dirkv 01/07/18 06:18:18
Modified: src/webdav/server/org/apache/slide/webdav/method
PropFindMethod.java
Log:
combine multiple privileges into one ACE
Revision Changes Path
1.29 +95 -64
jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PropFindMethod.java
Index: PropFindMethod.java
===================================================================
RCS file:
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PropFindMethod.java,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- PropFindMethod.java 2001/07/13 10:51:31 1.28
+++ PropFindMethod.java 2001/07/18 13:18:18 1.29
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PropFindMethod.java,v
1.28 2001/07/13 10:51:31 dirkv Exp $
- * $Revision: 1.28 $
- * $Date: 2001/07/13 10:51:31 $
+ * $Header:
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/PropFindMethod.java,v
1.29 2001/07/18 13:18:18 dirkv Exp $
+ * $Revision: 1.29 $
+ * $Date: 2001/07/18 13:18:18 $
*
* ====================================================================
*
@@ -1290,95 +1290,126 @@
ObjectNode current = object;
boolean inheritedPermissions = false;
-
+ Vector permissions = new Vector();
+
while (current != null) {
try {
-
- Enumeration aclList = security.enumeratePermissions
- (slideToken, current);
-
+ // put all permissions in a list
+ permissions.clear();
+ Enumeration aclList = security.enumeratePermissions(slideToken,
current);
while (aclList.hasMoreElements()) {
- NodePermission permission = (NodePermission)
- aclList.nextElement();
+ NodePermission permission = (NodePermission)
aclList.nextElement();
// if we are processing inheritedPermissions (from parent and
up)
// then the permission should be inheritable
if (inheritedPermissions && !permission.isInheritable()) {
- // continue with next permission
- continue;
+ // continue with next permission
+ continue;
}
-
- String principal = permission.getSubjectUri();
-
- String action = permission.getActionUri();
+ permissions.add(permission);
+ }
+
+ // start combining and writing the permissions
+ while (permissions.size()>0) {
+
+ NodePermission permission = (NodePermission) permissions.get(0);
+ permissions.remove(0);
+ String principal = permission.getSubjectUri();
+ boolean negative = permission.isNegative();
+
+ String action = permission.getActionUri();
+
// read
- boolean isReadObject = readObjectUri.startsWith(action);
- boolean isReadLocks = readLocksUri.startsWith(action);
- boolean isReadRevisionMetadata =
- readRevisionMetadataUri.startsWith(action);
- boolean isReadRevisionContent =
- readRevisionContentUri.startsWith(action);
-
- boolean isRead = isReadObject && isReadLocks
- && isReadRevisionMetadata &&
isReadRevisionContent;
+ boolean isReadObject =
readObjectUri.startsWith(action);
+ boolean isReadLocks =
readLocksUri.startsWith(action);
+ boolean isReadRevisionMetadata =
readRevisionMetadataUri.startsWith(action);
+ boolean isReadRevisionContent =
readRevisionContentUri.startsWith(action);
// write
- boolean isCreateObject =
- createObjectUri.startsWith(action);
- boolean isRemoveObject =
- removeObjectUri.startsWith(action);
- boolean isLockObject = lockObjectUri.startsWith(action);
- boolean isCreateRevisionMetadata =
- createRevisionMetadataUri.startsWith(action);
- boolean isModifyRevisionMetadata =
- modifyRevisionMetadataUri.startsWith(action);
- boolean isRemoveRevisionMetadata =
- removeRevisionMetadataUri.startsWith(action);
- boolean isCreateRevisionContent =
- createRevisionContentUri.startsWith(action);
- boolean isModifyRevisionContent =
- modifyRevisionContentUri.startsWith(action);
- boolean isRemoveRevisionContent =
- removeRevisionContentUri.startsWith(action);
-
- boolean isWrite = isCreateObject && isRemoveObject
- && isLockObject
- && isCreateRevisionMetadata
- && isModifyRevisionMetadata && isRemoveRevisionMetadata
- && isCreateRevisionContent && isModifyRevisionContent
