SEC-1132: Restructuring of ACL packages

acl/src/main/java/org/springframework/security/acls/AclEntryVoter.java

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls.vote;
+package org.springframework.security.acls;
 
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
@@ -24,16 +24,16 @@ import org.apache.commons.logging.LogFactory;
 import org.springframework.security.access.AuthorizationServiceException;
 import org.springframework.security.access.ConfigAttribute;
 import org.springframework.security.access.vote.AbstractAclVoter;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AclService;
-import org.springframework.security.acls.NotFoundException;
-import org.springframework.security.acls.Permission;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityRetrievalStrategy;
-import org.springframework.security.acls.objectidentity.ObjectIdentityRetrievalStrategyImpl;
-import org.springframework.security.acls.sid.Sid;
-import org.springframework.security.acls.sid.SidRetrievalStrategy;
-import org.springframework.security.acls.sid.SidRetrievalStrategyImpl;
+import org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl;
+import org.springframework.security.acls.domain.SidRetrievalStrategyImpl;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AclService;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy;
+import org.springframework.security.acls.model.Permission;
+import org.springframework.security.acls.model.Sid;
+import org.springframework.security.acls.model.SidRetrievalStrategy;
 import org.springframework.security.core.Authentication;
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;

acl/src/main/java/org/springframework/security/acls/AclPermissionEvaluator.java

@@ -1,4 +1,4 @@
-package org.springframework.security.acls.expression;
+package org.springframework.security.acls;
 
 import java.io.Serializable;
 import java.util.Arrays;
@@ -6,29 +6,29 @@ import java.util.List;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.springframework.security.access.expression.PermissionEvaluator;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AclService;
-import org.springframework.security.acls.NotFoundException;
-import org.springframework.security.acls.Permission;
+import org.springframework.security.access.PermissionEvaluator;
 import org.springframework.security.acls.domain.BasePermission;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityGenerator;
-import org.springframework.security.acls.objectidentity.ObjectIdentityRetrievalStrategy;
-import org.springframework.security.acls.objectidentity.ObjectIdentityRetrievalStrategyImpl;
-import org.springframework.security.acls.sid.Sid;
-import org.springframework.security.acls.sid.SidRetrievalStrategy;
-import org.springframework.security.acls.sid.SidRetrievalStrategyImpl;
+import org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl;
+import org.springframework.security.acls.domain.SidRetrievalStrategyImpl;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AclService;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.ObjectIdentityGenerator;
+import org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy;
+import org.springframework.security.acls.model.Permission;
+import org.springframework.security.acls.model.Sid;
+import org.springframework.security.acls.model.SidRetrievalStrategy;
 import org.springframework.security.core.Authentication;
 
 /**
  * Used by Spring Security's expression-based access control implementation to evaluate permissions for a particular
  * object using the ACL module. Similar in behaviour to
- * {@link org.springframework.security.access.vote.AclEntryVoter AclEntryVoter}.
+ * {@link org.springframework.security.acls.AclEntryVoter AclEntryVoter}.
  *
  * @author Luke Taylor
  * @version $Id$
- * @since 2.5
+ * @since 3.0
  */
 public class AclPermissionEvaluator implements PermissionEvaluator {
 

acl/src/main/java/org/springframework/security/acls/afterinvocation/AbstractAclProvider.java

@@ -18,22 +18,20 @@ package org.springframework.security.acls.afterinvocation;
 import java.util.Arrays;
 import java.util.List;
 
-
 import org.springframework.security.access.ConfigAttribute;
 import org.springframework.security.access.intercept.AfterInvocationProvider;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AclService;
-import org.springframework.security.acls.NotFoundException;
-import org.springframework.security.acls.Permission;
 import org.springframework.security.acls.domain.BasePermission;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityRetrievalStrategy;
-import org.springframework.security.acls.objectidentity.ObjectIdentityRetrievalStrategyImpl;
-import org.springframework.security.acls.sid.Sid;
-import org.springframework.security.acls.sid.SidRetrievalStrategy;
-import org.springframework.security.acls.sid.SidRetrievalStrategyImpl;
+import org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl;
+import org.springframework.security.acls.domain.SidRetrievalStrategyImpl;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AclService;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy;
+import org.springframework.security.acls.model.Permission;
+import org.springframework.security.acls.model.Sid;
+import org.springframework.security.acls.model.SidRetrievalStrategy;
 import org.springframework.security.core.Authentication;
-
 import org.springframework.util.Assert;
 
 

acl/src/main/java/org/springframework/security/acls/afterinvocation/AclEntryAfterInvocationCollectionFilteringProvider.java

