Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java (revision 1582862)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java (working copy)
@@ -19,10 +19,10 @@
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
+
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
-import com.google.common.collect.ImmutableMap;
import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Deactivate;
@@ -31,12 +31,6 @@
import org.apache.felix.scr.annotations.ReferencePolicyOption;
import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.oak.osgi.OsgiWhiteboard;
-import org.apache.jackrabbit.oak.security.authentication.AuthenticationConfigurationImpl;
-import org.apache.jackrabbit.oak.security.authentication.token.TokenConfigurationImpl;
-import org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl;
-import org.apache.jackrabbit.oak.security.principal.PrincipalConfigurationImpl;
-import org.apache.jackrabbit.oak.security.privilege.PrivilegeConfigurationImpl;
-import org.apache.jackrabbit.oak.security.user.UserConfigurationImpl;
import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
@@ -58,6 +52,8 @@
import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardRestrictionProvider;
import org.osgi.framework.BundleContext;
+import com.google.common.collect.ImmutableMap;
+
import static com.google.common.base.Preconditions.checkNotNull;
@Component
@@ -121,13 +117,13 @@
checkNotNull(configuration);
this.configuration = configuration;
- authenticationConfiguration = new AuthenticationConfigurationImpl(this);
- authorizationConfiguration = new AuthorizationConfigurationImpl(this);
- userConfiguration = new UserConfigurationImpl(this);
- privilegeConfiguration = new PrivilegeConfigurationImpl();
+ authenticationConfiguration = new org.apache.jackrabbit.oak.security.authentication.AuthenticationConfiguration(this);
+ authorizationConfiguration = new org.apache.jackrabbit.oak.security.authorization.AuthorizationConfiguration(this);
+ userConfiguration = new org.apache.jackrabbit.oak.security.user.UserConfiguration(this);
+ privilegeConfiguration = new org.apache.jackrabbit.oak.security.privilege.PrivilegeConfiguration();
- principalConfiguration.setDefaultConfig(new PrincipalConfigurationImpl(this));
- tokenConfiguration.setDefaultConfig(new TokenConfigurationImpl(this));
+ principalConfiguration.setDefaultConfig(new org.apache.jackrabbit.oak.security.principal.PrincipalConfiguration(this));
+ tokenConfiguration.setDefaultConfig(new org.apache.jackrabbit.oak.security.authentication.token.TokenConfiguration(this));
}
@Override
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfiguration.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfiguration.java (revision 1582862)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfiguration.java (working copy)
@@ -29,7 +29,6 @@
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.ConfigurationUtil;
import org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider;
import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard;
@@ -50,15 +49,16 @@
*
*/
@Component
-@Service({AuthenticationConfiguration.class, SecurityConfiguration.class})
-public class AuthenticationConfigurationImpl extends ConfigurationBase implements AuthenticationConfiguration {
+@Service({org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration.class, SecurityConfiguration.class})
+public class AuthenticationConfiguration extends ConfigurationBase
+ implements org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration {
- private static final Logger log = LoggerFactory.getLogger(AuthenticationConfigurationImpl.class);
+ private static final Logger log = LoggerFactory.getLogger(AuthenticationConfiguration.class);
/**
* Constructor for OSGi
*/
- public AuthenticationConfigurationImpl() {
+ public AuthenticationConfiguration() {
super();
}
@@ -71,7 +71,7 @@
* Constructor for non-OSGi
* @param securityProvider
*/
- public AuthenticationConfigurationImpl(SecurityProvider securityProvider) {
+ public AuthenticationConfiguration(SecurityProvider securityProvider) {
super(securityProvider, securityProvider.getParameters(NAME));
}
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java (revision 1582862)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java (working copy)
@@ -1,138 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jackrabbit.oak.security.authentication;
-
-import java.util.Map;
-
-import javax.annotation.Nonnull;
-import javax.security.auth.login.Configuration;
-
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.Service;
-import org.apache.jackrabbit.oak.api.ContentRepository;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
-import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
-import org.apache.jackrabbit.oak.spi.security.authentication.ConfigurationUtil;
-import org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider;
-import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard;
-import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardAware;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Default implementation of the {@code AuthenticationConfiguration} with the
- * following characteristics:
- *
- *
- * -
- * {@link LoginContextProvider}: Returns the default implementation of
- * {@code LoginContextProvider} that handles standard JAAS based logins and
- * deals with pre-authenticated subjects.
- *
- *
- */
-@Component
-@Service({AuthenticationConfiguration.class, SecurityConfiguration.class})
-public class AuthenticationConfigurationImpl extends ConfigurationBase implements AuthenticationConfiguration {
-
- private static final Logger log = LoggerFactory.getLogger(AuthenticationConfigurationImpl.class);
-
- /**
- * Constructor for OSGi
- */
- public AuthenticationConfigurationImpl() {
- super();
- }
-
- @Activate
- private void activate(Map properties) {
- setParameters(ConfigurationParameters.of(properties));
- }
-
- /**
- * Constructor for non-OSGi
- * @param securityProvider
- */
- public AuthenticationConfigurationImpl(SecurityProvider securityProvider) {
- super(securityProvider, securityProvider.getParameters(NAME));
- }
-
- //----------------------------------------------< SecurityConfiguration >---
- @Nonnull
- @Override
- public String getName() {
- return NAME;
- }
-
- //----------------------------------------< AuthenticationConfiguration >---
- /**
- * Create a {@code LoginContextProvider} using standard
- * {@link javax.security.auth.login.Configuration#getConfiguration() JAAS}
- * functionality. In case no login configuration for the specified app name
- * can be retrieve this implementation uses the default as defined by
- * {@link ConfigurationUtil#getDefaultConfiguration(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters)}.
