diff --git a/src/com/google/enterprise/adaptor/database/DatabaseAdaptor.java b/src/com/google/enterprise/adaptor/database/DatabaseAdaptor.java index f4d8c5c..def6006 100644 --- a/src/com/google/enterprise/adaptor/database/DatabaseAdaptor.java +++ b/src/com/google/enterprise/adaptor/database/DatabaseAdaptor.java @@ -18,6 +18,9 @@ import com.google.enterprise.adaptor.AbstractAdaptor; import com.google.enterprise.adaptor.Acl; import com.google.enterprise.adaptor.AdaptorContext; +import com.google.enterprise.adaptor.AuthnIdentity; +import com.google.enterprise.adaptor.AuthzAuthority; +import com.google.enterprise.adaptor.AuthzStatus; import com.google.enterprise.adaptor.Config; import com.google.enterprise.adaptor.DocId; import com.google.enterprise.adaptor.DocIdPusher; @@ -186,6 +189,12 @@ public void init(AdaptorContext context) throws Exception { if (encodeDocId) { log.config("adaptor runs in lister-only mode"); } + + if (aclSql == null) { + context.setAuthzAuthority(new AllPublic()); + } else { + context.setAuthzAuthority(new AllPrivate()); + } } /** Get all doc ids from database. */ @@ -687,4 +696,28 @@ public String toString() { return text; } } + + private static class AllPublic implements AuthzAuthority { + public Map isUserAuthorized(AuthnIdentity userIdentity, + Collection ids) throws IOException { + Map result = + new HashMap(ids.size() * 2); + for (DocId docId : ids) { + result.put(docId, AuthzStatus.PERMIT); + } + return Collections.unmodifiableMap(result); + } + } + + private static class AllPrivate implements AuthzAuthority { + public Map isUserAuthorized(AuthnIdentity userIdentity, + Collection ids) throws IOException { + Map result = + new HashMap(ids.size() * 2); + for (DocId docId : ids) { + result.put(docId, AuthzStatus.DENY); + } + return Collections.unmodifiableMap(result); + } + } }