;
+if (noRange && matchesEveryone(nameHint, searchType)) {
principals = Iterators.concat(principals,
Iterators.singletonIterator(EveryonePrincipal.getInstance()));
return Iterators.filter(principals, new EveryonePredicate());
} else {
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java?rev=1855333=1855332=1855333=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java
Tue Mar 12 14:40:14 2019
@@ -62,6 +62,9 @@ public abstract class AbstractPrincipalP
protected String groupId2;
protected Group testGroup2;
+protected String groupId3;
+protected Group testGroup3;
+
@Override
public void before() throws Exception {
super.before();
@@ -73,10 +76,13 @@ public abstract class AbstractPrincipalP
testGroup = getUserManager(root).createGroup(groupId);
testGroup.addMember(getTestUser());
-groupId2 = "testGroup2" + UUID.randomUUID();
+groupId2 = "testGroup" + UUID.randomUUID() + "2";
testGroup2 = getUserManager(root).createGroup(groupId2);
testGroup.addMember(testGroup2);
+groupId3 = "testGroup" + UUID.random
svn commit: r1854982 - in /jackrabbit/oak/trunk: oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ oak-benchmarks/src/main/java/org/apache/jackrabbit
Author: stillalex
Date: Thu Mar 7 14:15:14 2019
New Revision: 1854982
URL: http://svn.apache.org/viewvc?rev=1854982=rev
Log:
OAK-8102 LoginModule error metrics
Added:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginModuleMBean.java
(with props)
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginModuleMonitor.java
(with props)
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginModuleStats.java
(with props)
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginModuleStatsCollector.java
(with props)
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginModuleStatsTest.java
(with props)
jackrabbit/oak/trunk/oak-security-spi/src/test/resources/
jackrabbit/oak/trunk/oak-security-spi/src/test/resources/logback-test.xml
(with props)
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistration.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImplTest.java
jackrabbit/oak/trunk/oak-security-spi/pom.xml
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/package-info.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/package-info.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModuleTest.java
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java?rev=1854982=1854981=1854982=diff
==
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java
Thu Mar 7 14:15:14 2019
@@ -246,12 +246,14 @@ public class ExternalLoginModule extends
}
} catch (ExternalIdentityException e) {
log.error("Error while authenticating '{}' with {}", logId,
idp.getName(), e);
+onError();
return false;
} catch (LoginException e) {
log.debug("IDP {} throws login exception for '{}': {}",
idp.getName(), logId, e.getMessage());
throw e;
-} catch (Exception e) {
-log.debug("SyncHandler {} throws sync exception for '{}'",
syncHandler.getName(), logId, e);
+} catch (SyncException | RepositoryException e) {
+onError();
+log.error("SyncHandler {} throws sync exception for '{}'",
syncHandler.getName(), logId,
svn commit: r1854577 - in /jackrabbit/oak/branches/1.10: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java oak-it/src/test/java/org/apache/jackrabbit/oak/In
Author: stillalex
Date: Fri Mar 1 11:43:39 2019
New Revision: 1854577
URL: http://svn.apache.org/viewvc?rev=1854577=rev
Log:
OAK-8095 VersionStorageEditor can prevent upgrade of version store
Modified:
jackrabbit/oak/branches/1.10/ (props changed)
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java
jackrabbit/oak/branches/1.10/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java
Propchange: jackrabbit/oak/branches/1.10/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Mar 1 11:43:39 2019
@@ -1,3 +1,3 @@
/jackrabbit/oak/branches/1.0:1665962
-/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854462,1854466,1854468,1854515
+/jackrabbit/oak/trunk:1850874,1850882,1851236,1851253,1851451,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852601,1852920,1853141,1853229,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997,1854034,1854044,1854058,1854113,1854373,1854377,1854380,1854385,1854401,1854403,1854462,1854466,1854468,1854515,1854533
/jackrabbit/trunk:1345480
Modified:
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java?rev=1854577=1854576=1854577=diff
==
---
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java
(original)
+++
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java
Fri Mar 1 11:43:39 2019
@@ -54,17 +54,19 @@ class VersionStorageEditor extends Defau
VersionStorageEditor(@NotNull NodeBuilder versionStorageNode,
@NotNull NodeBuilder workspaceRoot) {
this(versionStorageNode, workspaceRoot, versionStorageNode,
-VERSION_STORE_PATH);
+VERSION_STORE_PATH, false);
}
private VersionStorageEditor(@NotNull NodeBuilder versionStorageNode,
@NotNull NodeBuilder workspaceRoot,
@NotNull NodeBuilder builder,
- @NotNull String path) {
+ @NotNull String path,
+ boolean initPhase) {
this.versionStorageNode = checkNotNull(versionStorageNode);
this.workspaceRoot = checkNotNull(workspaceRoot);
this.builder = checkNotNull(builder);
this.path = checkNotNull(path);
+this.initPhase = initPhase;
}
@Override
@@ -88,8 +90,7 @@ class VersionStorageEditor extends Defau
if (d < VERSION_HISTORY_DEPTH && !isVersionStorageNode(after)) {
return null;
}
-return new VersionStorageEditor(versionStorageNode, workspaceRoot,
-builder.child(name), p);
+return new VersionStorageEditor(versionStorageNode, workspaceRoot,
builder.child(name), p, initPhase);
}
@Override
Modified:
jackrabbit/oak/branches/1.10/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java?rev=1854577=1854576=1854577=diff
==
---
jackrabbit/oak/branches/1.10/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java
(original)
+++
jackrabbit/oak/branches/1.10/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java
Fri Mar 1 11:43:39 2019
@@ -26,6 +26,7 @@ import org.apache.jackrabbit.oak.plugins
import org.apache.jackrabbit.oak.spi.commit.CommitInfo;
import org.apache.jackrabbit.oak.spi.state.NodeBuilder;
import org.apache.jackrabbit.oak.spi.state.NodeState;
+import org.apache.jackrabbit.oak.spi.state.NodeStateUtils;
import org.apache.jackrabbit.oak.spi.version.VersionConstants;
import org.junit.Test;
@@ -77,6 +78,27 @@ public class InitialContentTest implemen
NodeBuilder builder = before.builder();
new
InitialContent().withPrePopulatedVersionStore().initialize(builder);
NodeState after = builder.getNodeState();
+new VersionHook().processCommit(before, after, CommitInfo.EMPTY);
+}
+
+
+@Test
+public void validatePrePopulatedNonEmpty() throw
svn commit: r1854533 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java oak-it/src/test/java/org/apache/jackrabbit/oak/InitialConten
Author: stillalex
Date: Thu Feb 28 15:14:36 2019
New Revision: 1854533
URL: http://svn.apache.org/viewvc?rev=1854533=rev
Log:
OAK-8095 VersionStorageEditor can prevent upgrade of version store
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java
jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java?rev=1854533=1854532=1854533=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java
Thu Feb 28 15:14:36 2019
@@ -54,17 +54,19 @@ class VersionStorageEditor extends Defau
VersionStorageEditor(@NotNull NodeBuilder versionStorageNode,
@NotNull NodeBuilder workspaceRoot) {
this(versionStorageNode, workspaceRoot, versionStorageNode,
-VERSION_STORE_PATH);
+VERSION_STORE_PATH, false);
}
private VersionStorageEditor(@NotNull NodeBuilder versionStorageNode,
@NotNull NodeBuilder workspaceRoot,
@NotNull NodeBuilder builder,
- @NotNull String path) {
+ @NotNull String path,
+ boolean initPhase) {
this.versionStorageNode = checkNotNull(versionStorageNode);
this.workspaceRoot = checkNotNull(workspaceRoot);
this.builder = checkNotNull(builder);
this.path = checkNotNull(path);
+this.initPhase = initPhase;
}
@Override
@@ -88,8 +90,7 @@ class VersionStorageEditor extends Defau
if (d < VERSION_HISTORY_DEPTH && !isVersionStorageNode(after)) {
return null;
}
-return new VersionStorageEditor(versionStorageNode, workspaceRoot,
-builder.child(name), p);
+return new VersionStorageEditor(versionStorageNode, workspaceRoot,
builder.child(name), p, initPhase);
}
@Override
Modified:
jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java?rev=1854533=1854532=1854533=diff
==
---
jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java
(original)
+++
jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java
Thu Feb 28 15:14:36 2019
@@ -26,6 +26,7 @@ import org.apache.jackrabbit.oak.plugins
import org.apache.jackrabbit.oak.spi.commit.CommitInfo;
import org.apache.jackrabbit.oak.spi.state.NodeBuilder;
import org.apache.jackrabbit.oak.spi.state.NodeState;
+import org.apache.jackrabbit.oak.spi.state.NodeStateUtils;
import org.apache.jackrabbit.oak.spi.version.VersionConstants;
import org.junit.Test;
@@ -77,6 +78,27 @@ public class InitialContentTest implemen
NodeBuilder builder = before.builder();
new
InitialContent().withPrePopulatedVersionStore().initialize(builder);
NodeState after = builder.getNodeState();
+new VersionHook().processCommit(before, after, CommitInfo.EMPTY);
+}
+
+
+@Test
+public void validatePrePopulatedNonEmpty() throws Exception {
+NodeState init = EMPTY_NODE;
+NodeBuilder builderI = init.builder();
+
+// create a partial version storage structure
+new
InitialContent().withPrePopulatedVersionStore().initialize(builderI);
+NodeBuilder versionStorage =
builderI.child(JCR_SYSTEM).child(JCR_VERSIONSTORAGE);
+versionStorage.removeProperty(VERSION_STORE_INIT);
+versionStorage.getChildNode("00").getChildNode("00").remove();
+versionStorage.getChildNode("01").getChildNode("00").remove();
+versionStorage.getChildNode("02").remove();
+
+NodeState before = builderI.getNodeState();
+NodeBuilder builder = before.builder();
+new
InitialContent().withPrePopulatedVersionStore().initialize(builder);
+NodeState after = builder.getNodeState();
new VersionHook().processCommit(before, after, CommitInfo.EMPTY);
}
}
svn commit: r1854316 - in /jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark: BenchmarkRunner.java authentication/external/AbstractExternalTest.java authentication/
Author: stillalex
Date: Mon Feb 25 15:18:55 2019
New Revision: 1854316
URL: http://svn.apache.org/viewvc?rev=1854316=rev
Log:
OAK-8053 Add intermediate report to ExternalLoginTest
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java?rev=1854316=1854315=1854316=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
Mon Feb 25 15:18:55 2019
@@ -486,7 +486,9 @@ public class BenchmarkRunner {
new ReplicaCrashResilienceTest(),
// benchmarks for oak-auth-external
-new ExternalLoginTest(numberOfUsers.value(options),
numberOfGroups.value(options), expiration.value(options),
dynamicMembership.value(options), autoMembership.values(options)),
+new ExternalLoginTest(numberOfUsers.value(options),
numberOfGroups.value(options),
+expiration.value(options),
dynamicMembership.value(options), autoMembership.values(options),
+report.value(options)),
new SyncAllExternalUsersTest(numberOfUsers.value(options),
numberOfGroups.value(options), expiration.value(options),
dynamicMembership.value(options), autoMembership.values(options)),
new SyncAllUsersTest(numberOfUsers.value(options),
numberOfGroups.value(options), expiration.value(options),
dynamicMembership.value(options), autoMembership.values(options)),
new SyncExternalUsersTest(numberOfUsers.value(options),
numberOfGroups.value(options), expiration.value(options),
dynamicMembership.value(options), autoMembership.values(options),
batchSize.value(options)),
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java?rev=1854316=1854315=1854316=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java
Mon Feb 25 15:18:55 2019
@@ -91,7 +91,8 @@ abstract class AbstractExternalTest exte
private static final String PATH_PREFIX = "pathPrefix";
-private final Random random = new Random();
+protected final long seed = Long.getLong("seed",
System.currentTimeMillis());
+private final Random random = new Random(seed);
private final ExternalPrincipalConfiguration
externalPrincipalConfiguration = new ExternalPrincipalConfiguration();
private ContentRepository contentRepository;
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java?rev=1854316=1854315=1854316=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
Mon Feb 25 15:18:55 2019
@@ -16,7 +16,10 @@
*/
package org.apache.jackrabbit.oak.benchmark.authentication.external;
+import java.util.HashSet;
import java.util.List;
+import java.util.Set;
+
import javax.jcr.SimpleCredentials;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
@@ -30,7 +33,6 @@ import org.apache.jackrabbit.oak.spi.sec
import org.jetbrains.annotations.NotNull;
import static
javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag.SUFFIC
svn commit: r1854314 - in /jackrabbit/oak/trunk: oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/ oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/ oak-secu
Author: stillalex
Date: Mon Feb 25 14:24:41 2019
New Revision: 1854314
URL: http://svn.apache.org/viewvc?rev=1854314=rev
Log:
OAK-7994 Principal Management APIs don't allow for search pagination
Added:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalQueryManager.java
(with props)
Modified:
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/package-info.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProviderTest.java
Modified:
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java?rev=1854314=1854313=1854314=diff
==
---
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/delegate/PrincipalManagerDelegator.java
Mon Feb 25 14:24:41 2019
@@ -26,6 +26,7 @@ import javax.jcr.RepositoryException;
import org.apache.jackrabbit.api.security.principal.PrincipalIterator;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.oak.jcr.session.operation.SessionOperation;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalQueryManager;
import org.jetbrains.annotations.NotNull;
/**
@@ -34,7 +35,7 @@ import org.jetbrains.annotations.NotNull
*
* @see SessionDelegate#perform(SessionOperation)
*/
-public class PrincipalManagerDelegator implements PrincipalManager {
+public class PrincipalManagerDelegator implements PrincipalManager,
PrincipalQueryManager {
private final SessionDelegate delegate;
private final PrincipalManager principalManager;
@@ -123,4 +124,22 @@ public class PrincipalManagerDelegator i
}
});
}
+
+@Override
+public PrincipalIterator findPrincipals(String simpleFilter, int
searchType, long offset, long limit) {
+return delegate.safePerform(new
SessionOperation("findPrincipals") {
+@NotNull
+@Override
+public PrincipalIterator perform() {
+if (principalManager instanceof PrincipalQueryManager) {
+return ((PrincipalQueryManager)
principalManager).findPrincipals(simpleFilter, searchType, offset,
+limit);
+} else {
+PrincipalIterator pi =
principalManager.findPrincipals(simpleFilter, searchType);
+pi.skip(offset);
+return pi;
+}
+}
+});
+}
}
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java?rev=1854314=1854313=1854314=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java
Mon Feb 25 14:24:41 2019
@@ -25,7 +25,7 @@ import org.jetbrains.annotations.Nullabl
/**
* Default implementation of the {@code PrincipalManager} interface.
*/
-public class PrincipalManagerImpl implements PrincipalManager {
+public class PrincipalManagerImpl implements PrincipalQueryManager,
PrincipalManager {
private final PrincipalProvider principalProvider;
@@ -78,4 +78,9 @@ public class PrincipalManagerImpl implem
}
return everyone;
}
+
+@Override
+public PrincipalIterator findPrincipals(String simpleFilter, int
searchType, long offset, long limit) {
+return new
PrincipalIteratorAdapter(principalProvider.findPrincipals(simpleFilter,
searchType, offset, limit));
+}
}
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src
svn commit: r1854053 - in /jackrabbit/oak/branches/1.10: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex
Date: Thu Feb 21 14:44:15 2019
New Revision: 1854053
URL: http://svn.apache.org/viewvc?rev=1854053=rev
Log:
OAK-8054 RepMembersConflictHandler creates property with wrong type
- backport
Modified:
jackrabbit/oak/branches/1.10/ (props changed)
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/GroupImplTest.java
jackrabbit/oak/branches/1.10/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandlerTest.java
Propchange: jackrabbit/oak/branches/1.10/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Feb 21 14:44:15 2019
@@ -1,3 +1,3 @@
/jackrabbit/oak/branches/1.0:1665962
-/jackrabbit/oak/trunk:1851236,1851253,1851451,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852920,1853393,1853429,1853433,1853441,1853866,1853870,1853893,1853969,1853997
+/jackrabbit/oak/trunk:1851236,1851253,1851451,1852052,1852084,1852120,1852451,1852492-1852493,1852528,1852582,1852584,1852920,1853393,1853429,1853433,1853441,1853866,1853868,1853870,1853893,1853969,1853997
/jackrabbit/trunk:1345480
Modified:
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java?rev=1854053=1854052=1854053=diff
==
---
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
(original)
+++
jackrabbit/oak/branches/1.10/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
Thu Feb 21 14:44:15 2019
@@ -18,8 +18,10 @@
*/
package org.apache.jackrabbit.oak.security.user;
+import java.util.LinkedHashSet;
import java.util.Set;
+import org.apache.jackrabbit.JcrConstants;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.plugins.memory.PropertyBuilder;
@@ -29,6 +31,7 @@ import org.apache.jackrabbit.oak.spi.sta
import org.apache.jackrabbit.oak.spi.state.NodeState;
import org.jetbrains.annotations.NotNull;
+import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Sets;
/**
@@ -37,10 +40,14 @@ import com.google.common.collect.Sets;
*
* The conflict handler deals with the following conflicts:
*
- * {@code addExistingProperty} : {@code Resolution.MERGED},
+ * {@code addExistingProperty} : {@code Resolution.MERGED}.
* {@code changeDeletedProperty}: {@code Resolution.THEIRS}, removing
the members property takes precedence.
* {@code changeChangedProperty}: {@code Resolution.MERGED}, merge of
the 2 members sets into a single one
* {@code deleteChangedProperty}: {@code Resolution.OURS} removing the
members property takes precedence.
+ * {@code deleteDeletedProperty}: {@code Resolution.MERGED}.
+ * {@code changeDeletedNode}: {@code Resolution.THEIRS}, removal
takes precedence.
+ * {@code deleteChangedNode}: {@code Resolution.OURS}, removal
takes precedence.
+ * {@code deleteDeletedNode}: {@code Resolution.MERGED}.
*
*/
class RepMembersConflictHandler implements ThreeWayConflictHandler {
@@ -50,7 +57,7 @@ class RepMembersConflictHandler implemen
public Resolution addExistingProperty(@NotNull NodeBuilder parent,
@NotNull PropertyState ours,
@NotNull PropertyState theirs) {
if (isRepMembersProperty(theirs)) {
-mergeChange(parent, ours, theirs,Sets.newHashSet());
+mergeChange(parent, ours, theirs, ImmutableSet.of());
return Resolution.MERGED;
} else {
return Resolution.IGNORED;
@@ -74,7 +81,7 @@ class RepMembersConflictHandler implemen
public Resolution changeChangedProperty(@NotNull NodeBuilder parent,
@NotNull PropertyState ours,
@NotNull PropertyState theirs, @NotNull PropertyState base) {
if (isRepMembersProperty(theirs)) {
-Set baseMembers =
Sets.newHashSet(base.getValue(Type.STRINGS));
+Set baseMembers =
ImmutableSet.copyOf(base.getValue(Type.STRINGS));
mergeChange(parent, ours, theirs, baseMembers);
return Resolution.MERGED;
} else {
@@ -85,8 +92,12 @@ class RepMembersConflictHandler implemen
@NotNull
@Override
public Resolution deleteDeletedProperty(@NotNull NodeBuilder parent,
@NotNull PropertyState base) {
-// both are removing the members property, ignoring
-return Resolution.IGNORED;
+if (isRepMembersProperty(base
svn commit: r1853868 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/ test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex
Date: Tue Feb 19 09:38:03 2019
New Revision: 1853868
URL: http://svn.apache.org/viewvc?rev=1853868=rev
Log:
OAK-8054 RepMembersConflictHandler creates property with wrong type
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/GroupImplTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandlerTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java?rev=1853868=1853867=1853868=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/RepMembersConflictHandler.java
Tue Feb 19 09:38:03 2019
@@ -18,8 +18,10 @@
*/
package org.apache.jackrabbit.oak.security.user;
+import java.util.LinkedHashSet;
import java.util.Set;
+import org.apache.jackrabbit.JcrConstants;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.plugins.memory.PropertyBuilder;
@@ -29,6 +31,7 @@ import org.apache.jackrabbit.oak.spi.sta
import org.apache.jackrabbit.oak.spi.state.NodeState;
import org.jetbrains.annotations.NotNull;
+import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Sets;
/**
@@ -37,10 +40,14 @@ import com.google.common.collect.Sets;
*
* The conflict handler deals with the following conflicts:
*
- * {@code addExistingProperty} : {@code Resolution.MERGED},
+ * {@code addExistingProperty} : {@code Resolution.MERGED}.
* {@code changeDeletedProperty}: {@code Resolution.THEIRS}, removing
the members property takes precedence.
* {@code changeChangedProperty}: {@code Resolution.MERGED}, merge of
the 2 members sets into a single one
* {@code deleteChangedProperty}: {@code Resolution.OURS} removing the
members property takes precedence.
+ * {@code deleteDeletedProperty}: {@code Resolution.MERGED}.
+ * {@code changeDeletedNode}: {@code Resolution.THEIRS}, removal
takes precedence.
+ * {@code deleteChangedNode}: {@code Resolution.OURS}, removal
takes precedence.
+ * {@code deleteDeletedNode}: {@code Resolution.MERGED}.