- *
- * The {@link LoginContextProvider} implementation is intended to be used with
- *
- * - Regular login using JAAS {@link javax.security.auth.spi.LoginModule} or
- * - Pre-authenticated subjects in which case any authentication
- * related validation is omitted
- *
- *
- * Configuration Options
- *
- * - {@link #PARAM_APP_NAME}: The appName passed to
- * {@code Configuration#getAppConfigurationEntry(String)}. The default
- * value is {@link #DEFAULT_APP_NAME}.
- *
- *
- * @param contentRepository The content repository.
- * @return An new instance of {@link LoginContextProvider}.
- */
- @Nonnull
- @Override
- public LoginContextProvider getLoginContextProvider(ContentRepository contentRepository) {
- String appName = getParameters().getConfigValue(PARAM_APP_NAME, DEFAULT_APP_NAME);
- Configuration loginConfig = null;
- try {
- loginConfig = Configuration.getConfiguration();
- // NOTE: workaround for Java7 behavior (see OAK-497)
- if (loginConfig.getAppConfigurationEntry(appName) == null) {
- loginConfig = null;
- }
- } catch (SecurityException e) {
- log.info("Failed to retrieve login configuration: using default. " + e);
- }
- if (loginConfig == null) {
- log.debug("No login configuration available for {}; using default", appName);
- loginConfig = ConfigurationUtil.getDefaultConfiguration(getParameters());
- }
- // todo: temporary workaround
- SecurityProvider provider = getSecurityProvider();
- Whiteboard whiteboard = null;
- if (provider instanceof WhiteboardAware) {
- whiteboard = ((WhiteboardAware) provider).getWhiteboard();
- } else {
- log.warn("Unable to obtain whiteboard from SecurityProvider");
- }
- return new LoginContextProviderImpl(appName, loginConfig, contentRepository, getSecurityProvider(), whiteboard);
- }
-}
\ No newline at end of file
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfiguration.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfiguration.java (revision 1582859)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfiguration.java (working copy)
@@ -28,7 +28,6 @@
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
@@ -36,14 +35,15 @@
* Default implementation for the {@code TokenConfiguration} interface.
*/
@Component()
-@Service({TokenConfiguration.class, SecurityConfiguration.class})
-public class TokenConfigurationImpl extends ConfigurationBase implements TokenConfiguration {
+@Service({org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration.class, SecurityConfiguration.class})
+public class TokenConfiguration extends ConfigurationBase
+ implements org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration {
- public TokenConfigurationImpl() {
+ public TokenConfiguration() {
super();
}
- public TokenConfigurationImpl(SecurityProvider securityProvider) {
+ public TokenConfiguration(SecurityProvider securityProvider) {
super(securityProvider, securityProvider.getParameters(NAME));
}
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java (revision 1582862)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImpl.java (working copy)
@@ -1,75 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jackrabbit.oak.security.authentication.token;
-
-import java.util.Map;
-
-import javax.annotation.Nonnull;
-
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.Service;
-import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
-import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
-import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
-
-/**
- * Default implementation for the {@code TokenConfiguration} interface.
- */
-@Component()
-@Service({TokenConfiguration.class, SecurityConfiguration.class})
-public class TokenConfigurationImpl extends ConfigurationBase implements TokenConfiguration {
-
- public TokenConfigurationImpl() {
- super();
- }
-
- public TokenConfigurationImpl(SecurityProvider securityProvider) {
- super(securityProvider, securityProvider.getParameters(NAME));
- }
-
- @Activate
- private void activate(Map properties) {
- setParameters(ConfigurationParameters.of(properties));
- }
-
- //----------------------------------------------< SecurityConfiguration >---
- @Nonnull
- @Override
- public String getName() {
- return NAME;
- }
-
- //-------------------------------------------------< TokenConfiguration >---
- /**
- * Returns a new instance of {@link org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider}.
- *
- * @param root The target root.
- * @return A new instance of {@link org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider}.
- */
- @Nonnull
- @Override
- public TokenProvider getTokenProvider(Root root) {
- UserConfiguration uc = getSecurityProvider().getConfiguration(UserConfiguration.class);
- return new TokenProviderImpl(root, getParameters(), uc);
- }
-}
\ No newline at end of file
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfiguration.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfiguration.java (revision 1582859)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfiguration.java (working copy)
@@ -34,12 +34,11 @@
import org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlImporter;
import org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlManagerImpl;
import org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlValidatorProvider;
-import org.apache.jackrabbit.oak.security.authorization.permission.PermissionEntryCache;
import org.apache.jackrabbit.oak.security.authorization.permission.PermissionHook;
import org.apache.jackrabbit.oak.security.authorization.permission.PermissionProviderImpl;
import org.apache.jackrabbit.oak.security.authorization.permission.PermissionStoreValidatorProvider;
import org.apache.jackrabbit.oak.security.authorization.permission.PermissionValidatorProvider;
-import org.apache.jackrabbit.oak.security.authorization.restriction.RestrictionProviderImpl;
+import org.apache.jackrabbit.oak.security.authorization.restriction.RestrictionProvider;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
import org.apache.jackrabbit.oak.spi.commit.MoveTracker;
import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
@@ -49,10 +48,8 @@
import org.apache.jackrabbit.oak.spi.security.Context;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration;
import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants;
import org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider;
import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
import com.google.common.collect.ImmutableList;
@@ -61,10 +58,11 @@
* Default implementation of the {@code AccessControlConfiguration}.
