Author: bdelacretaz
Date: Thu Dec 17 11:44:58 2015
New Revision: 1720525
URL: http://svn.apache.org/viewvc?rev=1720525&view=rev
Log:
SLING-5355 - support both path-centric and principal-centric set ACL statements, all tests
pass
Added:
sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/AclGroupBase.java
- copied, changed from r1720162, sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAcl.java
sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAclPaths.java
sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAclPrincipals.java
sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-99-output.txt
- copied, changed from r1720303, sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-20-output.txt
sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-99.txt
- copied, changed from r1720303, sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-20.txt
Removed:
sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAcl.java
sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-20-output.txt
sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-20.txt
Modified:
sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/AclLine.java
sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/OperationVisitor.java
sling/trunk/contrib/extensions/acldef-parser/src/main/javacc/ACLDefinitions.jjt
sling/trunk/contrib/extensions/acldef-parser/src/test/java/org/apache/sling/acldef/parser/test/OperationToStringVisitor.java
sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-10-output.txt
sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-10.txt
sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-11-output.txt
sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-30-output.txt
Copied: sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/AclGroupBase.java
(from r1720162, sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAcl.java)
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/AclGroupBase.java?p2=sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/AclGroupBase.java&p1=sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAcl.java&r1=1720162&r2=1720525&rev=1720525&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAcl.java
(original)
+++ sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/AclGroupBase.java
Thu Dec 17 11:44:58 2015
@@ -21,27 +21,23 @@ import java.util.Collection;
import java.util.Collections;
import java.util.List;
-public class SetAcl extends Operation {
- private final List<String> paths;
+/** Base class for operations that group AclLines */
+ abstract class AclGroupBase extends Operation {
private final List<AclLine> lines;
- public SetAcl(List<String> paths, List<AclLine> lines) {
- this.paths = Collections.unmodifiableList(paths);
+ protected AclGroupBase(List<AclLine> lines) {
this.lines = Collections.unmodifiableList(lines);
}
- public void accept(OperationVisitor v) {
- v.visitSetAcl(this);
- }
-
protected String getParametersDescription() {
- return "on " + paths.toString() + " : " + lines.toString();
+ final StringBuilder sb = new StringBuilder();
+ for(AclLine line : lines) {
+ sb.append("\n ").append(line.toString());
+ }
+ return sb.toString();
}
- public Collection<String> getPaths() {
- return paths;
- }
public Collection<AclLine> getLines() {
return lines;
}
-}
+}
\ No newline at end of file
Modified: sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/AclLine.java
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/AclLine.java?rev=1720525&r1=1720524&r2=1720525&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/AclLine.java
(original)
+++ sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/AclLine.java
Thu Dec 17 11:44:58 2015
@@ -17,13 +17,17 @@
package org.apache.sling.acldef.parser.operations;
-import java.util.Collection;
+import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+import java.util.Map;
+import java.util.TreeMap;
+/** A single "set ACL" line */
public class AclLine {
private final Action action;
+ private static final List<String> EMPTY_LIST = Collections.unmodifiableList(new
ArrayList<String>());
public enum Action {
REMOVE,
@@ -32,25 +36,31 @@ public class AclLine {
ALLOW
};
- private final List<String> privileges;
- private final List<String> usernames;
+ private final Map<String, List<String>> properties;
- public AclLine(Action a, List<String> privileges, List<String> usernames)
{
+ public AclLine(Action a) {
action = a;
- this.usernames = usernames == null ? null : Collections.unmodifiableList(usernames);
- this.privileges = privileges == null ? null : Collections.unmodifiableList(privileges);
+ properties = new TreeMap<String, List<String>>();
}
public Action getAction() {
return action;
}
- public Collection<String> getUsernames() {
- return usernames;
+ /** Return the named multi-value property, or an empty list
+ * if not found.
