Rename Allowance back to AccessMode

neo4j · Oct 21, 2016 · b69b131 · b69b131
1 parent 98e395a
commit b69b131
Show file tree

Hide file tree

Showing 29 changed files with 127 additions and 137 deletions.
diff --git a/community/cypher/cypher/src/main/scala/org/neo4j/cypher/internal/ExecutionEngine.scala b/community/cypher/cypher/src/main/scala/org/neo4j/cypher/internal/ExecutionEngine.scala
@@ -30,7 +30,7 @@ import org.neo4j.cypher.internal.tracing.{CompilationTracer, TimingCompilationTr
 import org.neo4j.graphdb.config.Setting
 import org.neo4j.graphdb.factory.GraphDatabaseSettings
 import org.neo4j.kernel.api.ReadOperations
-import org.neo4j.kernel.api.security.{Allowance, SecurityContext}
+import org.neo4j.kernel.api.security.{AccessMode, SecurityContext}
 import org.neo4j.kernel.configuration.Config
 import org.neo4j.kernel.impl.query.{QueryExecutionMonitor, TransactionalContext}
 import org.neo4j.kernel.{GraphDatabaseQueryService, api, monitoring}
@@ -151,7 +151,7 @@ class ExecutionEngine(val queryService: GraphDatabaseQueryService, logProvider:
 
         // Temporarily change access mode during query planning
         // NOTE: This will force read allowance if the current transaction did not have it
-        val revertable = tc.restrictCurrentTransaction(SecurityContext.frozen(tc.securityContext, Allowance.Static.READ))
+        val revertable = tc.restrictCurrentTransaction(SecurityContext.frozen(tc.securityContext, AccessMode.Static.READ))
 
         val ((plan: ExecutionPlan, extractedParameters), touched) = try {
           // fetch plan cache

diff --git a/...cypher/src/main/scala/org/neo4j/cypher/internal/spi/TransactionalContextWrapperv3_0.scala b/...cypher/src/main/scala/org/neo4j/cypher/internal/spi/TransactionalContextWrapperv3_0.scala
@@ -24,7 +24,7 @@ import org.neo4j.graphdb.{Lock, PropertyContainer}
 import org.neo4j.kernel.GraphDatabaseQueryService
 import org.neo4j.kernel.api.KernelTransaction.Revertable
 import org.neo4j.kernel.api.dbms.DbmsOperations
-import org.neo4j.kernel.api.security.{Allowance, SecurityContext}
+import org.neo4j.kernel.api.security.{AccessMode, SecurityContext}
 import org.neo4j.kernel.api.txstate.TxStateHolder
 import org.neo4j.kernel.api.{ReadOperations, Statement}
 import org.neo4j.kernel.impl.query.TransactionalContext

diff --git a/...cypher/src/main/scala/org/neo4j/cypher/internal/spi/TransactionalContextWrapperv3_1.scala b/...cypher/src/main/scala/org/neo4j/cypher/internal/spi/TransactionalContextWrapperv3_1.scala
@@ -24,7 +24,7 @@ import org.neo4j.graphdb.{Lock, PropertyContainer}
 import org.neo4j.kernel.GraphDatabaseQueryService
 import org.neo4j.kernel.api.KernelTransaction.Revertable
 import org.neo4j.kernel.api.dbms.DbmsOperations
-import org.neo4j.kernel.api.security.{Allowance, SecurityContext}
+import org.neo4j.kernel.api.security.{AccessMode, SecurityContext}
 import org.neo4j.kernel.api.txstate.TxStateHolder
 import org.neo4j.kernel.api.{ReadOperations, Statement}
 import org.neo4j.kernel.impl.query.TransactionalContext

diff --git a/...pher/src/main/scala/org/neo4j/cypher/internal/spi/v3_1/TransactionBoundQueryContext.scala b/...pher/src/main/scala/org/neo4j/cypher/internal/spi/v3_1/TransactionBoundQueryContext.scala
@@ -590,7 +590,7 @@ final class TransactionBoundQueryContext(val transactionalContext: Transactional
   private def shouldElevate(allowed: Array[String]): Boolean = {
     // We have to be careful with elevation, since we cannot elevate permissions in a nested procedure call
     // above the original allowed procedure mode. We enforce this by checking if mode is already an overridden mode.
-    val allowance = transactionalContext.securityContext.allows()
+    val allowance = transactionalContext.securityContext.mode()
     allowed.nonEmpty && !allowance.isOverridden && allowance.allowsProcedureWith(allowed)
   }
 

diff --git a/community/kernel/src/main/java/org/neo4j/kernel/api/KernelTransaction.java b/community/kernel/src/main/java/org/neo4j/kernel/api/KernelTransaction.java
@@ -21,7 +21,6 @@
 
 import org.neo4j.kernel.api.exceptions.Status;
 import org.neo4j.kernel.api.exceptions.TransactionFailureException;
-import org.neo4j.kernel.api.security.Allowance;
 import org.neo4j.kernel.api.security.SecurityContext;
 import org.neo4j.kernel.impl.api.Kernel;
 

