inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Should fix failing tests.

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@6792 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Britt Park
2007-09-15 10:09:28 +00:00
parent 52c76aa4ec
commit 66a82b5781
3 changed files with 93 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
source/java/org/alfresco/repo/simple/permission/ACLImpl.java
View File

@@ -25,8 +25,10 @@
package org.alfresco.repo.simple.permission; package org.alfresco.repo.simple.permission;
import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.HashSet; import java.util.HashSet;
import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
@@ -102,12 +104,18 @@ public class ACLImpl implements ACL
*/ */
public void allow(String capability, String... authorities) public void allow(String capability, String... authorities)
{ {
capability = capability.toLowerCase();
List<String> auths = new ArrayList<String>();
for (String auth : authorities)
{
auths.add(fCapabilityRegistry.normalizeAuthority(auth));
}
digest(); digest();
// First remove any explicit denies. // First remove any explicit denies.
Set<String> denied = fDenied.get(capability); Set<String> denied = fDenied.get(capability);
if (denied != null) if (denied != null)
{ {
for (String authority : authorities) for (String authority : auths)
{ {
denied.remove(authority); denied.remove(authority);
} }
@@ -119,7 +127,7 @@ public class ACLImpl implements ACL
allowed = new HashSet<String>(); allowed = new HashSet<String>();
fAllowed.put(capability, allowed); fAllowed.put(capability, allowed);
} }
for (String authority : authorities) for (String authority : auths)
{ {
allowed.add(authority); allowed.add(authority);
} }
@@ -181,6 +189,8 @@ public class ACLImpl implements ACL
*/ */
public boolean can(String authority, boolean isOwner, String capability) public boolean can(String authority, boolean isOwner, String capability)
{ {
authority = fCapabilityRegistry.normalizeAuthority(authority);
capability = capability.toLowerCase();
digest(); digest();
AuthorityType type = AuthorityType.getAuthorityType(authority); AuthorityType type = AuthorityType.getAuthorityType(authority);
// Admin trumps. // Admin trumps.
@@ -228,12 +238,18 @@ public class ACLImpl implements ACL
*/ */
public void deny(String capability, String ... authorities) public void deny(String capability, String ... authorities)
{ {
capability = capability.toLowerCase();
List<String> auths = new ArrayList<String>();
for (String auth : authorities)
{
auths.add(fCapabilityRegistry.normalizeAuthority(auth));
}
digest(); digest();
// Remove corresponding explicit allows. // Remove corresponding explicit allows.
Set<String> allowed = fAllowed.get(capability); Set<String> allowed = fAllowed.get(capability);
if (allowed != null) if (allowed != null)
{ {
for (String authority : authorities) for (String authority : auths)
{ {
allowed.remove(authority); allowed.remove(authority);
} }
@@ -245,7 +261,7 @@ public class ACLImpl implements ACL
denied = new HashSet<String>(); denied = new HashSet<String>();
fDenied.put(capability, denied); fDenied.put(capability, denied);
} }
for (String authority : authorities) for (String authority : auths)
{ {
if (AuthorityType.getAuthorityType(authority) == AuthorityType.ADMIN) if (AuthorityType.getAuthorityType(authority) == AuthorityType.ADMIN)
{ {
@@ -260,6 +276,7 @@ public class ACLImpl implements ACL
*/ */
public Set<String> getAllowed(String capability) public Set<String> getAllowed(String capability)
{ {
capability = capability.toLowerCase();
digest(); digest();
Set<String> allowed = new HashSet<String>(); Set<String> allowed = new HashSet<String>();
allowed.add(AuthorityType.ADMIN.getFixedString()); allowed.add(AuthorityType.ADMIN.getFixedString());
@@ -294,6 +311,7 @@ public class ACLImpl implements ACL
*/ */
public Set<String> getCapabilities(String authority, boolean isOwner) public Set<String> getCapabilities(String authority, boolean isOwner)
{ {
authority = fCapabilityRegistry.normalizeAuthority(authority);
digest(); digest();
AuthorityType type = AuthorityType.getAuthorityType(authority); AuthorityType type = AuthorityType.getAuthorityType(authority);
if (type == AuthorityType.ADMIN) if (type == AuthorityType.ADMIN)

68
source/java/org/alfresco/repo/simple/permission/AuthorityCapabilityRegistryImpl.java
View File