+ */
+ public List<String> getProperty(String name) {
+ List<String> value = properties.get(name);
+ return value != null ? value : EMPTY_LIST;
+ }
+
+ public void setProperty(String name, List<String> values) {
+ properties.put(name, Collections.unmodifiableList(values));
}
@Override
public String toString() {
- return action + " " + privileges + " for " + usernames;
+ return getClass().getSimpleName() + " " + action + " " + properties;
}
}
Modified: sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/OperationVisitor.java
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/OperationVisitor.java?rev=1720525&r1=1720524&r2=1720525&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/OperationVisitor.java
(original)
+++ sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/OperationVisitor.java
Thu Dec 17 11:44:58 2015
@@ -20,5 +20,6 @@ package org.apache.sling.acldef.parser.o
public interface OperationVisitor {
void visitCreateServiceUser(CreateServiceUser s);
void visitDeleteServiceUser(DeleteServiceUser s);
- void visitSetAcl(SetAcl s);
+ void visitSetAclPrincipal(SetAclPrincipals s);
+ void visitSetAclPaths(SetAclPaths s);
}
Added: sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAclPaths.java
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAclPaths.java?rev=1720525&view=auto
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAclPaths.java
(added)
+++ sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAclPaths.java
Thu Dec 17 11:44:58 2015
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sling.acldef.parser.operations;
+
+import java.util.Collections;
+import java.util.List;
+
+/** Set ACL statement that groups a set of AclLines
+ * that all refer to the same set of paths.
+ */
+public class SetAclPaths extends AclGroupBase {
+
+ private final List<String> paths;
+
+ public SetAclPaths(List<String> paths, List<AclLine> lines) {
+ super(lines);
+ this.paths = Collections.unmodifiableList(paths);
+ }
+
+ protected String getParametersDescription() {
+ final StringBuilder sb = new StringBuilder();
+ sb.append(paths);
+ sb.append(super.getParametersDescription());
+ return sb.toString();
+ }
+
+ public List<String> getPaths() {
+ return paths;
+ }
+
+ @Override
+ public void accept(OperationVisitor v) {
+ v.visitSetAclPaths(this);
+ }
+}
\ No newline at end of file
Added: sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAclPrincipals.java
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAclPrincipals.java?rev=1720525&view=auto
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAclPrincipals.java
(added)
+++ sling/trunk/contrib/extensions/acldef-parser/src/main/java/org/apache/sling/acldef/parser/operations/SetAclPrincipals.java
Thu Dec 17 11:44:58 2015
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sling.acldef.parser.operations;
+
+import java.util.Collections;
+import java.util.List;
+
+/** Set ACL statement that groups a set of AclLines
+ * that all refer to the same set of principals.
+ */
+public class SetAclPrincipals extends AclGroupBase {
+
+ private final List<String> principals;
+
+ public SetAclPrincipals(List<String> principals, List<AclLine> lines) {
+ super(lines);
+ this.principals = Collections.unmodifiableList(principals);
+ }
+
+ protected String getParametersDescription() {
+ final StringBuilder sb = new StringBuilder();
+ sb.append(principals);
+ sb.append(super.getParametersDescription());
+ return sb.toString();
+ }
+
+ public List<String> getPrincipals() {
+ return principals;
+ }
+
+ @Override
+ public void accept(OperationVisitor v) {
+ v.visitSetAclPrincipal(this);
+ }
+}
\ No newline at end of file
Modified: sling/trunk/contrib/extensions/acldef-parser/src/main/javacc/ACLDefinitions.jjt
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/main/javacc/ACLDefinitions.jjt?rev=1720525&r1=1720524&r2=1720525&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/main/javacc/ACLDefinitions.jjt (original)
+++ sling/trunk/contrib/extensions/acldef-parser/src/main/javacc/ACLDefinitions.jjt Thu Dec
17 11:44:58 2015
@@ -36,6 +36,10 @@ import org.apache.sling.acldef.parser.op
public class ACLDefinitions
{
+ public static final String PROP_PATHS = "paths";
+ public static final String PROP_PRINCIPALS = "principals";
+ public static final String PROP_PRIVILEGES = "privileges";
+ public static final String PROP_NODETYPES = "nodetypes";
}
PARSER_END(ACLDefinitions)
@@ -63,11 +67,11 @@ TOKEN:
| < END: "end" >
| < USER: "user" >
| < NODETYPES: "nodetypes" >
-| < USERNAME: (["a"-"z"] | ["A"-"Z"] | ["0"-"9"] | "_" | "-")+ >
+| < PRINCIPAL: (["a"-"z"] | ["A"-"Z"] | ["0"-"9"] | "_" | "-")+ >
| < COMMA: "," >
| < STAR: "*" >
-| < PRIVILEGE_NAME: (["a"-"z"] | ["A"-"Z"])+ ":" (["a"-"z"] | ["A"-"Z"])+ >
-| < PATH: "/" (["a"-"z"] | ["A"-"Z"] | ["0"-"9"] | ["-"] | ["_"] | ["."]) + >
+| < NAMESPACED_ITEM: (["a"-"z"] | ["A"-"Z"])+ ":" (["a"-"z"] | ["A"-"Z"])+ >
+| < PATH: "/" (["a"-"z"] | ["A"-"Z"] | ["0"-"9"] | ["-"] | ["_"] | ["."] | ["/"]) *
>
| < EOL: "\n" >
}
@@ -78,8 +82,8 @@ List<Operation> parse() :
(
serviceUserStatement(result)
- | pathsAclStatement(result)
- | principalAclStatement(result)
+ | setAclPaths(result)
+ | setAclPrincipals(result)
| blankLine()
) *
<EOF>
@@ -93,35 +97,34 @@ void blankLine() :
<EOL>
}
-List<String> usernamesList() :
+List<String> principalsList() :
{
Token t = null;
- List<String> usernames = new ArrayList<String>();
-
+ List<String> principals = new ArrayList<String>();
}
{
- t = <USERNAME> { usernames.add(t.image); }
- ( <COMMA> t = <USERNAME> { usernames.add(t.image); } )*
- { return usernames; }
+ t = <PRINCIPAL> { principals.add(t.image); }
+ ( <COMMA> t = <PRINCIPAL> { principals.add(t.image); } )*
+ { return principals; }
}
void serviceUserStatement(List<Operation> result) :
{
Token t;
- List<String> usernames;
+ List<String> principals;
}
{
(t=<CREATE> | t=<DELETE>)
<SERVICE> <USER>
- usernames = usernamesList()
+ principals = principalsList()
(<EOL> | <EOF>)
{
- for(String username : usernames) {
+ for(String PRINCIPAL : principals) {
if(CREATE == t.kind) {
- result.add(new CreateServiceUser(username));
+ result.add(new CreateServiceUser(PRINCIPAL));
} else {
- result.add(new DeleteServiceUser(username));
+ result.add(new DeleteServiceUser(PRINCIPAL));
}
}
}
@@ -134,8 +137,8 @@ List<String> namespacedItemsList() :
}
{
- t = <PRIVILEGE_NAME> { priv.add(t.image); }
- ( <COMMA> t = <PRIVILEGE_NAME> { priv.add(t.image); } )*
+ t = <NAMESPACED_ITEM> { priv.add(t.image); }
+ ( <COMMA> t = <NAMESPACED_ITEM> { priv.add(t.image); } )*
{ return priv; }
}
@@ -151,91 +154,97 @@ List<String> pathsList() :
{ return paths; }
}
-void pathsAclStatement(List<Operation> result) :
+void setAclPaths(List<Operation> result) :
{
List<String> paths;
List<AclLine> lines = new ArrayList<AclLine>();
}
{
- <SET> <ACL> <ON> paths = pathsList() <EOL>
+ <SET> <ACL> <ON> paths = pathsList() <EOL>
( removeStarLine(lines) | userPrivilegesLine(lines) | blankLine() ) +
<END>
( <EOL> | <EOF> )
{
- result.add(new SetAcl(paths, lines));
+ result.add(new SetAclPaths(paths, lines));
}
}
void removeStarLine(List<AclLine> lines) :
{
- List<String> usernames = null;
- List<String> paths = null;
+ List<String> tmp = null;