@@ -22,8 +22,8 @@ import org.apache.commons.logging.LogFactory;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.access.AuthorizationServiceException;
 import org.springframework.security.access.ConfigAttribute;
-import org.springframework.security.acls.AclService;
-import org.springframework.security.acls.Permission;
+import org.springframework.security.acls.model.AclService;
+import org.springframework.security.acls.model.Permission;
 import org.springframework.security.core.Authentication;
 
 

acl/src/main/java/org/springframework/security/acls/afterinvocation/AclEntryAfterInvocationProvider.java

@@ -23,8 +23,8 @@ import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.access.ConfigAttribute;
-import org.springframework.security.acls.AclService;
-import org.springframework.security.acls.Permission;
+import org.springframework.security.acls.model.AclService;
+import org.springframework.security.acls.model.Permission;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.SpringSecurityMessageSource;
 

acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java

@@ -1,7 +1,6 @@
 package org.springframework.security.acls.domain;
 
-import org.springframework.security.acls.AclFormattingUtils;
-import org.springframework.security.acls.Permission;
+import org.springframework.security.acls.model.Permission;
 
 /**
  * Provides an abstract superclass for {@link Permission} implementations.

acl/src/main/java/org/springframework/security/acls/domain/AccessControlEntryImpl.java

@@ -14,11 +14,11 @@
  */
 package org.springframework.security.acls.domain;
 
-import org.springframework.security.acls.AccessControlEntry;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AuditableAccessControlEntry;
-import org.springframework.security.acls.Permission;
-import org.springframework.security.acls.sid.Sid;
+import org.springframework.security.acls.model.AccessControlEntry;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AuditableAccessControlEntry;
+import org.springframework.security.acls.model.Permission;
+import org.springframework.security.acls.model.Sid;
 
 import org.springframework.util.Assert;
 

acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategy.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.acls.domain;
 
-import org.springframework.security.acls.Acl;
+import org.springframework.security.acls.model.Acl;
 
 
 /**

acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java

@@ -19,11 +19,9 @@ import java.util.Arrays;
 import java.util.List;
 
 import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.sid.PrincipalSid;
-import org.springframework.security.acls.sid.Sid;
-import org.springframework.security.acls.sid.SidRetrievalStrategy;
-import org.springframework.security.acls.sid.SidRetrievalStrategyImpl;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.Sid;
+import org.springframework.security.acls.model.SidRetrievalStrategy;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;

acl/src/main/java/org/springframework/security/acls/domain/AclFormattingUtils.java

@@ -12,8 +12,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.domain;
 
+import org.springframework.security.acls.model.Permission;
 import org.springframework.util.Assert;
 
 

acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java

@@ -18,16 +18,16 @@ import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.List;
 
-import org.springframework.security.acls.AccessControlEntry;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AuditableAcl;
-import org.springframework.security.acls.MutableAcl;
-import org.springframework.security.acls.NotFoundException;
-import org.springframework.security.acls.OwnershipAcl;
-import org.springframework.security.acls.Permission;
-import org.springframework.security.acls.UnloadedSidException;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.sid.Sid;
+import org.springframework.security.acls.model.AccessControlEntry;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AuditableAcl;
+import org.springframework.security.acls.model.MutableAcl;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.OwnershipAcl;
+import org.springframework.security.acls.model.Permission;
+import org.springframework.security.acls.model.Sid;
+import org.springframework.security.acls.model.UnloadedSidException;
 import org.springframework.util.Assert;
 
 
@@ -54,7 +54,7 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
 
     /**
      * Minimal constructor, which should be used {@link
-     * org.springframework.security.acls.MutableAclService#createAcl(ObjectIdentity)}.
+     * org.springframework.security.acls.model.MutableAclService#createAcl(ObjectIdentity)}.
      *
      * @param objectIdentity the object identity this ACL relates to (required)
      * @param id the primary key assigned to this ACL (required)
@@ -226,7 +226,8 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
                             }
 
                             return true;
-                        } else {
+                        }
+
                         // Failure for this permission, so stop search
                         // We will see if they have a different permission
                         // (this permission is 100% rejected for this SID)
@@ -240,7 +241,6 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
                         break; // exit aces loop
                     }
                 }
-                }
 
                 if (!scanNextSid) {
                     break; // exit SID for loop (now try next permission)

acl/src/main/java/org/springframework/security/acls/domain/AuditLogger.java

@@ -14,7 +14,7 @@
  */
 package org.springframework.security.acls.domain;
 
-import org.springframework.security.acls.AccessControlEntry;
+import org.springframework.security.acls.model.AccessControlEntry;
 
