SEC-624: Replace hard-coded figures with xml:ids and xrefs

18 years ago · ca40295d7c
3 changed files with 48 additions and 51 deletions
--- a/src/docbkx/authorization-common.xml
+++ b/src/docbkx/authorization-common.xml
@ -93,21 +93,18 @@
				@@ -93,21 +93,18 @@
    <literal>AccessDecisionManager</literal> to control all aspects of
    authorization, Spring Security includes several
    <literal>AccessDecisionManager</literal> implementations that are
-    based on voting. Figure 4 illustrates the relevant classes.</para>
-
-    <para><mediaobject>
+    based on voting. <xref linkend="authz-access-voting"/> illustrates the relevant classes.</para>
+      <figure xml:id="authz-access-voting">
+        <title>Voting Decision Manager</title>
+      <mediaobject>
        <imageobject role="fo">
          <imagedata align="center" fileref="resources/images/AccessDecisionVoting.gif" format="GIF"/>
        </imageobject>
        <imageobject role="html">
          <imagedata align="center" fileref="images/AccessDecisionVoting.gif" format="GIF"/>
        </imageobject>
-
-        <caption>
-          <para>Figure 4: Voting Decision Manager</para>
-        </caption>
-      </mediaobject></para>
-
+      </mediaobject>
+      </figure>
    <para>Using this approach, a series of
    <literal>AccessDecisionVoter</literal> implementations are polled on
    an authorization decision. The
@ -265,21 +262,23 @@ boolean supports(Class clazz);
				@@ -265,21 +262,23 @@ boolean supports(Class clazz);
    several concrete implementations that integrate with its ACL
    capabilities.</para>

-    <para>Figure 5 illustrates Spring Security's
+    <para><xref linkend="authz-after-invocation"/> illustrates Spring Security's
    <literal>AfterInvocationManager</literal> and its concrete
-    implementations.</para>
-
-    <para><mediaobject>
-        <imageobject>
-          <imagedata role="fo" align="center" fileref="resources/images/AfterInvocation.gif" format="GIF"/>
+    implementations.
+      
+    <figure xml:id="authz-after-invocation">
+      <title>After Invocation Implementation</title>
+      <mediaobject>
+        <imageobject role="fo">
+          <imagedata  align="center" fileref="resources/images/AfterInvocation.gif" format="GIF"/>
        </imageobject>
-        <imageobject>
-          <imagedata role="html" align="center" fileref="images/AfterInvocation.gif" format="GIF"/>
+        <imageobject role="html">
+          <imagedata  align="center" fileref="images/AfterInvocation.gif" format="GIF"/>
        </imageobject>
-        <caption>
-          <para>Figure 5: After Invocation Implementation</para>
-        </caption>
-      </mediaobject></para>
+      </mediaobject>
+    
+    </figure>
+    </para>

    <para>Like many other parts of Spring Security,
    <literal>AfterInvocationManager</literal> has a single concrete
@ -315,7 +314,6 @@ boolean supports(Class clazz);
				@@ -315,7 +314,6 @@ boolean supports(Class clazz);
    <literal>ROLE_AUTHENTICATED</literal> configuration attribute</para>

    <section xml:id="after-invocation-acl-aware"><info><title>ACL-Aware AfterInvocationProviders</title></info>
-      

      <para>PLEASE NOTE: Acegi Security 1.0.3 contains a preview of a new
      ACL module. The new ACL module is a significant rewrite of the
--- a/src/docbkx/domain-acls-old.xml
+++ b/src/docbkx/domain-acls-old.xml
@ -104,21 +104,21 @@
				@@ -104,21 +104,21 @@

    <para>The <literal>org.springframework.security.acl</literal> package
    is very simple, comprising only a handful of interfaces and a single
-    class, as shown in Figure 6. It provides the basic foundation for
-    access control list (ACL) lookups.</para>
+    class, as shown in <xref linkend="acl-manager"/>. It provides the basic foundation for
+    access control list (ACL) lookups.

