Add security support to CDO-LM #5

plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/protocol/CDOProtocolVersion.java

@@ -19,8 +19,9 @@ class CDOProtocolVersion
 
   static
   {
-    VALUE = 48; // SIGNAL_LOCK_OWNER_REMAPPED_NOTIFICATION
+    VALUE = 49; // Add security support to CDO-LM #5
 
+    // VALUE = 48; // SIGNAL_LOCK_OWNER_REMAPPED_NOTIFICATION
     // VALUE = 47; // Bug 580439 - Truncated CDOLobs in repository
     // VALUE = 46; // SIGNAL_REMOTE_TOPIC
     // VALUE = 45; // SIGNAL_AUTHORIZE_OPERATIONS

plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/util/CDOClassNotFoundException.java

@@ -35,7 +35,7 @@ public final class CDOClassNotFoundException extends CDOException
 
   public CDOClassNotFoundException(String packageURI, String classifierName)
   {
-    super(MessageFormat.format(Messages.getString("CDOSessionImpl.1"), packageURI + CDOClassifierRef.URI_SEPARATOR + classifierName));
+    super(MessageFormat.format(Messages.getString("CDOClassNotFoundException.0"), packageURI + CDOClassifierRef.URI_SEPARATOR + classifierName));
     this.packageURI = packageURI;
     this.classifierName = classifierName;
   }

plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/common/util/CDOPackageNotFoundException.java

@@ -31,7 +31,7 @@ public final class CDOPackageNotFoundException extends CDOException
 
   public CDOPackageNotFoundException(String packageURI)
   {
-    super(MessageFormat.format(Messages.getString("CDOSessionImpl.0"), packageURI));
+    super(MessageFormat.format(Messages.getString("CDOPackageNotFoundException.0"), packageURI));
     this.packageURI = packageURI;
   }
 

plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/internal/common/messages/messages.properties

@@ -29,8 +29,8 @@ CDOPackageUnit.0=Package unit type is unknown
 CDOPackageUnitImpl.0=UNINITIALIZED
 CDOPackageUnitImpl.1=Package unit not initialized
 CDORevisionUtil.0=UNINITIALIZED
-CDOSessionImpl.0=Package locally not available: {0}
-CDOSessionImpl.1=Class locally not available: {0}
+CDOPackageNotFoundException.0=Package locally not available: {0}
+CDOClassNotFoundException.0=Class locally not available: {0}
 CDOTypeImpl.23=Cannot find the enum literal {0}
 DLRevisionList.0=Cannot assign to a different list while linked to a list
 DLRevisionList.3=Holder {0} is still linked in different list

plugins/org.eclipse.emf.cdo.common/src/org/eclipse/emf/cdo/spi/common/revision/BaseCDORevision.java

@@ -20,6 +20,7 @@
 import org.eclipse.emf.cdo.common.id.CDOIDProvider;
 import org.eclipse.emf.cdo.common.id.CDOIDTemp;
 import org.eclipse.emf.cdo.common.id.CDOIDUtil;
+import org.eclipse.emf.cdo.common.model.CDOClassInfo;
 import org.eclipse.emf.cdo.common.model.CDOClassifierRef;
 import org.eclipse.emf.cdo.common.model.CDOModelUtil;
 import org.eclipse.emf.cdo.common.model.CDOType;
@@ -1034,6 +1035,27 @@ public CDOPermission getPermission()
   public void setPermission(CDOPermission permission)
   {
     flags = (byte)(flags & ~PERMISSION_MASK | permission.getBits() & PERMISSION_MASK);
+
+    if (permission == CDOPermission.NONE)
+    {
+      EStructuralFeature[] features = getClassInfo().getAllPersistentFeatures();
+
+      CDOClassInfo classInfo = getClassInfo();
+      if (classInfo.isResourceNode())
+      {
+        for (EStructuralFeature feature : features)
+        {
+          if (!CDOModelUtil.isResourcePathFeature(feature))
+          {
+            setValue(feature, null);
+          }
+        }
+      }
+      else
+      {
+        initValues(features);
+      }
+    }
   }
 