*
*/
class RepMembersConflictHandler implements ThreeWayConflictHandler {
@@ -50,7 +57,7 @@ class RepMembersConflictHandler implemen
public Resolution addExistingProperty(@NotNull NodeBuilder parent,
@NotNull PropertyState ours,
@NotNull PropertyState theirs) {
if (isRepMembersProperty(theirs)) {
-mergeChange(parent, ours, theirs,Sets.newHashSet());
+mergeChange(parent, ours, theirs, ImmutableSet.of());
return Resolution.MERGED;
} else {
return Resolution.IGNORED;
@@ -74,7 +81,7 @@ class RepMembersConflictHandler implemen
public Resolution changeChangedProperty(@NotNull NodeBuilder parent,
@NotNull PropertyState ours,
@NotNull PropertyState theirs, @NotNull PropertyState base) {
if (isRepMembersProperty(theirs)) {
-Set baseMembers =
Sets.newHashSet(base.getValue(Type.STRINGS));
+Set baseMembers =
ImmutableSet.copyOf(base.getValue(Type.STRINGS));
mergeChange(parent, ours, theirs, baseMembers);
return Resolution.MERGED;
} else {
@@ -85,8 +92,12 @@ class RepMembersConflictHandler implemen
@NotNull
@Override
public Resolution deleteDeletedProperty(@NotNull NodeBuilder parent,
@NotNull PropertyState base) {
-// both are removing the members property, ignoring
-return Resolution.IGNORED;
+if (isRepMembersProperty(base)) {
+// both are removing the members property
+return Resolution.MERGED;
+} else {
+return Resolution.IGNORED;
+}
}
@NotNull
@@ -101,7 +112,6 @@ class RepMembersConflictHandler implemen
}
}
-
@NotNull
@Override
public Resolution addExistingNode(@NotNull NodeBuilder parent, @NotNull
String name, @NotNull NodeState ours,
@@ -113,33 +123,45 @@ class RepMembersConflictHandler implemen
@Override
public Resolution changeDeletedNode(@NotNull NodeBuilder parent, @NotNull
String name, @NotNull NodeState ours,
@NotNull NodeState base) {
-return Resolution.IGNORED;
+if (isMemberRefType(base)) {
+return Resolution.THEIRS;
+} else {
+return
svn commit: r1853228 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
Author: stillalex
Date: Fri Feb 8 16:00:20 2019
New Revision: 1853228
URL: http://svn.apache.org/viewvc?rev=1853228=rev
Log:
OAK-6221 Deprecate SecurityProviderImpl
- trivial javadoc note
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java?rev=1853228=1853227=1853228=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
Fri Feb 8 16:00:20 2019
@@ -59,6 +59,9 @@ import org.osgi.framework.BundleContext;
import static com.google.common.base.Preconditions.checkNotNull;
+/**
+ * @deprecated Replaced by {@code
org.apache.jackrabbit.oak.security.internal.SecurityProviderBuilder}
+ */
@Deprecated
public class SecurityProviderImpl implements SecurityProvider, WhiteboardAware
{
svn commit: r1847222 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/
Author: stillalex Date: Fri Nov 23 08:35:40 2018 New Revision: 1847222 URL: http://svn.apache.org/viewvc?rev=1847222=rev Log: OAK-7862 Make PermissionEntryCache more resilient against OOME (1.8) - backport to 1.6 Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Nov 23 08:35:40 2018 @@ -1,3 +1,4 @@ /jackrabbit/oak/branches/1.0:1665962 +/jackrabbit/oak/branches/1.8:1844835 /jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832258,1832379,1832535,1833308,1834112,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1840 226,1842677,1843222,1843231,1844549,1844642,1844728,1846057 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Nov 23 08:35:40 2018 @@ -1,4 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 +/jackrabbit/oak/branches/1.8/oak-core:1844835 /jackrabbit/oak/trunk:1834823 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 /jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789441,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799861,1799924,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,180226 2,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1811380,1811952,1811963,1811986,1814332,1818645,1821325,1821358,1821516,1830160,1840226,1846057 Modified: jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache
svn commit: r1846637 - in /jackrabbit/oak/branches/1.6: ./ oak-parent/pom.xml
Author: stillalex Date: Thu Nov 15 10:58:52 2018 New Revision: 1846637 URL: http://svn.apache.org/viewvc?rev=1846637=rev Log: OAK-7578 Update spotbugs plugin to 3.1.5 Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-parent/pom.xml Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Nov 15 10:58:52 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832258,1832379,1832535,1833308,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1840226,1842 677,1843222,1843231,1844549,1844642,1844728,1846057 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832258,1832379,1832535,1833308,1834112,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1840 226,1842677,1843222,1843231,1844549,1844642,1844728,1846057 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.6/oak-parent/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-parent/pom.xml?rev=1846637=1846636=1846637=diff == --- jackrabbit/oak/branches/1.6/oak-parent/pom.xml (original) +++ jackrabbit
svn commit: r1846636 - in /jackrabbit/oak/branches/1.6: ./ oak-parent/pom.xml
Author: stillalex Date: Thu Nov 15 10:55:58 2018 New Revision: 1846636 URL: http://svn.apache.org/viewvc?rev=1846636=rev Log: OAK-7368 update to findbugs version compatible with jdk 10 Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-parent/pom.xml Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Nov 15 10:55:58 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832379,1832535,1833308,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1840226,1842677,1843 222,1843231,1844549,1844642,1844728,1846057 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832258,1832379,1832535,1833308,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1840226,1842 677,1843222,1843231,1844549,1844642,1844728,1846057 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.6/oak-parent/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-parent/pom.xml?rev=1846636=1846635=1846636=diff == --- jackrabbit/oak/branches/1.6/oak-parent/pom.xml (original) +++ jackrabbit
svn commit: r1846110 - in /jackrabbit/oak/branches/1.8: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/aut
Author: stillalex Date: Thu Nov 8 09:31:58 2018 New Revision: 1846110 URL: http://svn.apache.org/viewvc?rev=1846110=rev Log: OAK-7876 Backport OAK-7741 to 1.8 branch Modified: jackrabbit/oak/branches/1.8/ (props changed) jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java jackrabbit/oak/branches/1.8/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java Propchange: jackrabbit/oak/branches/1.8/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Nov 8 09:31:58 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189-1836196,1836206,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840455,1840574,1841314,1841352,1842089,1842677,1843222,1843231,1843398,1843618,1843652,1843911,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845336 +/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836167-1836168,1836170-1836187,1836189-1836196,1836206,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840574,1841314,1841352,1842089,1842677,1843222,1843231,1843398,1843618,1843652,1843911,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845336 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java?rev=1846110=1846109=1846110=diff == --- jackrabbit/oak/branches/1.8/oak
svn commit: r1845875 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Author: stillalex
Date: Tue Nov 6 08:29:20 2018
New Revision: 1845875
URL: http://svn.apache.org/viewvc?rev=1845875=rev
Log:
OAK-7870 Reduce permission store lookups for empty principal sets
- same change for TreePermissionImpl#isGranted
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java?rev=1845875=1845874=1845875=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Tue Nov 6 08:29:20 2018
@@ -568,21 +568,33 @@ final class CompiledPermissionImpl imple
@Override
public boolean isGranted(long permissions) {
EntryPredicate predicate = new EntryPredicate(tree, null,
Permissions.respectParentPermissions(permissions));
-Iterator it = concat(new LazyIterator(this, true,
predicate), new LazyIterator(this, false, predicate));
+Iterator it = getIterator(predicate);
return hasPermissions(it, predicate, permissions, tree.getPath());
}
@Override
public boolean isGranted(long permissions, @NotNull PropertyState
property) {
EntryPredicate predicate = new EntryPredicate(tree, property,
Permissions.respectParentPermissions(permissions));
-Iterator it = concat(new LazyIterator(this, true,
predicate), new LazyIterator(this, false, predicate));
+Iterator it = getIterator(predicate);
return hasPermissions(it, predicate, permissions, tree.getPath());
}
//< private
>---
private Iterator getIterator(@Nullable PropertyState
property, long permissions) {
EntryPredicate predicate = new EntryPredicate(tree, property,
Permissions.respectParentPermissions(permissions));
-return concat(new LazyIterator(this, true, predicate), new
LazyIterator(this, false, predicate));
+return getIterator(predicate);
+}
+
+private Iterator getIterator(@NotNull EntryPredicate
predicate) {
+if (userStore != null && groupStore != null) {
+return concat(new LazyIterator(this, true, predicate), new
LazyIterator(this, false, predicate));
+} else if (userStore != null) {
+return new LazyIterator(this, true, predicate);
+} else if (groupStore != null) {
+return new LazyIterator(this, false, predicate);
+} else {
+return Collections.emptyIterator();
+}
}
private Iterator getUserEntries() {
svn commit: r1845485 - in /jackrabbit/oak/branches/1.8: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/aut
Author: stillalex Date: Thu Nov 1 15:20:06 2018 New Revision: 1845485 URL: http://svn.apache.org/viewvc?rev=1845485=rev Log: OAK-7741 Token LoginModule flag to skip refreshing the token expiration - reverted change due to package export version Modified: jackrabbit/oak/branches/1.8/ (props changed) jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java jackrabbit/oak/branches/1.8/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java Propchange: jackrabbit/oak/branches/1.8/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Nov 1 15:20:06 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840574,1841314,1841352,1842089,1842677,1843222,1843231,1843398,1843618,1843652,1843911,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845336 +/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840455,1840574,1841314,1841352,1842089,1842677,1843222,1843231,1843398,1843618,1843652,1843911,1844325,1844549,1844625,1844627,1844642,1844728,1844775,1844932,1845336 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java?rev=1845485=1845484=1845485=diff == --- jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache
svn commit: r1845439 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Author: stillalex
Date: Thu Nov 1 10:51:39 2018
New Revision: 1845439
URL: http://svn.apache.org/viewvc?rev=1845439=rev
Log:
OAK-7870 Reduce permission store lookups for empty principal sets
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java?rev=1845439=1845438=1845439=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java
Thu Nov 1 10:51:39 2018
@@ -109,8 +109,16 @@ final class CompiledPermissionImpl imple
}
}
-userStore = new PermissionEntryProviderImpl(store, userNames, options);
-groupStore = new PermissionEntryProviderImpl(store, groupNames,
options);
+if (!userNames.isEmpty()) {
+userStore = new PermissionEntryProviderImpl(store, userNames,
options);
+} else {
+userStore = null;
+}
+if (!groupNames.isEmpty()) {
+groupStore = new PermissionEntryProviderImpl(store, groupNames,
options);
+} else {
+groupStore = null;
+}
typeProvider = new TreeTypeProvider(ctx);
}
@@ -138,8 +146,12 @@ final class CompiledPermissionImpl imple
this.versionManager = null;
store.flush(root);
-userStore.flush();
-groupStore.flush();
+if (userStore != null) {
+userStore.flush();
+}
+if (groupStore != null) {
+groupStore.flush();
+}
}
@NotNull
@@ -414,9 +426,17 @@ final class CompiledPermissionImpl imple
@NotNull
private Iterator getEntryIterator(@NotNull EntryPredicate
predicate) {
-Iterator userEntries =
userStore.getEntryIterator(predicate);
-Iterator groupEntries =
groupStore.getEntryIterator(predicate);
-return concat(userEntries, groupEntries);
+if (userStore != null && groupStore != null) {
+Iterator userEntries =
userStore.getEntryIterator(predicate);
+Iterator groupEntries =
groupStore.getEntryIterator(predicate);
+return concat(userEntries, groupEntries);
+} else if (userStore != null) {
+return userStore.getEntryIterator(predicate);
+} else if (groupStore != null) {
+return groupStore.getEntryIterator(predicate);
+} else {
+return Collections.emptyIterator();
+}
}
@Nullable
@@ -567,14 +587,14 @@ final class CompiledPermissionImpl imple
private Iterator getUserEntries() {
if (userEntries == null) {
-userEntries = userStore.getEntries(tree);
+userEntries = userStore != null ? userStore.getEntries(tree) :
Collections.emptyList();
}
return userEntries.iterator();
}
private Iterator getGroupEntries() {
if (groupEntries == null) {
-groupEntries = groupStore.getEntries(tree);
+groupEntries = groupStore != null ?
groupStore.getEntries(tree) : Collections.emptyList();
}
return groupEntries.iterator();
}
svn commit: r1844835 - in /jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission: PermissionEntryCache.java PrincipalPermissionEntries.java
Author: stillalex
Date: Thu Oct 25 14:56:10 2018
New Revision: 1844835
URL: http://svn.apache.org/viewvc?rev=1844835=rev
Log:
OAK-7862 Make PermissionEntryCache more resilient against OOME (1.8)
Modified:
jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java
jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java
Modified:
jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java?rev=1844835=1844834=1844835=diff
==
---
jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java
(original)
+++
jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionEntryCache.java
Thu Oct 25 14:56:10 2018
@@ -17,7 +17,6 @@
package org.apache.jackrabbit.oak.security.authorization.permission;
import java.util.Collection;
-import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
@@ -81,15 +80,15 @@ class PermissionEntryCache {
ppe = new PrincipalPermissionEntries();
entries.put(principalName, ppe);
}
-Collection pes = ppe.getEntries().get(path);
+Collection pes = ppe.getEntriesByPath(path);
if (pes == null) {
pes = store.load(null, principalName, path);
if (pes == null) {
-pes = Collections.emptySet();
+ppe.rememberNotAccessControlled(path);
} else {
+ppe.putEntriesByPath(path, pes);
ret.addAll(pes);
}
-ppe.getEntries().put(path, pes);
} else {
ret.addAll(pes);
}
Modified:
jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java?rev=1844835=1844834=1844835=diff
==
---
jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java
(original)
+++
jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java
Thu Oct 25 14:56:10 2018
@@ -16,10 +16,15 @@
*/
package org.apache.jackrabbit.oak.security.authorization.permission;
+import static java.util.Collections.emptySet;
+
import java.util.Collection;
import java.util.HashMap;
+import java.util.LinkedHashMap;
import java.util.Map;
+
import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
/**
* {@code PermissionEntries} holds the permission entries of one principal
@@ -27,6 +32,11 @@ import javax.annotation.Nonnull;
class PrincipalPermissionEntries {
/**
+ * max size of the emptyPaths cache.
+ */
+private static int MAX_SIZE =
Integer.getInteger("oak.PrincipalPermissionEntries.maxSize", 1000);
+
+/**
* indicating if all entries were loaded.
*/
private boolean fullyLoaded;
@@ -34,13 +44,20 @@ class PrincipalPermissionEntries {
/**
* map of permission entries, accessed by path
*/
-private Map> entries = new
HashMap>();
+private Map> entries = new HashMap<>();
+private final Map emptyPaths;
PrincipalPermissionEntries() {
+this.emptyPaths = new LinkedHashMap() {
+@Override
+protected boolean removeEldestEntry(Map.Entry
eldest) {
+return size() > MAX_SIZE;
+}
+};
}
long getSize() {
-return entries.size();
+return entries.size() + emptyPaths.size();
}
boolean isFullyLoaded() {
@@ -55,4 +72,17 @@ class PrincipalPermissionEntries {
Map> getEntries() {
return entries;
}
+
+@Nullable
+Collection getEntriesByPath(@Nonnull String path) {
+return (emptyPaths.containsKey(path)) ? emptySet() : entries.get(path);
+}
+
+void putEntriesByPath(@Nonnull String path, @Nonnull
Collection pathEntries) {
+entries.put(path, pathEntries);
+}
+
+void rememberNotAccessControlled(@Nonnull String path) {
+emptyPaths.put(path, null);
+}
}
\ No newline at end of file
svn commit: r1844824 - in /jackrabbit/oak/trunk: oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/ oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/ oak-c
Author: stillalex
Date: Thu Oct 25 12:09:32 2018
New Revision: 1844824
URL: http://svn.apache.org/viewvc?rev=1844824=rev
Log:
OAK-7860 Make PermissionEntryCache more resilient against OOME
Added:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/CanReadNonExisting.java
(with props)
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PrincipalPermissionEntries.java
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java?rev=1844824=1844823=1844824=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
Thu Oct 25 12:09:32 2018
@@ -48,6 +48,7 @@ import org.apache.jackrabbit.oak.benchma
import
org.apache.jackrabbit.oak.benchmark.authentication.external.SyncAllUsersTest;
import
org.apache.jackrabbit.oak.benchmark.authentication.external.SyncExternalUsersTest;
import org.apache.jackrabbit.oak.benchmark.authorization.AceCreationTest;
+import org.apache.jackrabbit.oak.benchmark.authorization.CanReadNonExisting;
import org.apache.jackrabbit.oak.benchmark.wikipedia.WikipediaImport;
import org.apache.jackrabbit.oak.fixture.JackrabbitRepositoryFixture;
import org.apache.jackrabbit.oak.fixture.OakFixture;
@@ -492,7 +493,8 @@ public class BenchmarkRunner {
new BundlingNodeTest(),
new PersistentCacheTest(statsProvider),
new StringWriteTest(),
-new BasicWriteTest()
+new BasicWriteTest(),
+new CanReadNonExisting()
};
Set argset = Sets.newHashSet(nonOption.values(options));
Added:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/CanReadNonExisting.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/CanReadNonExisting.java?rev=1844824=auto
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/CanReadNonExisting.java
(added)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authorization/CanReadNonExisting.java
Thu Oct 25 12:09:32 2018
@@ -0,0 +1,113 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.benchmark.authorization;
+
+import static javax.jcr.security.Privilege.JCR_READ;
+import static
org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils.addAccessControlEntry;
+import static org.junit.Assert.assertFalse;
+
+import javax.jcr.Node;
+import javax.jcr.Session;
+import javax.jcr.SimpleCredentials;
+import javax.jcr.security.Privilege;
+
+import org.apache.jackrabbit.api.JackrabbitSession;
+import org.apache.jackrabbit.api.security.user.Group;
+import org.apache.jackrabbit.api.security.user.User;
+import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.oak.benchmark.AbstractTest;
+import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
+
+/**
+ * Tests the behavior of the permission cache when faced with lots of paths
that
+ * have no relevant policies for the current session (but may have other
+ * policies). For more info see OAK-7860.
+ */
+public class CanReadNonExisting extends AbstractTest {
+
+static final String uid = "u0";
+
+static final int contentNodes = 1;
+
+@Override
+public void beforeSuite() throws Exceptio
svn commit: r1844323 - in /jackrabbit/oak/branches/1.8: ./ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/aut
Author: stillalex Date: Fri Oct 19 09:52:29 2018 New Revision: 1844323 URL: http://svn.apache.org/viewvc?rev=1844323=rev Log: OAK-7741 Token LoginModule flag to skip refreshing the token expiration - backported rev 1840226 to 1.8 Modified: jackrabbit/oak/branches/1.8/ (props changed) jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java jackrabbit/oak/branches/1.8/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java jackrabbit/oak/branches/1.8/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java Propchange: jackrabbit/oak/branches/1.8/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Oct 19 09:52:29 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840455,1840574,1841314,1841352,1842677,1843222,1843231,1843398,1843618,1843652,1843911 +/jackrabbit/oak/trunk:1820660-1820661,1820729,1820734,1820859,1820861,1820878,1820888,1820947,1821027,1821130,1821140-1821141,1821178,1821237,1821240,1821249,1821258,1821325,1821358,1821361-1821362,1821370,1821375,1821393,1821477,1821487,1821516,1821617,1821663,1821665,1821668,1821681,1821847,1821975-1821983,1822121,1822201,1822207,1822527,1822723,1822808,1822850,1822934,1823135,1823163,1823169,1823172,1823655,1823669,1824196,1824198,1824253,1824255,1824896,1824962,1825065,1825362,1825381,1825442,1825448,1825466,1825470-1825471,1825475,1825523,1825525,1825561,1825619-1825621,1825651,1825654,1825992,1826079,1826090,1826096,1826216,1826237,1826338,1826516,1826532,1826551,1826560,1826638,1826640,1826730,1826932,1826957,1827423,1827472,1827486,1827816,1827977,1828349,1828439,1828502,1828529,1828948,1829527,1829534,1829546,1829569,1829587,1829665,1829854,1829864,1829978,1829985,1829987,1829998,1830019,1830048,1830160,1830171,1830197,1830209,1830239,1830347,1830748,1830911,1830923,1831157 -1831158,1831163,1831190,1831374,1831560,1831689,1832258,1832376,1832379,1832535,1833308,1833347,1833833,1834112,1834117,1834287,1834291,1834302,1834326,1834328,1834336,1834428,1834468,1834483,1834610,1834648-1834649,1834681,1834823,1834857-1834858,1835060,1835518,1835521,1835635,1835642,1835780,1835819,1836082,1836121,1836487,1836493,1837057,1837274,1837296,1837326,1837475,1837503,1837547,1837569,1837600,1837657,1837718,1837998,1838076,1838637,1839549,1839570,1839637,1839746,1840019,1840024,1840031,1840226,1840455,1840574,1841314,1841352,1842677,1843222,1843231,1843398,1843618,1843652,1843911 /jackrabbit/trunk:1345480 Modified: jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java?rev=1844323=1844322=1844323=diff == --- jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java (original) +++ jackrabbit/oak/branches/1.8/oak-core/src/main/java/org/apache/jackrabbit/oak/security
svn commit: r1844314 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/test/java/org/apache/jackrabbit/oak/se
Author: stillalex Date: Fri Oct 19 08:44:19 2018 New Revision: 1844314 URL: http://svn.apache.org/viewvc?rev=1844314=rev Log: OAK-7741 Token LoginModule flag to skip refreshing the token expiration - merged rev 1840226 to 1.6 branch Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConstants.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Oct 19 08:44:19 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832379,1832535,1833308,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1842677,1843222,1843 231 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119 ,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832379,1832535,1833308,1834648
svn commit: r1843549 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/a
Author: stillalex
Date: Thu Oct 11 13:17:19 2018
New Revision: 1843549
URL: http://svn.apache.org/viewvc?rev=1843549=rev
Log:
OAK-7822 More aggressive internal state cleanup of login modules
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java?rev=1843549=1843548=1843549=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
Thu Oct 11 13:17:19 2018
@@ -153,6 +153,7 @@ public final class TokenLoginModule exte
if (tokenCredentials != null && userId != null) {
Set principals = (principal != null) ?
getPrincipals(principal) : getPrincipals(userId);
updateSubject(tokenCredentials, getAuthInfo(tokenInfo,
principals), principals);
+clearState();
return true;
}
try{
@@ -206,6 +207,7 @@ public final class TokenLoginModule exte
tokenCredentials = null;
tokenInfo = null;
userId = null;
+tokenProvider = null;
}
//< private
>---
@@ -245,7 +247,7 @@ public final class TokenLoginModule exte
* @return The {@code AuthInfo} resulting from the successful login.
