Search in sources :

Example 86 with Nonnull

use of javax.annotation.Nonnull in project jackrabbit-oak by apache.

the class AccessControlManagerImplTest method setupPolicy.

@Nonnull
private ACL setupPolicy(@Nullable String path, @Nullable Privilege... privileges) throws RepositoryException {
    Privilege[] privs = (privileges == null || privileges.length == 0) ? testPrivileges : privileges;
    ACL policy = getApplicablePolicy(path);
    if (path == null) {
        policy.addAccessControlEntry(testPrincipal, privs);
    } else {
        policy.addEntry(testPrincipal, privs, true, getGlobRestriction("*"));
    }
    acMgr.setPolicy(path, policy);
    return policy;
}
Also used : TestACL(org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.TestACL) Privilege(javax.jcr.security.Privilege) Nonnull(javax.annotation.Nonnull)

Example 87 with Nonnull

use of javax.annotation.Nonnull in project jackrabbit-oak by apache.

the class LdapIdentityProvider method createUser.

@Nonnull
private ExternalUser createUser(@Nonnull Entry entry, @CheckForNull String id) throws LdapInvalidAttributeValueException {
    ExternalIdentityRef ref = new ExternalIdentityRef(entry.getDn().getName(), this.getName());
    if (id == null) {
        String idAttribute = config.getUserConfig().getIdAttribute();
        Attribute attr = entry.get(idAttribute);
        if (attr == null) {
            throw new LdapInvalidAttributeValueException(ResultCodeEnum.CONSTRAINT_VIOLATION, "no value found for attribute '" + idAttribute + "' for entry " + entry);
        }
        id = attr.getString();
    }
    String path = config.getUserConfig().makeDnPath() ? createDNPath(entry.getDn()) : null;
    LdapUser user = new LdapUser(this, ref, id, path);
    Map<String, Object> props = user.getProperties();
    applyAttributes(props, entry);
    return user;
}
Also used : ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) Attribute(org.apache.directory.api.ldap.model.entry.Attribute) LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException) Nonnull(javax.annotation.Nonnull)

Example 88 with Nonnull

use of javax.annotation.Nonnull in project jackrabbit-oak by apache.

the class LdapIdentityProvider method createGroup.

@Nonnull
private ExternalGroup createGroup(@Nonnull Entry entry, @CheckForNull String name) throws LdapInvalidAttributeValueException {
    ExternalIdentityRef ref = new ExternalIdentityRef(entry.getDn().getName(), this.getName());
    if (name == null) {
        String idAttribute = config.getGroupConfig().getIdAttribute();
        Attribute attr = entry.get(idAttribute);
        if (attr == null) {
            throw new LdapInvalidAttributeValueException(ResultCodeEnum.CONSTRAINT_VIOLATION, "no value found for attribute '" + idAttribute + "' for entry " + entry);
        }
        name = attr.getString();
    }
    String path = config.getGroupConfig().makeDnPath() ? createDNPath(entry.getDn()) : null;
    LdapGroup group = new LdapGroup(this, ref, name, path);
    Map<String, Object> props = group.getProperties();
    applyAttributes(props, entry);
    return group;
}
Also used : ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) Attribute(org.apache.directory.api.ldap.model.entry.Attribute) LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException) Nonnull(javax.annotation.Nonnull)

Example 89 with Nonnull

use of javax.annotation.Nonnull in project jackrabbit-oak by apache.

the class CugPermissionProvider method getTreePermission.

@Nonnull
public TreePermission getTreePermission(@Nonnull Tree immutableTree, @Nonnull TreeType type, @Nonnull TreePermission parentPermission) {
    if (!isSupportedType(type) || !topPaths.hasAny()) {
        return TreePermission.NO_RECOURSE;
    }
    TreePermission tp;
    boolean parentIsCugPermission = (parentPermission instanceof CugTreePermission);
    if (TreeType.VERSION == type) {
        tp = createVersionPermission(immutableTree, type, parentPermission, parentIsCugPermission);
    } else {
        if (parentIsCugPermission) {
            tp = new CugTreePermission(immutableTree, type, parentPermission, this);
        } else {
            String path = immutableTree.getPath();
            if (includes(path)) {
                if (topPaths.contains(path)) {
                    tp = new CugTreePermission(immutableTree, type, parentPermission, this);
                } else {
                    tp = TreePermission.NO_RECOURSE;
                }
            } else if (mayContain(path) || isJcrSystemPath(immutableTree)) {
                tp = new EmptyCugTreePermission(immutableTree, type, this);
            } else {
                tp = TreePermission.NO_RECOURSE;
            }
        }
    }
    return tp;
}
Also used : TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission) Nonnull(javax.annotation.Nonnull)

