dirkv 01/10/10 13:27:20
Modified: src/webdav/server/org/apache/slide/webdav/method
AclMethod.java
Log:
Fix bugs reported by Raj Kumar:
- The AclMethod is still allowing granting of privileges
PRIVILEGE_READ_REVISION_METADATA,
PRIVILEGE_READ_REVISION_CONTENT which are not present in the privileges set
returned by supported-privileges
(Only all,read,write,read-acl,write-acl are present).
- The aclmethod and the propfind methods still differ regarding their interpretation
of the write privilege.
The aclmethod for write privilege does not seem to be granting/denying
removeRevisionContent privilege in slide.
Revision Changes Path
1.12 +95 -146
jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/AclMethod.java
Index: AclMethod.java
===================================================================
RCS file:
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/AclMethod.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- AclMethod.java 2001/09/21 00:38:34 1.11
+++ AclMethod.java 2001/10/10 20:27:20 1.12
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/AclMethod.java,v
1.11 2001/09/21 00:38:34 dirkv Exp $
- * $Revision: 1.11 $
- * $Date: 2001/09/21 00:38:34 $
+ * $Header:
/home/cvs/jakarta-slide/src/webdav/server/org/apache/slide/webdav/method/AclMethod.java,v
1.12 2001/10/10 20:27:20 dirkv Exp $
+ * $Revision: 1.12 $
+ * $Date: 2001/10/10 20:27:20 $
*
* ====================================================================
*
@@ -257,121 +257,84 @@
switch (privilege) {
case PRIVILEGE_ALL:
- addPermission(principal, "/",
- negative, inheritable);
+ addPermission(principal, "/", negative, inheritable);
break;
case PRIVILEGE_READ:
- addPermission
- (principal,
- config.getReadObjectAction().getUri(),
- negative, inheritable);
- addPermission
- (principal,
- config.getReadRevisionMetadataAction()
- .getUri(),
- negative, inheritable);
- addPermission
- (principal,
- config.getReadRevisionContentAction()
- .getUri(),
- negative, inheritable);
- addPermission
- (principal,
- config.getReadLocksAction().getUri(),
- negative, inheritable);
+ addPermission(principal,
config.getReadObjectAction().getUri(),negative, inheritable);
+ addPermission(principal,
config.getReadLocksAction().getUri(), negative, inheritable);
+ addPermission(principal,
config.getReadRevisionMetadataAction().getUri(), negative, inheritable);
+ addPermission(principal,
config.getReadRevisionContentAction().getUri(), negative, inheritable);
break;
case PRIVILEGE_READ_OBJECT:
- addPermission
- (principal,
- config.getReadObjectAction().getUri(),
- negative, inheritable);
+ addPermission(principal,
config.getReadObjectAction().getUri(), negative, inheritable);
break;
+ case PRIVILEGE_READ_LOCKS:
+ addPermission(principal,
config.getReadLocksAction().getUri(), negative, inheritable);
+ break;
case PRIVILEGE_READ_REVISION_METADATA:
- addPermission
- (principal,
- config.getReadRevisionMetadataAction()
- .getUri(),
- negative, inheritable);
+ addPermission(principal,
config.getReadRevisionMetadataAction().getUri(), negative, inheritable);
break;
case PRIVILEGE_READ_REVISION_CONTENT:
- addPermission
- (principal,
- config.getReadRevisionContentAction()
- .getUri(),
- negative, inheritable);
+ addPermission(principal,
config.getReadRevisionContentAction().getUri(), negative, inheritable);
break;
+
case PRIVILEGE_WRITE:
- addPermission
- (principal,
- config.getCreateObjectAction().getUri(),
- negative, inheritable);
- addPermission
- (principal,
- config.getRemoveObjectAction().getUri(),
- negative, inheritable);
- addPermission
- (principal,
- config.getLockObjectAction().getUri(),
- negative, inheritable);
- addPermission
- (principal,
- config.getCreateRevisionMetadataAction()
- .getUri(),
- negative, inheritable);
