Example 16 with PrivilegeDefinition
use of org.apache.jackrabbit.spi.PrivilegeDefinition in project jackrabbit by apache.
the class PrivilegeRegistry method registerCustomDefinitions.
//---------------------------------------------< privilege registration >---
/**
* Register the specified custom privilege definitions.
*
* @param stubs
* @throws RepositoryException If an error occurs.
*/
private void registerCustomDefinitions(Map<Name, PrivilegeDefinition> stubs) throws RepositoryException {
if (customPrivilegesStore == null) {
throw new UnsupportedOperationException("No privilege store defined.");
}
synchronized (registeredPrivileges) {
Map<Name, Definition> definitions = createCustomDefinitions(stubs);
try {
// write the new custom privilege to the store and upon successful
// update of the file system resource add finally it to the map of
// registered privileges.
customPrivilegesStore.append(definitions);
cacheDefinitions(definitions);
} catch (IOException e) {
throw new RepositoryException("Failed to register custom privilegess.", e);
} catch (FileSystemException e) {
throw new RepositoryException("Failed to register custom privileges.", e);
} catch (ParseException e) {
throw new RepositoryException("Failed to register custom privileges.", e);
}
}
for (Listener l : listeners.keySet()) {
l.privilegesRegistered(stubs.keySet());
}
}
Also used :
FileSystemException(org.apache.jackrabbit.core.fs.FileSystemException)
PrivilegeEventListener(org.apache.jackrabbit.core.cluster.PrivilegeEventListener)
PrivilegeDefinition(org.apache.jackrabbit.spi.PrivilegeDefinition)
RepositoryException(javax.jcr.RepositoryException)
IOException(java.io.IOException)
ParseException(org.apache.jackrabbit.spi.commons.privilege.ParseException)
Name(org.apache.jackrabbit.spi.Name)
Example 17 with PrivilegeDefinition
use of org.apache.jackrabbit.spi.PrivilegeDefinition in project jackrabbit by apache.
the class PrivilegeRegistry method createCustomDefinitions.
/**
* Validates the specified <code>DefinitionStub</code>s and creates
* new custom <code>PrivilegeDefinition</code>s. The validation includes name
* validation and resolution of declared aggregate names. The latter
* also includes checks to prevent cyclic aggregation.
*
* @param toRegister
* @return new privilege definitions.
* @throws RepositoryException If any of the specified stubs is invalid.
*/
private Map<Name, Definition> createCustomDefinitions(Map<Name, PrivilegeDefinition> toRegister) throws RepositoryException {
Map<Name, Definition> definitions = new HashMap<Name, Definition>(toRegister.size());
Set<PrivilegeDefinition> aggregates = new HashSet<PrivilegeDefinition>();
for (PrivilegeDefinition stub : toRegister.values()) {
Name name = stub.getName();
if (name == null) {
throw new RepositoryException("Name of custom privilege may not be null.");
}
if (registeredPrivileges.containsKey(name)) {
throw new RepositoryException("Registered privilege with name " + name + " already exists.");
}
// namespace validation:
// - make sure the specified name defines a registered namespace
namespaceRegistry.getPrefix(name.getNamespaceURI());
// - and isn't one of the reserved namespaces
if (isReservedNamespaceURI(name.getNamespaceURI())) {
throw new RepositoryException("Failed to register custom privilege: Reserved namespace URI: " + name.getNamespaceURI());
}
// validate aggregates
Set<Name> dagn = stub.getDeclaredAggregateNames();
if (dagn.isEmpty()) {
// not an aggregate priv definition.
definitions.put(name, new Definition(stub, nextBits()));
} else {
for (Name declaredAggregateName : dagn) {
if (name.equals(declaredAggregateName)) {
throw new RepositoryException("Declared aggregate name '" + declaredAggregateName.toString() + "'refers to the same custom privilege.");
}
if (registeredPrivileges.containsKey(declaredAggregateName)) {
log.debug("Declared aggregate name '" + declaredAggregateName.toString() + "' referring to registered privilege.");
} else if (toRegister.containsKey(declaredAggregateName)) {
log.debug("Declared aggregate name '" + declaredAggregateName.toString() + "' referring to un-registered privilege.");
// need to check for circular aggregates
if (isCircularAggregation(stub, declaredAggregateName, toRegister)) {
throw new RepositoryException("Detected circular aggregation within custom privilege caused by " + declaredAggregateName.toString());
}
} else {
throw new RepositoryException("Found unresolvable name of declared aggregate privilege " + declaredAggregateName.toString());
}
}
// remember for further processing
aggregates.add(stub);
}
}
// process the aggregate stubs in order to calculate the 'bits'
while (aggregates.size() > 0) {
// monitor progress of resolution into proper definitions.
int cnt = aggregates.size();
// look for those definitions whose declared aggregates have all been processed.
for (Iterator<PrivilegeDefinition> itr = aggregates.iterator(); itr.hasNext(); ) {
PrivilegeDefinition stub = itr.next();
PrivilegeBits bts = getAggregateBits(stub.getDeclaredAggregateNames(), definitions);
if (!bts.isEmpty()) {
// already registered privilege
if (bitsToNames.containsKey(bts) && bitsToNames.get(bts).size() == 1) {
Name existingName = bitsToNames.get(bts).iterator().next();
throw new RepositoryException("Custom aggregate privilege '" + stub.getName() + "' is already covered by '" + existingName.toString() + "'");
}
// been created before for registration.
for (Definition d : definitions.values()) {
if (bts.equals(d.bits)) {
throw new RepositoryException("Custom aggregate privilege '" + stub.getName() + "' is already defined by '" + d.getName() + "'");
}
}
// now its save to create the new definition
Definition def = new Definition(stub, bts);
definitions.put(def.getName(), def);
itr.remove();
}
// unresolvable bts -> postpone to next iterator.
