Author: ozeigermann
Date: Wed Mar 21 14:54:02 2007
New Revision: 521013
URL: http://svn.apache.org/viewvc?view=rev&rev=521013
Log:
Added a SecurityStore option to WCK
Added:
jakarta/slide/trunk/wck/src/org/apache/slide/simple/store/WebdavStorePermissionExtension.java
Modified:
jakarta/slide/trunk/wck/conf/Domain.xml
jakarta/slide/trunk/wck/src/org/apache/slide/simple/reference/WebdavFileStore.java
jakarta/slide/trunk/wck/src/org/apache/slide/simple/store/WebdavStoreAdapter.java
Modified: jakarta/slide/trunk/wck/conf/Domain.xml
URL:
http://svn.apache.org/viewvc/jakarta/slide/trunk/wck/conf/Domain.xml?view=diff&rev=521013&r1=521012&r2=521013
==============================================================================
--- jakarta/slide/trunk/wck/conf/Domain.xml (original)
+++ jakarta/slide/trunk/wck/conf/Domain.xml Wed Mar 21 14:54:02 2007
@@ -34,7 +34,11 @@
<reference store="nodestore"/>
</macrostore-->
<!--lockstore
classname="org.apache.slide.store.mem.TransientLockStore"/-->
- <securitystore
classname="org.apache.slide.store.mem.TransientSecurityStore"/>
+ <!--securitystore
classname="org.apache.slide.store.mem.TransientSecurityStore"/-->
+ <securitystore>
+ <reference store="nodestore"/>
+ </securitystore>
+
</store>
<store name="memory">
<nodestore
classname="org.apache.slide.store.mem.TransientNodeStore"/>
Modified:
jakarta/slide/trunk/wck/src/org/apache/slide/simple/reference/WebdavFileStore.java
URL:
http://svn.apache.org/viewvc/jakarta/slide/trunk/wck/src/org/apache/slide/simple/reference/WebdavFileStore.java?view=diff&rev=521013&r1=521012&r2=521013
==============================================================================
---
jakarta/slide/trunk/wck/src/org/apache/slide/simple/reference/WebdavFileStore.java
(original)
+++
jakarta/slide/trunk/wck/src/org/apache/slide/simple/reference/WebdavFileStore.java
Wed Mar 21 14:54:02 2007
@@ -25,18 +25,25 @@
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
+import java.io.BufferedReader;
+import java.io.BufferedWriter;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.io.InputStreamReader;
import java.io.OutputStream;
+import java.io.OutputStreamWriter;
+import java.io.Writer;
import java.security.Principal;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
+import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
@@ -47,7 +54,9 @@
import org.apache.slide.common.ServiceAccessException;
import org.apache.slide.common.ServiceParameterErrorException;
import org.apache.slide.common.ServiceParameterMissingException;
+import org.apache.slide.common.Uri;
import org.apache.slide.security.AccessDeniedException;
+import org.apache.slide.security.NodePermission;
import org.apache.slide.security.UnauthenticatedException;
import org.apache.slide.simple.store.BasicWebdavStore;
import org.apache.slide.simple.store.WebdavStoreAdapter;
@@ -56,6 +65,7 @@
import org.apache.slide.simple.store.WebdavStoreMacroCopyExtension;
import org.apache.slide.simple.store.WebdavStoreMacroDeleteExtension;
import org.apache.slide.simple.store.WebdavStoreMacroMoveExtension;
+import org.apache.slide.simple.store.WebdavStorePermissionExtension;
import org.apache.slide.store.util.FileHelper;
import org.apache.slide.structure.ObjectAlreadyExistsException;
import org.apache.slide.structure.ObjectNotFoundException;
@@ -159,15 +169,17 @@
* @version $Revision$
*/
public class WebdavFileStore implements BasicWebdavStore,