+ AclLine line = new AclLine(AclLine.Action.REMOVE_ALL);
}
{
<REMOVE> <STAR>
(
- <FOR> usernames = usernamesList() { lines.add(new AclLine(AclLine.Action.REMOVE_ALL,
null, usernames)); }
- | <ON> paths = pathsList()
+ <FOR> tmp = principalsList() { line.setProperty(PROP_PRINCIPALS, tmp); }
+
+ | <ON> tmp = pathsList() { line.setProperty(PROP_PATHS, tmp); }
)
<EOL>
+
+ {
+ lines.add(line);
+ }
+}
+
+AclLine privilegesLineOperation() :
+{}
+{
+ (
+ <REMOVE> { return new AclLine(AclLine.Action.REMOVE); }
+ | ( <ALLOW> { return new AclLine(AclLine.Action.ALLOW); } )
+ | ( <DENY> { return new AclLine(AclLine.Action.DENY); } )
+ )
}
void userPrivilegesLine(List<AclLine> lines) :
{
- AclLine.Action action = AclLine.Action.REMOVE_ALL;
- List<String> privileges;
- List<String> usernames;
+ AclLine line;
+ List<String> tmp;
}
{
- (
- <REMOVE> { action = AclLine.Action.REMOVE; }
- | ( <ALLOW> { action = AclLine.Action.ALLOW; } )
- | ( <DENY> { action = AclLine.Action.DENY; } )
- )
- privileges = namespacedItemsList()
+ line = privilegesLineOperation()
+ tmp = namespacedItemsList() { line.setProperty(PROP_PRIVILEGES, tmp); }
<FOR>
- usernames = usernamesList()
+ tmp = principalsList() { line.setProperty(PROP_PRINCIPALS, tmp); }
<EOL>
- {
- lines.add(new AclLine(action, privileges, usernames));
+ {
+ lines.add(line);
}
}
void pathPrivilegesLine(List<AclLine> lines) :
{
- AclLine.Action action = AclLine.Action.REMOVE_ALL;
- List<String> privileges;
+ AclLine line;
+ List<String> tmp;
}
{
- (
- <REMOVE> { action = AclLine.Action.REMOVE; }
- | ( <ALLOW> { action = AclLine.Action.ALLOW; } )
- | ( <DENY> { action = AclLine.Action.DENY; } )
- )
- privileges = namespacedItemsList()
- <ON> pathsList()
- ( <NODETYPES> namespacedItemsList() ) ?
+ line = privilegesLineOperation()
+ tmp = namespacedItemsList() { line.setProperty(PROP_PRIVILEGES, tmp); }
+ <ON> tmp = pathsList() { line.setProperty(PROP_PATHS, tmp); }
+ ( <NODETYPES> tmp = namespacedItemsList() { line.setProperty(PROP_NODETYPES, tmp);
}) ?
<EOL>
{
- lines.add(new AclLine(action, privileges, null));
+ lines.add(line);
}
}
-void principalAclStatement(List<Operation> result) :
+void setAclPrincipals(List<Operation> result) :
{
- List <String> usernames;
+ List <String> principals;
List<AclLine> lines = new ArrayList<AclLine>();
}
{
- <SET> <ACL> <FOR> usernames = usernamesList() <EOL>
+ <SET> <ACL> <FOR> principals = principalsList() <EOL>
( removeStarLine(lines) | pathPrivilegesLine(lines) | blankLine() ) +
<END>
( <EOL> | <EOF> )
{
- result.add(new SetAcl(usernames, lines));
+ result.add(new SetAclPrincipals(principals, lines));
}
}
\ No newline at end of file
Modified: sling/trunk/contrib/extensions/acldef-parser/src/test/java/org/apache/sling/acldef/parser/test/OperationToStringVisitor.java
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/test/java/org/apache/sling/acldef/parser/test/OperationToStringVisitor.java?rev=1720525&r1=1720524&r2=1720525&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/test/java/org/apache/sling/acldef/parser/test/OperationToStringVisitor.java
(original)
+++ sling/trunk/contrib/extensions/acldef-parser/src/test/java/org/apache/sling/acldef/parser/test/OperationToStringVisitor.java
Thu Dec 17 11:44:58 2015
@@ -18,35 +18,64 @@
package org.apache.sling.acldef.parser.test;
import java.io.PrintWriter;
+import java.util.Collection;
+import org.apache.sling.acldef.parser.operations.AclLine;
import org.apache.sling.acldef.parser.operations.CreateServiceUser;
import org.apache.sling.acldef.parser.operations.DeleteServiceUser;
import org.apache.sling.acldef.parser.operations.OperationVisitor;