diff --git a/community/kernel/src/main/java/org/neo4j/kernel/api/ProcedureCallOperations.java b/community/kernel/src/main/java/org/neo4j/kernel/api/ProcedureCallOperations.java
@@ -22,8 +22,7 @@
 import org.neo4j.collection.RawIterator;
 import org.neo4j.kernel.api.exceptions.ProcedureException;
 import org.neo4j.kernel.api.proc.QualifiedName;
-import org.neo4j.kernel.api.security.Allowance;
-import org.neo4j.kernel.api.security.SecurityContext;
+import org.neo4j.kernel.api.security.AccessMode;
 
 /**
  * Specifies procedure call operations for the three types of procedure calls that can be made.
@@ -43,7 +42,7 @@ RawIterator<Object[], ProcedureException> procedureCallRead(
 
     /**
      * Invoke a read-only procedure by name, and set the transaction's access mode to
-     * {@link org.neo4j.kernel.api.security.Allowance.Static#READ READ} for the duration of the procedure execution.
+     * {@link AccessMode.Static#READ READ} for the duration of the procedure execution.
      * @param name the name of the procedure.
      * @param arguments the procedure arguments.
      * @return an iterator containing the procedure results.
@@ -64,7 +63,7 @@ RawIterator<Object[], ProcedureException> procedureCallWrite(
             throws ProcedureException;
     /**
      * Invoke a read-only procedure by name, and set the transaction's access mode to
-     * {@link org.neo4j.kernel.api.security.Allowance.Static#WRITE WRITE} for the duration of the procedure execution.
+     * {@link AccessMode.Static#WRITE WRITE} for the duration of the procedure execution.
      * @param name the name of the procedure.
      * @param arguments the procedure arguments.
      * @return an iterator containing the procedure results.
@@ -85,7 +84,7 @@ RawIterator<Object[], ProcedureException> procedureCallSchema(
             throws ProcedureException;
     /**
      * Invoke a read-only procedure by name, and set the transaction's access mode to
-     * {@link org.neo4j.kernel.api.security.Allowance.Static#FULL FULL} for the duration of the procedure execution.
+     * {@link AccessMode.Static#FULL FULL} for the duration of the procedure execution.
      * @param name the name of the procedure.
      * @param arguments the procedure arguments.
      * @return an iterator containing the procedure results.
@@ -102,7 +101,7 @@ RawIterator<Object[], ProcedureException> procedureCallSchemaOverride( Qualified
     Object functionCall( QualifiedName name, Object[] arguments ) throws ProcedureException;
 
     /** Invoke a read-only function by name, and set the transaction's access mode to
-     * {@link org.neo4j.kernel.api.security.Allowance.Static#READ READ} for the duration of the function execution.
+     * {@link AccessMode.Static#READ READ} for the duration of the function execution.
      * @param name the name of the function.
      * @param arguments the function arguments.
      * @throws ProcedureException if there was an exception thrown during function execution.

diff --git a/.../neo4j/kernel/api/security/Allowance.java → ...neo4j/kernel/api/security/AccessMode.java b/.../neo4j/kernel/api/security/Allowance.java → ...neo4j/kernel/api/security/AccessMode.java
@@ -24,9 +24,9 @@
 import org.neo4j.kernel.api.exceptions.Status;
 
 /** Controls the capabilities of a KernelTransaction. */
-public interface Allowance
+public interface AccessMode
 {
-    enum Static implements Allowance
+    enum Static implements AccessMode
     {
         /** No reading or writing allowed. */
         NONE

diff --git a/community/kernel/src/main/java/org/neo4j/kernel/api/security/AnonymousContext.java b/community/kernel/src/main/java/org/neo4j/kernel/api/security/AnonymousContext.java
@@ -22,31 +22,31 @@
 /** Controls the capabilities of a KernelTransaction. */
 public class AnonymousContext implements SecurityContext
 {
-    private final Allowance allowance;
+    private final AccessMode accessMode;
 
-    private AnonymousContext( Allowance allowance )
+    private AnonymousContext( AccessMode accessMode )
     {
-        this.allowance = allowance;
+        this.accessMode = accessMode;
     }
 
     public static AnonymousContext none()
     {
-        return new AnonymousContext( Allowance.Static.NONE );
+        return new AnonymousContext( AccessMode.Static.NONE );
     }
 
     public static AnonymousContext read()
     {
-        return new AnonymousContext( Allowance.Static.READ );
+        return new AnonymousContext( AccessMode.Static.READ );
     }
 
     public static AnonymousContext write()
     {
-        return new AnonymousContext( Allowance.Static.WRITE );
+        return new AnonymousContext( AccessMode.Static.WRITE );
     }
 
     public static AnonymousContext writeOnly()
     {
-        return new AnonymousContext( Allowance.Static.WRITE_ONLY );
+        return new AnonymousContext( AccessMode.Static.WRITE_ONLY );
     }
 