*/
@Component()
-@Service({AuthorizationConfiguration.class, SecurityConfiguration.class})
-public class AuthorizationConfigurationImpl extends ConfigurationBase implements AuthorizationConfiguration {
+@Service({org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration.class, SecurityConfiguration.class})
+public class AuthorizationConfiguration extends ConfigurationBase
+ implements org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration {
- public AuthorizationConfigurationImpl() {
+ public AuthorizationConfiguration() {
super();
}
@@ -74,7 +72,7 @@
}
- public AuthorizationConfigurationImpl(SecurityProvider securityProvider) {
+ public AuthorizationConfiguration(SecurityProvider securityProvider) {
super(securityProvider, securityProvider.getParameters(NAME));
}
@@ -126,11 +124,11 @@
@Nonnull
@Override
- public RestrictionProvider getRestrictionProvider() {
- RestrictionProvider restrictionProvider = getParameters().getConfigValue(AccessControlConstants.PARAM_RESTRICTION_PROVIDER, null, RestrictionProvider.class);
+ public org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider getRestrictionProvider() {
+ org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider restrictionProvider = getParameters().getConfigValue(AccessControlConstants.PARAM_RESTRICTION_PROVIDER, null, org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider.class);
if (restrictionProvider == null) {
// default
- restrictionProvider = new RestrictionProviderImpl();
+ restrictionProvider = new RestrictionProvider();
}
return restrictionProvider;
}
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java (revision 1582862)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AuthorizationConfigurationImpl.java (working copy)
@@ -1,144 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jackrabbit.oak.security.authorization;
-
-import java.security.Principal;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import javax.annotation.Nonnull;
-import javax.jcr.security.AccessControlManager;
-
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.Service;
-import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.plugins.version.VersionablePathHook;
-import org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlImporter;
-import org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlManagerImpl;
-import org.apache.jackrabbit.oak.security.authorization.accesscontrol.AccessControlValidatorProvider;
-import org.apache.jackrabbit.oak.security.authorization.permission.PermissionEntryCache;
-import org.apache.jackrabbit.oak.security.authorization.permission.PermissionHook;
-import org.apache.jackrabbit.oak.security.authorization.permission.PermissionProviderImpl;
-import org.apache.jackrabbit.oak.security.authorization.permission.PermissionStoreValidatorProvider;
-import org.apache.jackrabbit.oak.security.authorization.permission.PermissionValidatorProvider;
-import org.apache.jackrabbit.oak.security.authorization.restriction.RestrictionProviderImpl;
-import org.apache.jackrabbit.oak.spi.commit.CommitHook;
-import org.apache.jackrabbit.oak.spi.commit.MoveTracker;
-import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
-import org.apache.jackrabbit.oak.spi.lifecycle.WorkspaceInitializer;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.Context;
-import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
-import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration;
-import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants;
-import org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider;
-import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
-
-import com.google.common.collect.ImmutableList;
-
-/**
- * Default implementation of the {@code AccessControlConfiguration}.
- */
-@Component()
-@Service({AuthorizationConfiguration.class, SecurityConfiguration.class})
-public class AuthorizationConfigurationImpl extends ConfigurationBase implements AuthorizationConfiguration {
-
- public AuthorizationConfigurationImpl() {
- super();
- }
-
- @Activate
- private void activate(Map properties) {
- setParameters(ConfigurationParameters.of(properties));
- }
-
-
- public AuthorizationConfigurationImpl(SecurityProvider securityProvider) {
- super(securityProvider, securityProvider.getParameters(NAME));
- }
-
- //----------------------------------------------< SecurityConfiguration >---
- @Nonnull
- @Override
- public String getName() {
- return NAME;
- }
-
- @Override
- public Context getContext() {
- return AuthorizationContext.getInstance();
- }
-
- @Nonnull
- @Override
- public WorkspaceInitializer getWorkspaceInitializer() {
- return new AuthorizationInitializer();
- }
-
- @Nonnull
- @Override
- public List getCommitHooks(String workspaceName) {
- return ImmutableList.of(
- new VersionablePathHook(workspaceName),
- new PermissionHook(workspaceName, getRestrictionProvider()));
- }
-
- @Override
- public List getValidators(String workspaceName, Set principals, MoveTracker moveTracker) {
- return ImmutableList.of(
- new PermissionStoreValidatorProvider(),
- new PermissionValidatorProvider(getSecurityProvider(), workspaceName, principals, moveTracker),
- new AccessControlValidatorProvider(getSecurityProvider()));
- }
-
- @Nonnull
- @Override
- public List getProtectedItemImporters() {
- return Collections.singletonList(new AccessControlImporter());
- }
-
- //-----------------------------------------< AccessControlConfiguration >---
- @Override
- public AccessControlManager getAccessControlManager(Root root, NamePathMapper namePathMapper) {
- return new AccessControlManagerImpl(root, namePathMapper, getSecurityProvider());
- }
-
- @Nonnull
- @Override
- public RestrictionProvider getRestrictionProvider() {
- RestrictionProvider restrictionProvider = getParameters().getConfigValue(AccessControlConstants.PARAM_RESTRICTION_PROVIDER, null, RestrictionProvider.class);
- if (restrictionProvider == null) {
- // default
- restrictionProvider = new RestrictionProviderImpl();
- }
- return restrictionProvider;
- }
-
- @Nonnull
- @Override
- public PermissionProvider getPermissionProvider(Root root, String workspaceName, Set principals) {
- return new PermissionProviderImpl(root, workspaceName, principals, this);
- }
-
-}
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProvider.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProvider.java (revision 1582859)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProvider.java (working copy)
@@ -32,7 +32,6 @@
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionDefinition;
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionDefinitionImpl;
import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionPattern;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider;
/**
* Default restriction provider implementation that supports the following
@@ -48,10 +47,10 @@
*
*/
@Component
-@Service(RestrictionProvider.class)
-public class RestrictionProviderImpl extends AbstractRestrictionProvider {
+@Service(org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider.class)
+public class RestrictionProvider extends AbstractRestrictionProvider {
- public RestrictionProviderImpl() {
+ public RestrictionProvider() {
super(supportedRestrictions());
}
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java (revision 1582862)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImpl.java (working copy)
@@ -1,106 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jackrabbit.oak.security.authorization.restriction;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-import javax.jcr.security.AccessControlException;
-
-import com.google.common.collect.ImmutableMap;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.Service;
-import org.apache.jackrabbit.oak.api.PropertyState;
-import org.apache.jackrabbit.oak.api.Tree;
-import org.apache.jackrabbit.oak.api.Type;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.AbstractRestrictionProvider;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.CompositePattern;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionDefinition;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionDefinitionImpl;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionPattern;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider;
-
-/**
- * Default restriction provider implementation that supports the following
- * restrictions:
- *
- *
- * - {@link #REP_GLOB}: A simple paths matching pattern. See {@link GlobPattern}
- * for details.