- addPermission
- (principal,
- config.getModifyRevisionMetadataAction()
- .getUri(),
- negative, inheritable);
- addPermission
- (principal,
- config.getRemoveRevisionMetadataAction()
- .getUri(),
- negative, inheritable);
- addPermission
- (principal,
- config.getCreateRevisionContentAction()
- .getUri(),
- negative, inheritable);
- addPermission
- (principal,
- config.getModifyRevisionContentAction()
- .getUri(),
- negative, inheritable);
+ addPermission(principal,
config.getCreateObjectAction().getUri(), negative, inheritable);
+ addPermission(principal,
config.getRemoveObjectAction().getUri(), negative, inheritable);
+ addPermission(principal,
config.getLockObjectAction().getUri(), negative, inheritable);
+ addPermission(principal,
config.getCreateRevisionMetadataAction().getUri(), negative, inheritable);
+ addPermission(principal,
config.getModifyRevisionMetadataAction().getUri(), negative, inheritable);
+ addPermission(principal,
config.getRemoveRevisionMetadataAction().getUri(), negative, inheritable);
+ addPermission(principal,
config.getCreateRevisionContentAction().getUri(), negative, inheritable);
+ addPermission(principal,
config.getModifyRevisionContentAction().getUri(), negative, inheritable);
+ addPermission(principal,
config.getRemoveRevisionContentAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_CREATE_OBJECT:
+ addPermission(principal,
config.getCreateObjectAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_REMOVE_OBJECT:
+ addPermission(principal,
config.getRemoveObjectAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_LOCK_OBJECT:
+ addPermission(principal,
config.getLockObjectAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_CREATE_REVISION_METADATA:
+ addPermission(principal,
config.getCreateRevisionMetadataAction().getUri(), negative, inheritable);
break;
+ case PRIVILEGE_MODIFY_REVISION_METADATA:
+ addPermission(principal,
config.getModifyRevisionMetadataAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_REMOVE_REVISION_METADATA:
+ addPermission(principal,
config.getRemoveRevisionMetadataAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_CREATE_REVISION_CONTENT:
+ addPermission(principal,
config.getCreateRevisionContentAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_MODIFY_REVISION_CONTENT:
+ addPermission(principal,
config.getModifyRevisionContentAction().getUri(), negative, inheritable);
+ break;
+ case PRIVILEGE_REMOVE_REVISION_CONTENT:
+ addPermission(principal,
config.getRemoveRevisionContentAction().getUri(), negative, inheritable);
+ break;
+
case PRIVILEGE_READ_ACL:
- addPermission
- (principal,
- config.getReadPermissionsAction().getUri(),
- negative, inheritable);
+ addPermission(principal,
config.getReadPermissionsAction().getUri(), negative, inheritable);
break;
+
case PRIVILEGE_WRITE_ACL:
- addPermission
- (principal,
- config.getGrantPermissionAction().getUri(),
- negative, inheritable);
- addPermission
- (principal,
- config.getRevokePermissionAction().getUri(),
- negative, inheritable);
+ addPermission(principal,
config.getGrantPermissionAction().getUri(), negative, inheritable);
+ addPermission(principal,
config.getRevokePermissionAction().getUri(), negative, inheritable);
break;
case PRIVILEGE_GRANT_PERMISSION:
- addPermission
- (principal,
- config.getGrantPermissionAction().getUri(),
- negative, inheritable);
+ addPermission(principal,
config.getGrantPermissionAction().getUri(), negative, inheritable);
break;
case PRIVILEGE_REVOKE_PERMISSION:
- addPermission
- (principal,
- config.getRevokePermissionAction().getUri(),
- negative, inheritable);
+ addPermission (principal,
config.getRevokePermissionAction().getUri(), negative, inheritable);
break;
default:
- // FIXME: ignore the other permissions ???