WebdavStoreLockExtension, WebdavStoreBulkPropertyExtension,
- WebdavStoreMacroCopyExtension, WebdavStoreMacroMoveExtension,
WebdavStoreMacroDeleteExtension {
+ WebdavStoreMacroCopyExtension, WebdavStoreMacroMoveExtension,
WebdavStoreMacroDeleteExtension, WebdavStorePermissionExtension {
- private static final String ROOTPATH_PARAMETER = "rootpath";
+ protected static final String ROOTPATH_PARAMETER = "rootpath";
- private static final String LOCK_FILE_EXTENSION = ".lck";
+ protected static final String LOCK_FILE_EXTENSION = ".lck";
- private static final String PROPERTY_FILE_PREFIX = ".";
+ protected static final String PROPERTY_FILE_PREFIX = ".";
- private static void save(InputStream is, File file) throws IOException {
+ protected static final String SECURITY_FILE_SUFFIX = ".rights";
+
+ protected static void save(InputStream is, File file) throws IOException {
OutputStream os = new BufferedOutputStream(new FileOutputStream(file));
try {
FileHelper.copy(is, os);
@@ -566,6 +578,12 @@
}
protected File getPropertyFile(String uri) {
+ String path = getPropertyFilePath(uri);
+ File file = new File(root, path);
+ return file;
+ }
+
+ protected String getPropertyFilePath(String uri) {
String dir;
String name;
int lastSlash = uri.lastIndexOf('/');
@@ -577,6 +595,11 @@
name = uri;
}
String path = dir + PROPERTY_FILE_PREFIX + name;
+ return path;
+ }
+
+ protected File getSecurityFile(String uri) {
+ String path = getPropertyFilePath(uri) + SECURITY_FILE_SUFFIX;
File file = new File(root, path);
return file;
}
@@ -700,4 +723,76 @@
}
}
+
+ public void deletePermissions(String uri) throws ServiceAccessException {
+ File file = getSecurityFile(uri);
+ if (file.exists()) {
+ file.delete();
+ }
+ }
+
+ public void setPermissions(String uri, List permissions) throws
ServiceAccessException {
+ File file = getSecurityFile(uri);
+ assureCreated(file, uri);
+ Writer writer = null;
+ try {
+ writer = new BufferedWriter(new OutputStreamWriter(new
FileOutputStream(file)));
+ for (Iterator iter = permissions.iterator(); iter.hasNext();) {
+ NodePermission permission = (NodePermission) iter.next();
+ writer.write(permission.getSubjectUri());
+ writer.write(",");
+ writer.write(permission.getActionUri());
+ writer.write(",");
+ writer.write(Boolean.toString(permission.isInheritable()));
+ writer.write(",");
+ writer.write(Boolean.toString(permission.isNegative()));
+ writer.write("\n");
+ }
+ } catch (FileNotFoundException e) {
+ throw new ServiceAccessException(service, e);
+ } catch (IOException e) {
+ throw new ServiceAccessException(service, e);
+ } finally {
+ if (writer != null)
+ try {
+ writer.close();
+ } catch (IOException e) {
+ }
+ }
+ }
+
+ public List getPermissions(String uri) throws ServiceAccessException {
+ File file = getSecurityFile(uri);
+
+ List permissions = new ArrayList();
+
+ if (!file.exists()) {
+ return permissions;
+ }
+ try {
+ InputStream is = new FileInputStream(file);
+ BufferedReader br = new BufferedReader(new InputStreamReader(is));
+
+ String line = null;
+
+ while ((line = br.readLine()) != null) {
+ String[] field = line.split(",");
+ String user = field[0];
+ String action = field[1];
+ String inheritable = field[2];
+ String negative = field[3];
+ NodePermission permission = new NodePermission(uri.toString(),
user, action,
+ Boolean.valueOf(inheritable).booleanValue(),
Boolean.valueOf(negative)
+ .booleanValue());
+ permissions.add(permission);
+ }
+ } catch (FileNotFoundException e) {