- * - {@link #REP_NT_NAMES}: A restriction that allows to limit the effect
- * of a given access control entries to JCR nodes of any of the specified
- * primary node type. In case of a JCR property the primary type of the
- * parent node is taken into consideration when evaluating the permissions.
- *
- */
-@Component
-@Service(RestrictionProvider.class)
-public class RestrictionProviderImpl extends AbstractRestrictionProvider {
-
- public RestrictionProviderImpl() {
- super(supportedRestrictions());
- }
-
- private static Map supportedRestrictions() {
- RestrictionDefinition glob = new RestrictionDefinitionImpl(REP_GLOB, Type.STRING, false);
- RestrictionDefinition nts = new RestrictionDefinitionImpl(REP_NT_NAMES, Type.NAMES, false);
- RestrictionDefinition pfxs = new RestrictionDefinitionImpl(REP_PREFIXES, Type.STRINGS, false);
- return ImmutableMap.of(glob.getName(), glob, nts.getName(), nts, pfxs.getName(), pfxs);
- }
-
- //------------------------------------------------< RestrictionProvider >---
-
- @Override
- public RestrictionPattern getPattern(String oakPath, Tree tree) {
- if (oakPath == null) {
- return RestrictionPattern.EMPTY;
- } else {
- PropertyState glob = tree.getProperty(REP_GLOB);
-
- List patterns = new ArrayList(2);
- if (glob != null) {
- patterns.add(GlobPattern.create(oakPath, glob.getValue(Type.STRING)));
- }
- PropertyState ntNames = tree.getProperty(REP_NT_NAMES);
- if (ntNames != null) {
- patterns.add(new NodeTypePattern(ntNames.getValue(Type.NAMES)));
- }
-
- PropertyState prefixes = tree.getProperty(REP_PREFIXES);
- if (prefixes != null) {
- patterns.add(new PrefixPattern(prefixes.getValue(Type.STRINGS)));
- }
-
- switch (patterns.size()) {
- case 1 : return patterns.get(0);
- case 2 : return new CompositePattern(patterns);
- default : return RestrictionPattern.EMPTY;
- }
- }
- }
-
- @Override
- public void validateRestrictions(String oakPath, Tree aceTree) throws AccessControlException {
- super.validateRestrictions(oakPath, aceTree);
-
- Tree restrictionsTree = getRestrictionsTree(aceTree);
- PropertyState glob = restrictionsTree.getProperty(REP_GLOB);
- if (glob != null) {
- GlobPattern.validate(glob.getValue(Type.STRING));
- }
- }
-}
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfiguration.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfiguration.java (revision 1582859)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfiguration.java (working copy)
@@ -30,7 +30,6 @@
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalManagerImpl;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
@@ -39,14 +38,15 @@
* Default implementation of the {@code PrincipalConfiguration}
*/
@Component()
-@Service({PrincipalConfiguration.class, SecurityConfiguration.class})
-public class PrincipalConfigurationImpl extends ConfigurationBase implements PrincipalConfiguration {
+@Service({org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration.class, SecurityConfiguration.class})
+public class PrincipalConfiguration extends ConfigurationBase
+ implements org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration {
- public PrincipalConfigurationImpl() {
+ public PrincipalConfiguration() {
super();
}
- public PrincipalConfigurationImpl(SecurityProvider securityProvider) {
+ public PrincipalConfiguration(SecurityProvider securityProvider) {
super(securityProvider, securityProvider.getParameters(NAME));
}
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java (revision 1582862)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java (working copy)
@@ -1,80 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jackrabbit.oak.security.principal;
-
-import java.util.Map;
-
-import javax.annotation.Nonnull;
-
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.Service;
-import org.apache.jackrabbit.api.security.principal.PrincipalManager;
-import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
-import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
-import org.apache.jackrabbit.oak.spi.security.principal.PrincipalManagerImpl;
-import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
-import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
-
-/**
- * Default implementation of the {@code PrincipalConfiguration}
- */
-@Component()
-@Service({PrincipalConfiguration.class, SecurityConfiguration.class})
-public class PrincipalConfigurationImpl extends ConfigurationBase implements PrincipalConfiguration {
-
- public PrincipalConfigurationImpl() {
- super();
- }
-
- public PrincipalConfigurationImpl(SecurityProvider securityProvider) {
- super(securityProvider, securityProvider.getParameters(NAME));
- }
-
- @Activate
- private void activate(Map properties) {
- setParameters(ConfigurationParameters.of(properties));
- }
-
-
- //---------------------------------------------< PrincipalConfiguration >---
- @Nonnull
- @Override
- public PrincipalManager getPrincipalManager(Root root, NamePathMapper namePathMapper) {
- PrincipalProvider principalProvider = getPrincipalProvider(root, namePathMapper);
- return new PrincipalManagerImpl(principalProvider);
- }
-
- @Nonnull
- @Override
- public PrincipalProvider getPrincipalProvider(Root root, NamePathMapper namePathMapper) {
- UserConfiguration uc = getSecurityProvider().getConfiguration(UserConfiguration.class);
- return new PrincipalProviderImpl(root, uc, namePathMapper);
- }
-
- //----------------------------------------------< SecurityConfiguration >---
- @Nonnull
- @Override
- public String getName() {
- return NAME;
- }
-}
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfiguration.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfiguration.java (revision 1582859)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfiguration.java (working copy)
@@ -38,14 +38,14 @@
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.Context;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
-import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
/**
* Configuration for the privilege management component.
*/
@Component()
-@Service({PrivilegeConfiguration.class, SecurityConfiguration.class})
-public class PrivilegeConfigurationImpl extends ConfigurationBase implements PrivilegeConfiguration {
+@Service({org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration.class, SecurityConfiguration.class})
+public class PrivilegeConfiguration extends ConfigurationBase
+ implements org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration {
//---------------------------------------------< PrivilegeConfiguration >---
@Nonnull
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java (revision 1582862)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java (working copy)
@@ -1,92 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jackrabbit.oak.security.privilege;
-
-import java.security.Principal;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import javax.annotation.Nonnull;
-
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.Service;
-import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
-import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.spi.commit.CommitHook;
-import org.apache.jackrabbit.oak.spi.commit.MoveTracker;
-import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
-import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.Context;
-import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
-import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
-
-/**
- * Configuration for the privilege management component.
- */
-@Component()
-@Service({PrivilegeConfiguration.class, SecurityConfiguration.class})
-public class PrivilegeConfigurationImpl extends ConfigurationBase implements PrivilegeConfiguration {
-
- //---------------------------------------------< PrivilegeConfiguration >---
- @Nonnull
- @Override
- public PrivilegeManager getPrivilegeManager(Root root, NamePathMapper namePathMapper) {
- return new PrivilegeManagerImpl(root, namePathMapper);
- }
-
- @Activate
- private void activate(Map properties) {
- setParameters(ConfigurationParameters.of(properties));
- }
-
- //----------------------------------------------< SecurityConfiguration >---
- @Nonnull
- @Override
- public String getName() {
- return NAME;
- }
-
- @Nonnull
- @Override
- public RepositoryInitializer getRepositoryInitializer() {
- return new PrivilegeInitializer();
- }
-
- @Nonnull
- @Override
- public List getCommitHooks(String workspaceName) {
- return Collections.singletonList(new JcrAllCommitHook());
- }
-
- @Nonnull
- @Override
- public List getValidators(String workspaceName, Set principals, MoveTracker moveTracker) {
- return Collections.singletonList(new PrivilegeValidatorProvider());
- }
-
- @Nonnull
- @Override
- public Context getContext() {
- return PrivilegeContext.getInstance();
- }
-}
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfiguration.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfiguration.java (revision 1582859)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfiguration.java (working copy)
@@ -39,22 +39,22 @@
import org.apache.jackrabbit.oak.spi.security.Context;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
/**
- * Default implementation of the {@link UserConfiguration}.
+ * Default implementation of the {@link org.apache.jackrabbit.oak.spi.security.user.UserConfiguration}.
*/
@Component()
-@Service({UserConfiguration.class, SecurityConfiguration.class})
-public class UserConfigurationImpl extends ConfigurationBase implements UserConfiguration, SecurityConfiguration {
+@Service({org.apache.jackrabbit.oak.spi.security.user.UserConfiguration.class, SecurityConfiguration.class})
+public class UserConfiguration extends ConfigurationBase
+ implements org.apache.jackrabbit.oak.spi.security.user.UserConfiguration, SecurityConfiguration {
- public UserConfigurationImpl() {
+ public UserConfiguration() {
super();
}
- public UserConfigurationImpl(SecurityProvider securityProvider) {
+ public UserConfiguration(SecurityProvider securityProvider) {
super(securityProvider, securityProvider.getParameters(NAME));
}
Index: oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
===================================================================
--- oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java (revision 1582862)
+++ oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java (working copy)
@@ -1,108 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jackrabbit.oak.security.user;
-
-import java.security.Principal;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import javax.annotation.Nonnull;
-
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.Service;
-import org.apache.jackrabbit.api.security.user.UserManager;
-import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.security.user.autosave.AutoSaveEnabledManager;
-import org.apache.jackrabbit.oak.spi.commit.MoveTracker;
-import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
-import org.apache.jackrabbit.oak.spi.lifecycle.WorkspaceInitializer;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.Context;
-import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
-import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
-import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
-import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
-
-/**
- * Default implementation of the {@link UserConfiguration}.
