Examples of PrivilegeBits

org.apache.jackrabbit.core.security.authorization.PrivilegeBits
PrivilegeBits
org.apache.jackrabbit.oak.security.privilege.PrivilegeBits
{@code PrivilegeBits} TODO
org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits
Internal representation of JCR privileges.

Examples of org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits

                }


                // update the privilege bits of the jcr:all in case the new
                // privilege isn't an aggregate
                if (!after.hasProperty(REP_AGGREGATES)) {
                    PrivilegeBits bits = PrivilegeBits.getInstance(after.getProperty(REP_BITS));
                    PrivilegeBits all = PrivilegeBits.getInstance(jcrAll.getProperty(REP_BITS));
                    jcrAll.setProperty(PrivilegeBits.getInstance(all).add(bits).asPropertyState(REP_BITS));
                }
            }
            return true;
        }

View Full Code Here

Examples of org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits

                return (ace != null) && ace.getPrincipal().equals(principal);
            }
        }));


        for (ACE existing : subList) {
            PrivilegeBits existingBits = PrivilegeBits.getInstance(existing.getPrivilegeBits());
            PrivilegeBits entryBits = entry.getPrivilegeBits();
            if (entry.getRestrictions().equals(existing.getRestrictions())) {
                if (entry.isAllow() == existing.isAllow()) {
                    if (existingBits.includes(entryBits)) {
                        // no changes
                        return false;
                    } else {
                        // merge existing and new ace
                        existingBits.add(entryBits);
                        int index = entries.indexOf(existing);
                        entries.remove(existing);
                        entries.add(index, createACE(existing, existingBits));
                        return true;
                    }
                } else {
                    // existing is complementary entry -> clean up redundant
                    // privileges defined by the existing entry
                    PrivilegeBits updated = PrivilegeBits.getInstance(existingBits).diff(entryBits);
                    if (updated.isEmpty()) {
                        // remove the existing entry as the new entry covers all privileges
                        entries.remove(existing);
                    } else if (!updated.includes(existingBits)) {
                        // replace the existing entry having it's privileges adjusted
                        int index = entries.indexOf(existing);
                        entries.remove(existing);
                        entries.add(index, createACE(existing, updated));
                    } /* else: no collision that requires adjusting the existing entry.*/

View Full Code Here

Examples of org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits


    @Test
    public void testGetPrivilegeBits() throws RepositoryException {
        ACE entry = createEntry(new String[]{PrivilegeConstants.JCR_READ}, true);


        PrivilegeBits bits = entry.getPrivilegeBits();
        assertNotNull(bits);
        assertEquals(bits, getBitsProvider().getBits(PrivilegeConstants.JCR_READ));


        entry = createEntry(new String[]{PrivilegeConstants.REP_WRITE}, true);
        bits = entry.getPrivilegeBits();
        assertNotNull(bits);
        assertEquals(bits, getBitsProvider().getBits(PrivilegeConstants.REP_WRITE));


        entry = createEntry(new String[]{PrivilegeConstants.JCR_ADD_CHILD_NODES,
                PrivilegeConstants.JCR_REMOVE_CHILD_NODES}, true);
        bits = entry.getPrivilegeBits();
        assertNotNull(bits);


        PrivilegeBits expected = getBitsProvider().getBits(
                PrivilegeConstants.JCR_ADD_CHILD_NODES,
                PrivilegeConstants.JCR_REMOVE_CHILD_NODES);
        assertEquals(expected, bits);
    }

View Full Code Here

Examples of org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits

        setupPermission(principal, path, false, index, privilegeNames, restrictions);
    }


    private void setupPermission(Principal principal, String path, boolean isAllow,
                                 int index, String[] privilegeName, Set<Restriction> restrictions) throws CommitFailedException {
        PrivilegeBits pb = pbp.getBits(privilegeName);
        String name = PathUtils.getDepth(path) + "_" + Objects.hashCode(path, principal, index, pb, isAllow, restrictions);
        Tree principalRoot = root.getTree(PERMISSIONS_STORE_PATH + '/' + principal.getName());
        Tree entry = principalRoot.addChild(name);
        entry.setProperty(JCR_PRIMARYTYPE, NT_REP_PERMISSIONS);
        entry.setProperty(REP_ACCESS_CONTROLLED_PATH, path);
        entry.setProperty(REP_IS_ALLOW, isAllow);
        entry.setProperty(REP_INDEX, index);
        entry.setProperty(pb.asPropertyState(REP_PRIVILEGE_BITS));
        for (Restriction restriction : restrictions) {
            entry.setProperty(restriction.getProperty());
        }
        root.commit();
    }

View Full Code Here

Examples of org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits

        return next;
    }


    @Nonnull
    private PrivilegeBits next() {
        PrivilegeBits bits = next;
        next = bits.nextBits();
        return bits;
    }

View Full Code Here

Examples of org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits

        boolean isAggregate = declAggrNames.length > 0;
        if (isAggregate) {
            privNode.setNames(REP_AGGREGATES, declAggrNames);
        }


