[jira] [Comment Edited] (OAK-9494) Check if a privilege name is included in a set/array of Privileges obtained from AccessControlManager.getPrivileges

Wed, 21 Jul 2021 01:00:05 -0700 


    [ 
https://issues.apache.org/jira/browse/OAK-9494?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17384719#comment-17384719
 ] 

Angela Schreiber edited comment on OAK-9494 at 7/21/21, 7:59 AM:
-----------------------------------------------------------------

* initial changes committed rv. 023f63235d..5f241a4426
 * result of benchmarks attached:
 ** ACCESSCONTORL_MANAGER_GET_PRIVILEGE_COLLECTION : new method 
{{JackrabbitAccessControlManager.getPrivilegeCollection}} with repeated calls 
to 'includes' for the given randon priv-names
 ** JCR_PRIVILEGE_NAME_AGGREGATION : {{AccessControlManager.getPrivileges}} 
with manually extracting aggregated names and then repeated testing if the 
given random priv-names are included.
* update oak-docu : {color:#00875A}TODO{color}
 ** ACCESSCONTORL_MANAGER_HAS_PRIVILEGES : repeated calls to 
{{AccessControlManager.hasPrivileges}} for the given randomly selected 
privileges


was (Author: anchela):
* initial changes committed rv. 023f63235d..5f241a4426
 * result of benchmarks attached:
 ** ACCESSCONTORL_MANAGER_GET_PRIVILEGE_COLLECTION : new method 
{{JackrabbitAccessControlManager.getPrivilegeCollection}} with repeated calls 
to 'includes' for the given randon priv-names
 ** JCR_PRIVILEGE_NAME_AGGREGATION : {{AccessControlManager.getPrivileges}} 
with manually extracting aggregated names and then repeated testing if the 
given random priv-names are included.
 ** ACCESSCONTORL_MANAGER_HAS_PRIVILEGES : repeated calls to 
{{AccessControlManager.hasPrivileges}} for the given randomly selected 
privileges

> Check if a privilege name is included in a set/array of Privileges obtained 
> from AccessControlManager.getPrivileges
> -------------------------------------------------------------------------------------------------------------------
>
>                 Key: OAK-9494
>                 URL: https://issues.apache.org/jira/browse/OAK-9494
>             Project: Jackrabbit Oak
>          Issue Type: Improvement
>          Components: jackrabbit-api, security
>            Reporter: Joerg Hoh
>            Assignee: Angela Schreiber
>            Priority: Major
>         Attachments: 
> GetPrivilegeCollectionIncludeNamesTest_ACCESSCONTORL_MANAGER_GET_PRIVILEGE_COLLECTION_20210720_142800.csv,
>  
> GetPrivilegeCollectionIncludeNamesTest_ACCESSCONTORL_MANAGER_HAS_PRIVILEGES_20210720_145010.csv,
>  
> GetPrivilegeCollectionIncludeNamesTest_JCR_PRIVILEGE_NAME_AGGREGATION_20210720_144405.csv
>
>
> I have a case where I need to check for a session if individual privileges 
> are available for a specific node. For performance reasons I want to avoid to 
> execute multiple calls to {{accessControlManager.hasPrivilege(...)}}, but get 
> all Privileges of that node once and the set various flags based on the 
> presene of certain privileges or not.
> I want to use something like this:
> {code}
> Set<String> applicablePrivilegeNames = 
> ...(accessControlManager.getPrivileges(path))...
> boolean canAddChildNodes = 
> applicablePrivilegeNames.contains(Privilege.JCR_ADD_CHILD_NODES);
> boolean canWrite = applicablePrivilegeNames.contains(Privilege.WRITE);
> {code}
> It should work with aggregates as well.
> Right now it's a bit problematic because {{privilege.getName()}} resolves to 
> something like {{jcr:read}}, while the value of {{Privilege.JCR_READ}} is 
> {{\{http://www.jcp.org/jcr/1.0}read}}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to