 
 /**

acl/src/main/java/org/springframework/security/acls/domain/BasePermission.java

@@ -14,7 +14,7 @@
  */
 package org.springframework.security.acls.domain;
 
-import org.springframework.security.acls.Permission;
+import org.springframework.security.acls.model.Permission;
 
 
 /**

acl/src/main/java/org/springframework/security/acls/domain/ConsoleAuditLogger.java

@@ -14,8 +14,8 @@
  */
 package org.springframework.security.acls.domain;
 
-import org.springframework.security.acls.AccessControlEntry;
-import org.springframework.security.acls.AuditableAccessControlEntry;
+import org.springframework.security.acls.model.AccessControlEntry;
+import org.springframework.security.acls.model.AuditableAccessControlEntry;
 
 import org.springframework.util.Assert;
 

acl/src/main/java/org/springframework/security/acls/domain/CumulativePermission.java

@@ -14,8 +14,7 @@
  */
 package org.springframework.security.acls.domain;
 
-import org.springframework.security.acls.AclFormattingUtils;
-import org.springframework.security.acls.Permission;
+import org.springframework.security.acls.model.Permission;
 
 
 /**

acl/src/main/java/org/springframework/security/acls/domain/DefaultPermissionFactory.java

@@ -4,8 +4,8 @@ import java.lang.reflect.Field;
 import java.util.HashMap;
 import java.util.Map;
 
-import org.springframework.security.acls.Permission;
 import org.springframework.security.acls.jdbc.LookupStrategy;
+import org.springframework.security.acls.model.Permission;
 import org.springframework.util.Assert;
 
 /**

acl/src/main/java/org/springframework/security/acls/domain/GrantedAuthoritySid.java

@@ -12,8 +12,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls.sid;
+package org.springframework.security.acls.domain;
 
+import org.springframework.security.acls.model.Sid;
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.util.Assert;

acl/src/main/java/org/springframework/security/acls/domain/IdentityUnavailableException.java

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls.objectidentity;
+package org.springframework.security.acls.domain;
 
 /**
  * Thrown if an ACL identity could not be extracted from an object.

acl/src/main/java/org/springframework/security/acls/domain/ObjectIdentityImpl.java

@@ -12,11 +12,12 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls.objectidentity;
+package org.springframework.security.acls.domain;
 
 import java.io.Serializable;
 import java.lang.reflect.Method;
 
+import org.springframework.security.acls.model.ObjectIdentity;
 import org.springframework.util.Assert;
 import org.springframework.util.ClassUtils;
 
@@ -43,7 +44,7 @@ public class ObjectIdentityImpl implements ObjectIdentity {
         Assert.notNull(identifier, "identifier required");
 
         try {
-            this.javaType = ClassUtils.forName(javaType);
+            this.javaType = ClassUtils.forName(javaType, ClassUtils.getDefaultClassLoader());
         } catch (ClassNotFoundException e) {
             throw new IllegalStateException("Unable to load javaType: " + javaType, e);
         }

acl/src/main/java/org/springframework/security/acls/domain/ObjectIdentityRetrievalStrategyImpl.java

@@ -13,10 +13,14 @@
  * limitations under the License.
  */
 
-package org.springframework.security.acls.objectidentity;
+package org.springframework.security.acls.domain;
 
 import java.io.Serializable;
 
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.ObjectIdentityGenerator;
+import org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy;
+
 /**
  * Basic implementation of {@link ObjectIdentityRetrievalStrategy} and <tt>ObjectIdentityGenerator</tt>
  * that uses the constructors of {@link ObjectIdentityImpl} to create the {@link ObjectIdentity}.

acl/src/main/java/org/springframework/security/acls/domain/PermissionFactory.java

@@ -1,6 +1,6 @@
 package org.springframework.security.acls.domain;
 
-import org.springframework.security.acls.Permission;
+import org.springframework.security.acls.model.Permission;
 
 /**
  * Provides a simple mechanism to retrieve {@link Permission} instances from integer masks.

acl/src/main/java/org/springframework/security/acls/domain/PrincipalSid.java

@@ -12,9 +12,10 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls.sid;
+package org.springframework.security.acls.domain;
 
 
+import org.springframework.security.acls.model.Sid;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.UserDetails;
 

acl/src/main/java/org/springframework/security/acls/domain/SidRetrievalStrategyImpl.java

@@ -13,11 +13,13 @@
  * limitations under the License.
  */
 
-package org.springframework.security.acls.sid;
+package org.springframework.security.acls.domain;
 
 import java.util.ArrayList;
 import java.util.List;
 