   /**

plugins/org.eclipse.emf.cdo.examples.installer/examples/org.eclipse.emf.cdo.examples.client/pom.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
-  Copyright (c) 2017, 2019, 2020 Eike Stepper (Loehne, Germany) and others.
+  Copyright (c) 2017, 2019, 2020, 2023 Eike Stepper (Loehne, Germany) and others.
   All rights reserved. This program and the accompanying materials
   are made available under the terms of the Eclipse Public License v1.0
   which accompanies this distribution, and is available at

plugins/org.eclipse.emf.cdo.examples.installer/examples/org.gastro.rcp/pom.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
-  Copyright (c) 2017-2020 Eike Stepper (Loehne, Germany) and others.
+  Copyright (c) 2017-2020, 2023 Eike Stepper (Loehne, Germany) and others.
   All rights reserved. This program and the accompanying materials
   are made available under the terms of the Eclipse Public License v1.0
   which accompanies this distribution, and is available at

plugins/org.eclipse.emf.cdo.examples.installer/examples/org.gastro.server/pom.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
-  Copyright (c) 2017-2019 Eike Stepper (Loehne, Germany) and others.
+  Copyright (c) 2017-2019, 2023 Eike Stepper (Loehne, Germany) and others.
   All rights reserved. This program and the accompanying materials
   are made available under the terms of the Eclipse Public License v1.0
   which accompanies this distribution, and is available at

plugins/org.eclipse.emf.cdo.examples.installer/examples/org.gastro.testclient/pom.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
-  Copyright (c) 2017-2020 Eike Stepper (Loehne, Germany) and others.
+  Copyright (c) 2017-2020, 2023 Eike Stepper (Loehne, Germany) and others.
   All rights reserved. This program and the accompanying materials
   are made available under the terms of the Eclipse Public License v1.0
   which accompanies this distribution, and is available at

plugins/org.eclipse.emf.cdo.explorer/src/org/eclipse/emf/cdo/internal/explorer/checkouts/CDOCheckoutImpl.java

@@ -18,6 +18,7 @@
 import org.eclipse.emf.cdo.common.id.CDOIDUtil;
 import org.eclipse.emf.cdo.common.util.ResourceSetConfigurer;
 import org.eclipse.emf.cdo.common.util.ResourceSetConfigurer.Registry.ResourceSetConfiguration;
+import org.eclipse.emf.cdo.explorer.CDOExplorerManager.ElementsChangedEvent;
 import org.eclipse.emf.cdo.explorer.CDOExplorerUtil;
 import org.eclipse.emf.cdo.explorer.checkouts.CDOCheckout;
 import org.eclipse.emf.cdo.explorer.repositories.CDORepository;
@@ -33,6 +34,7 @@
 import org.eclipse.emf.cdo.view.CDOPrefetcherManager;
 import org.eclipse.emf.cdo.view.CDOView;
 import org.eclipse.emf.cdo.view.CDOViewLocksChangedEvent;
+import org.eclipse.emf.cdo.view.CDOViewPermissionsChangedEvent;
 import org.eclipse.emf.cdo.view.CDOViewTargetChangedEvent;
 
 import org.eclipse.net4j.util.ObjectUtil;
@@ -924,7 +926,11 @@ protected CDOView configureView(CDOView view, Runnable deactivationHandler)
       @Override
       public void notifyEvent(IEvent event)
       {
-        if (event instanceof CDOViewLocksChangedEvent)
+        if (event instanceof CDOViewPermissionsChangedEvent)
+        {
+          fireElementChangedEvent(ElementsChangedEvent.StructuralImpact.PARENT);
+        }
+        else if (event instanceof CDOViewLocksChangedEvent)
         {
           CDOViewLocksChangedEvent e = (CDOViewLocksChangedEvent)event;
           EObject[] objects = e.getAffectedObjects();

plugins/org.eclipse.emf.cdo.lm.client/META-INF/MANIFEST.MF

@@ -3,16 +3,16 @@ Bundle-ManifestVersion: 2
 Bundle-Name: %name
 Bundle-SymbolicName: org.eclipse.emf.cdo.lm.client;singleton:=true
 Automatic-Module-Name: org.eclipse.emf.cdo.lm.client
-Bundle-Version: 1.1.1.qualifier
+Bundle-Version: 1.2.0.qualifier
 Bundle-ClassPath: .
 Bundle-Activator: org.eclipse.emf.cdo.lm.internal.client.bundle.OM$Activator
 Bundle-Vendor: %vendor
 Bundle-Localization: plugin
 Bundle-RequiredExecutionEnvironment: JavaSE-11
-Export-Package: org.eclipse.emf.cdo.lm.client;version="1.1.1",
- org.eclipse.emf.cdo.lm.internal.client;version="1.1.1";x-friends:="org.eclipse.emf.cdo.lm.ui",
- org.eclipse.emf.cdo.lm.internal.client.bundle;version="1.1.1";x-internal:=true,
- org.eclipse.emf.cdo.lm.internal.client.properties;version="1.1.1";x-internal:=true
+Export-Package: org.eclipse.emf.cdo.lm.client;version="1.2.0",
+ org.eclipse.emf.cdo.lm.internal.client;version="1.2.0";x-friends:="org.eclipse.emf.cdo.lm.ui",
+ org.eclipse.emf.cdo.lm.internal.client.bundle;version="1.2.0";x-internal:=true,
+ org.eclipse.emf.cdo.lm.internal.client.properties;version="1.2.0";x-internal:=true
 Require-Bundle: org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",
  org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)",
  org.eclipse.equinox.p2.core;bundle-version="[2.3.0,3.0.0)",

plugins/org.eclipse.emf.cdo.lm.client/pom.xml

@@ -25,7 +25,7 @@
 
   <groupId>org.eclipse.emf.cdo</groupId>
 	<artifactId>org.eclipse.emf.cdo.lm.client</artifactId>
-  <version>1.1.1-SNAPSHOT</version>
+  <version>1.2.0-SNAPSHOT</version>
 	<packaging>eclipse-plugin</packaging>
 