}
if (cnt == aggregates.size()) {
// none of the remaining aggregate-definitions could be processed
throw new RepositoryException("Invalid aggregate privilege definition. Failed to resolve aggregate names.");
}
}
return definitions;
}
Also used :
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
PrivilegeDefinition(org.apache.jackrabbit.spi.PrivilegeDefinition)
PrivilegeDefinition(org.apache.jackrabbit.spi.PrivilegeDefinition)
RepositoryException(javax.jcr.RepositoryException)
Name(org.apache.jackrabbit.spi.Name)
HashSet(java.util.HashSet)
Example 18 with PrivilegeDefinition
use of org.apache.jackrabbit.spi.PrivilegeDefinition in project jackrabbit by apache.
the class PrivilegeManagerImpl method getPrivilege.
//------------------------------------------------------------< private >---
/**
* @param name
* @return The privilege with the specified name.
* @throws AccessControlException
* @throws RepositoryException
*/
private Privilege getPrivilege(Name name) throws AccessControlException, RepositoryException {
Privilege privilege;
synchronized (cache) {
if (cache.containsKey(name)) {
privilege = cache.get(name);
} else {
PrivilegeDefinition def = registry.get(name);
if (def != null) {
privilege = new PrivilegeImpl(def);
cache.put(name, privilege);
} else {
throw new AccessControlException("Unknown privilege " + resolver.getJCRName(name));
}
}
}
return privilege;
}
Also used :
PrivilegeDefinition(org.apache.jackrabbit.spi.PrivilegeDefinition)
AccessControlException(javax.jcr.security.AccessControlException)
Privilege(javax.jcr.security.Privilege)
Example 19 with PrivilegeDefinition
use of org.apache.jackrabbit.spi.PrivilegeDefinition in project jackrabbit by apache.
the class PrivilegeHandlerTest method testWriteOutputStream.
public void testWriteOutputStream() throws Exception {
PrivilegeDefinitionWriter writer = new PrivilegeDefinitionWriter(CONTENT_TYPE);
Map<String, String> namespaces = new HashMap<String, String>();
namespaces.put(TEST_PREFIX, TEST_URI);
ByteArrayOutputStream out = new ByteArrayOutputStream();
writer.writeDefinitions(out, DEF_EXPECTED, namespaces);
String result = out.toString("utf-8").trim();
PrivilegeDefinitionReader pdr = new PrivilegeDefinitionReader(new StringReader(result), CONTENT_TYPE);
PrivilegeDefinition[] definitions = pdr.getPrivilegeDefinitions();
assertTrue("Write", Arrays.equals(DEF_EXPECTED, definitions));
}
Also used :
HashMap(java.util.HashMap)
StringReader(java.io.StringReader)
PrivilegeDefinition(org.apache.jackrabbit.spi.PrivilegeDefinition)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Example 20 with PrivilegeDefinition
use of org.apache.jackrabbit.spi.PrivilegeDefinition in project jackrabbit by apache.
the class PrivilegeHandlerTest method testWriteWriter.
public void testWriteWriter() throws Exception {
PrivilegeDefinitionWriter writer = new PrivilegeDefinitionWriter(CONTENT_TYPE);
Map<String, String> namespaces = new HashMap<String, String>();
namespaces.put(TEST_PREFIX, TEST_URI);
Writer w = new StringWriter();
writer.writeDefinitions(w, DEF_EXPECTED, namespaces);
String result = w.toString();
PrivilegeDefinitionReader pdr = new PrivilegeDefinitionReader(new StringReader(result), CONTENT_TYPE);
PrivilegeDefinition[] definitions = pdr.getPrivilegeDefinitions();
assertTrue("Write", Arrays.equals(DEF_EXPECTED, definitions));
}
Also used :
StringWriter(java.io.StringWriter)
HashMap(java.util.HashMap)
StringReader(java.io.StringReader)
PrivilegeDefinition(org.apache.jackrabbit.spi.PrivilegeDefinition)
StringWriter(java.io.StringWriter)
Writer(java.io.Writer)
Aggregations
PrivilegeDefinition (org.apache.jackrabbit.spi.PrivilegeDefinition)30
Name (org.apache.jackrabbit.spi.Name)20
HashMap (java.util.HashMap)11
HashSet (java.util.HashSet)7
PrivilegeDefinitionImpl (org.apache.jackrabbit.spi.commons.privilege.PrivilegeDefinitionImpl)7
RepositoryException (javax.jcr.RepositoryException)5
IOException (java.io.IOException)4
ArrayList (java.util.ArrayList)4
LinkedHashMap (java.util.LinkedHashMap)4
Privilege (javax.jcr.security.Privilege)4
StringReader (java.io.StringReader)3
InputStream (java.io.InputStream)2
OutputStream (java.io.OutputStream)2
DocumentBuilder (javax.xml.parsers.DocumentBuilder)2
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)2
FileSystem (org.apache.jackrabbit.core.fs.FileSystem)2
FileSystemResource (org.apache.jackrabbit.core.fs.FileSystemResource)2
NameFactory (org.apache.jackrabbit.spi.NameFactory)2
DefaultNamePathResolver (org.apache.jackrabbit.spi.commons.conversion.DefaultNamePathResolver)2
NamePathResolver (org.apache.jackrabbit.spi.commons.conversion.NamePathResolver)2