+ throw new ServiceAccessException(service, e);
+ } catch (IOException e) {
+ throw new ServiceAccessException(service, e);
+ }
+
+ return permissions;
+ }
+
}
Modified:
jakarta/slide/trunk/wck/src/org/apache/slide/simple/store/WebdavStoreAdapter.java
URL:
http://svn.apache.org/viewvc/jakarta/slide/trunk/wck/src/org/apache/slide/simple/store/WebdavStoreAdapter.java?view=diff&rev=521013&r1=521012&r2=521013
==============================================================================
---
jakarta/slide/trunk/wck/src/org/apache/slide/simple/store/WebdavStoreAdapter.java
(original)
+++
jakarta/slide/trunk/wck/src/org/apache/slide/simple/store/WebdavStoreAdapter.java
Wed Mar 21 14:54:02 2007
@@ -38,6 +38,7 @@
import org.apache.slide.lock.NodeLock;
import org.apache.slide.lock.ObjectLockedException;
import org.apache.slide.security.AccessDeniedException;
+import org.apache.slide.security.NodePermission;
import org.apache.slide.security.UnauthenticatedException;
import org.apache.slide.simple.authentication.JAASLoginModule;
import org.apache.slide.simple.reference.WebdavFileStore;
@@ -58,7 +59,7 @@
* @version $Revision$
*/
public class WebdavStoreAdapter extends AbstractXAServiceBase implements
Service, ContentStore, NodeStore, LockStore,
- RevisionDescriptorStore, RevisionDescriptorsStore {
+ RevisionDescriptorStore, RevisionDescriptorsStore, SecurityStore {
protected static final String LOG_CHANNEL =
WebdavStoreAdapter.class.getName();
@@ -360,6 +361,28 @@
return id.enumerateLocks(uri);
}
+
+ // ==== SecurityStore Methods ================================
+
+ public Enumeration enumeratePermissions(Uri uri) throws
ServiceAccessException {
+ log("enumeratePermissions(" + uri + ")");
+ return ((TransactionId)
getCurrentlyActiveTransactionalResource()).enumeratePermissions(uri);
+ }
+
+ public void grantPermission(Uri uri, NodePermission permission) throws
ServiceAccessException {
+ log("grantPermission(" + uri + ")");
+ ((TransactionId)
getCurrentlyActiveTransactionalResource()).grantPermission(uri, permission);
+ }
+
+ public void revokePermission(Uri uri, NodePermission permission) throws
ServiceAccessException {
+ log("revokePermission(" + uri + ")");
+ ((TransactionId)
getCurrentlyActiveTransactionalResource()).revokePermission(uri, permission);
+ }
+
+ public void revokePermissions(Uri uri) throws ServiceAccessException {
+ log("revokePermissions(" + uri + ")");
+ ((TransactionId)
getCurrentlyActiveTransactionalResource()).revokePermissions(uri);
+ }
protected void log(String msg) {
getLogger().log(msg, this.getClass().getName(), Logger.DEBUG);
}
@@ -396,6 +419,8 @@
protected WebdavStoreSinglePropertyExtension singlePropStore = null;
+ protected WebdavStorePermissionExtension securityStore = null;
+
protected Set toBeCreated;
protected Set tentativeResourceCreated;
@@ -427,6 +452,9 @@
if (store instanceof WebdavStoreSinglePropertyExtension) {
singlePropStore = (WebdavStoreSinglePropertyExtension)
store;
}
+ if (store instanceof WebdavStorePermissionExtension) {
+ securityStore = (WebdavStorePermissionExtension) store;
+ }
this.parameters = parameters;
} catch (Exception e) {
throw new ServiceAccessException(service, e);
@@ -909,6 +937,41 @@
}
}
+ protected Enumeration enumeratePermissions(Uri uri) throws
ServiceAccessException {
+ checkAuthentication();
+ Vector permissions = new Vector();
+ if (securityStore != null) {
+ permissions = new
Vector(securityStore.getPermissions(uri.toString()));
