@Override public Privilege[] getDeclaredAggregatePrivileges() { Set<String> declaredAggregateNames = definition.getDeclaredAggregateNames(); Set<Privilege> declaredAggregates = new HashSet<>(declaredAggregateNames.size()); for (String oakName : declaredAggregateNames) { if (oakName.equals(definition.getName())) { log.warn("Found cyclic privilege aggregation -> ignore declared aggregate " + oakName); continue; } PrivilegeDefinition def = getPrivilegeDefinition(oakName); if (def != null) { declaredAggregates.add(getPrivilege(def)); } else { log.warn("Invalid privilege '{}' in declared aggregates of '{}'", oakName, getName()); } } return declaredAggregates.toArray(new Privilege[0]); }
@Override public boolean isAbstract() { return definition.isAbstract(); }
private void writePrivilegeNode(Tree privilegesTree, PrivilegeDefinition definition) throws RepositoryException { String name = definition.getName(); Tree privNode = TreeUtil.addChild(privilegesTree, name, NT_REP_PRIVILEGE); if (definition.isAbstract()) { privNode.setProperty(REP_IS_ABSTRACT, true); } Set<String> declAggrNames = definition.getDeclaredAggregateNames(); boolean isAggregate = declAggrNames.size() > 0; if (isAggregate) { privNode.setProperty(REP_AGGREGATES, declAggrNames, Type.NAMES); } PrivilegeBits bits; if (PrivilegeBits.BUILT_IN.containsKey(name)) { bits = PrivilegeBits.BUILT_IN.get(name); } else if (isAggregate) { bits = bitsMgr.getBits(declAggrNames); } else { bits = next(); } bits.writeTo(privNode); }
@Override public boolean isAggregate() { return !definition.getDeclaredAggregateNames().isEmpty(); }
@Override public String toString() { return definition.getName(); } }
private void writePrivilegeNode(@NotNull Tree privilegesTree, @NotNull PrivilegeDefinition definition) throws RepositoryException { String name = definition.getName(); Tree privNode = TreeUtil.addChild(privilegesTree, name, NT_REP_PRIVILEGE); if (definition.isAbstract()) { privNode.setProperty(REP_IS_ABSTRACT, true); } Set<String> declAggrNames = definition.getDeclaredAggregateNames(); boolean isAggregate = !declAggrNames.isEmpty(); if (isAggregate) { privNode.setProperty(REP_AGGREGATES, declAggrNames, Type.NAMES); } PrivilegeBits bits; if (PrivilegeBits.BUILT_IN.containsKey(name)) { bits = PrivilegeBits.BUILT_IN.get(name); } else if (isAggregate) { bits = bitsMgr.getBits(declAggrNames); if (bits.isEmpty()) { throw new RepositoryException("Illegal aggregation of non-exising privileges on '" + name + "'."); } } else { bits = next(); } bits.writeTo(privNode); }
@Override public boolean isAggregate() { return !definition.getDeclaredAggregateNames().isEmpty(); }
@Override public String toString() { return definition.getName(); } }
private void writePrivilegeNode(@NotNull Tree privilegesTree, @NotNull PrivilegeDefinition definition) throws RepositoryException { String name = definition.getName(); Tree privNode = TreeUtil.addChild(privilegesTree, name, NT_REP_PRIVILEGE); if (definition.isAbstract()) { privNode.setProperty(REP_IS_ABSTRACT, true); } Set<String> declAggrNames = definition.getDeclaredAggregateNames(); boolean isAggregate = !declAggrNames.isEmpty(); if (isAggregate) { privNode.setProperty(REP_AGGREGATES, declAggrNames, Type.NAMES); } PrivilegeBits bits; if (PrivilegeBits.BUILT_IN.containsKey(name)) { bits = PrivilegeBits.BUILT_IN.get(name); } else if (isAggregate) { bits = bitsMgr.getBits(declAggrNames); if (bits.isEmpty()) { throw new RepositoryException("Illegal aggregation of non-exising privileges on '" + name + "'."); } } else { bits = next(); } bits.writeTo(privNode); }
@Override public Privilege[] getDeclaredAggregatePrivileges() { Set<String> declaredAggregateNames = definition.getDeclaredAggregateNames(); Set<Privilege> declaredAggregates = new HashSet<>(declaredAggregateNames.size()); for (String oakName : declaredAggregateNames) { if (oakName.equals(definition.getName())) { log.warn("Found cyclic privilege aggregation -> ignore declared aggregate " + oakName); continue; } PrivilegeDefinition def = getPrivilegeDefinition(oakName); if (def != null) { declaredAggregates.add(getPrivilege(def)); } else { log.warn("Invalid privilege '{}' in declared aggregates of '{}'", oakName, getName()); } } return declaredAggregates.toArray(new Privilege[0]); }