- */
-@Component()
-@Service({UserConfiguration.class, SecurityConfiguration.class})
-public class UserConfigurationImpl extends ConfigurationBase implements UserConfiguration, SecurityConfiguration {
-
- public UserConfigurationImpl() {
- super();
- }
-
- public UserConfigurationImpl(SecurityProvider securityProvider) {
- super(securityProvider, securityProvider.getParameters(NAME));
- }
-
- @Activate
- private void activate(Map properties) {
- setParameters(ConfigurationParameters.of(properties));
- }
-
- //----------------------------------------------< SecurityConfiguration >---
- @Nonnull
- @Override
- public String getName() {
- return NAME;
- }
-
- @Nonnull
- @Override
- public WorkspaceInitializer getWorkspaceInitializer() {
- return new UserInitializer(getSecurityProvider());
- }
-
- @Nonnull
- @Override
- public List getValidators(String workspaceName, Set principals, MoveTracker moveTracker) {
- return Collections.singletonList(new UserValidatorProvider(getParameters()));
- }
-
- @Nonnull
- @Override
- public List getProtectedItemImporters() {
- return Collections.singletonList(new UserImporter(getParameters()));
- }
-
- @Nonnull
- @Override
- public Context getContext() {
- return UserContext.getInstance();
- }
-
- //--------------------------------------------------< UserConfiguration >---
- @Nonnull
- @Override
- public UserManager getUserManager(Root root, NamePathMapper namePathMapper) {
- UserManager umgr = new UserManagerImpl(root, namePathMapper, getSecurityProvider());
- if (getParameters().getConfigValue(UserConstants.PARAM_SUPPORT_AUTOSAVE, false)) {
- return new AutoSaveEnabledManager(umgr, root);
- } else {
- return umgr;
- }
- }
-}
Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/CompositeTokenConfigurationTest.java
===================================================================
--- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/CompositeTokenConfigurationTest.java (revision 1582862)
+++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/CompositeTokenConfigurationTest.java (working copy)
@@ -21,7 +21,6 @@
import org.apache.jackrabbit.oak.spi.security.AbstractCompositeConfigurationTest;
import org.apache.jackrabbit.oak.spi.security.authentication.token.CompositeTokenConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.token.CompositeTokenProvider;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.junit.Test;
@@ -30,7 +29,7 @@
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
-public class CompositeTokenConfigurationTest extends AbstractCompositeConfigurationTest {
+public class CompositeTokenConfigurationTest extends AbstractCompositeConfigurationTest {
@Override
public void before() throws Exception {
@@ -40,7 +39,7 @@
@Test
public void testEmpty() {
- List configs = getConfigurations();
+ List configs = getConfigurations();
assertNotNull(configs);
assertTrue(configs.isEmpty());
}
@@ -47,10 +46,10 @@
@Test
public void testSetDefault() {
- TokenConfigurationImpl tc = new TokenConfigurationImpl(getSecurityProvider());
+ TokenConfiguration tc = new TokenConfiguration(getSecurityProvider());
setDefault(tc);
- List configs = getConfigurations();
+ List configs = getConfigurations();
assertNotNull(configs);
assertEquals(1, configs.size());
@@ -59,7 +58,7 @@
assertNotNull(configs);
assertEquals(1, configs.size());
- addConfiguration(new TokenConfigurationImpl(getSecurityProvider()));
+ addConfiguration(new TokenConfiguration(getSecurityProvider()));
configs = getConfigurations();
assertNotNull(configs);
assertEquals(2, configs.size());
@@ -67,10 +66,10 @@
@Test
public void testAddConfiguration() {
- TokenConfigurationImpl tc = new TokenConfigurationImpl(getSecurityProvider());
+ TokenConfiguration tc = new TokenConfiguration(getSecurityProvider());
addConfiguration(tc);
- List configs = getConfigurations();
+ List configs = getConfigurations();
assertNotNull(configs);
assertEquals(1, configs.size());
@@ -79,7 +78,7 @@
assertNotNull(configs);
assertEquals(2, configs.size());
- addConfiguration(new TokenConfigurationImpl(getSecurityProvider()));
+ addConfiguration(new TokenConfiguration(getSecurityProvider()));
configs = getConfigurations();
assertNotNull(configs);
assertEquals(3, configs.size());
@@ -87,10 +86,10 @@
@Test
public void testRemoveConfiguration() {
- TokenConfiguration tc = new TokenConfigurationImpl(getSecurityProvider());
+ org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration tc = new TokenConfiguration(getSecurityProvider());
addConfiguration(tc);
- List configs = getConfigurations();
+ List configs = getConfigurations();
assertNotNull(configs);
assertEquals(1, configs.size());
@@ -108,7 +107,7 @@
assertNotNull(tp);
assertFalse(tp instanceof CompositeTokenProvider);
- TokenConfiguration tc = new TokenConfigurationImpl(getSecurityProvider());
+ org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration tc = new TokenConfiguration(getSecurityProvider());
setDefault(tc);
tp = ctc.getTokenProvider(root);
assertNotNull(tp);
@@ -121,7 +120,7 @@
assertFalse(tp instanceof CompositeTokenProvider);
assertTrue(tp instanceof TokenProviderImpl);
- addConfiguration(new TokenConfigurationImpl(getSecurityProvider()));
+ addConfiguration(new TokenConfiguration(getSecurityProvider()));
tp = ctc.getTokenProvider(root);
assertNotNull(tp);
assertTrue(tp instanceof CompositeTokenProvider);
Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplTest.java
===================================================================
--- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplTest.java (revision 1582862)
+++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplTest.java (working copy)
@@ -1,60 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jackrabbit.oak.security.authentication.token;
-
-import java.util.Collections;
-
-import com.google.common.collect.ImmutableMap;
-import org.apache.jackrabbit.oak.AbstractSecurityTest;
-import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
-import org.junit.Test;
-
-import static org.junit.Assert.assertEquals;
-
-public class TokenConfigurationImplTest extends AbstractSecurityTest {
-
- private static final int DEFAULT_EXPIRATION = 2 * 3600 * 1000;
-
- private TokenConfigurationImpl tc;
-
- @Override
- public void before() throws Exception {
- super.before();