-    <para><mediaobject>
-        <imageobject>
-          <imagedata role="fo" align="center" fileref="resources/images/ACLSecurity.gif" format="GIF"/>
+    <figure xml:id="acl-manager">
+      <title>Access Control List Manager</title>
+      <mediaobject>
+        <imageobject role="fo">
+          <imagedata align="center" fileref="resources/images/ACLSecurity.gif" format="GIF"/>
        </imageobject>
        <imageobject role="html">
          <imagedata align="center" fileref="images/ACLSecurity.gif" format="GIF"/>
        </imageobject>
-
-        <caption>
-          <para>Figure 6: Access Control List Manager</para>
-        </caption>
-      </mediaobject></para>
+      </mediaobject>
+    </figure>
+    </para>

    <para>The central interface is <literal>AclManager</literal>, which is
    defined by two methods:</para>
@ -166,20 +166,19 @@ public AclEntry[] getAcls(java.lang.Object domainInstance, Authentication authen
				@@ -166,20 +166,19 @@ public AclEntry[] getAcls(java.lang.Object domainInstance, Authentication authen
    implementation.</para>

    <para>Spring Security includes a production-quality ACL provider
-    implementation, which is shown in Figure 7.</para>
+    implementation, which is shown in <xref linkend="acl-basic-mgr"/>.

-    <para><mediaobject>
+    <figure xml:id="acl-basic-mgr">
+      <title>Basic ACL Manager</title>
+      <mediaobject>
        <imageobject role="fo">
          <imagedata align="center" fileref="resources/images/BasicAclProvider.gif" format="GIF"/>
        </imageobject>
        <imageobject role="html">
          <imagedata align="center" fileref="images/BasicAclProvider.gif" format="GIF"/>
        </imageobject>
-
-        <caption>
-          <para>Figure 7: Basic ACL Manager</para>
-        </caption>
-      </mediaobject></para>
+      </mediaobject>
+    </figure></para>

    <para>The implementation is based on integer masking, which is
    commonly used for ACL permissions given its flexibility and speed.
@ -462,6 +461,8 @@ END;
				@@ -462,6 +461,8 @@ END;
    <literal>GrantedAuthority</literal>[]s. Please refer to the JavaDocs
    for more information.</para>

+    <figure xml:id="acl-instantiation">
+      <title>ACL Instantiation Approach</title>
    <mediaobject>
      <imageobject role="fo">
        <imagedata align="center" fileref="resources/images/Permissions.gif" format="GIF"/>
@ -469,13 +470,10 @@ END;
				@@ -469,13 +470,10 @@ END;
      <imageobject role="html">
        <imagedata align="center" fileref="images/Permissions.gif" format="GIF"/>
      </imageobject>
-
-      <caption>
-        <para>Figure 8: ACL Instantiation Approach</para>
-      </caption>
    </mediaobject>
+    </figure>

-    <para>The above figure explains the key relationships between objects
+    <para><xref linkend="acl-instantiation"/> explains the key relationships between objects
    in the Basic ACL package.</para>
  </section>
 </chapter>
--- a/src/docbkx/technical-overview.xml
+++ b/src/docbkx/technical-overview.xml
@ -472,19 +472,20 @@ if (obj instanceof UserDetails) {
				@@ -472,19 +472,20 @@ if (obj instanceof UserDetails) {

    <para>Because <literal>AbstractSecurityInterceptor</literal> is the
    central template class, it seems fitting that the first figure should
-    be devoted to it.</para>
-
-    <para><mediaobject>
+    be devoted to it.
+      
+    <figure>
+      <title>The key "secure object" model</title>
+      <mediaobject>
        <imageobject role="html">
          <imagedata align="center" fileref="images/SecurityInterception.gif" format="GIF"/>
        </imageobject>
        <imageobject role="fo">
          <imagedata align="center" fileref="resources/images/SecurityInterception.gif" format="GIF"/>
        </imageobject>
-        <caption>
-          <para>Figure 1: The key "secure object" model</para>
-        </caption>
-      </mediaobject></para>
+      </mediaobject>
+    </figure>
+    </para>

    <para>Only developers contemplating an entirely new way of
    intercepting and authorizing requests would need to use secure objects