use of javax.annotation.Nonnull in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method setupPolicy.
@Nonnull
private ACL setupPolicy(@Nullable String path, @Nullable Privilege... privileges) throws RepositoryException {
Privilege[] privs = (privileges == null || privileges.length == 0) ? testPrivileges : privileges;
ACL policy = getApplicablePolicy(path);
if (path == null) {
policy.addAccessControlEntry(testPrincipal, privs);
} else {
policy.addEntry(testPrincipal, privs, true, getGlobRestriction("*"));
}
acMgr.setPolicy(path, policy);
return policy;
}
use of javax.annotation.Nonnull in project jackrabbit-oak by apache.
the class LdapIdentityProvider method createUser.
@Nonnull
private ExternalUser createUser(@Nonnull Entry entry, @CheckForNull String id) throws LdapInvalidAttributeValueException {
ExternalIdentityRef ref = new ExternalIdentityRef(entry.getDn().getName(), this.getName());
if (id == null) {
String idAttribute = config.getUserConfig().getIdAttribute();
Attribute attr = entry.get(idAttribute);
if (attr == null) {
throw new LdapInvalidAttributeValueException(ResultCodeEnum.CONSTRAINT_VIOLATION, "no value found for attribute '" + idAttribute + "' for entry " + entry);
}
id = attr.getString();
}
String path = config.getUserConfig().makeDnPath() ? createDNPath(entry.getDn()) : null;
LdapUser user = new LdapUser(this, ref, id, path);
Map<String, Object> props = user.getProperties();
applyAttributes(props, entry);
return user;
}
use of javax.annotation.Nonnull in project jackrabbit-oak by apache.
the class LdapIdentityProvider method createGroup.
@Nonnull
private ExternalGroup createGroup(@Nonnull Entry entry, @CheckForNull String name) throws LdapInvalidAttributeValueException {
ExternalIdentityRef ref = new ExternalIdentityRef(entry.getDn().getName(), this.getName());
if (name == null) {
String idAttribute = config.getGroupConfig().getIdAttribute();
Attribute attr = entry.get(idAttribute);
if (attr == null) {
throw new LdapInvalidAttributeValueException(ResultCodeEnum.CONSTRAINT_VIOLATION, "no value found for attribute '" + idAttribute + "' for entry " + entry);
}
name = attr.getString();
}
String path = config.getGroupConfig().makeDnPath() ? createDNPath(entry.getDn()) : null;
LdapGroup group = new LdapGroup(this, ref, name, path);
Map<String, Object> props = group.getProperties();
applyAttributes(props, entry);
return group;
}
use of javax.annotation.Nonnull in project jackrabbit-oak by apache.
the class CugPermissionProvider method getTreePermission.
@Nonnull
public TreePermission getTreePermission(@Nonnull Tree immutableTree, @Nonnull TreeType type, @Nonnull TreePermission parentPermission) {
if (!isSupportedType(type) || !topPaths.hasAny()) {
return TreePermission.NO_RECOURSE;
}
TreePermission tp;
boolean parentIsCugPermission = (parentPermission instanceof CugTreePermission);
if (TreeType.VERSION == type) {
tp = createVersionPermission(immutableTree, type, parentPermission, parentIsCugPermission);
} else {
if (parentIsCugPermission) {
tp = new CugTreePermission(immutableTree, type, parentPermission, this);
} else {
String path = immutableTree.getPath();
if (includes(path)) {
if (topPaths.contains(path)) {
tp = new CugTreePermission(immutableTree, type, parentPermission, this);
} else {
tp = TreePermission.NO_RECOURSE;
}
} else if (mayContain(path) || isJcrSystemPath(immutableTree)) {
tp = new EmptyCugTreePermission(immutableTree, type, this);
} else {
tp = TreePermission.NO_RECOURSE;
}
}
}
return tp;
}
use of javax.annotation.Nonnull in project jackrabbit-oak by apache.
the class CugPermissionProvider method createVersionPermission.
@Nonnull
private TreePermission createVersionPermission(@Nonnull Tree tree, @Nonnull TreeType type, @Nonnull TreePermission parent, boolean parentIsCugPermission) {
if (ReadOnlyVersionManager.isVersionStoreTree(tree)) {
if (parentIsCugPermission) {
return new CugTreePermission(tree, type, parent, this);
} else {
return new EmptyCugTreePermission(tree, type, this);
}
} else {
Tree versionableTree = getVersionManager().getVersionable(tree, workspaceName);
if (versionableTree == null) {
return TreePermission.NO_RECOURSE;
}
TreeType versionableType = typeProvider.getType(versionableTree);
if (!isSupportedType(versionableType)) {
return TreePermission.NO_RECOURSE;
}
String path = versionableTree.getPath();
boolean isSupportedPath = false;
// test if the versionable node holds a cug
Tree cug = null;
if (parentIsCugPermission) {
cug = CugUtil.getCug(versionableTree);
} else if (includes(path)) {
isSupportedPath = true;
// the versionable tree might be included in a cug defined by
// a parent node -> need to search for inherited cugs as well.
Tree cugRoot = getCugRoot(versionableTree, versionableType);
if (cugRoot != null) {
cug = CugUtil.getCug(cugRoot);
}
}
TreePermission tp;
if (cug != null) {
// backing versionable tree holds a cug
tp = new CugTreePermission(tree, type, parent, this, true, isAllow(cug), CugUtil.hasNestedCug(cug));
} else if (parentIsCugPermission) {
CugTreePermission ctp = (CugTreePermission) parent;
tp = new CugTreePermission(tree, type, parent, this, ctp.isInCug(), ctp.isAllow(), ctp.hasNestedCug());
} else if (isSupportedPath) {
tp = new CugTreePermission(tree, type, parent, this, false, false, false);
} else if (mayContain(path)) {
tp = new EmptyCugTreePermission(tree, type, this);
} else {
tp = TreePermission.NO_RECOURSE;
}
return tp;
}
}
Aggregations