*/
@Nullable
-private AuthInfo getAuthInfo(@Nullable TokenInfo tokenInfo, @NotNull Set principals) {
+private static AuthInfo getAuthInfo(@Nullable TokenInfo tokenInfo,
@NotNull Set principals) {
if (tokenInfo != null) {
Map attributes = new HashMap();
Map publicAttributes =
tokenInfo.getPublicAttributes();
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java?rev=1843549=1843548=1843549=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
Thu Oct 11 13:17:19 2018
@@ -219,6 +219,7 @@ public abstract class AbstractLoginModul
} catch (IOException e) {
log.debug(e.getMessage());
}
+systemSession = null;
}
}
svn commit: r1843537 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/ test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex
Date: Thu Oct 11 09:17:51 2018
New Revision: 1843537
URL: http://svn.apache.org/viewvc?rev=1843537=rev
Log:
OAK-7820 Make internal group principal impl classes static
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AdminPrincipalImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/SystemUserPrincipalImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/TreeBasedPrincipal.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipalTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AdminPrincipalImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AdminPrincipalImpl.java?rev=1843537=1843536=1843537=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AdminPrincipalImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AdminPrincipalImpl.java
Thu Oct 11 09:17:51 2018
@@ -17,7 +17,7 @@
package org.apache.jackrabbit.oak.security.user;
import org.apache.jackrabbit.oak.api.Tree;
-import org.apache.jackrabbit.oak.namepath.PathMapper;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
/**
@@ -25,7 +25,7 @@ import org.apache.jackrabbit.oak.spi.sec
*/
class AdminPrincipalImpl extends TreeBasedPrincipal implements AdminPrincipal {
-AdminPrincipalImpl(String principalName, Tree tree, PathMapper pathMapper)
{
+AdminPrincipalImpl(String principalName, Tree tree, NamePathMapper
pathMapper) {
super(principalName, tree, pathMapper);
}
}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/SystemUserPrincipalImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/SystemUserPrincipalImpl.java?rev=1843537=1843536=1843537=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/SystemUserPrincipalImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/SystemUserPrincipalImpl.java
Thu Oct 11 09:17:51 2018
@@ -17,7 +17,7 @@
package org.apache.jackrabbit.oak.security.user;
import org.apache.jackrabbit.oak.api.Tree;
-import org.apache.jackrabbit.oak.namepath.PathMapper;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.security.principal.SystemUserPrincipal;
import org.jetbrains.annotations.NotNull;
@@ -27,7 +27,7 @@ import org.jetbrains.annotations.NotNull
*/
final class SystemUserPrincipalImpl extends TreeBasedPrincipal implements
SystemUserPrincipal {
-SystemUserPrincipalImpl(@NotNull String principalName, @NotNull Tree tree,
@NotNull PathMapper pathMapper) {
+SystemUserPrincipalImpl(@NotNull String principalName, @NotNull Tree tree,
@NotNull NamePathMapper pathMapper) {
super(principalName, tree, pathMapper);
}
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/TreeBasedPrincipal.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/TreeBasedPrincipal.java?rev=1843537=1843536=1843537=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/TreeBasedPrincipal.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/TreeBasedPrincipal.java
Thu Oct 11 09:17:51 2018
@@ -18,7 +18,7 @@ package org.apache.jackrabbit.oak.securi
import org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal;
import org.apache.jackrabbit.oak.api.Tree;
-import org.apache.jackrabbit.oak.namepath.PathMapper;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
/**
@@ -27,13 +27,13 @@ import org.apache.jackrabbit.oak.spi.sec
class TreeBasedPrincipal extends PrincipalImpl implements ItemBasedPrincipal {
private final String path;
-private final PathMapper pathMapper;
+private final NamePathMapper pathMapper;
-TreeBasedPrincipal(String principalName, Tree tree, PathMapper pathMapper)
{
+TreeBasedPrincipal(String
svn commit: r1843418 - /jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
Author: stillalex
Date: Wed Oct 10 09:56:33 2018
New Revision: 1843418
URL: http://svn.apache.org/viewvc?rev=1843418=rev
Log:
OAK-7813 PrivilegeBits should also cache default privilege as long values
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java?rev=1843418=1843417=1843418=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/privilege/PrivilegeBits.java
Wed Oct 10 09:56:33 2018
@@ -17,6 +17,7 @@
package org.apache.jackrabbit.oak.spi.security.privilege;
import java.util.Arrays;
+import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import com.google.common.primitives.Longs;
@@ -65,34 +66,69 @@ public final class PrivilegeBits impleme
public static final PrivilegeBits EMPTY = new
PrivilegeBits(UnmodifiableData.EMPTY);
-public static final Map BUILT_IN = new
HashMap();
+public static final Map BUILT_IN;
+private static final Map BUILT_IN_BITS;
+
static {
-BUILT_IN.put(REP_READ_NODES, getInstance(READ_NODES));
-BUILT_IN.put(REP_READ_PROPERTIES, getInstance(READ_PROPERTIES));
-BUILT_IN.put(REP_ADD_PROPERTIES, getInstance(ADD_PROPERTIES));
-BUILT_IN.put(REP_ALTER_PROPERTIES, getInstance(ALTER_PROPERTIES));
-BUILT_IN.put(REP_REMOVE_PROPERTIES, getInstance(REMOVE_PROPERTIES));
-BUILT_IN.put(JCR_ADD_CHILD_NODES, getInstance(ADD_CHILD_NODES));
-BUILT_IN.put(JCR_REMOVE_CHILD_NODES, getInstance(REMOVE_CHILD_NODES));
-BUILT_IN.put(JCR_REMOVE_NODE, getInstance(REMOVE_NODE));
-BUILT_IN.put(JCR_READ_ACCESS_CONTROL, getInstance(READ_AC));
-BUILT_IN.put(JCR_MODIFY_ACCESS_CONTROL, getInstance(MODIFY_AC));
-BUILT_IN.put(JCR_NODE_TYPE_MANAGEMENT, getInstance(NODE_TYPE_MNGMT));
-BUILT_IN.put(JCR_VERSION_MANAGEMENT, getInstance(VERSION_MNGMT));
-BUILT_IN.put(JCR_LOCK_MANAGEMENT, getInstance(LOCK_MNGMT));
-BUILT_IN.put(JCR_LIFECYCLE_MANAGEMENT, getInstance(LIFECYCLE_MNGMT));
-BUILT_IN.put(JCR_RETENTION_MANAGEMENT, getInstance(RETENTION_MNGMT));
-BUILT_IN.put(JCR_WORKSPACE_MANAGEMENT, getInstance(WORKSPACE_MNGMT));
-BUILT_IN.put(JCR_NODE_TYPE_DEFINITION_MANAGEMENT,
getInstance(NODE_TYPE_DEF_MNGMT));
-BUILT_IN.put(JCR_NAMESPACE_MANAGEMENT, getInstance(NAMESPACE_MNGMT));
-BUILT_IN.put(REP_PRIVILEGE_MANAGEMENT, getInstance(PRIVILEGE_MNGMT));
-BUILT_IN.put(REP_USER_MANAGEMENT, getInstance(USER_MNGMT));
-BUILT_IN.put(REP_INDEX_DEFINITION_MANAGEMENT,
getInstance(INDEX_DEFINITION_MNGMT));
-
-BUILT_IN.put(JCR_READ, PrivilegeBits.getInstance(READ));
-BUILT_IN.put(JCR_MODIFY_PROPERTIES,
PrivilegeBits.getInstance(MODIFY_PROPERTIES));
-BUILT_IN.put(JCR_WRITE, PrivilegeBits.getInstance(WRITE));
-BUILT_IN.put(REP_WRITE, PrivilegeBits.getInstance(WRITE2));
+Map privs = new HashMap();
+privs.put(REP_READ_NODES, getInstance(READ_NODES));
+privs.put(REP_READ_PROPERTIES, getInstance(READ_PROPERTIES));
+privs.put(REP_ADD_PROPERTIES, getInstance(ADD_PROPERTIES));
+privs.put(REP_ALTER_PROPERTIES, getInstance(ALTER_PROPERTIES));
+privs.put(REP_REMOVE_PROPERTIES, getInstance(REMOVE_PROPERTIES));
+privs.put(JCR_ADD_CHILD_NODES, getInstance(ADD_CHILD_NODES));
+privs.put(JCR_REMOVE_CHILD_NODES, getInstance(REMOVE_CHILD_NODES));
+privs.put(JCR_REMOVE_NODE, getInstance(REMOVE_NODE));
+privs.put(JCR_READ_ACCESS_CONTROL, getInstance(READ_AC));
+privs.put(JCR_MODIFY_ACCESS_CONTROL, getInstance(MODIFY_AC));
+privs.put(JCR_NODE_TYPE_MANAGEMENT, getInstance(NODE_TYPE_MNGMT));
+privs.put(JCR_VERSION_MANAGEMENT, getInstance(VERSION_MNGMT));
+privs.put(JCR_LOCK_MANAGEMENT, getInstance(LOCK_MNGMT));
+privs.put(JCR_LIFECYCLE_MANAGEMENT, getInstance(LIFECYCLE_MNGMT));
+privs.put(JCR_RETENTION_MANAGEMENT, getInstance(RETENTION_MNGMT));
+privs.put(JCR_WORKSPACE_MANAGEMENT, getInstance(WORKSPACE_MNGMT));
+privs.put(JCR_NODE_TYPE_DEFINITION_MANAGEMENT,
getInstance(NODE_TYPE_DEF_MNGMT));
+privs.put(JCR_NAMESPACE_MANAGEMENT, getInstance(NAMESPACE_MNGMT));
+privs.put(REP_PRIVILEGE_MANAGEMENT, getInstance(PRIVILEGE_MNGMT));
+privs.put(REP_USER_MANAGEMENT, getInstance(USER_MNGMT));
+privs.put
svn commit: r1843401 - in /jackrabbit/oak/trunk: oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ oak-auth-external/src/test/java/org/apache/jackrab
Author: stillalex
Date: Wed Oct 10 07:38:01 2018
New Revision: 1843401
URL: http://svn.apache.org/viewvc?rev=1843401=rev
Log:
OAK-7288 Change default JAAS ranking of ExternalLoginModuleFactory
- based on a patch provided by Lars Krapf
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/PreAuthDefaultExternalLoginModuleTest.java
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/externalloginmodule.md
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java?rev=1843401=1843400=1843401=diff
==
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactory.java
Wed Oct 10 07:38:01 2018
@@ -64,7 +64,7 @@ public class ExternalLoginModuleFactory
@SuppressWarnings("UnusedDeclaration")
@Property(
-intValue = 50,
+intValue = 150,
label = "JAAS Ranking",
description = "Specifying the ranking (i.e. sort order) of this
login module entry. The entries are sorted " +
"in a descending order (i.e. higher value ranked
configurations come first)."
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/PreAuthDefaultExternalLoginModuleTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/PreAuthDefaultExternalLoginModuleTest.java?rev=1843401=1843400=1843401=diff
==
---
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/PreAuthDefaultExternalLoginModuleTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/PreAuthDefaultExternalLoginModuleTest.java
Wed Oct 10 07:38:01 2018
@@ -79,14 +79,15 @@ public class PreAuthDefaultExternalLogin
preAuthOptions);
AppConfigurationEntry entry2 = new AppConfigurationEntry(
-LoginModuleImpl.class.getName(),
-AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL,
-new HashMap());
-
-AppConfigurationEntry entry3 = new AppConfigurationEntry(
ExternalLoginModule.class.getName(),
AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT,
options);
+
+AppConfigurationEntry entry3 = new AppConfigurationEntry(
+LoginModuleImpl.class.getName(),
+
AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT,
+new HashMap());
+
return new AppConfigurationEntry[]{entry1, entry2, entry3};
}
};
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java?rev=1843401=1843400=1843401=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/ExternalLoginTest.java
Wed Oct 10 07:38:01 2018
@@ -22,10 +22,17 @@ import javax.security.auth.login.AppConf
import javax.security.auth.login.Configuration;
import com.google.common.collect.ImmutableMap;
+
+import
org.apache.jackrabbit.oak.security.authentication.token.TokenLoginModule;
import org.apache.jackrabbit.oak.security.auth
svn commit: r1842227 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
Author: stillalex
Date: Fri Sep 28 09:54:08 2018
New Revision: 1842227
URL: http://svn.apache.org/viewvc?rev=1842227=rev
Log:
OAK-7786 Make the NamespaceEditor less strict when enforcing changes to
rep:nsdata node
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java?rev=1842227=1842226=1842227=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
Fri Sep 28 09:54:08 2018
@@ -46,6 +46,14 @@ import org.apache.jackrabbit.oak.spi.sta
*/
class NamespaceEditor extends DefaultEditor {
+/**
+ * Flag controlling the strictness of the check to disallow modifications
to
+ * the internal node 'ns:data'. If enabled, any changes will throw a
+ * CommitFailedException, otherwise the index node will be rebuilt on any
+ * external change.
+ */
+private static final boolean strictIntegrityCheck =
Boolean.getBoolean("oak.strictIntegrityCheck");
+
private final NodeBuilder builder;
private boolean modified = false;
@@ -137,7 +145,11 @@ class NamespaceEditor extends DefaultEdi
public Editor childNodeChanged(String name, NodeState before,
NodeState after) throws CommitFailedException {
if (REP_NSDATA.equals(name) && !before.equals(after)) {
-throw modificationNotAllowed(name);
+if (strictIntegrityCheck) {
+throw modificationNotAllowed(name);
+} else {
+modified = true;
+}
}
return null;
}
svn commit: r1842080 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java test/java/org/apache/jackrabbit/oak/security/privile
Author: stillalex
Date: Thu Sep 27 10:09:08 2018
New Revision: 1842080
URL: http://svn.apache.org/viewvc?rev=1842080=rev
Log:
OAK-7782 Clarify error on aggregate privilege registration with non existing
privileges
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeManagerImplTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java?rev=1842080=1842079=1842080=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeDefinitionWriter.java
Thu Sep 27 10:09:08 2018
@@ -140,6 +140,9 @@ class PrivilegeDefinitionWriter implemen
bits = PrivilegeBits.BUILT_IN.get(name);
} else if (isAggregate) {
bits = bitsMgr.getBits(declAggrNames);
+if (bits.isEmpty()) {
+throw new RepositoryException("Illegal aggregation of
non-exising privileges on '" + name + "'.");
+}
} else {
bits = next();
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeManagerImplTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeManagerImplTest.java?rev=1842080=1842079=1842080=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeManagerImplTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeManagerImplTest.java
Thu Sep 27 10:09:08 2018
@@ -53,6 +53,7 @@ public class PrivilegeManagerImplTest ex
private PrivilegeManagerImpl privilegeManager;
@Before
+@Override
public void before() throws Exception {
super.before();
privilegeManager = create(root);
@@ -169,6 +170,16 @@ public class PrivilegeManagerImplTest ex
privilegeManager.registerPrivilege("jcr:customPrivilege", true, new
String[]{"jcr:read", "jcr:write"});
}
+@Test
+public void testRegisterAggregated() throws Exception {
+privilegeManager.registerPrivilege("test:customPrivilege", false, new
String[] { "jcr:read", "jcr:write" });
+}
+
+@Test(expected = RepositoryException.class)
+public void testRegisterAggregatedNonExisting() throws Exception {
+privilegeManager.registerPrivilege("test:customPrivilege", false, new
String[] { "test:nan" });
+}
+
@Test(expected = RepositoryException.class)
public void testRegisterPrivilegeReservedRemappedNamespace() throws
Exception {
NamePathMapper mapper = new NamePathMapperImpl(new
LocalNameMapper(root, ImmutableMap.of("prefix",
NamespaceRegistry.NAMESPACE_JCR)));
svn commit: r1841909 - in /jackrabbit/oak/trunk: oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/ oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/ oak
Author: stillalex
Date: Tue Sep 25 08:13:45 2018
New Revision: 1841909
URL: http://svn.apache.org/viewvc?rev=1841909=rev
Log:
OAK-7778 PasswordUtil#isPlainTextPassword doesn't validate PBKDF2 scheme
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java
Modified:
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java?rev=1841909=1841908=1841909=diff
==
---
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/UserImportTest.java
Tue Sep 25 08:13:45 2018
@@ -35,6 +35,7 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.api.security.user.Impersonation;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtil;
import org.apache.jackrabbit.test.NotExecutableException;
import org.junit.Test;
@@ -226,7 +227,7 @@ public class UserImportTest extends Abst
String pwValue = n.getProperty(UserConstants.REP_PASSWORD).getString();
assertFalse(plainPw.equals(pwValue));
-assertTrue(pwValue.toLowerCase().startsWith("{sha"));
+assertTrue(pwValue.toLowerCase().startsWith("{" +
PasswordUtil.DEFAULT_ALGORITHM.toLowerCase()));
}
/**
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java?rev=1841909=1841908=1841909=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtil.java
Tue Sep 25 08:13:45 2018
@@ -50,7 +50,7 @@ public final class PasswordUtil {
/**
* @since OAK 1.0
*/
-private static final String PBKDF2_PREFIX = "PBKDF2";
+static final String PBKDF2_PREFIX = "PBKDF2";
public static final String DEFAULT_ALGORITHM = "SHA-256";
public static final int DEFAULT_SALT_SIZE = 8;
@@ -159,7 +159,7 @@ public final class PasswordUtil {
* the given {@code hashedPassword} string.
