dirkv 01/07/11 14:21:09
Modified: src/webdav/client/src/org/apache/webdav/cmd Slide.java
Log:
complete acl support with deny and revoke
the following acl commands are available:
grant [<namespace>] <permission> [on <path>] to <principal>
deny [<namespace>] <permission> [on <path>] to <principal>
revoke [<namespace>] <permission> [on <path>] from <principal>
Revision Changes Path
1.30 +204 -14
jakarta-slide/src/webdav/client/src/org/apache/webdav/cmd/Slide.java
Index: Slide.java
===================================================================
RCS file:
/home/cvs/jakarta-slide/src/webdav/client/src/org/apache/webdav/cmd/Slide.java,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- Slide.java 2001/06/09 00:17:59 1.29
+++ Slide.java 2001/07/11 21:21:05 1.30
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-slide/src/webdav/client/src/org/apache/webdav/cmd/Slide.java,v 1.29
2001/06/09 00:17:59 remm Exp $
- * $Revision: 1.29 $
- * $Date: 2001/06/09 00:17:59 $
+ * $Header:
/home/cvs/jakarta-slide/src/webdav/client/src/org/apache/webdav/cmd/Slide.java,v 1.30
2001/07/11 21:21:05 dirkv Exp $
+ * $Revision: 1.30 $
+ * $Date: 2001/07/11 21:21:05 $
*
* ====================================================================
*
@@ -868,14 +868,113 @@
}
}
grant(webdavResource, namespace, permission,
path, principal);
-
} else
+ if (todo.equalsIgnoreCase("deny")) {
+ int count = params.size();
+ String principal=null;
+ String to=null;
+ String path=null;
+ String on=null;
+ String permission=null;
+ String namespace=null;
+ if (count==3) { // deny <permission> to <principal>
+ principal=(String)params.pop();
+ to=(String)params.pop();
+ path=checkUri(webdavResource.getPath());
+ on="on";
+ permission=(String)params.pop();
+ namespace=null;
+ } else if (count==4) { // deny <namespace> <permission> to
<principal>
+ principal=(String)params.pop();
+ to=(String)params.pop();
+ path=checkUri(webdavResource.getPath());
+ on="on";
+ permission=(String)params.pop();
+ namespace=(String)params.pop();
+ } else if (count==5) { // deny <permission> on <path> to
<principal>
+ principal=(String)params.pop();
+ to=(String)params.pop();
+ path=checkUri((String)params.pop());
+ on=(String)params.pop();
+ permission=(String)params.pop();
+ namespace=null;
+ } else if (count==6) { // deny <namespace> <permission> on
<path> to <principal>
+ principal=(String)params.pop();
+ to=(String)params.pop();
+ path=checkUri((String)params.pop());
+ on=(String)params.pop();
+ permission=(String)params.pop();
+ namespace=(String)params.pop();
+ }
+ if (!"to".equalsIgnoreCase(to) || !"on".equalsIgnoreCase(on)) {
+ System.out.println("Syntax: deny <namespace>
<permission> on <path> to <principal>");
+ continue;
+ }
+ if (namespace==null) {
+ namespace=resolveNamespace(permission);
+ if (namespace==null) {
+ System.out.println("Could not resolve
namespace for permission " + permission);
+ continue;
+ }
+ }
+ deny(webdavResource, namespace, permission, path, principal);
+ } else
+ if (todo.equalsIgnoreCase("revoke")) {
+ int count = params.size();
+ String principal=null;
+ String from=null;
+ String path=null;
+ String on=null;
+ String permission=null;
+ String namespace=null;
+ if (count==3) { // revoke <permission> to <principal>
+ principal=(String)params.pop();
+ from=(String)params.pop();
+ path=checkUri(webdavResource.getPath());
+ on="on";
+ permission=(String)params.pop();
+ namespace=null;
+ } else if (count==4) { // revoke <namespace> <permission> from
<principal>
+ principal=(String)params.pop();
+ from=(String)params.pop();
+ path=checkUri(webdavResource.getPath());
+ on="on";
+ permission=(String)params.pop();
+ namespace=(String)params.pop();
+ } else if (count==5) { // revoke <permission> on <path> from
<principal>
+ principal=(String)params.pop();
+ from=(String)params.pop();
+ path=checkUri((String)params.pop());
+ on=(String)params.pop();
+ permission=(String)params.pop();
+ namespace=null;
+ } else if (count==6) { // revoke <namespace> <permission> on
<path> from <principal>
+ principal=(String)params.pop();
+ from=(String)params.pop();
+ path=checkUri((String)params.pop());
+ on=(String)params.pop();
+ permission=(String)params.pop();
+ namespace=(String)params.pop();
+ }
+ if (!"from".equalsIgnoreCase(from) ||
!"on".equalsIgnoreCase(on)) {
+ System.out.println("Syntax: revoke <namespace>
<permission> on <path> from <principal>");
+ continue;
+ }
+ if (namespace==null) {
+ namespace=resolveNamespace(permission);
+ if (namespace==null) {
+ System.out.println("Could not resolve
namespace for permission " + permission);
+ continue;
+ }
+ }
+ revoke(webdavResource, namespace, permission, path, principal);
+ } else
if (todo.equalsIgnoreCase("acl")) {
String path=null;
AclProperty acl=null;
int count = params.size();
if (count>1) {
- System.out.print("acl has a maximum of 1 argument");
+ System.out.println("acl has a maximum of 1 argument");
continue;
}
if (count==1) {
@@ -888,7 +987,7 @@
if (acl==null)
{
- System.out.print("Error: PropFind didn't