+import org.springframework.security.acls.model.Sid;
+import org.springframework.security.acls.model.SidRetrievalStrategy;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 

acl/src/main/java/org/springframework/security/acls/jdbc/AclCache.java

@@ -14,8 +14,8 @@
  */
 package org.springframework.security.acls.jdbc;
 
-import org.springframework.security.acls.MutableAcl;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
+import org.springframework.security.acls.model.MutableAcl;
+import org.springframework.security.acls.model.ObjectIdentity;
 
 import java.io.Serializable;
 

acl/src/main/java/org/springframework/security/acls/jdbc/BasicLookupStrategy.java

@@ -33,22 +33,22 @@ import org.springframework.dao.DataAccessException;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.jdbc.core.PreparedStatementSetter;
 import org.springframework.jdbc.core.ResultSetExtractor;
-import org.springframework.security.acls.AccessControlEntry;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.MutableAcl;
-import org.springframework.security.acls.NotFoundException;
-import org.springframework.security.acls.Permission;
-import org.springframework.security.acls.UnloadedSidException;
 import org.springframework.security.acls.domain.AccessControlEntryImpl;
 import org.springframework.security.acls.domain.AclAuthorizationStrategy;
 import org.springframework.security.acls.domain.AclImpl;
 import org.springframework.security.acls.domain.AuditLogger;
 import org.springframework.security.acls.domain.BasePermission;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
-import org.springframework.security.acls.sid.GrantedAuthoritySid;
-import org.springframework.security.acls.sid.PrincipalSid;
-import org.springframework.security.acls.sid.Sid;
+import org.springframework.security.acls.domain.GrantedAuthoritySid;
+import org.springframework.security.acls.domain.ObjectIdentityImpl;
+import org.springframework.security.acls.domain.PrincipalSid;
+import org.springframework.security.acls.model.AccessControlEntry;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.MutableAcl;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.Permission;
+import org.springframework.security.acls.model.Sid;
+import org.springframework.security.acls.model.UnloadedSidException;
 import org.springframework.security.util.FieldUtils;
 import org.springframework.util.Assert;
 

acl/src/main/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCache.java

@@ -20,11 +20,11 @@ import net.sf.ehcache.CacheException;
 import net.sf.ehcache.Ehcache;
 import net.sf.ehcache.Element;
 
-import org.springframework.security.acls.MutableAcl;
 import org.springframework.security.acls.domain.AclAuthorizationStrategy;
 import org.springframework.security.acls.domain.AclImpl;
 import org.springframework.security.acls.domain.AuditLogger;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
+import org.springframework.security.acls.model.MutableAcl;
+import org.springframework.security.acls.model.ObjectIdentity;
 import org.springframework.security.util.FieldUtils;
 import org.springframework.util.Assert;
 

acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java

@@ -26,12 +26,12 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.jdbc.core.RowMapper;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AclService;
-import org.springframework.security.acls.NotFoundException;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
-import org.springframework.security.acls.sid.Sid;
+import org.springframework.security.acls.domain.ObjectIdentityImpl;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AclService;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.Sid;
 import org.springframework.util.Assert;
 
 

acl/src/main/java/org/springframework/security/acls/jdbc/JdbcMutableAclService.java

@@ -22,19 +22,19 @@ import javax.sql.DataSource;
 
 import org.springframework.dao.DataAccessException;
 import org.springframework.jdbc.core.BatchPreparedStatementSetter;
-import org.springframework.security.acls.AccessControlEntry;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AlreadyExistsException;
-import org.springframework.security.acls.ChildrenExistException;
-import org.springframework.security.acls.MutableAcl;
-import org.springframework.security.acls.MutableAclService;
-import org.springframework.security.acls.NotFoundException;
 import org.springframework.security.acls.domain.AccessControlEntryImpl;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
-import org.springframework.security.acls.sid.GrantedAuthoritySid;
-import org.springframework.security.acls.sid.PrincipalSid;
-import org.springframework.security.acls.sid.Sid;
+import org.springframework.security.acls.domain.GrantedAuthoritySid;
+import org.springframework.security.acls.domain.ObjectIdentityImpl;
+import org.springframework.security.acls.domain.PrincipalSid;
+import org.springframework.security.acls.model.AccessControlEntry;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AlreadyExistsException;
+import org.springframework.security.acls.model.ChildrenExistException;
+import org.springframework.security.acls.model.MutableAcl;
+import org.springframework.security.acls.model.MutableAclService;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.Sid;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.transaction.support.TransactionSynchronizationManager;

acl/src/main/java/org/springframework/security/acls/jdbc/LookupStrategy.java

@@ -14,17 +14,17 @@
  */
 package org.springframework.security.acls.jdbc;
 