- tc = new TokenConfigurationImpl(getSecurityProvider());
- }
-
- @Override
- protected ConfigurationParameters getSecurityConfigParameters() {
- ConfigurationParameters config = ConfigurationParameters.of(
- Collections.singletonMap(TokenProviderImpl.PARAM_TOKEN_EXPIRATION, 60));
- return ConfigurationParameters.of(ImmutableMap.of(TokenConfiguration.NAME, config));
- }
-
- @Test
- public void testConfigOptions() {
- int exp = tc.getParameters().getConfigValue(TokenProvider.PARAM_TOKEN_EXPIRATION, DEFAULT_EXPIRATION);
- assertEquals(60, exp);
- }
-
- @Test
- public void testConfigOptions2() {
- int exp = getConfig(TokenConfiguration.class).getParameters().getConfigValue(TokenProvider.PARAM_TOKEN_EXPIRATION, DEFAULT_EXPIRATION);
- assertEquals(60, exp);
- }
-}
\ No newline at end of file
Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationTest.java
===================================================================
--- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationTest.java (revision 1582859)
+++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationTest.java (working copy)
@@ -21,22 +21,21 @@
import com.google.common.collect.ImmutableMap;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
-public class TokenConfigurationImplTest extends AbstractSecurityTest {
+public class TokenConfigurationTest extends AbstractSecurityTest {
private static final int DEFAULT_EXPIRATION = 2 * 3600 * 1000;
- private TokenConfigurationImpl tc;
+ private TokenConfiguration tc;
@Override
public void before() throws Exception {
super.before();
- tc = new TokenConfigurationImpl(getSecurityProvider());
+ tc = new TokenConfiguration(getSecurityProvider());
}
@Override
@@ -43,7 +42,7 @@
protected ConfigurationParameters getSecurityConfigParameters() {
ConfigurationParameters config = ConfigurationParameters.of(
Collections.singletonMap(TokenProviderImpl.PARAM_TOKEN_EXPIRATION, 60));
- return ConfigurationParameters.of(ImmutableMap.of(TokenConfiguration.NAME, config));
+ return ConfigurationParameters.of(ImmutableMap.of(org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration.NAME, config));
}
@Test
@@ -54,7 +53,7 @@
@Test
public void testConfigOptions2() {
- int exp = getConfig(TokenConfiguration.class).getParameters().getConfigValue(TokenProvider.PARAM_TOKEN_EXPIRATION, DEFAULT_EXPIRATION);
+ int exp = getConfig(org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConfiguration.class).getParameters().getConfigValue(TokenProvider.PARAM_TOKEN_EXPIRATION, DEFAULT_EXPIRATION);
assertEquals(60, exp);
}
}
\ No newline at end of file
Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImplTest.java
===================================================================
--- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImplTest.java (revision 1582862)
+++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderImplTest.java (working copy)
@@ -1,144 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jackrabbit.oak.security.authorization.restriction;
-
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import javax.jcr.security.AccessControlException;
-import javax.jcr.security.AccessControlManager;
-
-import com.google.common.collect.ImmutableList;
-import org.apache.jackrabbit.JcrConstants;
-import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
-import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
-import org.apache.jackrabbit.oak.api.PropertyState;
-import org.apache.jackrabbit.oak.api.Tree;
-import org.apache.jackrabbit.oak.api.Type;
-import org.apache.jackrabbit.oak.plugins.memory.PropertyStates;
-import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AbstractAccessControlTest;
-import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.CompositePattern;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionDefinition;
-import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionPattern;
-import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants;
-import org.apache.jackrabbit.oak.util.NodeUtil;
-import org.junit.Before;
-import org.junit.Test;
-
-import static com.google.common.collect.Maps.newHashMap;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-/**
- * Tests for {@link RestrictionProviderImpl}
- */
-public class RestrictionProviderImplTest extends AbstractAccessControlTest implements AccessControlConstants {
-
- private RestrictionProviderImpl provider;
-
- @Before
- public void before() throws Exception {
- super.before();
-
- provider = new RestrictionProviderImpl();
- }
-
- @Test
- public void testGetSupportedDefinitions() {
- assertTrue(provider.getSupportedRestrictions(null).isEmpty());
-
- Set defs = provider.getSupportedRestrictions("/testPath");
- assertNotNull(defs);
- assertEquals(3, defs.size());
-
- for (RestrictionDefinition def : defs) {
- if (REP_GLOB.equals(def.getName())) {
- assertEquals(Type.STRING, def.getRequiredType());
- assertFalse(def.isMandatory());
- } else if (REP_NT_NAMES.equals(def.getName())) {
- assertEquals(Type.NAMES, def.getRequiredType());
- assertFalse(def.isMandatory());
- } else if (REP_PREFIXES.equals(def.getName())) {
- assertEquals(Type.STRINGS, def.getRequiredType());
- assertFalse(def.isMandatory());
- } else {
- fail("unexpected restriction " + def.getName());
- }
- }
- }
-
- @Test
- public void testGetRestrictionPattern() throws Exception {
- Map map = newHashMap();
- map.put(PropertyStates.createProperty(REP_GLOB, "/*/jcr:content"), GlobPattern.create("/testPath", "/*/jcr:content"));
- List ntNames = ImmutableList.of(JcrConstants.NT_FOLDER, JcrConstants.NT_LINKEDFILE);
- map.put(PropertyStates.createProperty(REP_NT_NAMES, ntNames, Type.NAMES), new NodeTypePattern(ntNames));
-
- NodeUtil tree = new NodeUtil(root.getTree("/")).getOrAddTree("testPath", JcrConstants.NT_UNSTRUCTURED);
- Tree restrictions = tree.addChild("restrictions", NT_REP_RESTRICTIONS).getTree();
-
- // test restrictions individually
- for (Map.Entry entry : map.entrySet()) {
- restrictions.setProperty(entry.getKey());
-
- RestrictionPattern pattern = provider.getPattern("/testPath", restrictions);
- assertEquals(entry.getValue(), pattern);
-
- restrictions.removeProperty(entry.getKey().getName());
- }
-
- // test combination on multiple restrictions
- for (Map.Entry entry : map.entrySet()) {
- restrictions.setProperty(entry.getKey());
- }