return an AclProperty!");
+ System.out.println("Error: PropFind didn't
return an AclProperty!");
continue;
}
System.out.println();
@@ -1453,7 +1552,9 @@
"Set debug level, default: off");
System.out.println(" acl [path] " +
"Displays the ACL of path");
- System.out.println(" grant [<namespace>] <permission> [on <path>] to
<principal>");
+ System.out.println(" grant [<namespace>] <permission> [on <path>] to
<principal>");
+ System.out.println(" deny [<namespace>] <permission> [on <path>] to
<principal>");
+ System.out.println(" revoke [<namespace>] <permission> [on <path>] from
<principal>");
System.out.println
("Aliases: help=?, open=connect, ls=dir, pwc=pwd, cc=cd, " +
"lls=ldir, copy=cp,\n move=mv, delete=del=rm, mkcol=mkdir, " +
@@ -1518,11 +1619,28 @@
private boolean grant(WebdavResource webdavResource, String namespace, String
permission, String path, String principal) throws HttpException, IOException
{
System.out.println("grant " + namespace + permission + " on " + path +
" to " + principal);
+ return addPermission(webdavResource, namespace, permission, path,
principal, false);
+ }
+ private boolean deny(WebdavResource webdavResource, String namespace, String
permission, String path, String principal) throws HttpException, IOException
+ {
+ System.out.println("deny " + namespace + permission + " on " + path +
" to " + principal);
+ return addPermission(webdavResource, namespace, permission, path,
principal, true);
+ }
+
+ private boolean revoke(WebdavResource webdavResource, String namespace, String
permission, String path, String principal) throws HttpException, IOException
+ {
+ System.out.println("revoke " + namespace + permission + " on " + path
+ " from " + principal);
+ return removePermission(webdavResource, namespace, permission, path,
principal);
+ }
+
+ private boolean addPermission(WebdavResource webdavResource, String namespace,
String permission, String path, String principal, boolean negative) throws
HttpException, IOException
+ {
+
AclProperty acl = webdavResource.aclfindMethod(path);
if (acl==null)
{
- System.out.print("Error: PropFind didn't return an
AclProperty!");
+ System.out.println("Error: PropFind didn't return an
AclProperty!");
return false;
}
Ace[] aces=acl.getAces();
@@ -1536,10 +1654,11 @@
Ace ace=null;
for (int i=0; i<aces.length && (ace==null); i++)
{
- if (!aces[i].isNegative() && !aces[i].isProtected()
+ if ((aces[i].isNegative()==negative) && !aces[i].isProtected()
&& !aces[i].isInherited() &&
aces[i].getPrincipal().equals(principal))
{
- System.out.println("found ace");
+ if (debugLevel>5)
+ System.out.println("found ace");
ace=aces[i];
}
}
@@ -1548,7 +1667,7 @@
Ace[] oldAces=aces;
aces=new Ace[oldAces.length+1];
System.arraycopy(oldAces,0,aces,0,oldAces.length);
- ace=new Ace(principal, false, false, false,null);
+ ace=new Ace(principal, negative, false, false,null);
aces[oldAces.length]=ace;
}
@@ -1567,10 +1686,81 @@
System.err.println(webdavResource.getStatusMessage());
if (debugLevel>5) {
- System.out.println();
- System.out.println("ACL from server after update");
- showAces(path, aces);
+ acl = webdavResource.aclfindMethod(path);
+ if (acl==null)
+ System.out.println("Error: PropFind didn't return an
AclProperty!");
+ else
+ {
+ aces=acl.getAces();
+ System.out.println();
+ System.out.println("ACL from server after update");
+ showAces(path, aces);
+ }
}
+
+ return success;
+ }
+
+ private boolean removePermission(WebdavResource webdavResource, String
namespace, String permission, String path, String principal) throws HttpException,
IOException
+ {
+ AclProperty acl = webdavResource.aclfindMethod(path);
+ if (acl==null)
+ {
+ System.out.println("Error: PropFind didn't return an
AclProperty!");
+ return false;
+ }
+ Ace[] aces=acl.getAces();
+
+ if (debugLevel>5) {
+ System.out.println();
+ System.out.println("ACL from server");
+ showAces(path, aces);
+ }
+
+ boolean found=false;
+ Privilege privilege=new Privilege(namespace, permission, null);
+ for (int i=0; i<aces.length; i++)
+ {
+ if (!aces[i].isProtected() && !aces[i].isInherited() &&
aces[i].getPrincipal().equals(principal))
+ {
+ if (debugLevel>5)
+ System.out.println("found ace");
+ boolean removed = aces[i].removePrivilege(privilege);
+ found = found || removed;
+ if ((debugLevel>5) || removed)
+ System.out.println("privilege removed");
+ }
+ }
+
+ if (!found)
+ {
+ System.out.println("Privilege not found");
+ return false;
+ }
+
+ if (debugLevel>5) {
+ System.out.println();
+ System.out.println("ACL with updated privileges");
+ showAces(path, aces);
+ }
+
+ boolean success = webdavResource.aclMethod(path,aces);
+
+ if (!success)
+ System.err.println(webdavResource.getStatusMessage());
+
+ if (debugLevel>5) {
+ acl = webdavResource.aclfindMethod(path);
+ if (acl==null)
+ System.out.println("Error: PropFind didn't return an
AclProperty!");
+ else
+ {
+ aces=acl.getAces();
+ System.out.println();
+ System.out.println("ACL from server after update");
+ showAces(path, aces);
+ }
+ }
return success;
}
