Example 1 with TreeType
use of org.apache.jackrabbit.oak.plugins.tree.TreeType in project jackrabbit-oak by apache.
the class CugPermissionProvider method includesCug.
private boolean includesCug(@CheckForNull Tree tree) {
if (tree != null) {
Tree immutableTree = getImmutableTree(tree);
TreeType type = typeProvider.getType(immutableTree);
if (isSupportedType(type) && topPaths.hasAny()) {
return getCugRoot(immutableTree, type) != null;
}
}
return false;
}Example 2 with TreeType
use of org.apache.jackrabbit.oak.plugins.tree.TreeType in project jackrabbit-oak by apache.
the class CugPermissionProvider method createVersionPermission.
@Nonnull
private TreePermission createVersionPermission(@Nonnull Tree tree, @Nonnull TreeType type, @Nonnull TreePermission parent, boolean parentIsCugPermission) {
if (ReadOnlyVersionManager.isVersionStoreTree(tree)) {
if (parentIsCugPermission) {
return new CugTreePermission(tree, type, parent, this);
} else {
return new EmptyCugTreePermission(tree, type, this);
}
} else {
Tree versionableTree = getVersionManager().getVersionable(tree, workspaceName);
if (versionableTree == null) {
return TreePermission.NO_RECOURSE;
}
TreeType versionableType = typeProvider.getType(versionableTree);
if (!isSupportedType(versionableType)) {
return TreePermission.NO_RECOURSE;
}
String path = versionableTree.getPath();
boolean isSupportedPath = false;
// test if the versionable node holds a cug
Tree cug = null;
if (parentIsCugPermission) {
cug = CugUtil.getCug(versionableTree);
} else if (includes(path)) {
isSupportedPath = true;
// the versionable tree might be included in a cug defined by
// a parent node -> need to search for inherited cugs as well.
Tree cugRoot = getCugRoot(versionableTree, versionableType);
if (cugRoot != null) {
cug = CugUtil.getCug(cugRoot);
}
}
TreePermission tp;
if (cug != null) {
// backing versionable tree holds a cug
tp = new CugTreePermission(tree, type, parent, this, true, isAllow(cug), CugUtil.hasNestedCug(cug));
} else if (parentIsCugPermission) {
CugTreePermission ctp = (CugTreePermission) parent;
tp = new CugTreePermission(tree, type, parent, this, ctp.isInCug(), ctp.isAllow(), ctp.hasNestedCug());
} else if (isSupportedPath) {
tp = new CugTreePermission(tree, type, parent, this, false, false, false);
} else if (mayContain(path)) {
tp = new EmptyCugTreePermission(tree, type, this);
} else {
tp = TreePermission.NO_RECOURSE;
}
return tp;
}
}
Also used :
TreeType(org.apache.jackrabbit.oak.plugins.tree.TreeType)
Tree(org.apache.jackrabbit.oak.api.Tree)
TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission)
Nonnull(javax.annotation.Nonnull)
Example 3 with TreeType
use of org.apache.jackrabbit.oak.plugins.tree.TreeType in project jackrabbit-oak by apache.
the class CugPermissionProvider method getTreePermission.
@Nonnull
@Override
public TreePermission getTreePermission(@Nonnull Tree tree, @Nonnull TreePermission parentPermission) {
if (TreePermission.NO_RECOURSE == parentPermission) {
throw new IllegalStateException("Attempt to create tree permission for path '" + tree.getPath() + "', which is either not supported or doesn't contain any CUGs.");
}
Tree immutableTree = getImmutableTree(tree);
TreeType type = typeProvider.getType(immutableTree);
return getTreePermission(immutableTree, type, parentPermission);
}Example 4 with TreeType
use of org.apache.jackrabbit.oak.plugins.tree.TreeType in project jackrabbit-oak by apache.
the class CompositeTreePermission method create.
private static TreePermission create(@Nonnull LazyTree lazyTree, @Nonnull String childName, @Nonnull NodeState childState, @Nonnull CompositeTreePermission parentPermission) {
switch(parentPermission.childSize) {
case 0:
return TreePermission.EMPTY;
case 1:
TreePermission parent = null;
for (TreePermission tp : parentPermission.treePermissions) {
if (isValid(tp)) {
parent = tp;
break;
}
}
return (parent == null) ? TreePermission.EMPTY : parent.getChildPermission(childName, childState);
default:
ImmutableTree tree = lazyTree.get();
TreeType type = getType(tree, parentPermission);
AggregatedPermissionProvider[] pvds = new AggregatedPermissionProvider[parentPermission.childSize];
TreePermission[] tps = new TreePermission[parentPermission.childSize];
int cnt = 0;
for (int i = 0, j = 0; i < parentPermission.providers.length; i++) {
parent = parentPermission.treePermissions[i];
if (isValid(parent)) {
AggregatedPermissionProvider provider = parentPermission.providers[i];
TreePermission tp = provider.getTreePermission(tree, type, parent);
if (!isValid(tp)) {
cnt++;
}
tps[j] = tp;
pvds[j] = provider;
j++;
}
}
return new CompositeTreePermission(tree, type, parentPermission.typeProvider, pvds, tps, cnt);
}
}
Also used :
TreeType(org.apache.jackrabbit.oak.plugins.tree.TreeType)
AggregatedPermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.AggregatedPermissionProvider)
TreePermission(org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission)
ImmutableTree(org.apache.jackrabbit.oak.plugins.tree.impl.ImmutableTree)
Example 5 with TreeType
use of org.apache.jackrabbit.oak.plugins.tree.TreeType in project jackrabbit-oak by apache.
the class CugPermissionProvider method getTreePermission.
@Nonnull
TreePermission getTreePermission(@Nonnull Tree parent, @Nonnull TreeType parentType, @Nonnull String childName, @Nonnull NodeState childState, @Nonnull AbstractTreePermission parentPermission) {
Tree t = TreeFactory.createReadOnlyTree(parent, childName, childState);
TreeType type = typeProvider.getType(t, parentType);
return getTreePermission(t, type, parentPermission);
}Aggregations
TreeType (org.apache.jackrabbit.oak.plugins.tree.TreeType)7
Tree (org.apache.jackrabbit.oak.api.Tree)6
Nonnull (javax.annotation.Nonnull)4
TreePermission (org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission)3
ImmutableTree (org.apache.jackrabbit.oak.plugins.tree.impl.ImmutableTree)2
ArrayList (java.util.ArrayList)1
AggregatedPermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.AggregatedPermissionProvider)1