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.NotFoundException;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.sid.Sid;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.Sid;
 
 import java.util.List;
 import java.util.Map;
 
 
 /**
- * Performs lookups for {@link org.springframework.security.acls.AclService}.
+ * Performs lookups for {@link org.springframework.security.acls.model.AclService}.
  *
  * @author Ben Alex
  * @version $Id$

acl/src/main/java/org/springframework/security/acls/model/AccessControlEntry.java

@@ -12,9 +12,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
 
-import org.springframework.security.acls.sid.Sid;
 
 import java.io.Serializable;
 

acl/src/main/java/org/springframework/security/acls/model/Acl.java

@@ -12,10 +12,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
 
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.sid.Sid;
 
 import java.io.Serializable;
 import java.util.List;
@@ -29,13 +27,13 @@ import java.util.List;
  * order to avoid needing references to the domain object itself, this
  * interface handles indirection between a domain object and an ACL object
  * identity via the {@link
- * org.springframework.security.acls.objectidentity.ObjectIdentity} interface.
+ * org.springframework.security.acls.model.ObjectIdentity} interface.
  * </p>
  *
  * <p>
  * Implementing classes may elect to return instances that represent 
- * {@link org.springframework.security.acls.Permission} information for either
- * some OR all {@link org.springframework.security.acls.sid.Sid}
+ * {@link org.springframework.security.acls.model.Permission} information for either
+ * some OR all {@link org.springframework.security.acls.model.Sid}
  * instances. Therefore, an instance may NOT necessarily contain ALL <tt>Sid</tt>s
  * for a given domain object.
  * </p>

acl/src/main/java/org/springframework/security/acls/model/AclDataAccessException.java

@@ -1,11 +1,11 @@
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
 
 /**
  * Abstract base class for Acl data operations.
  *
  * @author Luke Taylor
  * @version $Id$
- * @since 2.5
+ * @since 3.0
  */
 public abstract class AclDataAccessException extends RuntimeException {
 

acl/src/main/java/org/springframework/security/acls/model/AclService.java

@@ -12,10 +12,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
 
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.sid.Sid;
 
 import java.util.List;
 import java.util.Map;

acl/src/main/java/org/springframework/security/acls/model/AlreadyExistsException.java

@@ -12,7 +12,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
+
 
 /**
  * Thrown if an <code>Acl</code> entry already exists for the object.

acl/src/main/java/org/springframework/security/acls/model/AuditableAccessControlEntry.java

@@ -12,7 +12,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
+
 
 /**
  * Represents an ACE that provides auditing information.

acl/src/main/java/org/springframework/security/acls/model/AuditableAcl.java

@@ -12,7 +12,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
+
 
 /**
  * A mutable ACL that provides audit capabilities.

acl/src/main/java/org/springframework/security/acls/model/ChildrenExistException.java

@@ -12,7 +12,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
+
 
 /**
  * Thrown if an {@link Acl} cannot be deleted because children <code>Acl</code>s exist.

acl/src/main/java/org/springframework/security/acls/model/MutableAcl.java

@@ -12,11 +12,10 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
 
 import java.io.Serializable;
 
-import org.springframework.security.acls.sid.Sid;
 
 
 /**

acl/src/main/java/org/springframework/security/acls/model/MutableAclService.java

@@ -12,9 +12,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
 
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
 
 
 /**

acl/src/main/java/org/springframework/security/acls/model/NotFoundException.java

@@ -12,7 +12,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
+
 
 /**
  * Thrown if an ACL-related object cannot be found.

acl/src/main/java/org/springframework/security/acls/model/ObjectIdentity.java

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls.objectidentity;
+package org.springframework.security.acls.model;
 
 import java.io.Serializable;
 

acl/src/main/java/org/springframework/security/acls/model/ObjectIdentityGenerator.java

@@ -1,14 +1,18 @@
-package org.springframework.security.acls.objectidentity;
+package org.springframework.security.acls.model;
 
 import java.io.Serializable;
 
+
 /**
- * Strategy which creates an <tt>ObjectIdentity</tt> from object identity and type information.
- * Used in situations when the actual object instance isn't available.
+ * Strategy which creates an <tt>ObjectIdentity</tt> from an object identifier (such as a primary key)
+ * and type information.
+ * <p>
+ * Differs from {@link ObjectIdentityRetrievalStrategy} in that it is used in situations when the actual object
+ * instance isn't available.
  *
  * @author Luke Taylor
  * @version $Id$
- * @since 2.5
+ * @since 3.0
  */
 public interface ObjectIdentityGenerator {
 

acl/src/main/java/org/springframework/security/acls/model/ObjectIdentityRetrievalStrategy.java