Example 90 with Nonnull

use of javax.annotation.Nonnull in project jackrabbit-oak by apache.

the class CugPermissionProvider method createVersionPermission.

@Nonnull
private TreePermission createVersionPermission(@Nonnull Tree tree, @Nonnull TreeType type, @Nonnull TreePermission parent, boolean parentIsCugPermission) {
    if (ReadOnlyVersionManager.isVersionStoreTree(tree)) {
        if (parentIsCugPermission) {
            return new CugTreePermission(tree, type, parent, this);
        } else {
            return new EmptyCugTreePermission(tree, type, this);
        }
    } else {
        Tree versionableTree = getVersionManager().getVersionable(tree, workspaceName);
        if (versionableTree == null) {
            return TreePermission.NO_RECOURSE;
        }
        TreeType versionableType = typeProvider.getType(versionableTree);
        if (!isSupportedType(versionableType)) {
            return TreePermission.NO_RECOURSE;
        }
        String path = versionableTree.getPath();
        boolean isSupportedPath = false;
        // test if the versionable node holds a cug
        Tree cug = null;
        if (parentIsCugPermission) {
            cug = CugUtil.getCug(versionableTree);
        } else if (includes(path)) {
            isSupportedPath = true;
            // the versionable tree might be included in a cug defined by
            // a parent node -> need to search for inherited cugs as well.
            Tree cugRoot = getCugRoot(versionableTree, versionableType);
            if (cugRoot != null) {
                cug = CugUtil.getCug(cugRoot);
            }
        }
        TreePermission tp;
        if (cug != null) {
            // backing versionable tree holds a cug
            tp = new CugTreePermission(tree, type, parent, this, true, isAllow(cug), CugUtil.hasNestedCug(cug));
        } else if (parentIsCugPermission) {
            CugTreePermission ctp = (CugTreePermission) parent;
            tp = new CugTreePermission(tree, type, parent, this, ctp.isInCug(), ctp.isAllow(), ctp.hasNestedCug());
        } else if (isSupportedPath) {
            tp = new CugTreePermission(tree, type, parent, this, false, false, false);
        } else if (mayContain(path)) {
            tp = new EmptyCugTreePermission(tree, type, this);
        } else {
            tp = TreePermission.NO_RECOURSE;
        }
        return tp;
    }
}
Also used : TreeType(org.apache.jackrabbit.oak.plugins.tree.TreeType) Tree(org.apache.jackrabbit.oak.api.Tree) TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission) Nonnull(javax.annotation.Nonnull)

Aggregations

Nonnull (javax.annotation.Nonnull)2624 Nullable (javax.annotation.Nullable)338 ArrayList (java.util.ArrayList)336 ItemStack (net.minecraft.item.ItemStack)327 List (java.util.List)305 Map (java.util.Map)229 Layer (com.simiacryptus.mindseye.lang.Layer)188 Tensor (com.simiacryptus.mindseye.lang.Tensor)185 Arrays (java.util.Arrays)182 Collectors (java.util.stream.Collectors)169 IOException (java.io.IOException)165 JsonObject (com.google.gson.JsonObject)156 HashMap (java.util.HashMap)145 IntStream (java.util.stream.IntStream)145 Test (org.junit.Test)143 LoggerFactory (org.slf4j.LoggerFactory)138 Logger (org.slf4j.Logger)137 Result (com.simiacryptus.mindseye.lang.Result)130 TensorList (com.simiacryptus.mindseye.lang.TensorList)123 DeltaSet (com.simiacryptus.mindseye.lang.DeltaSet)111