@@ -36,6 +36,7 @@ import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.repo.transaction.TransactionListener; import org.alfresco.repo.transaction.TransactionListener;
import org.alfresco.service.cmr.security.AuthorityService; import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.AuthorityType; import org.alfresco.service.cmr.security.AuthorityType;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.simple.permission.AuthorityCapabilityRegistry; import org.alfresco.service.simple.permission.AuthorityCapabilityRegistry;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
@@ -124,11 +125,13 @@ public class AuthorityCapabilityRegistryImpl implements
List<CapabilityEntry> entries = fCapabilityEntryDAO.getAll(); List<CapabilityEntry> entries = fCapabilityEntryDAO.getAll();
for (CapabilityEntry entry : entries) for (CapabilityEntry entry : entries)
{ {
fCapabilityToID.put(entry.getName(), entry.getId()); String capability = entry.getName().toLowerCase();
fIDToCapability.put(entry.getId(), entry.getName()); fCapabilityToID.put(capability, entry.getId());
fIDToCapability.put(entry.getId(), capability);
} }
for (String entry : fInitialCapabilities) for (String entry : fInitialCapabilities)
{ {
entry = entry.toLowerCase();
if (!fCapabilityToID.containsKey(entry)) if (!fCapabilityToID.containsKey(entry))
{ {
CapabilityEntry newEntry = new CapabilityEntryImpl(entry); CapabilityEntry newEntry = new CapabilityEntryImpl(entry);
@@ -140,13 +143,13 @@ public class AuthorityCapabilityRegistryImpl implements
List<AuthorityEntry> authorities = fAuthorityEntryDAO.get(); List<AuthorityEntry> authorities = fAuthorityEntryDAO.get();
for (AuthorityEntry entry : authorities) for (AuthorityEntry entry : authorities)
{ {
String name = entry.getName(); String name = normalizeAuthority(entry.getName());
Integer id = entry.getId(); Integer id = entry.getId();
fAuthorityToID.put(name, id); fAuthorityToID.put(name, id);
fIDToAuthority.put(id, name); fIDToAuthority.put(id, name);
for (AuthorityEntry child : entry.getChildren()) for (AuthorityEntry child : entry.getChildren())
{ {
String childName = child.getName(); String childName = normalizeAuthority(child.getName());
Set<String> children = fAuthorityToChild.get(name); Set<String> children = fAuthorityToChild.get(name);
if (children == null) if (children == null)
{ {
@@ -170,6 +173,7 @@ public class AuthorityCapabilityRegistryImpl implements
Set<String> auths = fAuthorityService.getAllAuthorities(type); Set<String> auths = fAuthorityService.getAllAuthorities(type);
for (String auth : auths) for (String auth : auths)
{ {
auth = normalizeAuthority(auth);
if (fAuthorityToID.containsKey(auth)) if (fAuthorityToID.containsKey(auth))
{ {
continue; continue;
@@ -191,6 +195,7 @@ public class AuthorityCapabilityRegistryImpl implements
{ {
continue; continue;
} }
auth = normalizeAuthority(auth);
Set<String> children = fAuthorityService.getContainedAuthorities(null, auth, true); Set<String> children = fAuthorityService.getContainedAuthorities(null, auth, true);
Set<String> found = fAuthorityToChild.get(auth); Set<String> found = fAuthorityToChild.get(auth);
if (found == null) if (found == null)
@@ -201,6 +206,7 @@ public class AuthorityCapabilityRegistryImpl implements
AuthorityEntry entry = fAuthorityEntryDAO.get(fAuthorityToID.get(auth)); AuthorityEntry entry = fAuthorityEntryDAO.get(fAuthorityToID.get(auth));
for (String child : children) for (String child : children)
{ {
child = normalizeAuthority(child);
if (found.contains(child)) if (found.contains(child))
{ {
continue; continue;
@@ -225,6 +231,8 @@ public class AuthorityCapabilityRegistryImpl implements
*/ */
public synchronized void addAuthority(String authority, String parent) public synchronized void addAuthority(String authority, String parent)
{ {
authority = normalizeAuthority(authority);
parent = normalizeAuthority(parent);
AlfrescoTransactionSupport.bindListener(this); AlfrescoTransactionSupport.bindListener(this);
AuthorityEntry entry = null; AuthorityEntry entry = null;
if (!fAuthorityToID.containsKey(authority)) if (!fAuthorityToID.containsKey(authority))
@@ -271,11 +279,56 @@ public class AuthorityCapabilityRegistryImpl implements
} }
} }
/**
* Get case normalized authority.
*/
public String normalizeAuthority(String authority)
{
if (authority == null)
{
return null;
}