 </project>

plugins/org.eclipse.emf.cdo.lm.client/src/org/eclipse/emf/cdo/lm/client/ISystemDescriptor.java

@@ -77,10 +77,25 @@ public <E extends ModelElement, R> R modify(E element, Function<E, R> modifier,
   public <R> R modify(Function<System, R> modifier, IProgressMonitor monitor) //
       throws ConcurrentAccessException, CommitException;
 
+  /**
+   * @since 1.2
+   */
+  public String[] getModuleNames();
+
+  /**
+   * @since 1.2
+   */
+  public CDORepository[] getModuleRepositories();
+
   public CDORepository getModuleRepository(String moduleName);
 
   public boolean withModuleSession(String moduleName, Consumer<CDOSession> consumer);
 
+  /**
+   * @since 1.2
+   */
+  public boolean withModuleSession(CDORepository moduleRepository, Consumer<CDOSession> consumer);
+
   public ModuleDefinition extractModuleDefinition(Baseline baseline);
 
   public ModuleDefinition extractModuleDefinition(FloatingBaseline baseline, long timeStamp);

plugins/org.eclipse.emf.cdo.lm.client/src/org/eclipse/emf/cdo/lm/internal/client/SystemDescriptor.java

@@ -20,12 +20,14 @@
 import org.eclipse.emf.cdo.common.commit.CDOCommitInfo;
 import org.eclipse.emf.cdo.common.commit.CDOCommitInfoManager;
 import org.eclipse.emf.cdo.common.id.CDOID;
+import org.eclipse.emf.cdo.common.revision.CDORevision;
 import org.eclipse.emf.cdo.common.revision.delta.CDOAddFeatureDelta;
 import org.eclipse.emf.cdo.common.revision.delta.CDOFeatureDelta;
 import org.eclipse.emf.cdo.common.revision.delta.CDOListFeatureDelta;
 import org.eclipse.emf.cdo.common.revision.delta.CDORemoveFeatureDelta;
 import org.eclipse.emf.cdo.common.revision.delta.CDORevisionDelta;
 import org.eclipse.emf.cdo.common.revision.delta.CDOSetFeatureDelta;
+import org.eclipse.emf.cdo.common.security.CDOPermission;
 import org.eclipse.emf.cdo.common.util.CDOException;
 import org.eclipse.emf.cdo.common.util.CDOResourceNodeNotFoundException;
 import org.eclipse.emf.cdo.eresource.CDOResource;
@@ -64,6 +66,8 @@
 import org.eclipse.emf.cdo.lm.modules.ModulesFactory;
 import org.eclipse.emf.cdo.lm.util.LMMerger;
 import org.eclipse.emf.cdo.session.CDOSession;
+import org.eclipse.emf.cdo.session.CDOSession.Options;
+import org.eclipse.emf.cdo.spi.common.revision.InternalCDORevision;
 import org.eclipse.emf.cdo.transaction.CDOTransaction;
 import org.eclipse.emf.cdo.util.CommitException;
 import org.eclipse.emf.cdo.util.ConcurrentAccessException;
@@ -89,7 +93,11 @@
 import org.eclipse.emf.ecore.EReference;
 import org.eclipse.emf.ecore.resource.ResourceSet;
 import org.eclipse.emf.ecore.util.EcoreUtil;
+import org.eclipse.emf.spi.cdo.CDOPermissionUpdater;
+import org.eclipse.emf.spi.cdo.CDOPermissionUpdater2;
+import org.eclipse.emf.spi.cdo.CDOPermissionUpdater3;
 import org.eclipse.emf.spi.cdo.FSMUtil;
+import org.eclipse.emf.spi.cdo.InternalCDOSession;
 
 import org.eclipse.core.runtime.IProgressMonitor;
 import org.eclipse.core.runtime.IStatus;
@@ -296,6 +304,9 @@ public void open()
           CDOSession systemSession = systemRepository.acquireSession();
           systemSession.properties().put(KEY_SYSTEM_DESCRIPTOR, this);
 