@Override public boolean isAggregate() { return !definition.getDeclaredAggregateNames().isEmpty(); }
@Override public String toString() { return definition.getName(); } }
@Override public boolean isAbstract() { return definition.isAbstract(); }
@Test public void testNotEquals() { PrivilegeDefinition otherDef = Mockito.mock(PrivilegeDefinition.class); when(otherDef.getName()).thenReturn(def.getName()); when(otherDef.isAbstract()).thenReturn(def.isAbstract()); when(otherDef.getDeclaredAggregateNames()).thenReturn(def.getDeclaredAggregateNames()); assertNotEquals(def, otherDef); assertNotEquals(def, null); assertNotEquals(def, new ImmutablePrivilegeDefinition("othername", true, ImmutableList.of("aggrName"))); assertNotEquals(def, new ImmutablePrivilegeDefinition("name", false, ImmutableList.of("aggrName"))); assertNotEquals(def, new ImmutablePrivilegeDefinition("name", true, ImmutableList.of("anotherName"))); assertNotEquals(def, new ImmutablePrivilegeDefinition("name", true, ImmutableList.of())); assertNotEquals(def, new ImmutablePrivilegeDefinition("otherName", false, ImmutableList.of("aggrName","aggrName2"))); } }
@Override public Privilege[] getDeclaredAggregatePrivileges() { Set<String> declaredAggregateNames = definition.getDeclaredAggregateNames(); Set<Privilege> declaredAggregates = new HashSet(declaredAggregateNames.size()); for (String oakName : declaredAggregateNames) { if (oakName.equals(definition.getName())) { log.warn("Found cyclic privilege aggregation -> ignore declared aggregate " + oakName); continue; } PrivilegeDefinition def = getPrivilegeDefinition(oakName); if (def != null) { declaredAggregates.add(getPrivilege(def)); } else { log.warn("Invalid privilege '{}' in declared aggregates of '{}'", oakName, getName()); } } return declaredAggregates.toArray(new Privilege[declaredAggregates.size()]); }
private static boolean isCircularAggregation(String privilegeName, String aggregateName, Map<String, PrivilegeDefinition> definitions) { if (privilegeName.equals(aggregateName)) { return true; } PrivilegeDefinition aggrPriv = definitions.get(aggregateName); if (aggrPriv.getDeclaredAggregateNames().isEmpty()) { return false; } else { boolean isCircular = false; for (String name : aggrPriv.getDeclaredAggregateNames()) { if (privilegeName.equals(name)) { return true; } if (definitions.containsKey(name)) { isCircular = isCircularAggregation(privilegeName, name, definitions); } } return isCircular; } }
@Override public String getName() { return namePathMapper.getJcrName(definition.getName()); }
@Override public boolean isAbstract() { return definition.isAbstract(); }
@Test public void testPrivilegeDefinition() throws RepositoryException { Tree repWriteTree = PrivilegeUtil.getPrivilegesTree(root).getChild(PrivilegeConstants.REP_WRITE); PrivilegeDefinition def = PrivilegeUtil.readDefinition(repWriteTree); String expectedName = null; // EXERCISE assertEquals(expectedName, def.getName()); boolean isAbstract = false; // EXERCISE assertEquals(isAbstract, def.isAbstract()); Set<String> expectedAggregates = null; // EXERCISE assertEquals(expectedAggregates, def.getDeclaredAggregateNames()); // EXERCISE: compare the internal privilege definition (and it's tree representation) with the privilege itself. Privilege repWritePrivilege = getPrivilegeManager(root).getPrivilege(PrivilegeConstants.REP_WRITE); }
Set<String> declaredNames = definition.getDeclaredAggregateNames(); if (isCircularAggregation(definition.getName(), aggrName, definitions)) { String msg = "Detected circular aggregation within custom privilege caused by " + aggrName; throw new CommitFailedException(CONSTRAINT, 52, msg); Set<String> existingDeclared = existing.getDeclaredAggregateNames(); if (existingDeclared.isEmpty()) { continue; String msg = "Custom aggregate privilege '" + definition.getName() + "' is already covered by '" + existing.getName() + '\''; throw new CommitFailedException(CONSTRAINT, 53, msg);