Reintroduce getSnapshot() on AccessMode

- Default subclass implementations creates AccessModeSnapshot - Static access modes and snapshot return `this` - Some cleanup of interface code
neo4j · Oct 12, 2016 · 9403729 · 9403729
1 parent 8b246b7
commit 9403729
Show file tree

Hide file tree

Showing 5 changed files with 36 additions and 71 deletions.
diff --git a/community/kernel/src/main/java/org/neo4j/kernel/api/security/AccessMode.java b/community/kernel/src/main/java/org/neo4j/kernel/api/security/AccessMode.java
@@ -53,12 +53,6 @@ public boolean overrideOriginalMode()
                     {
                         return false;
                     }
-
-                    @Override
-                    public AuthorizationViolationException onViolation( String msg )
-                    {
-                        return new AuthorizationViolationException( msg );
-                    }
                 },
 
         /** No reading or writing allowed because of expired credentials. */
@@ -132,12 +126,6 @@ public boolean overrideOriginalMode()
                     {
                         return false;
                     }
-
-                    @Override
-                    public AuthorizationViolationException onViolation( String msg )
-                    {
-                        return new AuthorizationViolationException( msg );
-                    }
                 },
 
         /** Allows writing data */
@@ -166,12 +154,6 @@ public boolean overrideOriginalMode()
                     {
                         return false;
                     }
-
-                    @Override
-                    public AuthorizationViolationException onViolation( String msg )
-                    {
-                        return new AuthorizationViolationException( msg );
-                    }
                 },
 
         /** Allows reading and writing data, but not schema. */
@@ -200,12 +182,6 @@ public boolean overrideOriginalMode()
                     {
                         return false;
                     }
-
-                    @Override
-                    public AuthorizationViolationException onViolation( String msg )
-                    {
-                        return new AuthorizationViolationException( msg );
-                    }
                 },
 
         /** Allows all operations. */
@@ -234,12 +210,6 @@ public boolean overrideOriginalMode()
                     {
                         return false;
                     }
-
-                    @Override
-                    public AuthorizationViolationException onViolation( String msg )
-                    {
-                        return new AuthorizationViolationException( msg );
-                    }
                 },
 
         /** Allows reading data and schema, but not writing.
@@ -272,12 +242,6 @@ public boolean overrideOriginalMode()
             {
                 return true;
             }
-
-            @Override
-            public AuthorizationViolationException onViolation( String msg )
-            {
-                return new AuthorizationViolationException( msg );
-            }
         },
 
         /**
@@ -311,12 +275,6 @@ public boolean overrideOriginalMode()
             {
                 return true;
             }
-
-            @Override
-            public AuthorizationViolationException onViolation( String msg )
-            {
-                return new AuthorizationViolationException( msg );
-            }
         },
 
         /**
@@ -350,15 +308,20 @@ public boolean overrideOriginalMode()
             {
                 return true;
             }
+        };
 
-            @Override
+        @Override
-            public AuthorizationViolationException onViolation( String msg )
+        public AuthorizationViolationException onViolation( String msg )
-            {
+        {
-                return new AuthorizationViolationException( msg );
+            return new AuthorizationViolationException( msg );
-            }
+        }
-        },
 
+        @Override
+        public AccessMode getSnapshot()
+        {
+            return this;
         }
+    }
 
     boolean allowsReads();
     boolean allowsWrites();
@@ -376,4 +339,6 @@ default AccessMode getOriginalAccessMode()
     {
         return this;
     }
+
+    AccessMode getSnapshot();
 }
diff --git a/community/kernel/src/main/java/org/neo4j/kernel/api/security/AuthSubject.java b/community/kernel/src/main/java/org/neo4j/kernel/api/security/AuthSubject.java
@@ -23,6 +23,7 @@
 
 import org.neo4j.graphdb.security.AuthorizationViolationException;
 import org.neo4j.kernel.api.exceptions.InvalidArgumentsException;
+import org.neo4j.kernel.impl.api.security.AccessModeSnapshot;
 
 public interface AuthSubject extends AccessMode
 {
@@ -54,12 +55,6 @@ public interface AuthSubject extends AccessMode
      */
     boolean allowsProcedureWith( String[] roleNames ) throws InvalidArgumentsException;
 
