Return-Path: X-Original-To: apmail-jackrabbit-dev-archive@www.apache.org Delivered-To: apmail-jackrabbit-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id F20449A63 for ; Fri, 21 Oct 2011 10:30:55 +0000 (UTC) Received: (qmail 17562 invoked by uid 500); 21 Oct 2011 10:30:55 -0000 Delivered-To: apmail-jackrabbit-dev-archive@jackrabbit.apache.org Received: (qmail 17529 invoked by uid 500); 21 Oct 2011 10:30:55 -0000 Mailing-List: contact dev-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@jackrabbit.apache.org Delivered-To: mailing list dev@jackrabbit.apache.org Received: (qmail 17522 invoked by uid 99); 21 Oct 2011 10:30:55 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 21 Oct 2011 10:30:55 +0000 X-ASF-Spam-Status: No, hits=-2000.5 required=5.0 tests=ALL_TRUSTED,RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 21 Oct 2011 10:30:52 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id 224D4314CFA for ; Fri, 21 Oct 2011 10:28:32 +0000 (UTC) Date: Fri, 21 Oct 2011 10:28:32 +0000 (UTC) From: "angela (Resolved) (JIRA)" To: dev@jackrabbit.apache.org Message-ID: <1698015784.525.1319192912142.JavaMail.tomcat@hel.zones.apache.org> In-Reply-To: <156192968.10217.1319027531067.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Resolved] (JCR-3120) Change log level in UserManagerImpl#getAuthorizable(NodeImpl) and UserImporter#handlePropInfo MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/JCR-3120?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] angela resolved JCR-3120. ------------------------- Resolution: Fixed Fix Version/s: 2.4 i rearranged the code in UserManager impl in order to have the log output be more specific. in addition i increased the log level to warn and error respectively. regarding throwing an exception: i decided not to do so for consistency with the overall behavior of the user manager that is defined to return 'null' if no valid user/group can be retrieved and only throws an exception if an unexpected error occurs (retrieving path from node or node type name fails). > Change log level in UserManagerImpl#getAuthorizable(NodeImpl) and UserImporter#handlePropInfo > --------------------------------------------------------------------------------------------- > > Key: JCR-3120 > URL: https://issues.apache.org/jira/browse/JCR-3120 > Project: Jackrabbit Content Repository > Issue Type: Improvement > Components: jackrabbit-core, security > Affects Versions: 2.0, 2.1, 2.2, 2.3, 2.3.1 > Reporter: Miroslav Smiljanic > Assignee: angela > Priority: Minor > Labels: jackrabbit-core, > Fix For: 2.4 > > > This is current implementation: > Authorizable getAuthorizable(NodeImpl n) throws RepositoryException { > Authorizable authorz = null; > if (n != null) { > String path = n.getPath(); > if (n.isNodeType(NT_REP_USER) && Text.isDescendant(usersPath, path)) { > authorz = createUser(n); > } else if (n.isNodeType(NT_REP_GROUP) && Text.isDescendant(groupsPath, path)) { > authorz = createGroup(n); > } else { > /* else some other node type or outside of the valid user/group > hierarchy -> return null. */ > log.debug("Unexpected user nodetype " + n.getPrimaryNodeType().getName()); > } > } /* else no matching node -> return null */ > return authorz; > } > It seems that 'else' branch can be improved, at least by increasing log level. But I think, that best way is to throw exception. > Current message can also be misleading, in case when user type is correct but check Text.isDescendant fails. > Above method is called from within UserImporter#handlePropInfo > ... > Authorizable a = userManager.getAuthorizable(parent); > if (a == null) { > log.debug("Cannot handle protected PropInfo " + protectedPropInfo + ". Node " + parent + " doesn't represent a valid Authorizable."); > return false; > } > .... > Here again log level is debug. Because at this point we have return statement, property 'principalName' is not set, and if we try to save session following exception will be thrown: > javax.jcr.nodetype.ConstraintViolationException: /home/public/users/b/bb2: mandatory property {internal}password does not exist > at org.apache.jackrabbit.core.ItemSaveOperation.validateTransientItems(ItemSaveOperation.java:537) > at org.apache.jackrabbit.core.ItemSaveOperation.perform(ItemSaveOperation.java:216) > at org.apache.jackrabbit.core.session.SessionState.perform(SessionState.java:200) > at org.apache.jackrabbit.core.ItemImpl.perform(ItemImpl.java:91) > at org.apache.jackrabbit.core.ItemImpl.save(ItemImpl.java:329) > ... > > So if the log level is not set to 'debug' it is not obvious why mentioned property is missing. Use case and root cause is that 'path' (/home/public/users/b/bb2) is not descendant of 'usersPath' (/home/users). > Regards, > Miroslav -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira