[exo-jcr-commits] exo-jcr SVN: r3474 - in jcr/trunk/exo.jcr.component.core/src: main/java/org/exoplatform/services/jcr/impl/core/version and 2 other directories.
do-not-reply at jboss.org
do-not-reply at jboss.org
Wed Nov 17 10:29:19 EST 2010
Author: tolusha
Date: 2010-11-17 10:29:19 -0500 (Wed, 17 Nov 2010)
New Revision: 3474
Modified:
jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/ScratchWorkspaceInitializer.java
jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/version/FrozenNodeInitializer.java
jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/dataflow/TransientNodeData.java
jcr/trunk/exo.jcr.component.core/src/test/java/org/exoplatform/services/jcr/impl/access/TestPermissions.java
Log:
EXOJCR-1061: fix issue with ACL inconsistence when node have been put to version storage
Modified: jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/ScratchWorkspaceInitializer.java
===================================================================
--- jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/ScratchWorkspaceInitializer.java 2010-11-17 14:24:34 UTC (rev 3473)
+++ jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/ScratchWorkspaceInitializer.java 2010-11-17 15:29:19 UTC (rev 3474)
@@ -21,6 +21,7 @@
import org.exoplatform.services.jcr.access.AccessControlEntry;
import org.exoplatform.services.jcr.access.AccessControlList;
import org.exoplatform.services.jcr.access.AccessControlPolicy;
+import org.exoplatform.services.jcr.access.PermissionType;
import org.exoplatform.services.jcr.access.SystemIdentity;
import org.exoplatform.services.jcr.config.RepositoryConfigurationException;
import org.exoplatform.services.jcr.config.RepositoryEntry;
@@ -326,16 +327,49 @@
}
// init version storage
+ AccessControlList acl = new AccessControlList();
+ acl.removePermissions(SystemIdentity.ANY);
+ acl.addPermissions(SystemIdentity.ANY, new String[]{PermissionType.READ});
+
+ for (AccessControlEntry entry : jcrSystem.getACL().getPermissionEntries())
+ {
+ String identity = entry.getIdentity();
+ String permission = entry.getPermission();
+
+ if (!identity.equals(SystemIdentity.ANY) || !permission.equals(PermissionType.READ))
+ {
+ acl.addPermissions(identity, new String[]{permission});
+ }
+ }
+
TransientNodeData versionStorageNodeData =
TransientNodeData.createNodeData(jcrSystem, Constants.JCR_VERSIONSTORAGE, Constants.EXO_VERSIONSTORAGE,
- Constants.VERSIONSTORAGE_UUID);
+ Constants.VERSIONSTORAGE_UUID, acl);
TransientPropertyData vsPrimaryType =
TransientPropertyData.createPropertyData(versionStorageNodeData, Constants.JCR_PRIMARYTYPE, PropertyType.NAME,
false, new TransientValueData(versionStorageNodeData.getPrimaryTypeName()));
- changesLog.add(ItemState.createAddedState(versionStorageNodeData)).add(ItemState.createAddedState(vsPrimaryType));
+ TransientPropertyData exoMixinTypes =
+ TransientPropertyData.createPropertyData(versionStorageNodeData, Constants.JCR_MIXINTYPES, PropertyType.NAME,
+ true, new TransientValueData(Constants.EXO_PRIVILEGEABLE));
+ List<ValueData> permsValues = new ArrayList<ValueData>();
+ for (int i = 0; i < acl.getPermissionEntries().size(); i++)
+ {
+ AccessControlEntry entry = acl.getPermissionEntries().get(i);
+ permsValues.add(new TransientValueData(entry));
+ }
+ TransientPropertyData exoPerms =
+ TransientPropertyData.createPropertyData(versionStorageNodeData, Constants.EXO_PERMISSIONS,
+ ExtendedPropertyType.PERMISSION, true, permsValues);
+
+ changesLog.add(ItemState.createAddedState(versionStorageNodeData));
+ changesLog.add(ItemState.createAddedState(vsPrimaryType));
+ changesLog.add(ItemState.createAddedState(exoMixinTypes));
+ changesLog.add(ItemState.createAddedState(exoPerms));
+ changesLog.add(new ItemState(versionStorageNodeData, ItemState.MIXIN_CHANGED, false, null));
+
dataManager.save(new TransactionChangesLog(changesLog));
return jcrSystem;
Modified: jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/version/FrozenNodeInitializer.java
===================================================================
--- jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/version/FrozenNodeInitializer.java 2010-11-17 14:24:34 UTC (rev 3473)
+++ jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/core/version/FrozenNodeInitializer.java 2010-11-17 15:29:19 UTC (rev 3474)
@@ -18,6 +18,7 @@
*/
package org.exoplatform.services.jcr.impl.core.version;
+import org.exoplatform.services.jcr.access.AccessControlList;
import org.exoplatform.services.jcr.core.nodetype.NodeDefinitionData;
import org.exoplatform.services.jcr.core.nodetype.NodeTypeDataManager;
import org.exoplatform.services.jcr.core.nodetype.PropertyDefinitionData;
@@ -249,12 +250,15 @@
}
else if (action == OnParentVersionAction.COPY)
{
+ AccessControlList acl =
+ ntManager.isNodeType(Constants.EXO_PRIVILEGEABLE, node.getPrimaryTypeName(), node.getMixinTypeNames())