*/
public static boolean isSame(@Nullable String hashedPassword, @NotNull
String password) {
-if (hashedPassword == null) {
+if (hashedPassword == null || password == null) {
return false;
}
try {
@@ -329,7 +329,11 @@ public final class PasswordUtil {
if (hashedPwd.charAt(0) == '{' && end > 0 && end <
hashedPwd.length()-1) {
String algorithm = hashedPwd.substring(1, end);
try {
-MessageDigest.getInstance(algorithm);
+if (algorithm.startsWith(PBKDF2_PREFIX)) {
+SecretKeyFactory.getInstance(algorithm);
+} else {
+MessageDigest.getInstance(algorithm);
+}
return algorithm;
} catch (NoSuchAlgorithmException e) {
log.debug("Invalid algorithm detected " + algorithm, e);
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java?rev=1841909=1841908=1841909=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/user/util/PasswordUtilTest.java
Tue Sep 25 08:13:45 2018
@@ -33,6 +33,7 @@ import static org.junit.Assert.assertEqu
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
svn commit: r1840630 - in /jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr: repository/RepositoryImpl.java session/RefreshStrategy.java
Author: stillalex
Date: Wed Sep 12 07:41:18 2018
New Revision: 1840630
URL: http://svn.apache.org/viewvc?rev=1840630=rev
Log:
OAK-6402 SessionStats log access warning
Modified:
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/repository/RepositoryImpl.java
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/session/RefreshStrategy.java
Modified:
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/repository/RepositoryImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/repository/RepositoryImpl.java?rev=1840630=1840629=1840630=diff
==
---
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/repository/RepositoryImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/repository/RepositoryImpl.java
Wed Sep 12 07:41:18 2018
@@ -22,7 +22,6 @@ import static java.util.Collections.sing
import static
org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardUtils.registerMBean;
import java.io.Closeable;
-import java.util.List;
import java.util.Map;
import java.util.concurrent.Callable;
import java.util.concurrent.ScheduledExecutorService;
@@ -40,7 +39,6 @@ import javax.jcr.SimpleCredentials;
import javax.jcr.Value;
import javax.security.auth.login.LoginException;
-import com.google.common.base.Predicate;
import com.google.common.collect.ImmutableMap;
import org.apache.commons.io.IOUtils;
@@ -63,7 +61,6 @@ import org.apache.jackrabbit.oak.spi.gc.
import org.apache.jackrabbit.oak.spi.mount.MountInfoProvider;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.whiteboard.Registration;
-import org.apache.jackrabbit.oak.spi.whiteboard.Tracker;
import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard;
import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardUtils;
import org.apache.jackrabbit.oak.stats.Clock;
@@ -282,18 +279,12 @@ public class RepositoryImpl implements J
throw new RepositoryException("Duplicate attribute '" +
REFRESH_INTERVAL + "'.");
}
boolean relaxedLocking = getRelaxedLocking(attributes);
-
-RefreshPredicate predicate = new RefreshPredicate();
-RefreshStrategy refreshStrategy = refreshInterval == null
-? new RefreshStrategy.ConditionalRefreshStrategy(new
RefreshStrategy.LogOnce(60), predicate)
-: new RefreshStrategy.Timed(refreshInterval);
ContentSession contentSession =
contentRepository.login(credentials, workspaceName);
-SessionDelegate sessionDelegate =
createSessionDelegate(refreshStrategy, contentSession);
+SessionDelegate sessionDelegate =
createSessionDelegate(refreshInterval, contentSession);
SessionContext context = createSessionContext(
statisticManager, securityProvider,
createAttributes(refreshInterval, relaxedLocking),
sessionDelegate, observationQueueLength,
commitRateLimiter);
-predicate.setSessionContext(context);
return context.getSession();
} catch (LoginException e) {
throw new javax.jcr.LoginException(e.getMessage(), e);
@@ -301,11 +292,16 @@ public class RepositoryImpl implements J
}
private SessionDelegate createSessionDelegate(
-RefreshStrategy refreshStrategy,
+Long refreshInterval,
ContentSession contentSession) {
+RefreshStrategy refreshStrategy;
final RefreshOnGC refreshOnGC = new RefreshOnGC(gcMonitor);
-refreshStrategy = Composite.create(refreshStrategy, refreshOnGC);
+if (refreshInterval == null) {
+refreshStrategy = refreshOnGC;
+} else {
+refreshStrategy = Composite.create(new
RefreshStrategy.Timed(refreshInterval), refreshOnGC);
+}
return new SessionDelegate(
contentSession, securityProvider, refreshStrategy,
@@ -517,26 +513,6 @@ public class RepositoryImpl implements J
}
}
-/**
- * Predicate which ensures that refresh strategy is invoked only
- * if there is no event listeners registered with the session
- */
-private static class RefreshPredicate implements Predicate{
-private SessionContext sessionContext;
-
-@Override
-public boolean apply(@Nullable Long input) {
-if (sessionContext == null){
-return true;
-}
-return !sessionContext.hasEventListeners();
-}
-
-public void setSessionContext(SessionContext sessionContext) {
-this.sessionContext = sessionContext;
-}
-}
-
private static class RegistrationTask implements Runnable {
svn commit: r1840303 - in /jackrabbit/oak/trunk: oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/ oak-core/src/main/java/org/apache/jackrabbit/oak/ oa
Author: stillalex
Date: Fri Sep 7 14:38:36 2018
New Revision: 1840303
URL: http://svn.apache.org/viewvc?rev=1840303=rev
Log:
OAK-7510 Run repository initializers with hooks
Modified:
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/OakInitializer.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/InitialContentHelper.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/property/PropertyIndexQueryTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserProviderTest.java
jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/jcr/LuceneOakRepositoryStub.java
jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/FunctionIndexTest.java
jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexAggregationTest.java
jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexExclusionQueryTest.java
jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexQueryTest.java
jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LucenePropertyIndexTest.java
Modified:
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java?rev=1840303=1840302=1840303=diff
==
---
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
(original)
+++
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
Fri Sep 7 14:38:36 2018
@@ -41,13 +41,9 @@ import org.apache.jackrabbit.oak.api.Roo
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.plugins.memory.MemoryNodeStore;
-import org.apache.jackrabbit.oak.plugins.name.NamespaceEditorProvider;
import org.apache.jackrabbit.oak.plugins.nodetype.ReadOnlyNodeTypeManager;
-import org.apache.jackrabbit.oak.plugins.nodetype.TypeEditorProvider;
import org.apache.jackrabbit.oak.plugins.nodetype.write.NodeTypeRegistry;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
-import org.apache.jackrabbit.oak.spi.commit.CompositeEditorProvider;
-import org.apache.jackrabbit.oak.spi.commit.EditorHook;
import org.apache.jackrabbit.oak.spi.commit.MoveTracker;
import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
@@ -159,8 +155,7 @@ public class CugConfiguration extends Co
NodeState base = builder.getNodeState();
NodeStore store = new MemoryNodeStore(base);
-Root root = getRootProvider().createSystemRoot(store,
-new EditorHook(new CompositeEditorProvider(new
NamespaceEditorProvider(), new TypeEditorProvider(;
+Root root = getRootProvider().createSystemRoot(store, null);
if (registerCugNodeTypes(root)) {
NodeState target = store.getRoot();
target.compareAgainstBaseState(base, new ApplyDiff(builder));
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java?rev=1840303=1840302=1840303=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java
Fri Sep 7 14:38:36 2018
@@ -16,8 +16,6 @@
*/
package org.apache.jackrabbit.oak;
-import java.io.IOException;
-import java.io.InputStream
svn commit: r1840226 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authenticatio
Author: stillalex
Date: Thu Sep 6 14:45:42 2018
New Revision: 1840226
URL: http://svn.apache.org/viewvc?rev=1840226=rev
Log:
OAK-7741 Token LoginModule flag to skip refreshing the token expiration
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java?rev=1840226=1840225=1840226=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java
Thu Sep 6 14:45:42 2018
@@ -23,6 +23,7 @@ import javax.security.auth.login.LoginEx
import
org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
import org.apache.jackrabbit.oak.spi.security.authentication.Authentication;
+import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.jetbrains.annotations.NotNull;
@@ -116,7 +117,12 @@ class TokenAuthentication implements Aut
}
if (tokenInfo.matches(tokenCredentials)) {
-tokenInfo.resetExpiration(loginTime);
+if
(tokenCredentials.getAttribute(TokenConstants.TOKEN_SKIP_REFRESH) == null) {
+boolean reset = tokenInfo.resetExpiration(loginTime);
+log.debug("Token reset={}", reset);
+} else {
+log.debug("Token reset skipped.");
+}
return true;
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java?rev=1840226=1840225=1840226=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java
Thu Sep 6 14:45:42 2018
@@ -36,6 +36,7 @@ import org.apache.jackrabbit.oak.spi.sec
import org.jetbrains.annotations.NotNull;
import org.junit.Before;
import org.junit.Test;
+import org.mockito.Mockito;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
@@ -177,4 +178,65 @@ public class TokenAuthenticationTest ext
assertTrue(authentication.authenticate(new
TokenCredentials(info.getToken(;
assertEquals(getTestUser().getPrincipal(),
authentication.getUserPrincipal());
}
+
+@Test
+public void testAuthenticateRefreshToken() throws Exception {
+TokenCredentials tc = new TokenCredentials("token");
+TokenProvider tp = Mockito.mock(TokenProvider.class);
+TokenInfo ti = Mockito.mock(TokenInfo.class);
+
+Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti);
+Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(false);
+Mockito.when(ti.matches(tc)).thenReturn(true);
+
+TokenAuthentication auth = new TokenAuthentication(tp);
+try {
+assertTrue(auth.authenticate(tc));
+Mockito.verify(ti).resetExpiration(Mockito.anyLong());
+} catch (LoginException e) {
+fail(e.getMessage());
+}
+}
+
+@Test
+public void testAuthenticateSkipRefreshToken() throws Exception {
+TokenCredentials tc = new TokenCredentials("token");
+tc.setAttribute(TokenConstants.TOKEN_SKIP_REFRESH, "");
+
+TokenProvider tp = Mockito.mock(TokenProvider.class);
+TokenInfo ti = Mockito.mock(TokenInfo.class);
+
+Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti);
+Mockito.when(ti.isExpired(Mockito.an
svn commit: r1836553 - in /jackrabbit/oak/branches/1.6/oak-core/src: main/java/org/apache/jackrabbit/oak/security/authentication/token/ main/java/org/apache/jackrabbit/oak/spi/security/authentication/
Author: stillalex
Date: Tue Jul 24 13:18:24 2018
New Revision: 1836553
URL: http://svn.apache.org/viewvc?rev=1836553=rev
Log:
OAK-6662 Extend CredentialsSupport pluggability
- tweaked the backport some more
Removed:
jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/AbstractCredentials.java
jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupport.java
jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupportTest.java
Modified:
jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java
jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/package-info.java
Modified:
jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java?rev=1836553=1836552=1836553=diff
==
---
jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java
(original)
+++
jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java
Tue Jul 24 13:18:24 2018
@@ -16,6 +16,9 @@
*/
package org.apache.jackrabbit.oak.security.authentication.token;
+import static com.google.common.collect.Maps.newHashMap;
+import static com.google.common.collect.Sets.newHashSet;
+
import java.security.Principal;
import java.util.Collection;
import java.util.List;
@@ -23,7 +26,9 @@ import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
+import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
+import javax.jcr.Credentials;
import com.google.common.base.Supplier;
import com.google.common.collect.ImmutableList;
@@ -46,7 +51,6 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import
org.apache.jackrabbit.oak.spi.security.authentication.credentials.CompositeCredentialsSupport;
import
org.apache.jackrabbit.oak.spi.security.authentication.credentials.CredentialsSupport;
import
org.apache.jackrabbit.oak.spi.security.authentication.credentials.SimpleCredentialsSupport;
import
org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
@@ -160,4 +164,81 @@ public class TokenConfigurationImpl exte
return SimpleCredentialsSupport.getInstance();
}
}
+
+/**
+ * Composite implementation of the
+ * {@link
org.apache.jackrabbit.oak.spi.security.authentication.credentials.CredentialsSupport}
+ * interface that handles multiple providers.
+ */
+private static class CompositeCredentialsSupport implements
CredentialsSupport {
+
+@Nonnull
+private final Supplier>
credentialSupplier;
+
+private CompositeCredentialsSupport(@Nonnull
Supplier> credentialSupplier) {
+this.credentialSupplier = credentialSupplier;
+}
+
+public static CredentialsSupport newInstance(
+@Nonnull Supplier>
credentialSupplier) {
+return new CompositeCredentialsSupport(credentialSupplier);
+}
+
+@Override
+@Nonnull
+public Set getCredentialClasses() {
+Collection all = this.credentialSupplier.get();
+if (all.isEmpty()) {
+return ImmutableSet.of();
+} else if (all.size() == 1) {
+return all.iterator().next().getCredentialClasses();
+} else {
+Set classes = newHashSet();
+for (CredentialsSupport c : all) {
+classes.addAll(c.getCredentialClasses());
+}
+return classes;
+}
+}
+
+@Override
+@CheckForNull
+public String getUserId(@Nonnull Credentials credentials) {
+Collection all = this.credentialSupplier.get();
+for (CredentialsSupport c : all) {
+String userId = c.getUserId(credentials);
+if (userId != null) {
+return userId;
+}
+}
+return null;
+}
+
+@Override
+@Nonnull
+public Map getAttributes(@Nonnull Credentials cr
svn commit: r1836326 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-core/src/main/java/org/apache/jackrabbit/oak/sp
Author: stillalex Date: Fri Jul 20 07:17:34 2018 New Revision: 1836326 URL: http://svn.apache.org/viewvc?rev=1836326=rev Log: OAK-6662 Extend CredentialsSupport pluggability Added: jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/AbstractCredentials.java - copied unchanged from r1809178, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/AbstractCredentials.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupport.java - copied, changed from r1809179, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupport.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupportTest.java - copied, changed from r1809179, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CompositeCredentialsSupportTest.java Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/CredentialsSupport.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/SimpleCredentialsSupport.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/credentials/package-info.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TestCredentialsSupport.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplOSGiTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleCredentialsSupportTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Jul 20 07:17:34 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260 ,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1821847,1822850,1823172,1823655,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829527,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535,1833308,1834648-1834649,1834681,1835060 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502
svn commit: r1833892 - in /jackrabbit/oak/trunk: oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/ oak-core/src/main/java/org/apache/jackrabbit/oak/ oak-core/src/main/java/org/apache/j
Author: stillalex
Date: Wed Jun 20 07:30:56 2018
New Revision: 1833892
URL: http://svn.apache.org/viewvc?rev=1833892=rev
Log:
OAK-7532 VersionStorageEditor should allow bootstraping of initial content
Modified:
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/VersionConstants.java
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/package-info.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/version/VersionStorageEditor.java
jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java
Modified:
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/VersionConstants.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/VersionConstants.java?rev=1833892=1833891=1833892=diff
==
---
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/VersionConstants.java
(original)
+++
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/VersionConstants.java
Wed Jun 20 07:30:56 2018
@@ -150,4 +150,7 @@ public interface VersionConstants extend
VersionConstants.REP_ACTIVITIES,
VersionConstants.REP_CONFIGURATIONS
);
+
+// flag indicating the version store has been initialized
+String VERSION_STORE_INIT = ":initialized";
}
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/package-info.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/package-info.java?rev=1833892=1833891=1833892=diff
==
---
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/package-info.java
(original)
+++
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/version/package-info.java
Wed Jun 20 07:30:56 2018
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-@Version("1.0.0")
+@Version("1.1.0")
package org.apache.jackrabbit.oak.spi.version;
import org.osgi.annotation.versioning.Version;
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java?rev=1833892=1833891=1833892=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java
Wed Jun 20 07:30:56 2018
@@ -25,6 +25,7 @@ import static org.apache.jackrabbit.oak.
import static
org.apache.jackrabbit.oak.plugins.index.IndexConstants.TYPE_PROPERTY_NAME;
import static
org.apache.jackrabbit.oak.plugins.memory.ModifiedNodeState.squeeze;
import static
org.apache.jackrabbit.oak.spi.version.VersionConstants.REP_VERSIONSTORAGE;
+import static
org.apache.jackrabbit.oak.spi.version.VersionConstants.VERSION_STORE_INIT;
import com.google.common.collect.ImmutableList;
@@ -142,15 +143,15 @@ public class InitialContent implements R
}
//--< internal
>
-
-private boolean isInitialized(NodeBuilder versionStorage) {
-PropertyState init = versionStorage.getProperty(":initialized");
+
+private static boolean isInitialized(NodeBuilder versionStorage) {
+PropertyState init = versionStorage.getProperty(VERSION_STORE_INIT);
return init != null && init.getValue(Type.LONG) > 0;
}
-private void createIntermediateNodes(NodeBuilder versionStorage) {
+private static void createIntermediateNodes(NodeBuilder versionStorage) {
String fmt = "%02x";
-versionStorage.setProperty(":initialized", 1);
+versionStorage.setProperty(VERSION_STORE_INIT, 1);
for (int i = 0; i < 0xff; i++) {
NodeBuilder c = storageChild(versionStorage, String.format(fmt,
i));
for (int j = 0; j < 0xff; j++) {
@@ -158,8 +159,8 @@ public class InitialContent implements R
}
}
}
-
-private NodeBuilder storageChild(NodeBuilder node, String name) {
+
+private static NodeBuilder storageChild(NodeBuilder node, String name) {
svn commit: r1833380 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWrit
Author: stillalex
Date: Tue Jun 12 07:36:56 2018
New Revision: 1833380
URL: http://svn.apache.org/viewvc?rev=1833380=rev
Log:
OAK-7537 Allow for initial registration of 'xml' namespace
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistryTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java?rev=1833380=1833379=1833380=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
Tue Jun 12 07:36:56 2018
@@ -74,7 +74,7 @@ class NamespaceEditor extends DefaultEdi
throw new CommitFailedException(
CommitFailedException.NAMESPACE, 2,
"Invalid namespace mapping: " + prefix);
-} else if (prefix.toLowerCase(Locale.ENGLISH).startsWith("xml")) {
+} else if (prefix.toLowerCase(Locale.ENGLISH).startsWith("xml") &&
namespaces.hasProperty("xml")) {
throw new CommitFailedException(
CommitFailedException.NAMESPACE, 3,
"XML prefixes are reserved: " + prefix);
Modified:
jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistryTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistryTest.java?rev=1833380=1833379=1833380=diff
==
---
jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistryTest.java
(original)
+++
jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/plugins/name/ReadWriteNamespaceRegistryTest.java
Tue Jun 12 07:36:56 2018
@@ -16,16 +16,20 @@
*/
package org.apache.jackrabbit.oak.plugins.name;
+import static com.google.common.collect.Sets.newHashSet;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+import javax.jcr.NamespaceException;
import javax.jcr.NamespaceRegistry;
+import org.apache.jackrabbit.oak.InitialContent;
import org.apache.jackrabbit.oak.Oak;
import org.apache.jackrabbit.oak.OakBaseTest;
import org.apache.jackrabbit.oak.api.ContentSession;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.fixture.NodeStoreFixture;
-import org.apache.jackrabbit.oak.InitialContent;
import org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider;
import org.junit.Test;
@@ -77,5 +81,13 @@ public class ReadWriteNamespaceRegistryT
assertEquals(r.getURI("p2"), "n2");
assertEquals(r.getPrefix("n2"), "p2");
+// xml namespace check
+assertTrue(newHashSet(r.getPrefixes()).contains("xml"));
+try {
+r.registerNamespace("xml", "test");
+fail("Trying to register the namespace 'xml' must throw a
NamespaceException.");
+} catch (NamespaceException ex) {
+// expected
+}
}
}
svn commit: r1833334 - in /jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user: UserImporterBaseTest.java UserImporterImpersonationIgnoreTest.java
Author: stillalex
Date: Mon Jun 11 14:21:37 2018
New Revision: 184
URL: http://svn.apache.org/viewvc?rev=184=rev
Log:
OAK-6028 UserImporter.start: should return false for User tree
- tweaked tests that are not compiling
Modified:
jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java
jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java
Modified:
jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java?rev=184=183=184=diff
==
---
jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java
(original)
+++
jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java
Mon Jun 11 14:21:37 2018
@@ -145,7 +145,7 @@ public abstract class UserImporterBaseTe
Tree folder =
root.getTree(getUserConfiguration().getParameters().getConfigValue(PARAM_USER_PATH,
DEFAULT_USER_PATH));
Tree userTree = folder.addChild("userTree");
userTree.setProperty(JcrConstants.JCR_PRIMARYTYPE, NT_REP_USER,
Type.NAME);
-userTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root,
ConfigurationParameters.EMPTY).getContentID(TEST_USER_ID));
+userTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root,
ConfigurationParameters.EMPTY).getContentID(TEST_USER_ID, false));
return userTree;
}
@@ -156,7 +156,7 @@ public abstract class UserImporterBaseTe
NodeUtil groupRoot =
node.getOrAddTree(PathUtils.relativize(PathUtils.ROOT_PATH, groupPath),
NT_REP_AUTHORIZABLE_FOLDER);
Tree groupTree = groupRoot.addChild("testGroup",
NT_REP_GROUP).getTree();
-groupTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root,
ConfigurationParameters.EMPTY).getContentID(TEST_GROUP_ID));
+groupTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root,
ConfigurationParameters.EMPTY).getContentID(TEST_GROUP_ID, false));
return groupTree;
}
Modified:
jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java?rev=184=183=184=diff
==
---
jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java
(original)
+++
jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java
Mon Jun 11 14:21:37 2018
@@ -106,7 +106,7 @@ public class UserImporterImpersonationIg
Tree folder =
root.getTree(getUserConfiguration().getParameters().getConfigValue(PARAM_USER_PATH,
DEFAULT_USER_PATH));
Tree impersonatorTree = folder.addChild("impersonatorTree");
impersonatorTree.setProperty(JcrConstants.JCR_PRIMARYTYPE,
NT_REP_USER, Type.NAME);
-impersonatorTree.setProperty(JcrConstants.JCR_UUID, new
UserProvider(root,
ConfigurationParameters.EMPTY).getContentID("impersonator1"));
+impersonatorTree.setProperty(JcrConstants.JCR_UUID, new
UserProvider(root, ConfigurationParameters.EMPTY).getContentID("impersonator1",
false));
assertTrue(importer.handlePropInfo(userTree,
createPropInfo(REP_IMPERSONATORS, "impersonator1"),
mockPropertyDefinition(NT_REP_USER, true)));
assertTrue(importer.handlePropInfo(impersonatorTree,
createPropInfo(REP_PRINCIPAL_NAME, "impersonator1"),
mockPropertyDefinition(NT_REP_AUTHORIZABLE, false)));
@@ -123,7 +123,7 @@ public class UserImporterImpersonationIg
Tree folder =
root.getTree(getUserConfiguration().getParameters().getConfigValue(PARAM_USER_PATH,
DEFAULT_USER_PATH));
Tree impersonatorTree = folder.addChild("impersonatorTree");
impersonatorTree.setProperty(JcrConstants.JCR_PRIMARYTYPE,
NT_REP_USER, Type.NAME);
-impersonatorTree.setProperty(JcrConstants.JCR_UUID, new
UserProvider(root,
ConfigurationParameters.EMPTY).getContentID("impersonator1"));
+impersonatorTree.setProperty(JcrConstants.JCR_UUID, new
UserProvider(root, ConfigurationParameters.EMPTY).getContentID("impersonator1",
false));
// NOTE: reversed over of import compared to 'testNewImpersonator'
ass
svn commit: r1833332 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Mon Jun 11 14:09:19 2018 New Revision: 182 URL: http://svn.apache.org/viewvc?rev=182=rev Log: OAK-6029 UserImporter.startChildInfo: rather check state than for currentMembership being null - merged to 1.6 Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 14:09:19 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286 ,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262 ,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 14:09:19 2018 @@ -1,5 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 -/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104
svn commit: r1833331 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Mon Jun 11 14:07:25 2018 New Revision: 181 URL: http://svn.apache.org/viewvc?rev=181=rev Log: OAK-6028 UserImporter.start: should return false for User tree - backported r1790013,1790069,1790077 to 1.6 branch Added: jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java - copied unchanged from r1790013, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterBaseTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationAbortTest.java - copied unchanged from r1790013, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationAbortTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationBestEffortTest.java - copied unchanged from r1790013, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationBestEffortTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java - copied unchanged from r1790013, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterImpersonationIgnoreTest.java Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 14:07:25 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934 ,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286 ,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071
svn commit: r1833329 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java oak-core/src/test/java/org/apache/jackrabbit/oak/s
Author: stillalex Date: Mon Jun 11 13:56:52 2018 New Revision: 1833329 URL: http://svn.apache.org/viewvc?rev=1833329=rev Log: OAK-6027 UserImporter.Impersonators : use Oak path to user instead of ID - merged r1790006 into 1.6 branch Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:56:52 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938 ,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934 ,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:56:52 2018 @@ -1,5 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 -/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387