- && isRemoveRevisionContent;
+ boolean isCreateObject =
createObjectUri.startsWith(action);
+ boolean isRemoveObject =
removeObjectUri.startsWith(action);
+ boolean isLockObject =
lockObjectUri.startsWith(action);
+ boolean isCreateRevisionMetadata =
createRevisionMetadataUri.startsWith(action);
+ boolean isModifyRevisionMetadata =
modifyRevisionMetadataUri.startsWith(action);
+ boolean isRemoveRevisionMetadata =
removeRevisionMetadataUri.startsWith(action);
+ boolean isCreateRevisionContent =
createRevisionContentUri.startsWith(action);
+ boolean isModifyRevisionContent =
modifyRevisionContentUri.startsWith(action);
+ boolean isRemoveRevisionContent =
removeRevisionContentUri.startsWith(action);
//read-acl
- boolean isReadPermissions =
- readPermissionsUri.startsWith(action);
+ boolean isReadPermissions =
readPermissionsUri.startsWith(action);
+
+ // write-acl
+ boolean isGrantPermission =
grantPermissionUri.startsWith(action);
+ boolean isRevokePermission =
revokePermissionUri.startsWith(action);
+
+ // check the other permissions to combine them
+ // (if they are for the same principal/negative)
+ for (int i=0; i<permissions.size() ; i++)
+ {
+ NodePermission otherPermission = (NodePermission)
permissions.get(i);
+ if (principal.equals(otherPermission.getSubjectUri()) &&
(negative==otherPermission.isNegative()))
+ {
+ permissions.remove(i);
+ i--; // because we removed the current one
+
+ action = otherPermission.getActionUri();
+
+ // read
+ isReadObject |=
readObjectUri.startsWith(action);
+ isReadLocks |=
readLocksUri.startsWith(action);
+ isReadRevisionMetadata |=
readRevisionMetadataUri.startsWith(action);
+ isReadRevisionContent |=
readRevisionContentUri.startsWith(action);
+
+ // write
+ isCreateObject |=
createObjectUri.startsWith(action);
+ isRemoveObject |=
removeObjectUri.startsWith(action);
+ isLockObject |=
lockObjectUri.startsWith(action);
+ isCreateRevisionMetadata |=
createRevisionMetadataUri.startsWith(action);
+ isModifyRevisionMetadata |=
modifyRevisionMetadataUri.startsWith(action);
+ isRemoveRevisionMetadata |=
removeRevisionMetadataUri.startsWith(action);
+ isCreateRevisionContent |=
createRevisionContentUri.startsWith(action);
+ isModifyRevisionContent |=
modifyRevisionContentUri.startsWith(action);
+ isRemoveRevisionContent |=
removeRevisionContentUri.startsWith(action);
+
+ //read-acl
+ isReadPermissions |=
readPermissionsUri.startsWith(action);
+
+ // write-acl
+ isGrantPermission |=
grantPermissionUri.startsWith(action);
+ isRevokePermission |=
revokePermissionUri.startsWith(action);
+ }
+ }
+ // WebDAV privileges
+ boolean isRead = isReadObject && isReadLocks &&
+ isReadRevisionMetadata &&
isReadRevisionContent;
+
+ boolean isWrite = isCreateObject && isRemoveObject &&
isLockObject &&
+ isCreateRevisionMetadata &&
isModifyRevisionMetadata &&
+ isRemoveRevisionMetadata &&
+ isCreateRevisionContent &&
isModifyRevisionContent &&
+ isRemoveRevisionContent;
+
boolean isReadAcl = isReadPermissions;
- // write-acl
- boolean isGrantPermission =
- grantPermissionUri.startsWith(action);
- boolean isRevokePermission =
- revokePermissionUri.startsWith(action);
+ boolean isWriteAcl = isGrantPermission && isRevokePermission;
- boolean isWriteAcl =
- isGrantPermission && isRevokePermission;
+ boolean isAll = isRead && isWrite && isReadAcl && isWriteAcl;
- boolean isAll = isRead && isWrite && isReadAcl
- && isWriteAcl;
+ // start generating XML
generatedXML.writeElement(null, ACE, XMLPrinter.OPENING);
writePrincipal(generatedXML, principal);
if (permission.isNegative()) {
- generatedXML.writeElement(null, DENY,
- XMLPrinter.OPENING);
+ generatedXML.writeElement(null, DENY, XMLPrinter.OPENING);
} else {
- generatedXML.writeElement(null, GRANT,
- XMLPrinter.OPENING);
+ generatedXML.writeElement(null, GRANT, XMLPrinter.OPENING);
}
if (isAll) {
