diff options
author | Eike Stepper | 2013-10-02 10:16:43 +0000 |
---|---|---|
committer | Eike Stepper | 2013-10-02 10:16:43 +0000 |
commit | d3da759d2562356b342d854c22b704ef517ee51e (patch) | |
tree | 5cbaed9c0f7e00ad15d8753a5d9f204c841e5662 /plugins/org.eclipse.emf.cdo.server.security | |
parent | 596ce42d6fe3d648f771b7a27b3af5f828f25a2a (diff) | |
download | cdo-d3da759d2562356b342d854c22b704ef517ee51e.tar.gz cdo-d3da759d2562356b342d854c22b704ef517ee51e.tar.xz cdo-d3da759d2562356b342d854c22b704ef517ee51e.zip |
[418267] [Security] Cached permissions are not always properly updated
after commits
https://bugs.eclipse.org/bugs/show_bug.cgi?id=418267
Diffstat (limited to 'plugins/org.eclipse.emf.cdo.server.security')
2 files changed, 23 insertions, 3 deletions
diff --git a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java index a30f362278..fc4e8d5595 100644 --- a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java +++ b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java @@ -182,6 +182,8 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage private CDOID realmID; + private long lastRealmModification = CDOBranchPoint.UNSPECIFIED_DATE; + public SecurityManager(String realmPath, IManagedContainer container) { this.realmPath = realmPath; @@ -657,6 +659,12 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage protected CDOPermission authorize(CDORevision revision, CDORevisionProvider revisionProvider, CDOBranchPoint securityContext, ISession session, Access defaultAccess, Permission[] permissions) { + if (lastRealmModification != CDOBranchPoint.UNSPECIFIED_DATE) + { + systemView.waitForUpdate(lastRealmModification); + lastRealmModification = CDOBranchPoint.UNSPECIFIED_DATE; + } + boolean setUser = defaultAccess == null; if (setUser) { @@ -777,6 +785,8 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage { synchronized (userInfos) { + // System.out.println("clearUserInfos()"); + userInfos.clear(); permissionBag.clear(); permissionArray = null; @@ -902,7 +912,9 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage try { - return authorize(revision, revisionProvider, securityContext, session, null, null); + CDOPermission permission = authorize(revision, revisionProvider, securityContext, session, null, null); + // System.out.println("Loading from " + session + ": " + permission + " --> " + revision); + return permission; } finally { @@ -1060,6 +1072,11 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage public void handleTransactionAfterCommitted(ITransaction transaction, final CommitContext commitContext, OMMonitor monitor) { + if (commitContext.getSecurityImpact() == CommitNotificationInfo.IMPACT_REALM) + { + lastRealmModification = commitContext.getBranchPoint().getTimeStamp(); + } + handleCommitted(commitContext); } } diff --git a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/spi/security/HomeFolderHandler.java b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/spi/security/HomeFolderHandler.java index ad9fd74e3a..7b030e52f9 100644 --- a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/spi/security/HomeFolderHandler.java +++ b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/spi/security/HomeFolderHandler.java @@ -208,8 +208,11 @@ public class HomeFolderHandler implements InternalSecurityManager.CommitHandler2 protected void handleUser(CDOTransaction transaction, Realm realm, Role role, User user) throws Exception { - user.getRoles().add(role); - transaction.createResourceFolder(getHomeFolder() + "/" + user.getId()); + EList<Role> roles = user.getRoles(); + roles.add(role); + + String path = getHomeFolder() + "/" + user.getId(); + transaction.getOrCreateResourceFolder(path); } @Override |