- RestrictionPattern pattern = provider.getPattern("/testPath", restrictions);
- assertTrue(pattern instanceof CompositePattern);
- }
-
- @Test
- public void testValidateGlobRestriction() throws Exception {
- Tree t = new NodeUtil(root.getTree("/")).addChild("testTree", "nt:unstructured").getTree();
- String path = t.getPath();
-
- AccessControlManager acMgr = getAccessControlManager(root);
-
- List globs = ImmutableList.of(
- "/1*/2*/3*/4*/5*/6*/7*/8*/9*/10*/11*/12*/13*/14*/15*/16*/17*/18*/19*/20*/21*",
- "*********************");
- for (String glob : globs) {
- JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, path);
- acl.addEntry(getTestPrincipal(),
- AccessControlUtils.privilegesFromNames(acMgr, PrivilegeConstants.JCR_READ),
- true, Collections.singletonMap(REP_GLOB, getValueFactory().createValue(glob)));
- acMgr.setPolicy(path, acl);
-
- try {
- provider.validateRestrictions(path, t.getChild(REP_POLICY).getChild("allow"));
- fail("AccessControlException expected.");
- } catch (AccessControlException e) {
- // success
- } finally {
- acMgr.removePolicy(path, acl);
- }
- }
- }
-}
\ No newline at end of file
Index: oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderTest.java
===================================================================
--- oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderTest.java (revision 1582859)
+++ oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/restriction/RestrictionProviderTest.java (working copy)
@@ -49,17 +49,17 @@
import static org.junit.Assert.fail;
/**
- * Tests for {@link RestrictionProviderImpl}
+ * Tests for {@link RestrictionProvider}
*/
-public class RestrictionProviderImplTest extends AbstractAccessControlTest implements AccessControlConstants {
+public class RestrictionProviderTest extends AbstractAccessControlTest implements AccessControlConstants {
- private RestrictionProviderImpl provider;
+ private RestrictionProvider provider;
@Before
public void before() throws Exception {
super.before();
- provider = new RestrictionProviderImpl();
+ provider = new RestrictionProvider();
}
@Test
Index: oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/CompositeRestrictionProviderTest.java
===================================================================
--- oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/CompositeRestrictionProviderTest.java (revision 1582862)
+++ oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/restriction/CompositeRestrictionProviderTest.java (working copy)
@@ -30,7 +30,6 @@
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.plugins.memory.PropertyStates;
-import org.apache.jackrabbit.oak.security.authorization.restriction.RestrictionProviderImpl;
import org.apache.jackrabbit.oak.spi.security.authorization.accesscontrol.AccessControlConstants;
import org.apache.jackrabbit.oak.util.NodeUtil;
import org.junit.After;
@@ -45,17 +44,17 @@
public class CompositeRestrictionProviderTest extends AbstractSecurityTest implements AccessControlConstants {
- private RestrictionProvider rp1 = new TestProvider(ImmutableMap.of(
+ private org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider rp1 = new TestProvider(ImmutableMap.of(
REP_GLOB, new RestrictionDefinitionImpl(REP_GLOB, Type.STRING, false),
REP_NT_NAMES, new RestrictionDefinitionImpl(REP_NT_NAMES, Type.NAMES, false),
REP_PREFIXES, new RestrictionDefinitionImpl(REP_PREFIXES, Type.STRINGS, false)
));
- private RestrictionProvider rp2 = new TestProvider(ImmutableMap.of(
+ private org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider rp2 = new TestProvider(ImmutableMap.of(
"boolean", new RestrictionDefinitionImpl("boolean", Type.BOOLEAN, true),
"longs", new RestrictionDefinitionImpl("longs", Type.LONGS, false)
));
private Set supported = ImmutableSet.of("boolean", "longs", REP_NT_NAMES, REP_GLOB);
- private RestrictionProvider provider = CompositeRestrictionProvider.newInstance(rp1, rp2);
+ private org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider provider = CompositeRestrictionProvider.newInstance(rp1, rp2);
private ValueFactory vf;
@@ -78,19 +77,19 @@
@Test
public void testEmpty() {
- assertSame(RestrictionProvider.EMPTY, CompositeRestrictionProvider.newInstance(Collections.emptySet()));
+ assertSame(org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider.EMPTY, CompositeRestrictionProvider.newInstance(Collections.emptySet()));
}
@Test
public void testSingle() {
- RestrictionProvider rp = new RestrictionProviderImpl();
+ org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider rp = new org.apache.jackrabbit.oak.security.authorization.restriction.RestrictionProvider();
assertSame(rp, CompositeRestrictionProvider.newInstance(Collections.singleton(rp)));
}
@Test
public void testNewInstance() {
- RestrictionProvider crp = CompositeRestrictionProvider.newInstance(ImmutableSet.of(rp1, rp2));
- RestrictionProvider crp2 = CompositeRestrictionProvider.newInstance(rp1, rp2);
+ org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider crp = CompositeRestrictionProvider.newInstance(ImmutableSet.of(rp1, rp2));
+ org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider crp2 = CompositeRestrictionProvider.newInstance(rp1, rp2);
assertEquals(crp.getSupportedRestrictions("/testPath"), crp2.getSupportedRestrictions("/testPath"));
Index: oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
===================================================================
--- oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java (revision 1582862)
+++ oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java (working copy)
@@ -31,10 +31,9 @@
import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.security.SecurityProviderImpl;
-import org.apache.jackrabbit.oak.security.user.UserConfigurationImpl;
+import org.apache.jackrabbit.oak.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
-import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtil;
import org.junit.After;
@@ -191,8 +190,8 @@
}
public T getConfiguration(Class configClass) {
- if (UserConfiguration.class == configClass) {
- return (T) new UserConfigurationImpl(this) {
+ if (org.apache.jackrabbit.oak.spi.security.user.UserConfiguration.class == configClass) {
+ return (T) new UserConfiguration(this) {
@Nonnull
@Override
public ConfigurationParameters getParameters() {