@@ -13,7 +13,8 @@
  * limitations under the License.
  */
 
-package org.springframework.security.acls.objectidentity;
+package org.springframework.security.acls.model;
+
 
 /**
  * Strategy interface that provides the ability to determine which {@link ObjectIdentity}

acl/src/main/java/org/springframework/security/acls/model/OwnershipAcl.java

@@ -12,9 +12,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
 
-import org.springframework.security.acls.sid.Sid;
 
 
 /**

acl/src/main/java/org/springframework/security/acls/model/Permission.java

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
 
 import java.io.Serializable;
 

acl/src/main/java/org/springframework/security/acls/model/Sid.java

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls.sid;
+package org.springframework.security.acls.model;
 
 import java.io.Serializable;
 

acl/src/main/java/org/springframework/security/acls/model/SidRetrievalStrategy.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.acls.sid;
+package org.springframework.security.acls.model;
 
 import java.util.List;
 

acl/src/main/java/org/springframework/security/acls/model/UnloadedSidException.java

@@ -12,7 +12,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.acls;
+package org.springframework.security.acls.model;
+
 
 /**
  * Thrown if an {@link Acl} cannot perform an operation because it only loaded a subset of <code>Sid</code>s and

acl/src/main/java/org/springframework/security/acls/objectidentity/package.html

@@ -1,5 +0,0 @@
-<html>
-<body>
-Provides indirection between ACL packages and domain objects.
-</body>
-</html>

acl/src/main/java/org/springframework/security/acls/sid/package.html

@@ -1,5 +0,0 @@
-<html>
-<body>
-Provides indirection between ACL packages and security identities, such as principals and GrantedAuthority[]s.
-</body>
-</html>

acl/src/test/java/org/springframework/security/acls/AclFormattingUtilsTests.java

@@ -1,5 +1,8 @@
 package org.springframework.security.acls;
 
+import org.springframework.security.acls.domain.AclFormattingUtils;
+import org.springframework.security.acls.model.Permission;
+
 import junit.framework.Assert;
 import junit.framework.TestCase;
 

acl/src/test/java/org/springframework/security/acls/AclPermissionEvaluatorTests.java

@@ -1,22 +1,22 @@
-package org.springframework.security.acls.expression;
+package org.springframework.security.acls;
 
 import static org.junit.Assert.assertTrue;
 import static org.mockito.Matchers.*;
 import static org.mockito.Mockito.*;
 
 import org.junit.Test;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AclService;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityRetrievalStrategy;
-import org.springframework.security.acls.sid.SidRetrievalStrategy;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AclService;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy;
+import org.springframework.security.acls.model.SidRetrievalStrategy;
 import org.springframework.security.core.Authentication;
 
 /**
  *
  * @author Luke Taylor
  * @version $Id$
- * @since 2.5
+ * @since 3.0
  */
 public class AclPermissionEvaluatorTests {
 

acl/src/test/java/org/springframework/security/acls/domain/AccessControlImplEntryTests.java

@@ -6,12 +6,11 @@ import org.jmock.Expectations;
 import org.jmock.Mockery;
 import org.jmock.integration.junit4.JUnit4Mockery;
 import org.junit.Test;
-import org.springframework.security.acls.AccessControlEntry;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AuditableAccessControlEntry;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.sid.PrincipalSid;
-import org.springframework.security.acls.sid.Sid;
+import org.springframework.security.acls.model.AccessControlEntry;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AuditableAccessControlEntry;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.Sid;
 
 /**
  * Tests for {@link AccessControlEntryImpl}.

acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java

@@ -13,22 +13,19 @@ import org.jmock.Mockery;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
-import org.springframework.security.acls.AccessControlEntry;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AlreadyExistsException;
-import org.springframework.security.acls.AuditableAccessControlEntry;
-import org.springframework.security.acls.AuditableAcl;
-import org.springframework.security.acls.ChildrenExistException;
-import org.springframework.security.acls.MutableAcl;
-import org.springframework.security.acls.MutableAclService;
-import org.springframework.security.acls.NotFoundException;
-import org.springframework.security.acls.OwnershipAcl;
-import org.springframework.security.acls.Permission;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
-import org.springframework.security.acls.sid.GrantedAuthoritySid;
-import org.springframework.security.acls.sid.PrincipalSid;
-import org.springframework.security.acls.sid.Sid;
+import org.springframework.security.acls.model.AccessControlEntry;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AlreadyExistsException;
+import org.springframework.security.acls.model.AuditableAccessControlEntry;
+import org.springframework.security.acls.model.AuditableAcl;
+import org.springframework.security.acls.model.ChildrenExistException;
+import org.springframework.security.acls.model.MutableAcl;
+import org.springframework.security.acls.model.MutableAclService;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.OwnershipAcl;
+import org.springframework.security.acls.model.Permission;
+import org.springframework.security.acls.model.Sid;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;

acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java

@@ -4,12 +4,10 @@ import junit.framework.Assert;
 import junit.framework.TestCase;
 
 import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.MutableAcl;
-import org.springframework.security.acls.NotFoundException;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
-import org.springframework.security.acls.sid.PrincipalSid;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.MutableAcl;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;

acl/src/test/java/org/springframework/security/acls/domain/AuditLoggerTests.java

@@ -11,8 +11,8 @@ import org.jmock.integration.junit4.JUnit4Mockery;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
-import org.springframework.security.acls.AccessControlEntry;
-import org.springframework.security.acls.AuditableAccessControlEntry;
+import org.springframework.security.acls.model.AccessControlEntry;
+import org.springframework.security.acls.model.AuditableAccessControlEntry;
 
 /**
  * Test class for {@link ConsoleAuditLogger}.

acl/src/test/java/org/springframework/security/acls/domain/ObjectIdentityImplTests.java

@@ -1,8 +1,11 @@
-package org.springframework.security.acls.objectidentity;
+package org.springframework.security.acls.domain;
 
 import static org.junit.Assert.*;
 
 import org.junit.Test;
+import org.springframework.security.acls.domain.IdentityUnavailableException;
+import org.springframework.security.acls.domain.ObjectIdentityImpl;
+import org.springframework.security.acls.model.ObjectIdentity;
 
 /**
  * Tests for {@link ObjectIdentityImpl}.
@@ -12,7 +15,7 @@ import org.junit.Test;
 public class ObjectIdentityImplTests {
 
     private static final String DOMAIN_CLASS =
-        "org.springframework.security.acls.objectidentity.ObjectIdentityImplTests$MockIdDomainObject";
+        "org.springframework.security.acls.domain.ObjectIdentityImplTests$MockIdDomainObject";
 
     //~ Methods ========================================================================================================
 
@@ -120,7 +123,7 @@ public class ObjectIdentityImplTests {
         assertFalse(obj.equals("DIFFERENT_OBJECT_TYPE"));
         assertFalse(obj.equals(new ObjectIdentityImpl(DOMAIN_CLASS, Long.valueOf(2))));
         assertFalse(obj.equals(new ObjectIdentityImpl(
-                "org.springframework.security.acls.objectidentity.ObjectIdentityImplTests$MockOtherIdDomainObject",
+                "org.springframework.security.acls.domain.ObjectIdentityImplTests$MockOtherIdDomainObject",
                 Long.valueOf(1))));
         assertEquals(new ObjectIdentityImpl(DOMAIN_CLASS,Long.valueOf(1)), obj);
         assertEquals(obj, new ObjectIdentityImpl(mockObj));

acl/src/test/java/org/springframework/security/acls/domain/ObjectIdentityRetrievalStrategyImplTests.java

@@ -1,4 +1,9 @@
-package org.springframework.security.acls.objectidentity;
+package org.springframework.security.acls.domain;
+
+import org.springframework.security.acls.domain.ObjectIdentityImpl;
+import org.springframework.security.acls.domain.ObjectIdentityRetrievalStrategyImpl;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy;
 
 import junit.framework.TestCase;
 

acl/src/test/java/org/springframework/security/acls/domain/PermissionTests.java

@@ -17,7 +17,7 @@ package org.springframework.security.acls.domain;
 import static org.junit.Assert.*;
 
 import org.junit.Test;
-import org.springframework.security.acls.Permission;
+import org.springframework.security.acls.model.Permission;
 
 
 /**

acl/src/test/java/org/springframework/security/acls/domain/SpecialPermission.java

@@ -14,7 +14,7 @@
  */
 package org.springframework.security.acls.domain;
 
-import org.springframework.security.acls.Permission;
+import org.springframework.security.acls.model.Permission;
 