AuthorityType type = AuthorityType.getAuthorityType(authority);
switch (type)
{
case ADMIN :
{
return authority;
}
case EVERYONE :
{
return PermissionService.ALL_AUTHORITIES;
}
case GROUP :
{
return PermissionService.GROUP_PREFIX + authority.substring(PermissionService.GROUP_PREFIX.length()).toLowerCase();
}
case USER :
case GUEST :
{
return authority.toLowerCase();
}
case OWNER :
{
return PermissionService.OWNER_AUTHORITY;
}
case ROLE :
{
return PermissionService.ROLE_PREFIX + authority.substring(PermissionService.ROLE_PREFIX.length()).toLowerCase();
}
default :
{
return null;
}
}
}
/* (non-Javadoc) /* (non-Javadoc)
* @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#removeAuthority(java.lang.String) * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#removeAuthority(java.lang.String)
*/ */
public synchronized void removeAuthority(String authority) public synchronized void removeAuthority(String authority)
{ {
authority = normalizeAuthority(authority);
AlfrescoTransactionSupport.bindListener(this); AlfrescoTransactionSupport.bindListener(this);
Integer id = fAuthorityToID.get(authority); Integer id = fAuthorityToID.get(authority);
if (id == null) if (id == null)
@@ -312,6 +365,8 @@ public class AuthorityCapabilityRegistryImpl implements
*/ */
public synchronized void removeAuthorityChild(String parent, String child) public synchronized void removeAuthorityChild(String parent, String child)
{ {
parent = normalizeAuthority(parent);
child = normalizeAuthority(child);
AlfrescoTransactionSupport.bindListener(this); AlfrescoTransactionSupport.bindListener(this);
Integer id = fAuthorityToID.get(child); Integer id = fAuthorityToID.get(child);
if (id == null) if (id == null)
@@ -335,6 +390,7 @@ public class AuthorityCapabilityRegistryImpl implements
*/ */
public synchronized void addCapability(String capability) public synchronized void addCapability(String capability)
{ {
capability = capability.toLowerCase();
AlfrescoTransactionSupport.bindListener(this); AlfrescoTransactionSupport.bindListener(this);
CapabilityEntry entry = fCapabilityEntryDAO.get(capability); CapabilityEntry entry = fCapabilityEntryDAO.get(capability);
if (entry != null) if (entry != null)
@@ -369,6 +425,7 @@ public class AuthorityCapabilityRegistryImpl implements
*/ */
public synchronized int getAuthorityID(String authority) public synchronized int getAuthorityID(String authority)
{ {
authority = normalizeAuthority(authority);
Integer id = fAuthorityToID.get(authority); Integer id = fAuthorityToID.get(authority);
if (id == null) if (id == null)
{ {
@@ -390,6 +447,7 @@ public class AuthorityCapabilityRegistryImpl implements
*/ */
public synchronized int getCapabilityID(String capability) public synchronized int getCapabilityID(String capability)
{ {
capability = capability.toLowerCase();
Integer id = fCapabilityToID.get(capability); Integer id = fCapabilityToID.get(capability);
if (id == null) if (id == null)
{ {
@@ -411,6 +469,7 @@ public class AuthorityCapabilityRegistryImpl implements
*/ */
public synchronized Set<String> getContainedAuthorities(String authority) public synchronized Set<String> getContainedAuthorities(String authority)
{ {
authority = normalizeAuthority(authority);
Set<String> contained = new HashSet<String>(); Set<String> contained = new HashSet<String>();
contained.add(authority); contained.add(authority);
int count = 1; int count = 1;
@@ -439,6 +498,7 @@ public class AuthorityCapabilityRegistryImpl implements
*/ */
public Set<String> getContainerAuthorities(String authority) public Set<String> getContainerAuthorities(String authority)
{ {
authority = normalizeAuthority(authority);
Set<String> containers = new HashSet<String>(); Set<String> containers = new HashSet<String>();
containers.add(authority); containers.add(authority);
int count = 1; int count = 1;

7
source/java/org/alfresco/service/simple/permission/AuthorityCapabilityRegistry.java
View File

@@ -111,4 +111,11 @@ public interface AuthorityCapabilityRegistry
* @return The container authorities. * @return The container authorities.
*/ */
public Set<String> getContainerAuthorities(String authority); public Set<String> getContainerAuthorities(String authority);
/**
* Get the case normalized version of authority.
* @param authority The authority.
* @return The case normalized version.
*/
public String normalizeAuthority(String authority);
} }