        PrivilegeBits bits;
        if (PrivilegeBits.BUILT_IN.containsKey(name)) {
            bits = PrivilegeBits.BUILT_IN.get(name);
        } else if (isAggregate) {
            bits = bitsMgr.getBits(declAggrNames);
        } else {
            bits = next();
        }
        bits.writeTo(privNode.getTree());
    }

View Full Code Here

Examples of org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits

                Permissions.includes(permissions, Permissions.MODIFY_CHILD_NODE_COLLECTION));


        long allows = (isReadable) ? Permissions.READ : Permissions.NO_PERMISSION;
        long denies = Permissions.NO_PERMISSION;


        PrivilegeBits allowBits = PrivilegeBits.getInstance();
        if (isReadable) {
            allowBits.add(bitsProvider.getBits(PrivilegeConstants.JCR_READ));
        }
        PrivilegeBits denyBits = PrivilegeBits.getInstance();
        PrivilegeBits parentAllowBits;
        PrivilegeBits parentDenyBits;
        String parentPath = null;


        if (respectParent) {
            parentAllowBits = PrivilegeBits.getInstance();
            parentDenyBits = PrivilegeBits.getInstance();
            if (path != null || tree != null) {
                parentPath = PermissionUtil.getParentPathOrNull((path != null) ? path : tree.getPath());
            }
        } else {
            parentAllowBits = PrivilegeBits.EMPTY;
            parentDenyBits = PrivilegeBits.EMPTY;
            parentPath = null;
        }


        while (entries.hasNext()) {
            PermissionEntry entry = entries.next();
            if (respectParent && (parentPath != null)) {
                boolean matchesParent = entry.matchesParent(parentPath);
                if (matchesParent) {
                    if (entry.isAllow) {
                        parentAllowBits.addDifference(entry.privilegeBits, parentDenyBits);
                    } else {
                        parentDenyBits.addDifference(entry.privilegeBits, parentAllowBits);
                    }
                }
            }


            if (entry.isAllow) {

View Full Code Here

Examples of org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits

    @Nonnull
    private PrivilegeBits getPrivilegeBits(@Nullable Tree tree) {
        EntryPredicate pred = (tree == null) ? new EntryPredicate() : new EntryPredicate(tree, null);
        Iterator<PermissionEntry> entries = getEntryIterator(pred);


        PrivilegeBits allowBits = PrivilegeBits.getInstance();
        PrivilegeBits denyBits = PrivilegeBits.getInstance();


        while (entries.hasNext()) {
            PermissionEntry entry = entries.next();
            if (entry.isAllow) {
                allowBits.addDifference(entry.privilegeBits, denyBits);
            } else {
                denyBits.addDifference(entry.privilegeBits, allowBits);
            }
        }


        // special handling for paths that are always readable
        if (isReadablePath(tree, null)) {

View Full Code Here

Examples of org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits

        return new TestACE(principal, getBitsProvider().getBits(privilegeNames), isAllow, restrictions);
    }


    protected ACE createEntry(Principal principal, Privilege[] privileges, boolean isAllow)
            throws RepositoryException {
        PrivilegeBits bits = getBitsProvider().getBits(privileges, getNamePathMapper());
        return new TestACE(principal, bits, isAllow, null);
    }

View Full Code Here

Examples of org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits

    private void copyPrivileges(NodeBuilder root) throws RepositoryException {
        PrivilegeRegistry registry = source.getPrivilegeRegistry();
        NodeBuilder privileges = root.child(JCR_SYSTEM).child(REP_PRIVILEGES);
        privileges.setProperty(JCR_PRIMARYTYPE, NT_REP_PRIVILEGES, NAME);


        PrivilegeBits next = PrivilegeBits.NEXT_AFTER_BUILT_INS;


        logger.info("Copying registered privileges");
        for (Privilege privilege : registry.getRegisteredPrivileges()) {
            String name = privilege.getName();
            NodeBuilder def = privileges.child(name);
            def.setProperty(JCR_PRIMARYTYPE, NT_REP_PRIVILEGE, NAME);


            if (privilege.isAbstract()) {
                def.setProperty(REP_IS_ABSTRACT, true);
            }


            Privilege[] aggregate = privilege.getDeclaredAggregatePrivileges();
            if (aggregate.length > 0) {
                List<String> names = newArrayListWithCapacity(aggregate.length);
                for (Privilege p : aggregate) {
                    names.add(p.getName());
                }
                def.setProperty(REP_AGGREGATES, names, NAMES);
            }


            PrivilegeBits bits = PrivilegeBits.BUILT_IN.get(name);
            if (bits != null) {
                def.setProperty(bits.asPropertyState(REP_BITS));
            } else if (aggregate.length == 0) {
                bits = next;
                next = next.nextBits();
                def.setProperty(bits.asPropertyState(REP_BITS));
            }
        }


        privileges.setProperty(next.asPropertyState(REP_NEXT));

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.