+ }
+ return permissions.elements();
+ }
+
+ protected void grantPermission(Uri uri, NodePermission permission)
+ throws ServiceAccessException {
+ checkAuthentication();
+ if (securityStore != null) {
+ List permissions =
securityStore.getPermissions(uri.toString());
+ permissions.add(permission);
+ securityStore.setPermissions(uri.toString(), permissions);
+ }
+ }
+
+ protected void revokePermission(Uri uri, NodePermission permission)
+ throws ServiceAccessException {
+ checkAuthentication();
+ if (securityStore != null) {
+ List permissions =
securityStore.getPermissions(uri.toString());
+ permissions.remove(permission);
+ securityStore.setPermissions(uri.toString(), permissions);
+ }
+ }
+
+ protected void revokePermissions(Uri uri) throws
ServiceAccessException {
+ checkAuthentication();
+ if (securityStore != null) {
+ securityStore.deletePermissions(uri.toString());
+ }
+ }
protected boolean objectExists(Uri uri) throws ServiceAccessException {
try {
return (toBeCreated.contains(uri.toString()) ||
store.objectExists(uri.toString()));
Added:
jakarta/slide/trunk/wck/src/org/apache/slide/simple/store/WebdavStorePermissionExtension.java
URL:
http://svn.apache.org/viewvc/jakarta/slide/trunk/wck/src/org/apache/slide/simple/store/WebdavStorePermissionExtension.java?view=auto&rev=521013
==============================================================================
---
jakarta/slide/trunk/wck/src/org/apache/slide/simple/store/WebdavStorePermissionExtension.java
(added)
+++
jakarta/slide/trunk/wck/src/org/apache/slide/simple/store/WebdavStorePermissionExtension.java
Wed Mar 21 14:54:02 2007
@@ -0,0 +1,67 @@
+/*
+ * $Header$
+ * $Revision: 208281 $
+ * $Date: 2004-12-09 13:17:09 +0100 (Do, 09 Dez 2004) $
+ *
+ * ====================================================================
+ *
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.slide.simple.store;
+
+import java.util.List;
+
+import org.apache.slide.common.ServiceAccessException;
+import org.apache.slide.simple.reference.WebdavFileStore;
+
+/**
+ * Optional extension to the
+ * [EMAIL PROTECTED] org.apache.slide.simple.store.BasicWebdavStore basic
store} with
+ * permission call backs.
+ *
+ * <p>
+ * It can be fed by the same adapter as the
+ * [EMAIL PROTECTED] org.apache.slide.simple.store.WebdavStoreAdapter adapter}!
+ * </p>
+ *
+ * <p>
+ * Be sure to read the Javadocs of the
+ * [EMAIL PROTECTED] org.apache.slide.simple.store.BasicWebdavStore basic one}
first!
+ * </p>
+ *
+ * <p>
+ * <em>Caution: It is most important to understand that this is no general
purpose store.
+ * It has been designed to solely work with access to Slide via WebDAV with
general methods.
+ * It relies on certain sequences of calls that are done when the Slide core
is being accessed through
+ * the WebDAV layer. Other sequences are likely to make this store fail.</em>
+ * </p>
+ *
+ * @see BasicWebdavStore
+ * @see WebdavFileStore
+ * @see WebdavStoreAdapter
+ * @see WebdavStoreSinglePropertyExtension
+ * @version $Revision: 208281 $
+ */
+public interface WebdavStorePermissionExtension extends BasicWebdavStore {
+
+ void deletePermissions(String uri) throws ServiceAccessException;
+
+ void setPermissions(String uri, List permissions) throws
ServiceAccessException;
+
+ List getPermissions(String uri) throws ServiceAccessException;
+
+}
\ No newline at end of file
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
