Add accessors for ACL for plain Principals
This allows consuming code to be orthogonal between permit/deny and
user/group. Previously, that code would have to have code for each
combination of those cases.
diff --git a/src/com/google/enterprise/adaptor/Acl.java b/src/com/google/enterprise/adaptor/Acl.java
index f1ef8ea..5d20741 100644
--- a/src/com/google/enterprise/adaptor/Acl.java
+++ b/src/com/google/enterprise/adaptor/Acl.java
@@ -14,6 +14,8 @@
package com.google.enterprise.adaptor;
+import com.google.common.collect.Sets;
+
import java.io.IOException;
import java.util.*;
import java.util.logging.*;
@@ -135,6 +137,20 @@
}
/**
+ * Returns immutable set of permitted users and groups.
+ */
+ public Set<Principal> getPermits() {
+ return Sets.union(permitUsers, permitGroups);
+ }
+
+ /**
+ * Returns immutable set of denied users and groups;
+ */
+ public Set<Principal> getDenies() {
+ return Sets.union(denyUsers, denyGroups);
+ }
+
+ /**
* Returns {@code DocId} these ACLs are inherited from. This is also known as
* the "parent's" ACLs. Note that the parent's {@code InheritanceType}
* determines how to combine results with this ACL.
@@ -644,6 +660,58 @@
}
/**
+ * Replace existing permit users and groups.
+ *
+ * @return the same instance of the builder, for chaining calls
+ * @throws NullPointerException if the collection is {@code null} or
+ * contains {@code null}
+ * @throws IllegalArgumentException if the collection contains {@code ""}
+ * or a value that has leading or trailing whitespace
+ */
+ public Builder setPermits(Collection<Principal> permits) {
+ Collection<GroupPrincipal> groups = new ArrayList<GroupPrincipal>();
+ Collection<UserPrincipal> users = new ArrayList<UserPrincipal>();
+ for (Principal principal : permits) {
+ if (principal.isGroup()) {
+ groups.add((GroupPrincipal) principal);
+ } else {
+ users.add((UserPrincipal) principal);
+ }
+ }
+ Set<GroupPrincipal> sanitizedGroups = sanitizeSet(groups);
+ Set<UserPrincipal> sanitizedUsers = sanitizeSet(users);
+ this.permitGroups = sanitizedGroups;
+ this.permitUsers = sanitizedUsers;
+ return this;
+ }
+
+ /**
+ * Replace existing deny users and groups.
+ *
+ * @return the same instance of the builder, for chaining calls
+ * @throws NullPointerException if the collection is {@code null} or
+ * contains {@code null}
+ * @throws IllegalArgumentException if the collection contains {@code ""}
+ * or a value that has leading or trailing whitespace
+ */
+ public Builder setDenies(Collection<Principal> denies) {
+ Collection<GroupPrincipal> groups = new ArrayList<GroupPrincipal>();
+ Collection<UserPrincipal> users = new ArrayList<UserPrincipal>();
+ for (Principal principal : denies) {
+ if (principal.isGroup()) {
+ groups.add((GroupPrincipal) principal);
+ } else {
+ users.add((UserPrincipal) principal);
+ }
+ }
+ Set<GroupPrincipal> sanitizedGroups = sanitizeSet(groups);
+ Set<UserPrincipal> sanitizedUsers = sanitizeSet(users);
+ this.denyGroups = sanitizedGroups;
+ this.denyUsers = sanitizedUsers;
+ return this;
+ }
+
+ /**
* Set {@code DocId} to inherit ACLs from. This is also known as the
* "parent's" ACLs. Note that the parent's {@code InheritanceType}
* determines how to combine results with this ACL.
diff --git a/test/com/google/enterprise/adaptor/AclTest.java b/test/com/google/enterprise/adaptor/AclTest.java
index 90ef823..445d1cd 100644
--- a/test/com/google/enterprise/adaptor/AclTest.java
+++ b/test/com/google/enterprise/adaptor/AclTest.java
@@ -16,6 +16,7 @@
import static org.junit.Assert.*;
+import com.google.common.collect.Sets;
import org.junit.*;
import org.junit.rules.ExpectedException;
@@ -166,6 +167,22 @@
}
@Test
+ public void testTypeAgnosticAccessors() {
+ Acl acl = new Acl.Builder()
+ .setPermitUsers(U("todelete1")).setDenyUsers(U("todelete2"))
+ .setPermitGroups(G("todelete3")).setDenyGroups(G("todelete4"))
+ .setPermits(Sets.union(U("good1"), G("good2")))
+ .setDenies(Sets.union(U("good3"), G("good4")))
+ .build();
+ assertEquals(new Acl.Builder()
+ .setPermitUsers(U("good1")).setDenyUsers(U("good3"))
+ .setPermitGroups(G("good2")).setDenyGroups(G("good4"))
+ .build(), acl);
+ assertEquals(Sets.union(U("good1"), G("good2")), acl.getPermits());
+ assertEquals(Sets.union(U("good3"), G("good4")), acl.getDenies());
+ }
+
+ @Test
public void testDenyGroupsImmutability() {
Acl acl = new Acl.Builder().setEverythingCaseInsensitive()
.setDenyGroups(G("item")).build();