svn commit: r1833328 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Mon Jun 11 13:55:07 2018 New Revision: 1833328 URL: http://svn.apache.org/viewvc?rev=1833328=rev Log: OAK-6023 UserImporter: handlePropInfo for rep:authorizableId never returns true - merged r1789987 into 1.6 branch Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterSessionAutosaveTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:55:07 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973 ,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938 ,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:55:07 2018 @@ -1,5 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 -/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104
svn commit: r1833327 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java oak-core/src/test/java/org/apache/jackrabbit/oak/s
Author: stillalex Date: Mon Jun 11 13:52:48 2018 New Revision: 1833327 URL: http://svn.apache.org/viewvc?rev=1833327=rev Log: OAK-6019 UserImporter: Redundant assignment of UserManager - merged r1789940 to 1.6 branch Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:52:48 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026 ,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973 ,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:52:48 2018 @@ -1,5 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 -/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387
svn commit: r1833326 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/
Author: stillalex Date: Mon Jun 11 13:50:07 2018 New Revision: 1833326 URL: http://svn.apache.org/viewvc?rev=1833326=rev Log: OAK-6018 UserImporter: session field can avoided by passing to init method - merged r1789925 to 1.6 Added: jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterSessionAutosaveTest.java - copied unchanged from r1789925, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterSessionAutosaveTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java - copied unchanged from r1789925, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterTest.java jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterWorkspaceTest.java - copied unchanged from r1789925, jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserImporterWorkspaceTest.java Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:50:07 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247 -1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026 ,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo
svn commit: r1833323 - in /jackrabbit/oak/branches/1.6: ./ oak-core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java oak-core/src/main/java/org/apache/jackrabb
Author: stillalex Date: Mon Jun 11 13:13:13 2018 New Revision: 1833323 URL: http://svn.apache.org/viewvc?rev=1833323=rev Log: OAK-5895 Avoid jcr-path conversion in AuthorizableIterator - merged r1785652 to 1.6 branch Modified: jackrabbit/oak/branches/1.6/ (props changed) jackrabbit/oak/branches/1.6/oak-core/ (props changed) jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableIterator.java jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java Propchange: jackrabbit/oak/branches/1.6/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:13:13 2018 @@ -1,3 +1,3 @@ /jackrabbit/oak/branches/1.0:1665962 -/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249 ,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 +/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247 -1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1814189,1814332,1814397,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818554,1818576,1818645,1819048,1819050,1821325,1821358,1821495,1821516,1822850,1823172,1825471,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1829569,1829987,1830019,1830160,1830748,1831374,1832379,1832535 /jackrabbit/trunk:1345480 Propchange: jackrabbit/oak/branches/1.6/oak-core/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Mon Jun 11 13:13:13 2018 @@ -1,5 +1,5 @@ /jackrabbit/oak/branches/1.0/oak-core:1665962 /jackrabbit/oak/trunk/oak-blob-plugins:1819950 -/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387
svn commit: r1833309 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/plugins/name/ test/java/org/apache/jackrabbit/oak/plugins/name/
Author: stillalex
Date: Mon Jun 11 08:02:29 2018
New Revision: 1833309
URL: http://svn.apache.org/viewvc?rev=1833309=rev
Log:
OAK-7533 NameValidator is not using namespaces defined in the current
transaction
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/Namespaces.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java?rev=1833309=1833308=1833309=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidator.java
Mon Jun 11 08:02:29 2018
@@ -16,6 +16,10 @@
*/
package org.apache.jackrabbit.oak.plugins.name;
+import static com.google.common.collect.Sets.newHashSet;
+import static
org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_NSDATA;
+import static
org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_PREFIXES;
+
import java.util.Set;
import org.apache.jackrabbit.oak.api.CommitFailedException;
@@ -31,10 +35,12 @@ import org.apache.jackrabbit.oak.spi.sta
*/
class NameValidator extends DefaultValidator {
+private final NodeState namespaces;
private final Set prefixes;
-NameValidator(Set prefixes) {
-this.prefixes = prefixes;
+NameValidator(NodeState namespaces) {
+this.namespaces = namespaces;
+this.prefixes =
newHashSet(namespaces.getChildNode(REP_NSDATA).getStrings(REP_PREFIXES));
}
// escape non-printable non-USASCII characters using standard Java escapes
@@ -65,7 +71,7 @@ class NameValidator extends DefaultValid
int colon = name.indexOf(':');
if (colon > 0) {
String prefix = name.substring(0, colon);
-if (prefix.isEmpty() || !prefixes.contains(prefix)) {
+if (prefix.isEmpty() || !contains(prefixes, namespaces, prefix)) {
throw new CommitFailedException(
CommitFailedException.NAME, 1, "Invalid namespace
prefix("+prefixes+"): " + prefix);
}
@@ -93,6 +99,10 @@ class NameValidator extends DefaultValid
}
}
+private static boolean contains(Set prefixes, NodeState
namespaces, String prefix) {
+return prefixes.contains(prefix) ||
Namespaces.collectNamespaces(namespaces.getProperties()).containsKey(prefix);
+}
+
protected void checkValidValue(PropertyState property)
throws CommitFailedException {
if (Type.NAME.equals(property.getType()) ||
Type.NAMES.equals(property.getType())) {
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java?rev=1833309=1833308=1833309=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NameValidatorProvider.java
Mon Jun 11 08:02:29 2018
@@ -23,11 +23,8 @@ import org.apache.jackrabbit.oak.spi.com
import org.apache.jackrabbit.oak.spi.state.NodeState;
import org.osgi.service.component.annotations.Component;
-import static com.google.common.collect.Sets.newHashSet;
import static org.apache.jackrabbit.JcrConstants.JCR_SYSTEM;
import static
org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_NAMESPACES;
-import static
org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_NSDATA;
-import static
org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_PREFIXES;
/**
* Validator service that checks that all node and property names as well
@@ -40,11 +37,9 @@ public class NameValidatorProvider exten
@Override
public Validator getRootValidator(
NodeState before, NodeState after, CommitInfo info) {
-return new NameValidator(newHashSet(after
+return new NameValidator(after
.getChildNode(JCR_SYSTEM)
-.getChildNode(REP_NAMESPACES)
-.getChildNode(REP_NSDATA)
-.getStrings(REP_PREFIXES)));
+.getC
svn commit: r1833118 - in /jackrabbit/oak/trunk: oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/ oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/
Author: stillalex
Date: Thu Jun 7 12:24:25 2018
New Revision: 1833118
URL: http://svn.apache.org/viewvc?rev=1833118=rev
Log:
OAK-7529 Define and register oak namespace
Modified:
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/NamespaceConstants.java
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/package-info.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/Namespaces.java
Modified:
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/NamespaceConstants.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/NamespaceConstants.java?rev=1833118=1833117=1833118=diff
==
---
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/NamespaceConstants.java
(original)
+++
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/NamespaceConstants.java
Thu Jun 7 12:24:25 2018
@@ -43,6 +43,10 @@ public interface NamespaceConstants {
String PREFIX_XMLNS = "xmlns";
String NAMESPACE_XMLNS = "http://www.w3.org/2000/xmlns/;;
+// additional Oak namespace
+String PREFIX_OAK = "oak";
+String NAMESPACE_OAK = "http://jackrabbit.apache.org/oak/ns/1.0;;
+
/**
* Reserved namespace prefixes as defined in jackrabbit 2
*/
@@ -53,7 +57,8 @@ public interface NamespaceConstants {
NamespaceRegistry.PREFIX_MIX,
PREFIX_XMLNS,
PREFIX_REP,
-PREFIX_SV
+PREFIX_SV,
+PREFIX_OAK
));
/**
@@ -66,7 +71,8 @@ public interface NamespaceConstants {
NamespaceRegistry.NAMESPACE_MIX,
NAMESPACE_XMLNS,
NAMESPACE_REP,
-NAMESPACE_SV
+NAMESPACE_SV,
+NAMESPACE_OAK
));
// index nodes for faster lookup
Modified:
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/package-info.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/package-info.java?rev=1833118=1833117=1833118=diff
==
---
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/package-info.java
(original)
+++
jackrabbit/oak/trunk/oak-core-spi/src/main/java/org/apache/jackrabbit/oak/spi/namespace/package-info.java
Thu Jun 7 12:24:25 2018
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-@Version("1.0.0")
+@Version("1.1.0")
package org.apache.jackrabbit.oak.spi.namespace;
import org.osgi.annotation.versioning.Version;
\ No newline at end of file
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java?rev=1833118=1833117=1833118=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/name/NamespaceEditor.java
Thu Jun 7 12:24:25 2018
@@ -26,15 +26,15 @@ import static org.apache.jackrabbit.oak.
import static
org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_NSDATA;
import static
org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants.REP_URIS;
import static org.apache.jackrabbit.oak.plugins.name.Namespaces.isValidPrefix;
-import static org.apache.jackrabbit.oak.plugins.name.Namespaces.safeGet;
import java.util.Locale;
import java.util.Set;
import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Iterables;
+
import org.apache.jackrabbit.oak.api.CommitFailedException;
import org.apache.jackrabbit.oak.api.PropertyState;
-import org.apache.jackrabbit.oak.plugins.tree.factories.TreeFactory;
import org.apache.jackrabbit.oak.spi.commit.DefaultEditor;
import org.apache.jackrabbit.oak.spi.commit.Editor;
import org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants;
@@ -89,8 +89,7 @@ class NamespaceEditor extends DefaultEdi
}
private static boolean containsValue(NodeState namespaces, String value) {
-return
safeGet(TreeFactory.createReadOnlyTree(namespaces.getChildNode(REP_NSDATA)),
-REP_URIS).contains(value);
+return
Ite
svn commit: r1833100 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java
Author: stillalex
Date: Thu Jun 7 07:29:41 2018
New Revision: 1833100
URL: http://svn.apache.org/viewvc?rev=1833100=rev
Log:
OAK-7530 PrivilegeInitializer should not attempt to create jcr:system node
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java?rev=1833100=1833099=1833100=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeInitializer.java
Thu Jun 7 07:29:41 2018
@@ -25,7 +25,6 @@ import org.apache.jackrabbit.oak.api.Typ
import org.apache.jackrabbit.oak.plugins.memory.MemoryNodeStore;
import org.apache.jackrabbit.oak.plugins.tree.RootProvider;
import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
-import org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants;
import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
import org.apache.jackrabbit.oak.spi.state.ApplyDiff;
import org.apache.jackrabbit.oak.spi.state.NodeBuilder;
@@ -54,9 +53,10 @@ class PrivilegeInitializer implements Re
@Override
public void initialize(@Nonnull NodeBuilder builder) {
-NodeBuilder system = builder.child(JcrConstants.JCR_SYSTEM);
-system.setProperty(JcrConstants.JCR_PRIMARYTYPE,
NodeTypeConstants.NT_REP_SYSTEM, Type.NAME);
-
+if (!builder.hasChildNode(JcrConstants.JCR_SYSTEM)) {
+throw new IllegalStateException("Missing " +
JcrConstants.JCR_SYSTEM + " node, NodeStore not initialized.");
+}
+NodeBuilder system = builder.getChildNode(JcrConstants.JCR_SYSTEM);
if (!system.hasChildNode(REP_PRIVILEGES)) {
NodeBuilder privileges = system.child(REP_PRIVILEGES);
privileges.setProperty(JcrConstants.JCR_PRIMARYTYPE,
NT_REP_PRIVILEGES, Type.NAME);
svn commit: r1833010 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java
Author: stillalex
Date: Wed Jun 6 11:20:14 2018
New Revision: 1833010
URL: http://svn.apache.org/viewvc?rev=1833010=rev
Log:
OAK-7506 Prevent user enumeration by exploiting time delay vulnerability
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java?rev=1833010=1833009=1833010=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserAuthentication.java
Wed Jun 6 11:20:14 2018
@@ -16,6 +16,8 @@
*/
package org.apache.jackrabbit.oak.security.user;
+import java.io.UnsupportedEncodingException;
+import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.util.Collections;
import java.util.concurrent.TimeUnit;
@@ -103,6 +105,13 @@ class UserAuthentication implements Auth
UserManager userManager = config.getUserManager(root,
NamePathMapper.DEFAULT);
Authorizable authorizable = userManager.getAuthorizable(loginId);
if (authorizable == null) {
+// best effort prevent user enumeration timing attacks
+try {
+String hash = PasswordUtil.buildPasswordHash("oak");
+PasswordUtil.isSame(hash, "oak");
+} catch (NoSuchAlgorithmException |
UnsupportedEncodingException e) {
+// ignore
+}
return false;
}
svn commit: r1832984 - /jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd
Author: stillalex Date: Wed Jun 6 06:44:00 2018 New Revision: 1832984 URL: http://svn.apache.org/viewvc?rev=1832984=rev Log: OAK-7527 Drop mandatory constraint on "rep:system" node for "rep:privileges" Modified: jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd Modified: jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd?rev=1832984=1832983=1832984=diff == --- jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd (original) +++ jackrabbit/oak/trunk/oak-core/src/main/resources/org/apache/jackrabbit/oak/builtin_nodetypes.cnd Wed Jun 6 06:44:00 2018 @@ -610,7 +610,7 @@ + jcr:configurations (rep:Configurations) = rep:Configurations protected ABORT + * (nt:base) = nt:base IGNORE // @since oak 1.0 - + rep:privileges (rep:Privileges) = rep:Privileges mandatory protected ABORT + + rep:privileges (rep:Privileges) = rep:Privileges protected ABORT /**
svn commit: r1832933 [1/2] - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/ oak-core/src/test/java/org/apache/jackrabbit/oak/ oak-core/src/test/java/org/apache/jackrabbit/
Author: stillalex Date: Tue Jun 5 12:32:15 2018 New Revision: 1832933 URL: http://svn.apache.org/viewvc?rev=1832933=rev Log: OAK-7526 Move InitialContent#INITIAL_CONTENT to test Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/InitialContentHelper.java (with props) Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/InitialContent.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/IndexUpdateTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/importer/IndexImporterTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/nodetype/NodeTypeIndexTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/property/PropertyIndexLookupTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/property/PropertyIndexTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/index/reference/ReferenceIndexTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditorTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/query/NativeQueryTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/query/SQL2OptimiseQueryTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/query/SQL2ParserTest.java jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/InitialContentTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/AggregateTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/IndexCopierTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/IndexDefinitionTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/IndexNodeManagerTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/IndexPlannerTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/IndexTrackerTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneDocumentMakerTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexEditor2Test.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexEditorProviderTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexEditorTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexLookupTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LuceneIndexTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/LucenePropertyIndexTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/MultiplexingLucenePropertyIndexTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/binary/BinaryTextExtractorTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/FSDirectoryFactoryTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/IndexConsistencyCheckerTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/IndexRootDirectoryTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/LuceneIndexDumperTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/LuceneIndexImporterTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/directory/OakDirectoryTestBase.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/hybrid/DocumentQueueTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/hybrid/ExternalIndexObserverTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/hybrid/LocalIndexWriterFactoryTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/hybrid/NRTIndexFactoryTest.java jackrabbit/oak/trunk/oak-lucene/src/test/java/org/apache/jackrabbit/oak/plugins/index/lucene/hybrid
svn commit: r1832933 [2/2] - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/ oak-core/src/test/java/org/apache/jackrabbit/oak/ oak-core/src/test/java/org/apache/jackrabbit/
Modified:
jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/bundlor/BundlingConfigInitializerTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/bundlor/BundlingConfigInitializerTest.java?rev=1832933=1832932=1832933=diff
==
---
jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/bundlor/BundlingConfigInitializerTest.java
(original)
+++
jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/bundlor/BundlingConfigInitializerTest.java
Tue Jun 5 12:32:15 2018
@@ -25,7 +25,7 @@ import org.apache.jackrabbit.oak.spi.sta
import org.junit.Test;
import static
org.apache.jackrabbit.oak.plugins.memory.EmptyNodeState.EMPTY_NODE;
-import static org.apache.jackrabbit.oak.InitialContent.INITIAL_CONTENT;
+import static org.apache.jackrabbit.oak.InitialContentHelper.INITIAL_CONTENT;
import static org.junit.Assert.*;
public class BundlingConfigInitializerTest {
svn commit: r1830845 - /jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java
Author: stillalex
Date: Thu May 3 17:30:51 2018
New Revision: 1830845
URL: http://svn.apache.org/viewvc?rev=1830845=rev
Log:
OAK-7469 User membership synchronization could skip updating groups the user is
already part of
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java?rev=1830845=1830844=1830845=diff
==
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java
Thu May 3 17:30:51 2018
@@ -549,27 +549,31 @@ public class DefaultSyncContext implemen
}
log.debug("- idp returned '{}'", extGroup.getId());
-Group grp;
-Authorizable a = userManager.getAuthorizable(extGroup.getId());
-if (a == null) {
-grp = createGroup(extGroup);
-log.debug("- created new group");
-} else if (a.isGroup() && isSameIDP(a)) {
-grp = (Group) a;
-} else {
-log.warn("Existing authorizable '{}' is not a group from this
IDP '{}'.", extGroup.getId(), idp.getName());
-continue;
+// mark group as processed
+Group grp = declaredExternalGroups.remove(extGroup.getId());
+boolean exists = grp != null;
+
+if (!exists) {
+Authorizable a = userManager.getAuthorizable(extGroup.getId());
+if (a == null) {
+grp = createGroup(extGroup);
+log.debug("- created new group");
+} else if (a.isGroup() && isSameIDP(a)) {
+grp = (Group) a;
+} else {
+log.warn("Existing authorizable '{}' is not a group from
this IDP '{}'.", extGroup.getId(), idp.getName());
+continue;
+}
+log.debug("- user manager returned '{}'", grp);
}
-log.debug("- user manager returned '{}'", grp);
syncGroup(extGroup, grp);
-// ensure membership
-grp.addMember(auth);
-log.debug("- added '{}' as member to '{}'", auth, grp);
-
-// remember the declared group
-declaredExternalGroups.remove(grp.getID());
+if (!exists) {
+// ensure membership
+grp.addMember(auth);
+log.debug("- added '{}' as member to '{}'", auth, grp);
+}
// recursively apply further membership
if (depth > 1) {
svn commit: r1830821 - /jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java
Author: stillalex
Date: Thu May 3 13:22:23 2018
New Revision: 1830821
URL: http://svn.apache.org/viewvc?rev=1830821=rev
Log:
OAK-7462 Benchmark for SynchronizationMBean#syncAllUsers
- fixed assertions for the dynamic membership case
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java?rev=1830821=1830820=1830821=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/SyncAllUsersTest.java
Thu May 3 13:22:23 2018
@@ -33,15 +33,17 @@ import org.apache.jackrabbit.oak.spi.sec
*/
public class SyncAllUsersTest extends AbstractExternalTest {
-private final int numberOfUsers;
-private final int numberOfGroups;
+private final int expectedUpdates;
private SynchronizationMBean bean;
public SyncAllUsersTest(int numberOfUsers, int numberOfGroups, long
expTime, boolean dynamicMembership,
@Nonnull List autoMembership) {
super(numberOfUsers, numberOfGroups, expTime, dynamicMembership,
autoMembership);
-this.numberOfUsers = numberOfUsers;
-this.numberOfGroups = numberOfGroups;
+if (dynamicMembership) {
+expectedUpdates = numberOfUsers;
+} else {
+expectedUpdates = numberOfUsers + numberOfGroups;
+}
}
@Override
@@ -60,6 +62,6 @@ public class SyncAllUsersTest extends Ab
@Override
protected void runTest() throws Exception {
String[] ops = bean.syncAllUsers(true);
-assertEquals(numberOfUsers + numberOfGroups, ops.length);
+assertEquals(expectedUpdates, ops.length);
}
}
\ No newline at end of file
svn commit: r1828971 - /jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
Author: stillalex
Date: Thu Apr 12 11:33:31 2018
New Revision: 1828971
URL: http://svn.apache.org/viewvc?rev=1828971=rev
Log:
OAK-7340 Remove SecurityProviderImpl usage from tests
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java?rev=1828971=1828970=1828971=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
Thu Apr 12 11:33:31 2018
@@ -139,7 +139,10 @@ public abstract class AbstractSecurityTe
}
protected SecurityProvider initSecurityProvider() {
-return
SecurityProviderBuilder.newBuilder().with(getSecurityConfigParameters()).build();
+return
SecurityProviderBuilder.newBuilder().with(getSecurityConfigParameters())
+.withRootProvider(rootProvider)
+.withTreeProvider(treeProvider)
+.build();
}
protected Oak withEditors(Oak oak) {
svn commit: r1828765 - /jackrabbit/oak/trunk/oak-benchmarks/README.md
Author: stillalex Date: Mon Apr 9 19:03:12 2018 New Revision: 1828765 URL: http://svn.apache.org/viewvc?rev=1828765=rev Log: @trivial updated readme on how to run benchmarks Modified: jackrabbit/oak/trunk/oak-benchmarks/README.md Modified: jackrabbit/oak/trunk/oak-benchmarks/README.md URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/README.md?rev=1828765=1828764=1828765=diff == --- jackrabbit/oak/trunk/oak-benchmarks/README.md (original) +++ jackrabbit/oak/trunk/oak-benchmarks/README.md Mon Apr 9 19:03:12 2018 @@ -16,7 +16,7 @@ Benchmark mode The benchmark mode is used for executing various micro-benchmarks. It can be invoked like this: -$ java -jar oak-run-*.jar benchmark [options] [testcases] [fixtures] +$ java -jar oak-benchmarks-*.jar benchmark [options] [testcases] [fixtures] The following benchmark options (with default values) are currently supported: @@ -216,7 +216,7 @@ Scalability mode The scalability mode is used for executing various scalability suites to test the performance of various associated tests. It can be invoked like this: -$ java -jar oak-run-*.jar scalability [options] [suites] [fixtures] +$ java -jar oak-benchmarks-*.jar scalability [options] [suites] [fixtures] The following scalability options (with default values) are currently supported:
svn commit: r1828689 - in /jackrabbit/oak/trunk: oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/ oak-authorization-cug/src/test/java/org/apache/jackr
Author: stillalex
Date: Mon Apr 9 09:50:21 2018
New Revision: 1828689
URL: http://svn.apache.org/viewvc?rev=1828689=rev
Log:
OAK-7340 Remove SecurityProviderImpl usage from tests
Modified:
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImplTest.java
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/composite.md
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/cug.md
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authorization/restriction.md
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/introduction.md
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/authorizableaction.md
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/user/authorizablenodename.md
Modified:
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java?rev=1828689=1828688=1828689=diff
==
---
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
(original)
+++
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
Mon Apr 9 09:50:21 2018
@@ -192,13 +192,17 @@ public class CugConfiguration extends Co
return CugContext.INSTANCE;
}
+@Override
+public void setParameters(ConfigurationParameters config) {
+super.setParameters(config);
+supportedPaths = CugUtil.getSupportedPaths(config, mountInfoProvider);
+}
+
//< SCR Integration
>---
@SuppressWarnings("UnusedDeclaration")
@Activate
protected void activate(Map<String, Object> properties) {
-ConfigurationParameters params =
ConfigurationParameters.of(properties);
-setParameters(params);
-supportedPaths = CugUtil.getSupportedPaths(params, mountInfoProvider);
+setParameters(ConfigurationParameters.of(properties));
}
@SuppressWarnings("UnusedDeclaration")
Modified:
jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java?rev=1828689=1828688=1828689=diff
==
---
jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java
Mon Apr 9 09:50:21 2018
@@ -33,7 +33,7 @@ final class CugSecurityProvider {
CugConfiguration cugConfiguration = new CugConfiguration();
ConfigurationParameters params =
configuration.getConfigValue(AuthorizationConfiguration.NAME,
ConfigurationParameters.EMPTY);
-cugConfiguration.activate(params);
+cugConfiguration.setParameters(params);
SecurityProvider sp =
SecurityProviderBuilder.newBuilder().with(configuration).build();
SecurityProviderHelper.updateConfig(sp, cugConfiguration,
AuthorizationConfiguration.class);
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImplTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImplTest.java?rev=1828689=1828688=1828689=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImplTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImplTest.java
Mon Apr 9 09:50:21 2018
@@ -24,11 +24,16 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.