- // System.out.println("Error: Unknown internal privilege
code !!!");
- // resp.setStatus(WebdavStatus.SC_INTERNAL_SERVER_ERROR);
- // throw new
WebdavException(WebdavStatus.SC_INTERNAL_SERVER_ERROR);
+ System.out.println("Error: Unknown internal privilege
code !!!");
+ resp.setStatus(WebdavStatus.SC_INTERNAL_SERVER_ERROR);
+ throw new
WebdavException(WebdavStatus.SC_INTERNAL_SERVER_ERROR);
}
}
}
@@ -476,58 +439,44 @@
if (hasChild(privilege, NodeProperty.DEFAULT_NAMESPACE, "all")) {
return PRIVILEGE_ALL;
- } else if (hasChild(privilege, NodeProperty.DEFAULT_NAMESPACE,
- "read")) {
+ } else if (hasChild(privilege, NodeProperty.DEFAULT_NAMESPACE, "read")) {
return PRIVILEGE_READ;
- } else if (hasChild(privilege, NodeProperty.DEFAULT_NAMESPACE,
- "write")) {
+ } else if (hasChild(privilege, NodeProperty.DEFAULT_NAMESPACE, "write")) {
return PRIVILEGE_WRITE;
- } else if (hasChild(privilege, NodeProperty.DEFAULT_NAMESPACE,
- "read-acl")) {
+ } else if (hasChild(privilege, NodeProperty.DEFAULT_NAMESPACE, "read-acl"))
{
return PRIVILEGE_READ_ACL;
- } else if (hasChild(privilege, NodeProperty.DEFAULT_NAMESPACE,
- "write-acl")) {
+ } else if (hasChild(privilege, NodeProperty.DEFAULT_NAMESPACE,
"write-acl")) {
return PRIVILEGE_WRITE_ACL;
- } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-object")) {
- return PRIVILEGE_READ_OBJECT;
- } else if (hasChild(privilege, SLIDE_NAMESPACE,
- "read-revision-metadata")) {
- return PRIVILEGE_READ_REVISION_METADATA;
- } else if (hasChild(privilege, SLIDE_NAMESPACE,
- "read-revision-content")) {
- return PRIVILEGE_READ_REVISION_CONTENT;
- } else if (hasChild(privilege, SLIDE_NAMESPACE, "create-object")) {
- return PRIVILEGE_CREATE_OBJECT;
- } else if (hasChild(privilege, SLIDE_NAMESPACE, "remove-object")) {
- return PRIVILEGE_REMOVE_OBJECT;
- } else if (hasChild(privilege, SLIDE_NAMESPACE, "lock-object")) {
- return PRIVILEGE_LOCK_OBJECT;
- } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-locks")) {
- return PRIVILEGE_READ_LOCKS;
- } else if (hasChild(privilege, SLIDE_NAMESPACE,
- "create-revision-metadata")) {
- return PRIVILEGE_CREATE_REVISION_METADATA;
- } else if (hasChild(privilege, SLIDE_NAMESPACE,
- "modify-revision-metadata")) {
- return PRIVILEGE_MODIFY_REVISION_METADATA;
- } else if (hasChild(privilege, SLIDE_NAMESPACE,
- "remove-revision-metadata")) {
- return PRIVILEGE_REMOVE_REVISION_METADATA;
- } else if (hasChild(privilege, SLIDE_NAMESPACE,
- "create-revision-content")) {
- return PRIVILEGE_CREATE_REVISION_CONTENT;
- } else if (hasChild(privilege, SLIDE_NAMESPACE,
- "modify-revision-content")) {
- return PRIVILEGE_MODIFY_REVISION_CONTENT;
- } else if (hasChild(privilege, SLIDE_NAMESPACE,
- "remove-revision-content")) {
- return PRIVILEGE_REMOVE_REVISION_CONTENT;
- } else if (hasChild(privilege, SLIDE_NAMESPACE,
- "grant-permission")) {
- return PRIVILEGE_GRANT_PERMISSION;
- } else if (hasChild(privilege, SLIDE_NAMESPACE,
- "revoke-permission")) {
- return PRIVILEGE_REVOKE_PERMISSION;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-object")) {
+// return PRIVILEGE_READ_OBJECT;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE,
"read-revision-metadata")) {
+// return PRIVILEGE_READ_REVISION_METADATA;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-revision-content"))
{
+// return PRIVILEGE_READ_REVISION_CONTENT;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE, "create-object")) {
+// return PRIVILEGE_CREATE_OBJECT;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE, "remove-object")) {
+// return PRIVILEGE_REMOVE_OBJECT;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE, "lock-object")) {
+// return PRIVILEGE_LOCK_OBJECT;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE, "read-locks")) {
+// return PRIVILEGE_READ_LOCKS;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE,
"create-revision-metadata")) {
+// return PRIVILEGE_CREATE_REVISION_METADATA;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE,
"modify-revision-metadata")) {
+// return PRIVILEGE_MODIFY_REVISION_METADATA;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE,
"remove-revision-metadata")) {
+// return PRIVILEGE_REMOVE_REVISION_METADATA;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE,
"create-revision-content")) {
+// return PRIVILEGE_CREATE_REVISION_CONTENT;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE,
"modify-revision-content")) {
+// return PRIVILEGE_MODIFY_REVISION_CONTENT;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE,
"remove-revision-content")) {
+// return PRIVILEGE_REMOVE_REVISION_CONTENT;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE, "grant-permission")) {
+// return PRIVILEGE_GRANT_PERMISSION;
+// } else if (hasChild(privilege, SLIDE_NAMESPACE, "revoke-permission")) {
+// return PRIVILEGE_REVOKE_PERMISSION;
} else {
System.err.println("Error: Unknown privilege !!!");
throw new WebdavException(WebdavStatus.SC_BAD_REQUEST);