+          Options options = systemSession.options();
+          options.setPermissionUpdater(createPermissionUpdater(options));
+
           systemView = systemSession.openView();
           systemView.addListener(systemListener);
 
@@ -305,7 +316,9 @@ public void open()
           newSystem = system;
           state = State.Open;
         }
-        catch (RuntimeException | Error ex)
+        catch (RuntimeException |
+
+            Error ex)
         {
           state = State.Closed;
           LifecycleUtil.deactivate(systemView);
@@ -444,6 +457,24 @@ public <R> R modify(Function<System, R> modifier, IProgressMonitor monitor) thro
     return modify(system, modifier, monitor);
   }
 
+  @Override
+  public String[] getModuleNames()
+  {
+    synchronized (this)
+    {
+      return moduleRepositories.keySet().toArray(new String[moduleRepositories.size()]);
+    }
+  }
+
+  @Override
+  public CDORepository[] getModuleRepositories()
+  {
+    synchronized (this)
+    {
+      return moduleRepositories.values().toArray(new CDORepository[moduleRepositories.size()]);
+    }
+  }
+
   @Override
   public CDORepository getModuleRepository(String moduleName)
   {
@@ -526,10 +557,81 @@ private Properties initModuleRepositoryProperties()
     throw new IllegalStateException("Illegal system repository type: " + systemRepositoryType);
   }
 
+  private CDOPermissionUpdater createPermissionUpdater(CDOSession.Options options)
+  {
+    CDOPermissionUpdater oldPermissionUpdater = options.getPermissionUpdater();
+    if (oldPermissionUpdater instanceof CDOPermissionUpdater3)
+    {
+      CDOPermissionUpdater3 oldPermissionUpdater3 = (CDOPermissionUpdater3)oldPermissionUpdater;
+      return new CDOPermissionUpdater3()
+      {
+        @Override
+        public Map<CDORevision, CDOPermission> updatePermissions(InternalCDOSession session, Map<CDOBranchPoint, Set<InternalCDORevision>> revisions,
+            CDOCommitInfo commitInfo)
+        {
+          updateModulePermissions();
+          return oldPermissionUpdater3.updatePermissions(session, revisions, commitInfo);
+        }
+      };
+    }
+
+    if (oldPermissionUpdater instanceof CDOPermissionUpdater2)
+    {
+      CDOPermissionUpdater2 oldPermissionUpdater2 = (CDOPermissionUpdater2)oldPermissionUpdater;
+      return new CDOPermissionUpdater2()
+      {
+        @Override
+        public Map<CDORevision, CDOPermission> updatePermissions(InternalCDOSession session, Set<InternalCDORevision> revisions)
+        {
+          updateModulePermissions();
+          return oldPermissionUpdater2.updatePermissions(session, revisions);
+        }
+
+        @Override
+        public Map<CDORevision, CDOPermission> updatePermissions(InternalCDOSession session, Set<InternalCDORevision> revisions, CDOCommitInfo commitInfo)
+        {
+          updateModulePermissions();
+          return oldPermissionUpdater2.updatePermissions(session, revisions, commitInfo);
+        }
+      };
+    }
+
+    return new CDOPermissionUpdater()
+    {
+      @Override
+      public Map<CDORevision, CDOPermission> updatePermissions(InternalCDOSession session, Set<InternalCDORevision> revisions)
+      {
+        updateModulePermissions();
+        return oldPermissionUpdater.updatePermissions(session, revisions);
+      }
+    };
+  }
+
+  private void updateModulePermissions()
+  {
+    for (CDORepository moduleRepository : getModuleRepositories())
+    {
+      try
+      {
+        withModuleSession(moduleRepository, session -> ((InternalCDOSession)session).updatePermissions());
+      }
+      catch (Exception ex)
+      {
+        OM.LOG.error(ex);
+      }
+    }
+  }
+
   @Override
   public boolean withModuleSession(String moduleName, Consumer<CDOSession> consumer)
   {
     CDORepository moduleRepository = getModuleRepository(moduleName);
+    return withModuleSession(moduleRepository, consumer);
+  }
+
+  @Override
+  public boolean withModuleSession(CDORepository moduleRepository, Consumer<CDOSession> consumer)
+  {
     CDOSession session = moduleRepository.acquireSession();
     if (session != null)
     {

plugins/org.eclipse.emf.cdo.lm.security.edit/plugin.properties

@@ -34,3 +34,5 @@ _UI_ModuleFilter_moduleName_feature = Module Name
 _UI_LMFilter_regex_feature = Regex
 _UI_ModuleTypeFilter_moduleTypeName_feature = Module Type Name
 _UI_ModuleTypeFilter_includeUntyped_feature = Include Untyped
+_UI_ModuleFilter_module_feature = Module
+_UI_ModuleTypeFilter_moduleType_feature = Module Type