svn commit: r1828529 - /jackrabbit/oak/trunk/oak-parent/pom.xml
Author: stillalex Date: Fri Apr 6 14:59:41 2018 New Revision: 1828529 URL: http://svn.apache.org/viewvc?rev=1828529=rev Log: OAK-7364 code coverage checks fail on Java 10 Modified: jackrabbit/oak/trunk/oak-parent/pom.xml Modified: jackrabbit/oak/trunk/oak-parent/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-parent/pom.xml?rev=1828529=1828528=1828529=diff == --- jackrabbit/oak/trunk/oak-parent/pom.xml (original) +++ jackrabbit/oak/trunk/oak-parent/pom.xml Fri Apr 6 14:59:41 2018 @@ -390,7 +390,7 @@ org.jacoco jacoco-maven-plugin - 0.7.9 + 0.8.1
svn commit: r1828445 - /jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java
Author: stillalex
Date: Thu Apr 5 15:29:49 2018
New Revision: 1828445
URL: http://svn.apache.org/viewvc?rev=1828445=rev
Log:
OAK-5122 Exercise for Custom Authorization Models
- javadocs
Modified:
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java
Modified:
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java?rev=1828445=1828444=1828445=diff
==
---
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java
(original)
+++
jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/authorization/models/readonly/ReadOnlyAuthorizationConfiguration.java
Thu Apr 5 15:29:49 2018
@@ -74,7 +74,7 @@ import static org.apache.jackrabbit.oak.
* This authorization module forms part of the training material provided by
the
* oak-exercise module and must not be used in a productive environment!
*
- * Overview
+ * Overview
* This simplistic authorization model is limited to permission evaluation and
* doesn't support access control management.
*
@@ -85,7 +85,7 @@ import static org.apache.jackrabbit.oak.
* There exists a single exception to that rule: For the internal {@link
SystemPrincipal}
* permission evaluation is not enforced by this module i.e. this module is
skipped.
*
- * Intended Usage
+ * Intended Usage
* This authorization model is intended to be used in 'AND' combination with
the
* default authorization setup defined by Oak (and optionally additional models
* such as e.g. oak-authorization-cug.
@@ -93,14 +93,14 @@ import static org.apache.jackrabbit.oak.
* It is not intended to be used as standalone model as it would grant full
read
* access to everyone.
*
- * Limitations
+ * Limitations
* Experimental model for training purpose and not intended for usage in
production.
*
- * Key Features
+ * Key Features
*
- * Access Control Management
+ * Access Control Management
*
- *
+ *
* FeatureDescription
* Supported Privilegesall
* Supports Custom Privilegesyes
@@ -111,25 +111,25 @@ import static org.apache.jackrabbit.oak.
* Effective Policies by Principalsfor every set of
principals a single effective policy of type {@link
NamedAccessControlPolicy}
*
*
- * Permission Evaluation
+ * Permission Evaluation
*
- *
+ *
* FeatureDescription
* Supported Permissionsall
* Aggregated Permission Provideryes
*
*
- * Representation in the Repository
+ * Representation in the Repository
*
* There exists no dedicated access control or permission content for this
* authorization model as it doesn't persist any information into the
repository.
* {@link SecurityConfiguration#getContext()} therefore returns the {@link
Context#DEFAULT default}.
*
- * Configuration
+ * Configuration
*
* This model doesn't come with any configuration options.
*
- * Installation Instructions
+ * Installation Instructions
*
* The following steps are required to install this authorization model in an
OSGi based Oak setup.
*
@@ -142,7 +142,7 @@ import static org.apache.jackrabbit.oak.
* make sure the 'Authorization Composition Type' is set to
AND
*
*
- * Wait for the {@link SecurityProvider} to be successfully registered
again.
+ * Wait for the {@link
org.apache.jackrabbit.oak.spi.security.SecurityProvider} to be successfully
registered again.
*
*
*/
svn commit: r1828444 - /jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java
Author: stillalex Date: Thu Apr 5 15:28:12 2018 New Revision: 1828444 URL: http://svn.apache.org/viewvc?rev=1828444=rev Log: OAK-7384 SegmentNodeStoreStats should expose stats for previous minute per thread group - javadocs Modified: jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java Modified: jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java?rev=1828444=1828443=1828444=diff == --- jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java (original) +++ jackrabbit/oak/trunk/oak-segment-tar/src/main/java/org/apache/jackrabbit/oak/segment/SegmentNodeStoreStatsMBean.java Thu Apr 5 15:28:12 2018 @@ -47,21 +47,21 @@ public interface SegmentNodeStoreStatsMB CompositeData getQueuingTimes(); /** - * @return tabular data of the form <commits,writerGroup> collected + * @return tabular data of the form commits,writerGroup collected * in the last minute * @throws OpenDataException if data is not available */ TabularData getCommitsCountPerWriterGroupLastMinute() throws OpenDataException; /** - * @return tabular data of the form <commits,writer> for writers + * @return tabular data of the form commits,writer for writers * not included in groups * @throws OpenDataException if data is not available */ TabularData getCommitsCountForOtherWriters() throws OpenDataException; /** - * @return tabular data of the form <writer,writerDetails> for each writer + * @return tabular data of the form writer,writerDetails for each writer * currently in the queue * @throws OpenDataException if data is not available */
svn commit: r1828443 - /jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java
Author: stillalex
Date: Thu Apr 5 15:26:48 2018
New Revision: 1828443
URL: http://svn.apache.org/viewvc?rev=1828443=rev
Log:
OAK-7024 java.security.acl deprecated in Java 10, marked for removal in Java 12
- more javadocs
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java?rev=1828443=1828442=1828443=diff
==
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java
Thu Apr 5 15:26:48 2018
@@ -69,7 +69,7 @@ import org.slf4j.LoggerFactory;
/**
* Implementation of the {@code PrincipalConfiguration} interface that provides
- * principal management for {@link Group principals} associated with
+ * principal management for {@code Group principals} associated with
* {@link
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity
external identities}
* managed outside of the scope of the repository by an
* {@link
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProvider}.
svn commit: r1828437 - /jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
Author: stillalex
Date: Thu Apr 5 14:30:11 2018
New Revision: 1828437
URL: http://svn.apache.org/viewvc?rev=1828437=rev
Log:
OAK-7024 java.security.acl deprecated in Java 10, marked for removal in Java 11
- fixed javadocs
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
Modified:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java?rev=1828437=1828436=1828437=diff
==
---
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java
Thu Apr 5 14:30:11 2018
@@ -76,7 +76,7 @@ public interface PrincipalProvider {
/**
* Returns an iterator over all group principals for which the given
* principal is either direct or indirect member of. Thus for any principal
- * returned in the iterator {@link GroupPrincipal#isMember(Principal)}
+ * returned in the iterator {@link
org.apache.jackrabbit.api.security.principal.GroupPrincipal#isMember(Principal)}
* must return {@code true}.
*
* Example:
@@ -85,7 +85,7 @@ public interface PrincipalProvider {
*
* @param principal the principal to return it's membership from.
* @return an iterator returning all groups the given principal is member
of.
- * @see GroupPrincipal#isMember(java.security.Principal)
+ * @see
org.apache.jackrabbit.api.security.principal.GroupPrincipal#isMember(java.security.Principal)
*/
@Nonnull
default Set getMembershipPrincipals(@Nonnull Principal
principal) {
svn commit: r1827509 - /jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy
Author: stillalex
Date: Thu Mar 22 15:20:41 2018
New Revision: 1827509
URL: http://svn.apache.org/viewvc?rev=1827509=rev
Log:
OAK-2155 TokenAuthenticationTest#tokenCreationWithPreAuth test failing
repeatedly
Modified:
jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy
Modified:
jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy?rev=1827509=1827508=1827509=diff
==
---
jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy
(original)
+++
jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/TokenAuthenticationTest.groovy
Thu Mar 22 15:20:41 2018
@@ -38,16 +38,15 @@ import javax.security.auth.spi.LoginModu
import static
org.apache.jackrabbit.oak.run.osgi.OakOSGiRepositoryFactory.REPOSITORY_CONFIG_FILE
-class TokenAuthenticationTest extends AbstractRepositoryFactoryTest{
+class TokenAuthenticationTest extends AbstractRepositoryFactoryTest {
@Before
void setupRepo(){
config[REPOSITORY_CONFIG_FILE] =
createConfigValue("oak-base-config.json", "oak-tar-config.json")
}
-@Ignore
@Test
-public void tokenCreationWithPreAuth() throws Exception{
+public void tokenCreationWithPreAuth() throws Exception {
repository = repositoryFactory.getRepository(config)
registry.registerService(LoginModuleFactory.class.name, new
PreAuthLoginModuleFactory(), [
'jaas.controlFlag' : 'sufficient',
@@ -58,7 +57,6 @@ class TokenAuthenticationTest extends Ab
MyCredential myCred = new MyCredential("admin")
Session session = repository.login(myCred)
-//assert session.getAttribute(".token")
assert myCred.getAttribute(".token")
}
svn commit: r1827473 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal: ConfigurationInitializer.java SecurityProviderBuilder.java
Author: stillalex
Date: Thu Mar 22 09:51:43 2018
New Revision: 1827473
URL: http://svn.apache.org/viewvc?rev=1827473=rev
Log:
OAK-7354 Test failure
ExternalIdentityImporterTest.importExternalUserWithPrincipalNames
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/ConfigurationInitializer.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/ConfigurationInitializer.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/ConfigurationInitializer.java?rev=1827473=1827472=1827473=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/ConfigurationInitializer.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/ConfigurationInitializer.java
Thu Mar 22 09:51:43 2018
@@ -48,7 +48,7 @@ final class ConfigurationInitializer {
return configuration;
}
-static void initializeConfigurations(@Nonnull CompositeConfiguration
configuration, @Nonnull SecurityProvider securityProvider,
+static void
initializeConfigurations(@Nonnull CompositeConfiguration configuration,
@Nonnull SecurityProvider securityProvider,
@Nonnull ConfigurationParameters
parameters,
@Nonnull RootProvider rootProvider,
@Nonnull TreeProvider treeProvider) {
@@ -56,8 +56,8 @@ final class ConfigurationInitializer {
configuration.setRootProvider(rootProvider);
configuration.setTreeProvider(treeProvider);
-List configs =
configuration.getConfigurations();
-for (SecurityConfiguration config : configs) {
+List configs = configuration.getConfigurations();
+for (T config : configs) {
initializeConfiguration(config, securityProvider, parameters,
rootProvider, treeProvider);
}
}
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java?rev=1827473=1827472=1827473=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java
Thu Mar 22 09:51:43 2018
@@ -94,7 +94,7 @@ public class SecurityProviderBuilder {
userParams = configuration.getConfigValue(UserConfiguration.NAME,
EMPTY);
} else {
AuthorizableActionProvider authorizableActionProvider = new
DefaultAuthorizableActionProvider();
-AuthorizableNodeName authorizableNodeName = new
RandomAuthorizableNodeName();
+AuthorizableNodeName authorizableNodeName =
AuthorizableNodeName.DEFAULT;
UserAuthenticationFactory userAuthenticationFactory =
UserConfigurationImpl
.getDefaultAuthenticationFactory();
@@ -182,7 +182,8 @@ public class SecurityProviderBuilder {
// authorization
if (authorizationConfiguration == null) {
authorizationConfiguration = new
CompositeAuthorizationConfiguration();
-authorizationConfiguration.setDefaultConfig(new
AuthorizationConfigurationImpl());
+
authorizationConfiguration.setDefaultConfig(initializeConfiguration(new
AuthorizationConfigurationImpl(),
+securityProvider, rootProvider, treeProvider));
}
initializeConfigurations(authorizationConfiguration, securityProvider,
authorizationParams, rootProvider,
treeProvider);
@@ -191,7 +192,8 @@ public class SecurityProviderBuilder {
// principal
if (principalConfiguration == null) {
principalConfiguration = new CompositePrincipalConfiguration();
-principalConfiguration.setDefaultConfig(new
PrincipalConfigurationImpl());
+
principalConfiguration.setDefaultConfig(initializeConfiguration(new
PrincipalConfigurationImpl(),
+securityProvider, rootProvider, treeProvider));
}
initializeConfigurations(principalConfiguration, securityProvider,
principalParams, rootProvider, treeProvider);
securityProvider.setPrincipalConfiguration(principalConfiguration);
@@ -199,12 +201,13 @@ public class SecurityProviderBuilder {
// token
svn commit: r1827423 - in /jackrabbit/oak/trunk: oak-auth-ldap/pom.xml oak-security-spi/pom.xml
Author: stillalex Date: Wed Mar 21 17:29:22 2018 New Revision: 1827423 URL: http://svn.apache.org/viewvc?rev=1827423=rev Log: OAK-7366 update to mockito version compatible with jdk 10 Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml jackrabbit/oak/trunk/oak-security-spi/pom.xml Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/pom.xml?rev=1827423=1827422=1827423=diff == --- jackrabbit/oak/trunk/oak-auth-ldap/pom.xml (original) +++ jackrabbit/oak/trunk/oak-auth-ldap/pom.xml Wed Mar 21 17:29:22 2018 @@ -412,7 +412,7 @@ org.mockito mockito-core -2.11.0 +2.12.0 test Modified: jackrabbit/oak/trunk/oak-security-spi/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/pom.xml?rev=1827423=1827422=1827423=diff == --- jackrabbit/oak/trunk/oak-security-spi/pom.xml (original) +++ jackrabbit/oak/trunk/oak-security-spi/pom.xml Wed Mar 21 17:29:22 2018 @@ -165,7 +165,7 @@ org.mockito mockito-core - 2.11.0 + 2.12.0 test
svn commit: r1827395 - in /jackrabbit/oak/trunk/oak-segment-azure: pom.xml src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java src/test/java/org/apache/jackrabbit/oak/segment
Author: stillalex Date: Wed Mar 21 09:25:30 2018 New Revision: 1827395 URL: http://svn.apache.org/viewvc?rev=1827395=rev Log: OAK-7355 Move the pluggable storage interfaces to the SPI package Modified: jackrabbit/oak/trunk/oak-segment-azure/pom.xml jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureManifestFileTest.java Modified: jackrabbit/oak/trunk/oak-segment-azure/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-segment-azure/pom.xml?rev=1827395=1827394=1827395=diff == --- jackrabbit/oak/trunk/oak-segment-azure/pom.xml (original) +++ jackrabbit/oak/trunk/oak-segment-azure/pom.xml Wed Mar 21 09:25:30 2018 @@ -63,6 +63,15 @@ + +org.apache.rat +apache-rat-plugin + + +start-azurite.sh + + + Modified: jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java?rev=1827395=1827394=1827395=diff == --- jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java (original) +++ jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureGCJournalTest.java Wed Mar 21 09:25:30 2018 @@ -1,3 +1,21 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ package org.apache.jackrabbit.oak.segment.azure; import com.microsoft.azure.storage.StorageException; Modified: jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureManifestFileTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureManifestFileTest.java?rev=1827395=1827394=1827395=diff == --- jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureManifestFileTest.java (original) +++ jackrabbit/oak/trunk/oak-segment-azure/src/test/java/org/apache/jackrabbit/oak/segment/azure/AzureManifestFileTest.java Wed Mar 21 09:25:30 2018 @@ -1,3 +1,21 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ package org.apache.jackrabbit.oak.segment.azure; import com.microsoft.azure.storage.StorageException;
svn commit: r1827304 - /jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java
Author: stillalex
Date: Tue Mar 20 12:43:05 2018
New Revision: 1827304
URL: http://svn.apache.org/viewvc?rev=1827304=rev
Log:
OAK-6956 RepositoryUpgrade hardcodes SecurityProvider
Modified:
jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java
Modified:
jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java?rev=1827304=1827303=1827304=diff
==
---
jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java
(original)
+++
jackrabbit/oak/trunk/oak-upgrade/src/main/java/org/apache/jackrabbit/oak/upgrade/RepositoryUpgrade.java
Tue Mar 20 12:43:05 2018
@@ -106,7 +106,7 @@ import org.apache.jackrabbit.oak.plugins
import org.apache.jackrabbit.oak.InitialContent;
import
org.apache.jackrabbit.oak.plugins.nodetype.write.ReadWriteNodeTypeManager;
import org.apache.jackrabbit.oak.plugins.value.jcr.ValueFactoryImpl;
-import org.apache.jackrabbit.oak.security.SecurityProviderImpl;
+import org.apache.jackrabbit.oak.security.internal.SecurityProviderBuilder;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
import org.apache.jackrabbit.oak.spi.commit.CommitInfo;
import org.apache.jackrabbit.oak.spi.commit.CompositeEditorProvider;
@@ -118,6 +118,7 @@ import org.apache.jackrabbit.oak.spi.lif
import org.apache.jackrabbit.oak.spi.lifecycle.WorkspaceInitializer;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits;
import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
@@ -414,8 +415,8 @@ public class RepositoryUpgrade {
String workspaceName =
source.getRepositoryConfig().getDefaultWorkspaceName();
-SecurityProviderImpl security = new SecurityProviderImpl(
-mapSecurityConfig(config.getSecurityConfig()));
+SecurityProvider security = SecurityProviderBuilder.newBuilder()
+
.with(mapSecurityConfig(config.getSecurityConfig())).build();
if (skipInitialization) {
logger.info("Skipping the repository initialization");
svn commit: r1827296 - in /jackrabbit/oak/trunk: oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ oak-core/src/main/java/org/apache/jackra
Author: stillalex
Date: Tue Mar 20 11:31:56 2018
New Revision: 1827296
URL: http://svn.apache.org/viewvc?rev=1827296=rev
Log:
OAK-7024 java.security.acl deprecated in Java 10, marked for removal in Java 11
- reintroduced Group implementation for backwards compatibility reasons
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java?rev=1827296=1827295=1827296=diff
==
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java
Tue Mar 20 11:31:56 2018
@@ -272,7 +272,7 @@ class ExternalGroupPrincipalProvider imp
* identities that are not represented as authorizable
group
* in the repository's user management.