     @Override
@@ -56,9 +56,9 @@ public AuthSubject subject()
     }
 
     @Override
-    public Allowance allows()
+    public AccessMode mode()
     {
-        return allowance;
+        return accessMode;
     }
 
     @Override

diff --git a/community/kernel/src/main/java/org/neo4j/kernel/api/security/SecurityContext.java b/community/kernel/src/main/java/org/neo4j/kernel/api/security/SecurityContext.java
@@ -22,21 +22,21 @@
 /** Controls the capabilities of a KernelTransaction. */
 public interface SecurityContext
 {
-    Allowance allows();
+    AccessMode mode();
     AuthSubject subject();
 
     default String defaultString( String name )
     {
-        return String.format( "%s{ securityContext=%s, allowance=%s }", name, subject().username(), allows() );
+        return String.format( "%s{ securityContext=%s, allowance=%s }", name, subject().username(), mode() );
     }
 
     /** Allows all operations. */
     SecurityContext AUTH_DISABLED = new SecurityContext()
     {
         @Override
-        public Allowance allows()
+        public AccessMode mode()
         {
-            return Allowance.Static.FULL;
+            return AccessMode.Static.FULL;
         }
 
         @Override
@@ -52,19 +52,19 @@ public AuthSubject subject()
         }
     };
 
-    static SecurityContext frozen( SecurityContext context, Allowance allowance )
+    static SecurityContext frozen( SecurityContext context, AccessMode accessMode )
     {
-        return frozen( context.subject(), allowance );
+        return frozen( context.subject(), accessMode );
     }
 
-    static SecurityContext frozen( AuthSubject subject, Allowance allowance )
+    static SecurityContext frozen( AuthSubject subject, AccessMode accessMode )
     {
         return new SecurityContext()
         {
             @Override
-            public Allowance allows()
+            public AccessMode mode()
             {
-                return allowance;
+                return accessMode;
             }
 
             @Override

diff --git a/community/kernel/src/main/java/org/neo4j/kernel/impl/api/KernelStatement.java b/community/kernel/src/main/java/org/neo4j/kernel/impl/api/KernelStatement.java
@@ -33,7 +33,7 @@
 import org.neo4j.kernel.api.TokenWriteOperations;
 import org.neo4j.kernel.api.exceptions.InvalidTransactionTypeKernelException;
 import org.neo4j.kernel.api.exceptions.Status;
-import org.neo4j.kernel.api.security.Allowance;
+import org.neo4j.kernel.api.security.AccessMode;
 import org.neo4j.kernel.api.txstate.LegacyIndexTransactionState;
 import org.neo4j.kernel.api.txstate.TransactionState;
 import org.neo4j.kernel.api.txstate.TxStateHolder;
@@ -89,7 +89,7 @@ public KernelStatement( KernelTransactionImplementation transaction,
     @Override
     public ReadOperations readOperations()
     {
-        assertAllows( Allowance::allowsReads, "Read" );
+        assertAllows( AccessMode::allowsReads, "Read" );
         return facade;
     }
 
@@ -104,7 +104,7 @@ public TokenWriteOperations tokenWriteOperations()
     {
         accessCapability.assertCanWrite();
 
-        assertAllows( Allowance::allowsWrites, "Write" );
+        assertAllows( AccessMode::allowsWrites, "Write" );
         return facade;
     }
 
@@ -114,7 +114,7 @@ public DataWriteOperations dataWriteOperations()
     {
         accessCapability.assertCanWrite();
 
-        assertAllows( Allowance::allowsWrites, "Write" );
+        assertAllows( AccessMode::allowsWrites, "Write" );
         transaction.upgradeToDataWrites();
         return facade;
     }
@@ -125,7 +125,7 @@ public SchemaWriteOperations schemaWriteOperations()
     {
         accessCapability.assertCanWrite();
 
-        assertAllows( Allowance::allowsSchemaWrites, "Schema" );
+        assertAllows( AccessMode::allowsSchemaWrites, "Schema" );
         transaction.upgradeToSchemaWrites();
         return facade;
     }
@@ -249,12 +249,12 @@ public KernelTransactionImplementation getTransaction()
         return transaction;
     }
 
-    private void assertAllows( Function<Allowance,Boolean> allows, String mode )
+    private void assertAllows( Function<AccessMode,Boolean> allows, String mode )
     {
-        Allowance allowance = transaction.securityContext().allows();
-        if ( !allows.apply( allowance ) )
+        AccessMode accessMode = transaction.securityContext().mode();
+        if ( !allows.apply( accessMode ) )
         {
-            throw allowance.onViolation(
+            throw accessMode.onViolation(
                     String.format( "%s operations are not allowed for '%s'.", mode, transaction.securityContext()
                             .subject().username() ) );
         }