 
 /**

acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java

@@ -18,19 +18,19 @@ import org.springframework.core.io.ClassPathResource;
 import org.springframework.core.io.Resource;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.jdbc.datasource.SingleConnectionDataSource;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AuditableAccessControlEntry;
-import org.springframework.security.acls.MutableAcl;
-import org.springframework.security.acls.NotFoundException;
-import org.springframework.security.acls.Permission;
 import org.springframework.security.acls.domain.AclAuthorizationStrategy;
 import org.springframework.security.acls.domain.AclAuthorizationStrategyImpl;
 import org.springframework.security.acls.domain.BasePermission;
 import org.springframework.security.acls.domain.ConsoleAuditLogger;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
-import org.springframework.security.acls.sid.PrincipalSid;
-import org.springframework.security.acls.sid.Sid;
+import org.springframework.security.acls.domain.ObjectIdentityImpl;
+import org.springframework.security.acls.domain.PrincipalSid;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AuditableAccessControlEntry;
+import org.springframework.security.acls.model.MutableAcl;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.Permission;
+import org.springframework.security.acls.model.Sid;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.GrantedAuthorityImpl;
 import org.springframework.util.FileCopyUtils;

acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java

@@ -20,13 +20,13 @@ import org.junit.After;
 import org.junit.AfterClass;
 import org.junit.BeforeClass;
 import org.junit.Test;
-import org.springframework.security.acls.MutableAcl;
 import org.springframework.security.acls.domain.AclAuthorizationStrategy;
 import org.springframework.security.acls.domain.AclAuthorizationStrategyImpl;
 import org.springframework.security.acls.domain.AclImpl;
 import org.springframework.security.acls.domain.ConsoleAuditLogger;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
+import org.springframework.security.acls.domain.ObjectIdentityImpl;
+import org.springframework.security.acls.model.MutableAcl;
+import org.springframework.security.acls.model.ObjectIdentity;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;

acl/src/test/java/org/springframework/security/acls/jdbc/JdbcMutableAclServiceTests.java

@@ -26,22 +26,22 @@ import org.junit.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.jdbc.core.JdbcTemplate;
-import org.springframework.security.acls.AccessControlEntry;
-import org.springframework.security.acls.Acl;
-import org.springframework.security.acls.AlreadyExistsException;
-import org.springframework.security.acls.ChildrenExistException;
-import org.springframework.security.acls.MutableAcl;
-import org.springframework.security.acls.NotFoundException;
-import org.springframework.security.acls.Permission;
 import org.springframework.security.acls.TargetObject;
 import org.springframework.security.acls.domain.AclImpl;
 import org.springframework.security.acls.domain.BasePermission;
 import org.springframework.security.acls.domain.CumulativePermission;
-import org.springframework.security.acls.objectidentity.ObjectIdentity;
-import org.springframework.security.acls.objectidentity.ObjectIdentityImpl;
-import org.springframework.security.acls.sid.GrantedAuthoritySid;
-import org.springframework.security.acls.sid.PrincipalSid;
-import org.springframework.security.acls.sid.Sid;
+import org.springframework.security.acls.domain.GrantedAuthoritySid;
+import org.springframework.security.acls.domain.ObjectIdentityImpl;
+import org.springframework.security.acls.domain.PrincipalSid;
+import org.springframework.security.acls.model.AccessControlEntry;
+import org.springframework.security.acls.model.Acl;
+import org.springframework.security.acls.model.AlreadyExistsException;
+import org.springframework.security.acls.model.ChildrenExistException;
+import org.springframework.security.acls.model.MutableAcl;
+import org.springframework.security.acls.model.NotFoundException;
+import org.springframework.security.acls.model.ObjectIdentity;
+import org.springframework.security.acls.model.Permission;
+import org.springframework.security.acls.model.Sid;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;

acl/src/test/java/org/springframework/security/acls/sid/SidRetrievalStrategyTests.java

@@ -5,6 +5,11 @@ import java.util.List;
 import junit.framework.Assert;
 import junit.framework.TestCase;
 
+import org.springframework.security.acls.domain.GrantedAuthoritySid;
+import org.springframework.security.acls.domain.PrincipalSid;
+import org.springframework.security.acls.domain.SidRetrievalStrategyImpl;
+import org.springframework.security.acls.model.Sid;
+import org.springframework.security.acls.model.SidRetrievalStrategy;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.core.Authentication;
 

acl/src/test/java/org/springframework/security/acls/sid/SidTests.java

@@ -3,9 +3,9 @@ package org.springframework.security.acls.sid;
 import junit.framework.Assert;
 import junit.framework.TestCase;
 
-import org.springframework.security.acls.sid.GrantedAuthoritySid;
-import org.springframework.security.acls.sid.PrincipalSid;
-import org.springframework.security.acls.sid.Sid;
+import org.springframework.security.acls.domain.GrantedAuthoritySid;
+import org.springframework.security.acls.domain.PrincipalSid;
+import org.springframework.security.acls.model.Sid;
 import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;