*/
-private final class ExternalGroupPrincipal extends PrincipalImpl
implements GroupPrincipal {
+private final class ExternalGroupPrincipal extends PrincipalImpl
implements GroupPrincipal, java.security.acl.Group {
private ExternalGroupPrincipal(String principalName) {
super(principalName);
@@ -280,6 +280,24 @@ class ExternalGroupPrincipalProvider imp
}
@Override
+public boolean addMember(Principal user) {
+if (isMember(user)) {
+return false;
+} else {
+throw new UnsupportedOperationException("Adding members to
external group principals is not supported.");
+}
+}
+
+@Override
+public boolean removeMember(Principal user) {
+if (!isMember(user)) {
+return false;
+} else {
+throw new UnsupportedOperationException("Removing members from
external group principals is not supported.");
+}
+}
+
+@Override
public boolean isMember(Principal member) {
if (GroupPrincipals.isGroup(member)) {
return false;
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java?rev=1827296=1827295=1827296=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java
Tue Mar 20 11:31:56 2018
@@ -38,7 +38,7 @@ import org.slf4j.LoggerFactory;
/**
* Base class for {@code Group} principals.
*/
-abstract class AbstractGroupPrincipal extends TreeBasedPrincipal implements
GroupPrincipal {
+abstract class AbstractGroupPrincipal extends TreeBasedPrincipal implements
GroupPrincipal, java.security.acl.Group {
private static final Logger log =
LoggerFactory.getLogger(AbstractGroupPrincipal.class);
@@ -112,4 +112,13 @@ abstract class AbstractGroupPrincipal ex
return Iterators.asEnumeration(Iterators.filter(principals,
Predicates.notNull()));
}
+@Override
+public boolean addMember(Principal principal) {
+throw new UnsupportedOperationException();
+}
+
+@Override
+public boolean removeMember(Principal principal) {
+throw new UnsupportedOperationException();
+}
}
svn commit: r1827287 - /jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
Author: stillalex
Date: Tue Mar 20 10:10:17 2018
New Revision: 1827287
URL: http://svn.apache.org/viewvc?rev=1827287=rev
Log:
OAK-7354 Test failure
ExternalIdentityImporterTest.importExternalUserWithPrincipalNames
- refactor repo creation
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java?rev=1827287=1827286=1827287=diff
==
---
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
Tue Mar 20 10:10:17 2018
@@ -37,8 +37,6 @@ import org.apache.jackrabbit.oak.spi.sec
import
org.apache.jackrabbit.oak.spi.security.authentication.external.TestSecurityProvider;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalIdentityConstants;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
-import org.junit.After;
-import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.assertFalse;
@@ -71,11 +69,8 @@ public class ExternalIdentityImporterTes
" 2016-05-03T10:03:08.061+02:00"
+
"";
-private Repository repo;
-
-@Before
-public void before() throws Exception {
-SecurityProvider securityProvider =
TestSecurityProvider.newTestSecurityProvider(getConfigurationParameters(),
+private Repository createRepo() throws Exception {
+SecurityProvider securityProvider =
TestSecurityProvider.newTestSecurityProvider(ConfigurationParameters.EMPTY,
new ExternalPrincipalConfiguration());
QueryEngineSettings queryEngineSettings = new QueryEngineSettings();
queryEngineSettings.setFailTraversal(true);
@@ -83,22 +78,16 @@ public class ExternalIdentityImporterTes
Jcr jcr = new Jcr();
jcr.with(securityProvider);
jcr.with(queryEngineSettings);
-repo = jcr.createRepository();
+return jcr.createRepository();
}
-@After
-public void after() throws Exception {
-if (repo instanceof JackrabbitRepository) {
+private static void shutdown(Repository repo) throws Exception {
+if (repo != null && repo instanceof JackrabbitRepository) {
((JackrabbitRepository) repo).shutdown();
}
}
-@Nonnull
-ConfigurationParameters getConfigurationParameters() {
-return ConfigurationParameters.EMPTY;
-}
-
-Session createSession(boolean isSystem) throws Exception {
+Session createSession(Repository repo, boolean isSystem) throws Exception {
if (isSystem) {
return Subject.doAs(SystemSubject.INSTANCE, new
PrivilegedExceptionAction() {
@Override
@@ -140,9 +129,11 @@ public class ExternalIdentityImporterTes
@Test
public void importExternalUser() throws Exception {
+Repository repo = null;
Session s = null;
try {
-s = createSession(false);
+repo = createRepo();
+s = createSession(repo, false);
Node parent = doImport(s, UserConstants.DEFAULT_USER_PATH,
XML_EXTERNAL_USER);
assertHasProperties(parent.getNode("t"),
ExternalIdentityConstants.REP_EXTERNAL_ID,
ExternalIdentityConstants.REP_LAST_SYNCED);
@@ -151,14 +142,17 @@ public class ExternalIdentityImporterTes
if (s != null) {
s.logout();
}
+shutdown(repo);
}
}
@Test
public void importExternalUserAsSystem() throws Exception {
+Repository repo = null;
Session s = null;
try {
-s = createSession(true);
+repo = createRepo();
+s = createSession(repo, true);
Node parent = doImport(s, UserConstants.DEFAULT_USER_PATH,
XML_EXTERNAL_USER);
assertHasProperties(parent.getNode("t"),
ExternalIdentityConstants.REP_EXTERNAL_ID,
ExternalIdentityConstants.REP_LAST_SYNCED);
@@ -167,14 +161,17 @@ public class ExternalIdentityImporterTes
if (s != null) {
s.logout();
}
+shutdown(repo);
}
}
@Test
public vo
svn commit: r1827239 [2/2] - in /jackrabbit/oak/trunk: oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ oak-auth-external/src/test/java/or
Added:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java?rev=1827239=auto
==
---
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java
(added)
+++
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java
Mon Mar 19 20:08:56 2018
@@ -0,0 +1,112 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.spi.security.principal;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.Iterator;
+import java.util.Set;
+
+import javax.annotation.Nonnull;
+
+import org.apache.jackrabbit.api.security.principal.GroupPrincipal;
+
+import com.google.common.base.Function;
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Iterators;
+
+/**
+ * Helper class to deal with the migration between the 2 types of groups
+ *
+ */
+public final class GroupPrincipals {
+
+private static final GroupTransformer TRANSFORMER = new GroupTransformer();
+
+private GroupPrincipals() {
+}
+
+/**
+ * Checks if the provided principal is a group.
+ *
+ * @param principal
+ *to be checked.
+ *
+ * @return true if the principal is of type group.
+ */
+public static boolean isGroup(@Nonnull Principal principal) {
+return principal instanceof Group || principal instanceof
GroupPrincipal;
+}
+
+/**
+ * Returns an enumeration of the members in the group.
+ * @param principal the principal whose membership is listed.
+ * @return an enumeration of the group members.
+ */
+public static Enumeration members(@Nonnull Principal
principal) {
+if (principal instanceof Group) {
+return ((Group) principal).members();
+}
+if (principal instanceof GroupPrincipal) {
+return ((GroupPrincipal) principal).members();
+}
+return Collections.emptyEnumeration();
+}
+
+/**
+ * Returns true if the passed principal is a member of the group.
+ * @param principal the principal whose members are being checked.
+ * @param member the principal whose membership is to be checked.
+ * @return true if the principal is a member of this group, false
otherwise.
+ */
+public static boolean isMember(@Nonnull Principal principal, @Nonnull
Principal member) {
+if (principal instanceof Group) {
+return ((Group) principal).isMember(member);
+}
+if (principal instanceof GroupPrincipal) {
+return ((GroupPrincipal) principal).isMember(member);
+}
+return false;
+}
+
+public static Set transform(Set groups) {
+ImmutableSet.Builder g2 = ImmutableSet.builder();
+for (Group g : groups) {
+g2.add(new GroupPrincipalWrapper(g));
+}
+return g2.build();
+}
+
+public static Enumeration transform(Enumeration members) {
+Iterator m2 =
Iterators.transform(Iterators.forEnumeration(members), TRANSFORMER);
+return Iterators.asEnumeration(m2);
+}
+
+private static class GroupTransformer implements Function {
+
+@Override
+public Principal apply(Principal input) {
+if (input instanceof Group) {
+return new GroupPrincipalWrapper((Group) input);
+} else {
+return input;
+}
+}
+}
+}
Propchange:
jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java
--
svn:eol-style = native
Modified:
svn commit: r1827239 [1/2] - in /jackrabbit/oak/trunk: oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ oak-auth-external/src/test/java/or
Author: stillalex Date: Mon Mar 19 20:08:56 2018 New Revision: 1827239 URL: http://svn.apache.org/viewvc?rev=1827239=rev Log: OAK-7024 java.security.acl deprecated in Java 10, marked for removal in Java 11 Added: jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipalWrapper.java (with props) jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipals.java (with props) jackrabbit/oak/trunk/oak-security-spi/src/test/java/org/apache/jackrabbit/oak/spi/security/principal/GroupPrincipalsTest.java (with props) Modified: jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProvider.java jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalPrincipalConfiguration.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/AbstractPrincipalTest.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalProviderTest.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalGroupPrincipalTest.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/PrincipalProviderAutoMembershipTest.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/PrincipalProviderDeepNestingTest.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipal.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/ImpersonationImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProvider.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ACLTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/AbstractPrincipalProviderTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AbstractGroupPrincipalTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/ImpersonationImplEmptyTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserPrincipalProviderWithCacheTest.java jackrabbit/oak/trunk/oak-exercise/src/main/java/org/apache/jackrabbit/oak/exercise/security/principal/CustomPrincipalProvider.java jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/permission/L3_PrecedenceRulesTest.java jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/principal/L3_EveryoneTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/principal/PrincipalManagerTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/GroupTest.java jackrabbit/oak/trunk/oak-security-spi/pom.xml jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/CompositePrincipalProvider.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/EmptyPrincipalProvider.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/EveryonePrincipal.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalManagerImpl.java jackrabbit/oak/trunk/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/principal/PrincipalProvider.java jackrabbit/oak/trunk/oak-security-spi/src/main
svn commit: r1827181 - /jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
Author: stillalex
Date: Mon Mar 19 09:40:58 2018
New Revision: 1827181
URL: http://svn.apache.org/viewvc?rev=1827181=rev
Log:
OAK-7354 Test failure
ExternalIdentityImporterTest.importExternalUserWithPrincipalNames
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java?rev=1827181=1827180=1827181=diff
==
---
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java
Mon Mar 19 09:40:58 2018
@@ -29,7 +29,6 @@ import javax.jcr.SimpleCredentials;
import javax.security.auth.Subject;
import org.apache.jackrabbit.api.JackrabbitRepository;
-import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.oak.jcr.Jcr;
import org.apache.jackrabbit.oak.query.QueryEngineSettings;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
@@ -73,12 +72,10 @@ public class ExternalIdentityImporterTes
"";
private Repository repo;
-private SecurityProvider securityProvider;
-private JackrabbitSession session;
@Before
public void before() throws Exception {
-securityProvider =
TestSecurityProvider.newTestSecurityProvider(getConfigurationParameters(),
+SecurityProvider securityProvider =
TestSecurityProvider.newTestSecurityProvider(getConfigurationParameters(),
new ExternalPrincipalConfiguration());
QueryEngineSettings queryEngineSettings = new QueryEngineSettings();
queryEngineSettings.setFailTraversal(true);
@@ -91,14 +88,8 @@ public class ExternalIdentityImporterTes
@After
public void after() throws Exception {
-try {
-if (session != null) {
-session.logout();
-}
-} finally {
-if (repo instanceof JackrabbitRepository) {
-((JackrabbitRepository) repo).shutdown();
-}
+if (repo instanceof JackrabbitRepository) {
+((JackrabbitRepository) repo).shutdown();
}
}
@@ -107,18 +98,17 @@ public class ExternalIdentityImporterTes
return ConfigurationParameters.EMPTY;
}
-JackrabbitSession createSession(boolean isSystem) throws Exception {
+Session createSession(boolean isSystem) throws Exception {
if (isSystem) {
-session = (JackrabbitSession) Subject.doAs(SystemSubject.INSTANCE,
new PrivilegedExceptionAction() {
+return Subject.doAs(SystemSubject.INSTANCE, new
PrivilegedExceptionAction() {
@Override
public Session run() throws RepositoryException {
return repo.login(null, null);
}
});
} else {
-session = (JackrabbitSession) repo.login(new
SimpleCredentials(UserConstants.DEFAULT_ADMIN_ID,
UserConstants.DEFAULT_ADMIN_ID.toCharArray()));
+return repo.login(new
SimpleCredentials(UserConstants.DEFAULT_ADMIN_ID,
UserConstants.DEFAULT_ADMIN_ID.toCharArray()));
}
-return session;
}
Node doImport(Session importSession, String parentPath, String xml) throws
Exception {
@@ -150,28 +140,66 @@ public class ExternalIdentityImporterTes
@Test
public void importExternalUser() throws Exception {
-Node parent = doImport(createSession(false),
UserConstants.DEFAULT_USER_PATH, XML_EXTERNAL_USER);
-assertHasProperties(parent.getNode("t"),
ExternalIdentityConstants.REP_EXTERNAL_ID,
ExternalIdentityConstants.REP_LAST_SYNCED);
-assertNotHasProperties(parent.getNode("t"),
ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES);
+Session s = null;
+try {
+s = createSession(false);
+Node parent = doImport(s, UserConstants.DEFAULT_USER_PATH,
XML_EXTERNAL_USER);
+assertHasProperties(parent.getNode("t"),
ExternalIdentityConstants.REP_EXTERNAL_ID,
+ExternalIdentityConstants.REP_LAST_SYNCED);
+assertNotHasProperties(parent.getNode("t"),
ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES);
+} finally {
+
svn commit: r1826984 - in /jackrabbit/oak/trunk: oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ oak-authorization-cug/src/test/java/org/apache/jackrabb
Author: stillalex Date: Fri Mar 16 13:05:46 2018 New Revision: 1826984 URL: http://svn.apache.org/viewvc?rev=1826984=rev Log: OAK-7340 Remove SecurityProviderImpl usage from tests Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java (with props) jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderHelper.java (with props) Removed: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AddMembersTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/CompositeAuthorizationTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/CugTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsMemberTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/MemberBaseTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/ReadWithMembershipTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/RemoveMembersTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistration.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/observation/ChangeCollectorProviderTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProviderRandomTestIT.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistrationTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserInitializerTest.java jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/ClusterPermissionsTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ImportIgnoreTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AbstractImportTest.java jackrabbit/oak/trunk/oak-segment-tar/src/test/java/org/apache/jackrabbit/oak/segment/InitializerTest.java jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/InitializerTest.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java?rev=1826984=1826983=1826984=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java Fri Mar 16 13:05:46 2018 @@ -19,6 +19,7 @@ package org.apache.jackrabbit.oak.spi.se import javax.annotation.Nonnull; import org.apache.jackrabbit.oak.security.internal.SecurityProviderBuilder; +import org.apache.jackrabbit.oak.security.internal.SecurityProviderHelper; import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters; import org.apache.jackrabbit.oak.spi.security.SecurityProvider; import org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal.ExternalPrincipalConfiguration; @@ -30,6 +31,8 @@ public final class TestSecurityProvider
svn commit: r1822821 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java
Author: stillalex
Date: Wed Jan 31 19:11:08 2018
New Revision: 1822821
URL: http://svn.apache.org/viewvc?rev=1822821=rev
Log:
OAK-7227 MountPermissionProvider getNumEntries prone to overflow
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java?rev=1822821=1822820=1822821=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProvider.java
Wed Jan 31 19:11:08 2018
@@ -26,6 +26,7 @@ import java.util.Set;
import javax.annotation.Nonnull;
import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.commons.LongUtils;
import org.apache.jackrabbit.oak.plugins.tree.RootProvider;
import org.apache.jackrabbit.oak.spi.mount.Mount;
import org.apache.jackrabbit.oak.spi.mount.MountInfoProvider;
@@ -104,7 +105,7 @@ public class MountPermissionProvider ext
public long getNumEntries(String principalName, long max) {
long num = 0;
for (PermissionStoreImpl store : stores) {
-num += store.getNumEntries(principalName, max);
+num = LongUtils.safeAdd(num,
store.getNumEntries(principalName, max));
if (num >= max) {
break;
}
svn commit: r1817897 - in /jackrabbit/oak/trunk/oak-auth-external: pom.xml src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitial
Author: stillalex
Date: Tue Dec 12 09:33:22 2017
New Revision: 1817897
URL: http://svn.apache.org/viewvc?rev=1817897=rev
Log:
OAK-7013 Replace usage in oak-auth-external
Modified:
jackrabbit/oak/trunk/oak-auth-external/pom.xml
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitializer.java
Modified: jackrabbit/oak/trunk/oak-auth-external/pom.xml
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/pom.xml?rev=1817897=1817896=1817897=diff
==
--- jackrabbit/oak/trunk/oak-auth-external/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-auth-external/pom.xml Tue Dec 12 09:33:22 2017
@@ -171,12 +171,6 @@
test
-com.h2database
-h2
-${h2.version}
-test
-
-
org.slf4j
jul-to-slf4j
test
Modified:
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitializer.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitializer.java?rev=1817897=1817896=1817897=diff
==
---
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitializer.java
(original)
+++
jackrabbit/oak/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityRepositoryInitializer.java
Tue Dec 12 09:33:22 2017
@@ -17,32 +17,13 @@
package
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal;
import javax.annotation.Nonnull;
-import javax.jcr.RepositoryException;
-import org.apache.jackrabbit.JcrConstants;
-import org.apache.jackrabbit.oak.api.CommitFailedException;
-import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.api.Tree;
-import org.apache.jackrabbit.oak.commons.PathUtils;
-import org.apache.jackrabbit.oak.plugins.index.IndexConstants;
import org.apache.jackrabbit.oak.plugins.index.IndexUtils;
-import org.apache.jackrabbit.oak.plugins.memory.MemoryNodeStore;
-import org.apache.jackrabbit.oak.plugins.name.NamespaceEditorProvider;
-import org.apache.jackrabbit.oak.plugins.nodetype.TypeEditorProvider;
-import org.apache.jackrabbit.oak.plugins.tree.factories.RootFactory;
-import org.apache.jackrabbit.oak.spi.commit.CompositeEditorProvider;
-import org.apache.jackrabbit.oak.spi.commit.EditorHook;
import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
import
org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalIdentityConstants;
-import org.apache.jackrabbit.oak.spi.state.ApplyDiff;
import org.apache.jackrabbit.oak.spi.state.NodeBuilder;
-import org.apache.jackrabbit.oak.spi.state.NodeState;
-import org.apache.jackrabbit.oak.spi.state.NodeStore;
-import org.apache.jackrabbit.oak.plugins.tree.TreeUtil;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import static com.google.common.base.Preconditions.checkState;
+import com.google.common.collect.ImmutableList;
/**
* Implementation of the {@code RepositoryInitializer} interface responsible
for
@@ -60,8 +41,6 @@ import static com.google.common.base.Pre
*/
class ExternalIdentityRepositoryInitializer implements RepositoryInitializer {
-private static final Logger log =
LoggerFactory.getLogger(ExternalIdentityRepositoryInitializer.class);
-
private final boolean enforceUniqueIds;
ExternalIdentityRepositoryInitializer(boolean enforceUniqueIds) {
@@ -70,42 +49,20 @@ class ExternalIdentityRepositoryInitiali
@Override
public void initialize(@Nonnull NodeBuilder builder) {
-NodeState base = builder.getNodeState();
-NodeStore store = new MemoryNodeStore(base);
-
-String errorMsg = "Failed to initialize external identity content.";
-try {
-Root root = RootFactory.createSystemRoot(store,
-new EditorHook(new CompositeEditorProvider(new
NamespaceEditorProvider(), new TypeEditorProvider())),
-null, null, null);
-