+ ? node.getACL() : currentNode().getACL();
QPath frozenPath = QPath.makeChildPath(currentNode().getQPath(), qname, node.getQPath().getIndex());
frozenNode =
new TransientNodeData(frozenPath, IdGenerator.generate(), node.getPersistedVersion(), node
.getPrimaryTypeName(), node.getMixinTypeNames(), node.getOrderNumber(), currentNode().getIdentifier(), // parent
- node.getACL());
+ acl);
contextNodes.push(frozenNode);
changesLog.add(ItemState.createAddedState(frozenNode));
@@ -286,12 +290,16 @@
}
else
{ // behaviour of COPY
+ AccessControlList acl =
+ ntManager.isNodeType(Constants.EXO_PRIVILEGEABLE, node.getPrimaryTypeName(), node.getMixinTypeNames())
+ ? node.getACL() : currentNode().getACL();
+
QPath frozenPath = QPath.makeChildPath(currentNode().getQPath(), qname, node.getQPath().getIndex());
frozenNode =
new TransientNodeData(frozenPath, IdGenerator.generate(), node.getPersistedVersion(), node
.getPrimaryTypeName(), node.getMixinTypeNames(), node.getOrderNumber(),
currentNode().getIdentifier(), // parent
- node.getACL());
+ acl);
contextNodes.push(frozenNode);
changesLog.add(ItemState.createAddedState(frozenNode));
Modified: jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/dataflow/TransientNodeData.java
===================================================================
--- jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/dataflow/TransientNodeData.java 2010-11-17 14:24:34 UTC (rev 3473)
+++ jcr/trunk/exo.jcr.component.core/src/main/java/org/exoplatform/services/jcr/impl/dataflow/TransientNodeData.java 2010-11-17 15:29:19 UTC (rev 3474)
@@ -239,6 +239,27 @@
return nodeData;
}
+ /**
+ * Factory method
+ *
+ * @param parent NodeData
+ * @param name InternalQName
+ * @param primaryTypeName InternalQName
+ * @param identifier String
+ * @param acl AccessControlList
+ * @return
+ */
+ public static TransientNodeData createNodeData(NodeData parent, InternalQName name, InternalQName primaryTypeName,
+ String identifier, AccessControlList acl)
+ {
+ TransientNodeData nodeData = null;
+ QPath path = QPath.makeChildPath(parent.getQPath(), name);
+ nodeData =
+ new TransientNodeData(path, identifier, -1, primaryTypeName, new InternalQName[0], 0, parent.getIdentifier(),
+ acl);
+ return nodeData;
+ }
+
// ------------- Comparable /////
public int compareTo(Object obj)
@@ -254,6 +275,7 @@
this.acl = new AccessControlList();
}
+ @Override
public void writeExternal(ObjectOutput out) throws IOException
{
super.writeExternal(out);
@@ -277,6 +299,7 @@
acl.writeExternal(out);
}
+ @Override
public void readExternal(ObjectInput in) throws IOException, ClassNotFoundException
{
super.readExternal(in);
Modified: jcr/trunk/exo.jcr.component.core/src/test/java/org/exoplatform/services/jcr/impl/access/TestPermissions.java
===================================================================
--- jcr/trunk/exo.jcr.component.core/src/test/java/org/exoplatform/services/jcr/impl/access/TestPermissions.java 2010-11-17 14:24:34 UTC (rev 3473)
+++ jcr/trunk/exo.jcr.component.core/src/test/java/org/exoplatform/services/jcr/impl/access/TestPermissions.java 2010-11-17 15:29:19 UTC (rev 3474)
@@ -100,6 +100,17 @@
@Override
public void tearDown() throws Exception
{
+ if (sessionWS1.getRootNode().hasNode("MARY-ReadOnly"))
+ {
+ sessionWS1.getRootNode().getNode("MARY-ReadOnly").remove();
+ }
+
+ if (sessionWS1.getRootNode().hasNode("MARY-ReadWrite"))
+ {
+ sessionWS1.getRootNode().getNode("MARY-ReadWrite").remove();
+ }
+ sessionWS1.save();
+
sessionMaryWS.logout();
sessionMaryWS1.logout();
sessionWS.logout();
@@ -257,4 +268,42 @@
{
}
}
+
+ public void testAccessPermission() throws Exception
+ {
+ // At creation time
+ NodeImpl node = (NodeImpl)sessionWS1.getRootNode().addNode("testAccessPermission");
+ node.addMixin("mix:versionable");
+ sessionWS1.save();
+ node.addMixin("exo:privilegeable");
+ node.getSession().save();
+ node.setPermission("admin", new String[]{"read", "add_node", "set_property", "remove"});
+ node.removePermission(SystemIdentity.ANY);
+ NodeImpl subNode = (NodeImpl)node.addNode("subNode");
+ node.getSession().save();
+ node.checkin();
+ node.setPermission(SystemIdentity.ANY, new String[]{"read"});
+ node.getSession().save();
+ SessionImpl sessionJohnWS1 = null;
+
+ try
+ {
+ Credentials credentials = new CredentialsImpl("john", "exo".toCharArray());
+ sessionJohnWS1 = (SessionImpl)repositoryService.getRepository("db2").login(credentials, "ws1");
+ Node vNode = sessionJohnWS1.getRootNode().getNode("testAccessPermission");
+ assertNotNull(vNode);
+ vNode = vNode.getVersionHistory().getVersion("1");
+ assertNotNull(vNode);
+ vNode = vNode.getNode("jcr:frozenNode");
+ assertNotNull(vNode);
+ assertNotNull(vNode.getNode("subNode"));
+ }
+ finally
+ {
+ if (sessionJohnWS1 != null)
+ {
+ sessionJohnWS1.logout();
+ }
+ }
+ }
}
More information about the exo-jcr-commits
mailing list