incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From enor...@apache.org
Subject svn commit: r1098439 - /sling/trunk/bundles/jcr/jackrabbit-usermanager/src/main/java/org/apache/sling/jackrabbit/usermanager/impl/AuthorizablePrivilegesInfoImpl.java
Date Sun, 01 May 2011 23:13:22 GMT
Author: enorman
Date: Sun May  1 23:13:21 2011
New Revision: 1098439

URL: http://svn.apache.org/viewvc?rev=1098439&view=rev
Log:
SLING-2067 Added null check to AuthorizablePrivilegesInfo to fix NPE when used in a script
that is being rendered for the anonymous user 

Modified:
    sling/trunk/bundles/jcr/jackrabbit-usermanager/src/main/java/org/apache/sling/jackrabbit/usermanager/impl/AuthorizablePrivilegesInfoImpl.java

Modified: sling/trunk/bundles/jcr/jackrabbit-usermanager/src/main/java/org/apache/sling/jackrabbit/usermanager/impl/AuthorizablePrivilegesInfoImpl.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/jackrabbit-usermanager/src/main/java/org/apache/sling/jackrabbit/usermanager/impl/AuthorizablePrivilegesInfoImpl.java?rev=1098439&r1=1098438&r2=1098439&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/jackrabbit-usermanager/src/main/java/org/apache/sling/jackrabbit/usermanager/impl/AuthorizablePrivilegesInfoImpl.java
(original)
+++ sling/trunk/bundles/jcr/jackrabbit-usermanager/src/main/java/org/apache/sling/jackrabbit/usermanager/impl/AuthorizablePrivilegesInfoImpl.java
Sun May  1 23:13:21 2011
@@ -23,6 +23,7 @@ import java.util.Dictionary;
 
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
+import javax.servlet.Servlet;
 
 import org.apache.jackrabbit.api.security.user.Authorizable;
 import org.apache.jackrabbit.api.security.user.Group;
@@ -31,6 +32,9 @@ import org.apache.jackrabbit.api.securit
 import org.apache.sling.commons.osgi.OsgiUtil;
 import org.apache.sling.jackrabbit.usermanager.AuthorizablePrivilegesInfo;
 import org.apache.sling.jcr.base.util.AccessControlUtil;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.InvalidSyntaxException;
+import org.osgi.framework.ServiceReference;
 import org.osgi.service.component.ComponentContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -110,16 +114,18 @@ public class AuthorizablePrivilegesInfoI
 			UserManager userManager = AccessControlUtil.getUserManager(jcrSession);
 			Authorizable currentUser = userManager.getAuthorizable(jcrSession.getUserID());
 
-			if (((User)currentUser).isAdmin()) {
-				return true; //admin user has full control
-			}
-			
-			//check if the user is a member of the 'Group administrator' group
-			Authorizable groupAdmin = userManager.getAuthorizable(this.groupAdminGroupName);
-			if (groupAdmin instanceof Group) {
-				boolean isMember = ((Group)groupAdmin).isMember(currentUser);
-				if (isMember) {
-					return true;
+			if (currentUser != null) {
+				if (((User)currentUser).isAdmin()) {
+					return true; //admin user has full control
+				}
+				
+				//check if the user is a member of the 'Group administrator' group
+				Authorizable groupAdmin = userManager.getAuthorizable(this.groupAdminGroupName);
+				if (groupAdmin instanceof Group) {
+					boolean isMember = ((Group)groupAdmin).isMember(currentUser);
+					if (isMember) {
+						return true;
+					}
 				}
 			}
 		} catch (RepositoryException e) {
@@ -133,23 +139,46 @@ public class AuthorizablePrivilegesInfoI
 	 */
 	public boolean canAddUser(Session jcrSession) {
 		try {
+			//if self-registration is enabled, then anyone can create a user
+			if (componentContext != null) {
+				String filter = "(&(sling.servlet.resourceTypes=sling/users)(|(sling.servlet.methods=POST)(sling.servlet.selectors=create)))";
+				BundleContext bundleContext = componentContext.getBundleContext();
+				ServiceReference[] serviceReferences = bundleContext.getServiceReferences(Servlet.class.getName(),
filter);
+				if (serviceReferences != null) {
+					String propName = "self.registration.enabled";
+					for (ServiceReference serviceReference : serviceReferences) {
+						Object propValue = serviceReference.getProperty(propName);
+						if (propValue != null) {
+							boolean selfRegEnabled = Boolean.TRUE.equals(propValue);
+							if (selfRegEnabled) {
+								return true;
+							}
+							break;
+						}
+					}
+				}
+			}
+
 			UserManager userManager = AccessControlUtil.getUserManager(jcrSession);
 			Authorizable currentUser = userManager.getAuthorizable(jcrSession.getUserID());
-
-			if (((User)currentUser).isAdmin()) {
-				return true; //admin user has full control
-			}
-			
-			//check if the user is a member of the 'User administrator' group
-			Authorizable userAdmin = userManager.getAuthorizable(this.userAdminGroupName);
-			if (userAdmin instanceof Group) {
-				boolean isMember = ((Group)userAdmin).isMember(currentUser);
-				if (isMember) {
-					return true;
+			if (currentUser != null) {
+				if (((User)currentUser).isAdmin()) {
+					return true; //admin user has full control
+				}
+				
+				//check if the user is a member of the 'User administrator' group
+				Authorizable userAdmin = userManager.getAuthorizable(this.userAdminGroupName);
+				if (userAdmin instanceof Group) {
+					boolean isMember = ((Group)userAdmin).isMember(currentUser);
+					if (isMember) {
+						return true;
+					}
 				}
 			}
 		} catch (RepositoryException e) {
 			log.warn("Failed to determine if {} can add a new user", jcrSession.getUserID());
+		} catch (InvalidSyntaxException e) {
+			log.warn("Failed to determine if {} can add a new user", jcrSession.getUserID());
 		}
 		return false;
 	}
@@ -276,6 +305,9 @@ public class AuthorizablePrivilegesInfoI
 
 	// ---------- SCR Integration ----------------------------------------------
 
+	//keep track of the bundle context
+	private ComponentContext componentContext;
+
     /**
      * Called by SCR to activate the component.
      *
@@ -288,6 +320,8 @@ public class AuthorizablePrivilegesInfoI
             throws InvalidKeyException, NoSuchAlgorithmException,
             IllegalStateException, UnsupportedEncodingException {
 
+    	this.componentContext = componentContext;
+    	
         Dictionary<?, ?> properties = componentContext.getProperties();
 
         this.userAdminGroupName = OsgiUtil.toString(properties.get(PAR_USER_ADMIN_GROUP_NAME),



Mime
View raw message