-// create index definition for "rep:externalId" and
"rep:externalPrincipalNames"
-Tree rootTree = root.getTree(PathUtils.ROOT_PATH);
-checkState(rootTree.exists());
-Tree index = TreeUtil.getOrAddChild(rootTree,
IndexConstants.INDEX_DEFINITIONS_NAME, JcrConstants.NT_UNSTRUCTURED);
-
-if (enforceUniqueIds && !index.hasChild(
svn commit: r1817893 - in /jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak: AbstractSecurityTest.java security/privilege/PrivilegeContextTest.java security/user/UserContextTest.j
Author: stillalex
Date: Tue Dec 12 09:05:05 2017
New Revision: 1817893
URL: http://svn.apache.org/viewvc?rev=1817893=rev
Log:
OAK-7022 Prepare for usage of Root/TreeProvider in security tests
- switched to the interfaces
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserContextTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java?rev=1817893=1817892=1817893=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
Tue Dec 12 09:05:05 2017
@@ -51,6 +51,8 @@ import org.apache.jackrabbit.oak.plugins
import
org.apache.jackrabbit.oak.plugins.index.reference.ReferenceIndexProvider;
import org.apache.jackrabbit.oak.plugins.name.NamespaceEditorProvider;
import org.apache.jackrabbit.oak.plugins.nodetype.TypeEditorProvider;
+import org.apache.jackrabbit.oak.plugins.tree.RootProvider;
+import org.apache.jackrabbit.oak.plugins.tree.TreeProvider;
import org.apache.jackrabbit.oak.plugins.tree.impl.RootProviderService;
import org.apache.jackrabbit.oak.plugins.tree.impl.TreeProviderService;
import org.apache.jackrabbit.oak.plugins.value.jcr.ValueFactoryImpl;
@@ -83,8 +85,8 @@ public abstract class AbstractSecurityTe
protected Root root;
protected QueryEngineSettings querySettings;
-private final RootProviderService rootProvider = new
RootProviderService();
-private final TreeProviderService treeProvider = new TreeProviderService();
+private final RootProvider rootProvider = new RootProviderService();
+private final TreeProvider treeProvider = new TreeProviderService();
@Before
public void before() throws Exception {
@@ -252,11 +254,11 @@ public abstract class AbstractSecurityTe
return getSecurityProvider().getConfiguration(configClass);
}
-public RootProviderService getRootProvider() {
+public RootProvider getRootProvider() {
return rootProvider;
}
-public TreeProviderService getTreeProvider() {
+public TreeProvider getTreeProvider() {
return treeProvider;
}
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java?rev=1817893=1817892=1817893=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeContextTest.java
Tue Dec 12 09:05:05 2017
@@ -29,6 +29,7 @@ import org.apache.jackrabbit.oak.plugins
import org.apache.jackrabbit.oak.plugins.memory.PropertyStates;
import org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants;
import org.apache.jackrabbit.oak.plugins.tree.TreeLocation;
+import org.apache.jackrabbit.oak.plugins.tree.TreeProvider;
import org.apache.jackrabbit.oak.plugins.tree.impl.TreeProviderService;
import org.apache.jackrabbit.oak.spi.security.Context;
import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
@@ -110,7 +111,7 @@ public class PrivilegeContextTest {
@Test
public void testEmptyNotDefinesTree() {
-TreeProviderService treeProvider = new TreeProviderService();
+TreeProvider treeProvider = new TreeProviderService();
assertFalse(ctx.definesTree(treeProvider.createReadOnlyTree(EmptyNodeState.EMPTY_NODE)));
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserContextTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserContextTest.java?rev=1817893=1817892=1817893=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserContextTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserContextTest.java
Tue Dec 12 09:05:05 2017
@@ -36,6 +36,7 @@ import org.apache.jackrabbit.oak.plugins
import org.apache.jackrabbit.oak.spi.nodetype.NodeTypeConstants
svn commit: r1816629 - in /jackrabbit/oak/trunk: oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ oak-auth-external/src/test/java/org/apache/jackrabbit/o
Author: stillalex Date: Wed Nov 29 14:02:43 2017 New Revision: 1816629 URL: http://svn.apache.org/viewvc?rev=1816629=rev Log: OAK-6221 Deprecate SecurityProviderImpl Added: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderBuilder.java (with props) Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/AbstractExternalAuthTest.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/TestSecurityProvider.java jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalIdentityImporterTest.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/AbstractCugTest.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugAccessControlManagerTest.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfigurationTest.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugImportBaseTest.java jackrabbit/oak/trunk/oak-authorization-cug/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugSecurityProvider.java jackrabbit/oak/trunk/oak-benchmarks/pom.xml jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AddMembersTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/CompositeAuthorizationTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/CugTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/IsMemberTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/MemberBaseTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/RemoveMembersTest.java jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/authentication/external/AbstractExternalTest.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/plugins/observation/ChangeCollectorProviderTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImplTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/MountPermissionProviderRandomTestIT.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserInitializerTest.java jackrabbit/oak/trunk/oak-it/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/ClusterPermissionsTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/authorization/ImportIgnoreTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/AbstractImportTest.java jackrabbit/oak/trunk/oak-segment-tar/pom.xml jackrabbit/oak/trunk/oak-segment-tar/src/test/java/org/apache/jackrabbit/oak/segment/InitializerTest.java jackrabbit/oak/trunk/oak-store-document/pom.xml jackrabbit/oak/trunk/oak-store-document/src/test/java/org/apache/jackrabbit/oak/plugins/document/InitializerTest.java Modified: jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/AbstractExternalAuthTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/AbstractExternalAuthTest.java?rev=1816629=1816628=1816629=diff == --- jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/AbstractExternalAuthTest.java (original) +++ jackrabbit/oak/trunk/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/AbstractExternalAuthTest.java Wed Nov 29 14:02:43 2017 @@ -136,7 +136,7 @@ public abstract class AbstractExternalAu @Override protected SecurityProvider
svn commit: r1816536 - /jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
Author: stillalex
Date: Tue Nov 28 10:03:42 2017
New Revision: 1816536
URL: http://svn.apache.org/viewvc?rev=1816536=rev
Log:
OAK-6979 CugConfiguration.unbindMountInfoProvider doesn't restore the default
- clarified livecycle expectations
Modified:
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
Modified:
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java?rev=1816536=1816535=1816536=diff
==
---
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
(original)
+++
jackrabbit/oak/trunk/oak-authorization-cug/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/cug/impl/CugConfiguration.java
Tue Nov 28 10:03:42 2017
@@ -214,6 +214,8 @@ public class CugConfiguration extends Co
}
public void unbindMountInfoProvider(MountInfoProvider mountInfoProvider) {
+// set to null (and not default) to comply with OSGi lifecycle,
+// if the reference is unset it means the service is being deactivated
this.mountInfoProvider = null;
}
svn commit: r1816064 - in /jackrabbit/oak/trunk: oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/ oak-c
Author: stillalex
Date: Wed Nov 22 16:00:40 2017
New Revision: 1816064
URL: http://svn.apache.org/viewvc?rev=1816064=rev
Log:
OAK-6818 TokenAuthentication/TokenProviderImpl: cleanup expired tokens
Added:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/LoginWithTokensTest.java
(with props)
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenCleanupTest.java
(with props)
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/authentication/token/default.md
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java?rev=1816064=1816063=1816064=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/AbstractLoginTest.java
Wed Nov 22 16:00:40 2017
@@ -108,16 +108,32 @@ abstract class AbstractLoginTest extends
}
}
+protected boolean customConfigurationParameters() {
+return noIterations != -1 || expiration > 0;
+}
+
+protected ConfigurationParameters prepare(ConfigurationParameters conf) {
+return conf;
+}
+
@Override
protected Repository[] createRepository(RepositoryFixture fixture) throws
Exception {
-if (noIterations != -1 || expiration > 0) {
+if (customConfigurationParameters()) {
if (fixture instanceof OakRepositoryFixture) {
return ((OakRepositoryFixture) fixture).setUpCluster(1, new
JcrCreator() {
@Override
public Jcr customize(Oak oak) {
ConfigurationParameters conf;
-ConfigurationParameters iterations =
ConfigurationParameters.of(UserConstants.PARAM_PASSWORD_HASH_ITERATIONS,
noIterations);
-ConfigurationParameters cache =
ConfigurationParameters.of("cacheExpiration", expiration);
+ConfigurationParameters iterations =
ConfigurationParameters.EMPTY;
+if (noIterations != DEFAULT_ITERATIONS) {
+iterations =
ConfigurationParameters.of(UserConstants.PARAM_PASSWORD_HASH_ITERATIONS,
+noIterations);
+}
+ConfigurationParameters cache =
ConfigurationParameters.EMPTY;
+if (expiration > 0) {
+cache =
ConfigurationParameters.of("cacheExpiration", expiration);
+}
+
if (runWithToken) {
conf = ConfigurationParameters.of(
TokenConfiguration.NAME, iterations,
@@ -126,6 +142,7 @@ abstract class AbstractLoginTest extends
conf = ConfigurationParameters.of(
UserConfiguration.NAME,
ConfigurationParameters.of(iterations, cache));
}
+conf = prepare(conf);
SecurityProvider sp = new SecurityProviderImpl(conf);
return new Jcr(oak).with(sp);
}
Modified:
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java?rev=1816064=1816063=1816064=diff
==
---
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
(original)
+++
jackrabbit/oak/trunk/oak-benchmarks/src/main/java/org/apache/jackrabbit/oak/benchmark/BenchmarkRunner.java
Wed Nov 22 16:00:40 2017
@@ -250,6 +250,7 @@ public class BenchmarkRunner {
runAsUser.value(options),
runWithToken.value(options),
noIterations.value(options)),
+new LoginWithTokensTest(numberOfUsers.value(options)),
svn commit: r1815818 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java test/java/org/apache/jackrabbit/oak/security/auth
Author: stillalex
Date: Mon Nov 20 15:11:27 2017
New Revision: 1815818
URL: http://svn.apache.org/viewvc?rev=1815818=rev
Log:
OAK-6940 Login token name generation is prone to race conditions
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java?rev=1815818=1815817=1815818=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
Mon Nov 20 15:11:27 2017
@@ -24,8 +24,6 @@ import java.util.Arrays;
import java.util.Calendar;
import java.util.Collection;
import java.util.Collections;
-import java.util.Date;
-import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
@@ -204,7 +202,7 @@ class TokenProviderImpl implements Token
if (tokenParent != null) {
try {
String id = user.getID();
-long creationTime = new Date().getTime();
+long creationTime = System.currentTimeMillis();
long exp;
if (attributes.containsKey(PARAM_TOKEN_EXPIRATION)) {
exp =
Long.parseLong(attributes.get(PARAM_TOKEN_EXPIRATION).toString());
@@ -216,7 +214,7 @@ class TokenProviderImpl implements Token
TokenInfo tokenInfo;
try {
-String tokenName = generateTokenName(creationTime);
+String tokenName = uuid;
tokenInfo = createTokenNode(tokenParent, tokenName,
expTime, uuid, id, attributes);
root.commit(CommitMarker.asCommitAttributes());
} catch (CommitFailedException e) {
@@ -327,13 +325,6 @@ class TokenProviderImpl implements Token
}
@Nonnull
-private static String generateTokenName(long creationTime) {
-Calendar creation = GregorianCalendar.getInstance();
-creation.setTimeInMillis(creationTime);
-return Text.replace(ISO8601.format(creation), ":", ".");
-}
-
-@Nonnull
private Tree getTokenTree(@Nonnull TokenInfoImpl tokenInfo) {
return root.getTree(tokenInfo.tokenPath);
}
Modified:
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java?rev=1815818=1815817=1815818=diff
==
---
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
Mon Nov 20 15:11:27 2017
@@ -411,21 +411,6 @@ public class TokenProviderImplTest exten
assertEquals(userId, info.getUserId());
}
-@Test
-public void testTokenNodeName() throws Exception {
-TokenInfo info = tokenProvider.createToken(userId,
Collections.<String, Object>emptyMap());
-Tree tokenTree = getTokenTree(info);
-
-// name must not be a uuid which is only used in case of conflict
during
-// creation which is not expected here.
-try {
-UUID.fromString(tokenTree.getName());
-fail("UUID-name should only be used in case of conflict");
-} catch (IllegalArgumentException e) {
-// success
-}
-}
-
//--
private static void assertTokenInfo(TokenInfo info, String userId) {
assertNotNull(info);
svn commit: r1815553 - /jackrabbit/oak/trunk/oak-auth-ldap/pom.xml
Author: stillalex Date: Fri Nov 17 07:47:28 2017 New Revision: 1815553 URL: http://svn.apache.org/viewvc?rev=1815553=rev Log: OAK-1588 Create more tests/validation to LDAP integration - reducing min coverage to .85 to see it if gets the builds passing again Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/pom.xml?rev=1815553=1815552=1815553=diff == --- jackrabbit/oak/trunk/oak-auth-ldap/pom.xml (original) +++ jackrabbit/oak/trunk/oak-auth-ldap/pom.xml Fri Nov 17 07:47:28 2017 @@ -35,7 +35,7 @@ 2.0.0-M24 false -0.86 +0.85
svn commit: r1815457 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/Jcr.java
Author: stillalex
Date: Thu Nov 16 14:18:16 2017
New Revision: 1815457
URL: http://svn.apache.org/viewvc?rev=1815457=rev
Log:
OAK-6826 Refactor Jcr class to remove dependency on o.a.j.oak.plugins.index
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java
jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/Jcr.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java?rev=1815457=1815456=1815457=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java
Thu Nov 16 14:18:16 2017
@@ -51,6 +51,7 @@ import javax.security.auth.login.LoginEx
import com.google.common.base.Function;
import com.google.common.base.Supplier;
+import com.google.common.collect.ImmutableList;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import com.google.common.io.Closer;
@@ -68,20 +69,35 @@ import org.apache.jackrabbit.oak.core.Co
import org.apache.jackrabbit.oak.management.RepositoryManager;
import org.apache.jackrabbit.oak.plugins.atomic.AtomicCounterEditorProvider;
import org.apache.jackrabbit.oak.plugins.commit.ConflictHook;
+import org.apache.jackrabbit.oak.plugins.commit.ConflictValidatorProvider;
import org.apache.jackrabbit.oak.plugins.index.AsyncIndexUpdate;
import org.apache.jackrabbit.oak.plugins.index.CompositeIndexEditorProvider;
import org.apache.jackrabbit.oak.plugins.index.IndexConstants;
import org.apache.jackrabbit.oak.plugins.index.IndexEditorProvider;
import org.apache.jackrabbit.oak.plugins.index.IndexMBeanRegistration;
import org.apache.jackrabbit.oak.plugins.index.IndexUpdateProvider;
+import
org.apache.jackrabbit.oak.plugins.index.counter.NodeCounterEditorProvider;
import org.apache.jackrabbit.oak.plugins.index.counter.jmx.NodeCounter;
import org.apache.jackrabbit.oak.plugins.index.counter.jmx.NodeCounterMBean;
import org.apache.jackrabbit.oak.plugins.index.counter.jmx.NodeCounterOld;
+import org.apache.jackrabbit.oak.plugins.index.nodetype.NodeTypeIndexProvider;
+import
org.apache.jackrabbit.oak.plugins.index.property.OrderedPropertyIndexEditorProvider;
+import
org.apache.jackrabbit.oak.plugins.index.property.PropertyIndexEditorProvider;
+import org.apache.jackrabbit.oak.plugins.index.property.PropertyIndexProvider;
import
org.apache.jackrabbit.oak.plugins.index.property.jmx.PropertyIndexAsyncReindex;
import
org.apache.jackrabbit.oak.plugins.index.property.jmx.PropertyIndexAsyncReindexMBean;
+import
org.apache.jackrabbit.oak.plugins.index.reference.ReferenceEditorProvider;
+import
org.apache.jackrabbit.oak.plugins.index.reference.ReferenceIndexProvider;
+import org.apache.jackrabbit.oak.plugins.itemsave.ItemSaveValidatorProvider;
import org.apache.jackrabbit.oak.plugins.memory.MemoryNodeStore;
+import org.apache.jackrabbit.oak.plugins.name.NameValidatorProvider;
+import org.apache.jackrabbit.oak.plugins.name.NamespaceEditorProvider;
+import org.apache.jackrabbit.oak.plugins.nodetype.TypeEditorProvider;
+import org.apache.jackrabbit.oak.plugins.observation.ChangeCollectorProvider;
+import org.apache.jackrabbit.oak.plugins.version.VersionHook;
import org.apache.jackrabbit.oak.query.QueryEngineSettings;
import org.apache.jackrabbit.oak.query.stats.QueryStatsMBean;
+import org.apache.jackrabbit.oak.security.SecurityProviderImpl;
import org.apache.jackrabbit.oak.spi.commit.CompositeConflictHandler;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
import org.apache.jackrabbit.oak.spi.commit.CommitInfo;
@@ -915,4 +931,55 @@ public class Oak {
return settings.toString();
}
}
+
+public static class OakDefaultComponents {
+
+public static final OakDefaultComponents INSTANCE = new
OakDefaultComponents();
+
+private final Iterable commitHooks = ImmutableList.of(new
VersionHook());
+
+private final Iterable repositoryInitializers
= ImmutableList
+.of(new InitialContent());
+
+private final Iterable editorProviders =
ImmutableList.of(
+new ItemSaveValidatorProvider(), new NameValidatorProvider(),
new NamespaceEditorProvider(),
+new TypeEditorProvider(), new ConflictValidatorProvider(), new
ChangeCollectorProvider());
+
+private final Iterable indexEditorProviders =
ImmutableList.of(
+new ReferenceEditorProvider(), new
PropertyIndexEditorProvider(), new NodeCounterEditorProvider(),
+new OrderedPropertyIndexEditorProvider());
+
+private final Iterable queryIndexProviders =
ImmutableList
+.of(new ReferenceIndexProvider(), new
svn commit: r1812639 - /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java
Author: stillalex
Date: Thu Oct 19 13:07:44 2017
New Revision: 1812639
URL: http://svn.apache.org/viewvc?rev=1812639=rev
Log:
OAK-6834 Make TypeEditor publically accessible and allow pluggable constraint
violation handling
- fixed javadocs
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java?rev=1812639=1812638=1812639=diff
==
---
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java
(original)
+++
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/TypeEditor.java
Thu Oct 19 13:07:44 2017
@@ -82,7 +82,7 @@ public class TypeEditor extends DefaultE
/**
* Invoked whenever a constraint violation is detected.
*
- * Implementors may choose to throw a {@link
#CommitFailedException} or to handle the error
+ * Implementors may choose to throw a {@link
org.apache.jackrabbit.oak.api.CommitFailedException} or to handle the error
* internally, for instance by logging.
*
* Implementors may not throw other exception types from
this method.
@@ -90,8 +90,8 @@ public class TypeEditor extends DefaultE
* @param path the path where the constraint violation was detected
* @param nodeTypeNames the node type names of the node
* @param code the error code
- * @param message the descriptive error mesage
- * @throws CommitFailedException thrown when the implementation
decides to stop futher processing
+ * @param message the descriptive error message
+ * @throws CommitFailedException thrown when the implementation
decides to stop further processing
*
* @see TypeEditor#THROW_ON_CONSTRAINT_VIOLATION
* @see TypeEditor#WARN_ON_CONSTRAINT_VIOLATION
@@ -123,13 +123,13 @@ public class TypeEditor extends DefaultE
};
/**
- * Creates a new TypeEditor
+ * Creates a new TypeEditor instance
*
* @param callback the callback to use when a constraint violation is
found. The client must
* check the results of the callback invocations if the specified
callback does not
* immediately propagate constraint violations as checked exceptions.
* @param typesToCheck the types to check for. If null, this node
is checked. Otherwise
- * it is checked if its primary type or one of it's mixin types is
containd in this parameters
+ * it is checked if its primary type or one of it's mixin types is
contained in this parameters
* @param types the /jcr:system/jcr:nodeTypes node
* @param primary the node's primary type
* @param mixins the node's mixins
svn commit: r1812291 - /jackrabbit/oak/trunk/oak-lucene/pom.xml
Author: stillalex
Date: Mon Oct 16 12:55:56 2017
New Revision: 1812291
URL: http://svn.apache.org/viewvc?rev=1812291=rev
Log:
OAK-6780 Duplicated _exportcontents directive in oak-lucene's pom.xml
Modified:
jackrabbit/oak/trunk/oak-lucene/pom.xml
Modified: jackrabbit/oak/trunk/oak-lucene/pom.xml
URL:
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-lucene/pom.xml?rev=1812291=1812290=1812291=diff
==
--- jackrabbit/oak/trunk/oak-lucene/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-lucene/pom.xml Mon Oct 16 12:55:56 2017
@@ -113,9 +113,6 @@
org.apache.jackrabbit.oak.plugins.index.lucene.score,
org.apache.jackrabbit.oak.plugins.index.lucene.spi,
-<_exportcontents>
-org.apache.lucene.*;version=${lucene.version}
-
org.apache.lucene.sandbox.*;resolution:=optional,
!org.apache.lucene.*,