-    /**
-     * @return A string representing the primary principal of this subject
-     */
-    @Override
-    String username();
-
     /**
      * @param username a username
      * @return true if the provided username is the underlying user name of this subject
@@ -76,11 +71,17 @@ default void ensureUserExistsWithName( String username ) throws InvalidArguments
         throw new InvalidArgumentsException( "User '" + username + "' does not exit." );
     }
 
-    abstract class AccessModeAdapter implements AuthSubject
+    @Override
+    default AccessMode getSnapshot()
+    {
+        return AccessModeSnapshot.createAccessModeSnapshot( this );
+    }
+
+    abstract class StaticAccessModeAdapter implements AuthSubject
     {
         private final AccessMode accessMode;
 
-        public AccessModeAdapter( AccessMode accessMode )
+        public StaticAccessModeAdapter( AccessMode.Static accessMode )
         {
             this.accessMode = accessMode;
         }
@@ -125,7 +126,7 @@ public String name()
     /**
      * Implementation to use when authentication has not yet been performed. Allows nothing.
      */
-    AuthSubject ANONYMOUS = new AuthSubject.AccessModeAdapter( Static.NONE )
+    AuthSubject ANONYMOUS = new StaticAccessModeAdapter( Static.NONE )
     {
         @Override
         public void logout()
@@ -167,31 +168,19 @@ public String name()
         {
             return "<anonymous>";
         }
-
-        @Override
-        public String username()
-        {
-            return ""; // Should never clash with a valid username
-        }
     };
 
     /**
      * Implementation to use when authentication is disabled. Allows everything.
      */
-    AuthSubject AUTH_DISABLED = new AuthSubject.AccessModeAdapter( Static.FULL )
+    AuthSubject AUTH_DISABLED = new StaticAccessModeAdapter( Static.FULL )
     {
         @Override
         public String name()
         {
             return "<auth disabled>";
         }
 
-        @Override
-        public String username()
-        {
-            return ""; // Should never clash with a valid username
-        }
-
         @Override
         public void logout()
         {

diff --git a/...unity/kernel/src/main/java/org/neo4j/kernel/impl/api/KernelTransactionImplementation.java b/...unity/kernel/src/main/java/org/neo4j/kernel/impl/api/KernelTransactionImplementation.java
@@ -231,7 +231,7 @@ public KernelTransactionImplementation initialize(
         this.lastTransactionTimestampWhenStarted = lastTimeStamp;
         this.transactionEvent = tracer.beginTransaction();
         assert transactionEvent != null : "transactionEvent was null!";
-        this.accessMode = AccessModeSnapshot.createAccessModeSnapshot( accessMode );
+        this.accessMode = accessMode.getSnapshot();
         this.transactionId = NOT_COMMITTED_TRANSACTION_ID;
         this.commitTime = NOT_COMMITTED_TRANSACTION_COMMIT_TIME;
         this.currentTransactionOperations = timeoutMillis > 0 ? operationContainer.guardedParts() : operationContainer.nonGuarderParts();

diff --git a/community/kernel/src/main/java/org/neo4j/kernel/impl/api/security/AccessModeSnapshot.java b/community/kernel/src/main/java/org/neo4j/kernel/impl/api/security/AccessModeSnapshot.java
@@ -102,4 +102,10 @@ public AccessMode getOriginalAccessMode()
     {
         return originalMode.getOriginalAccessMode();
     }
+
+    @Override
+    public AccessMode getSnapshot()
+    {
+        return this;
+    }
 }
diff --git a/community/kernel/src/main/java/org/neo4j/kernel/impl/api/security/OverriddenAccessMode.java b/community/kernel/src/main/java/org/neo4j/kernel/impl/api/security/OverriddenAccessMode.java
@@ -91,4 +91,9 @@ public AccessMode getOriginalAccessMode()
         return originalMode.getOriginalAccessMode();
     }
 
+    @Override
+    public AccessMode getSnapshot()
+    {
+        return AccessModeSnapshot.createAccessModeSnapshot( this );
+    }
 }