-import org.apache.sling.acldef.parser.operations.SetAcl;
+import org.apache.sling.acldef.parser.operations.SetAclPaths;
+import org.apache.sling.acldef.parser.operations.SetAclPrincipals;
/** OperationVisitor that dumps the operations using
* their toString() methods
*/
class OperationToStringVisitor implements OperationVisitor {
- private final PrintWriter output;
+ private final PrintWriter out;
OperationToStringVisitor(PrintWriter pw) {
- output = pw;
+ out = pw;
}
@Override
public void visitCreateServiceUser(CreateServiceUser s) {
- output.println(s.toString());
+ out.println(s.toString());
}
@Override
public void visitDeleteServiceUser(DeleteServiceUser s) {
- output.println(s.toString());
+ out.println(s.toString());
}
@Override
- public void visitSetAcl(SetAcl s) {
- output.println(s.toString());
+ public void visitSetAclPrincipal(SetAclPrincipals s) {
+ out.print(s.getClass().getSimpleName());
+ out.print(" for ");
+ for(String p : s.getPrincipals()) {
+ out.print(p);
+ out.print(' ');
+ }
+ out.println();
+ dumpAclLines(s.getLines());
+ }
+
+ @Override
+ public void visitSetAclPaths(SetAclPaths s) {
+ out.print(s.getClass().getSimpleName());
+ out.print(" on ");
+ for(String p : s.getPaths()) {
+ out.print(p);
+ out.print(' ');
+ }
+ out.println();
+ dumpAclLines(s.getLines());
+ }
+
+ private void dumpAclLines(Collection<AclLine> c) {
+ for(AclLine line : c) {
+ out.print(" ");
+ out.println(line);
+ }
}
}
\ No newline at end of file
Modified: sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-10-output.txt
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-10-output.txt?rev=1720525&r1=1720524&r2=1720525&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-10-output.txt
(original)
+++ sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-10-output.txt
Thu Dec 17 11:44:58 2015
@@ -1 +1,5 @@
-SetAcl on [/libs, /apps] : [REMOVE_ALL null for [user1, user2], ALLOW [jcr:read] for [user1,
user2], DENY [jcr:write, something:else, another:one] for [user2], DENY [jcr:lockManagement]
for [user1]]
\ No newline at end of file
+SetAclPaths on /libs /apps / /content/example.com/some-other_path
+ AclLine REMOVE_ALL {principals=[user1, user2]}
+ AclLine ALLOW {principals=[user1, user2], privileges=[jcr:read]}
+ AclLine DENY {principals=[user2], privileges=[jcr:write, something:else, another:one]}
+ AclLine DENY {principals=[user1], privileges=[jcr:lockManagement]}
\ No newline at end of file
Modified: sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-10.txt
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-10.txt?rev=1720525&r1=1720524&r2=1720525&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-10.txt
(original)
+++ sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-10.txt
Thu Dec 17 11:44:58 2015
@@ -1,7 +1,7 @@
# Set ACL example from SLING-5355
# Without the "with glob" option, we're not planning to support
# that at this time.
-set ACL on /libs,/apps
+set ACL on /libs,/apps, /, /content/example.com/some-other_path
remove * for user1,user2
allow jcr:read for user1,user2
Modified: sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-11-output.txt
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-11-output.txt?rev=1720525&r1=1720524&r2=1720525&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-11-output.txt
(original)
+++ sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-11-output.txt
Thu Dec 17 11:44:58 2015
@@ -1 +1,5 @@
-SetAcl on [/libs, /apps] : [REMOVE_ALL null for [user1, user2], ALLOW [jcr:read] for [user1,
user2], REMOVE_ALL null for [another], ALLOW [x:y] for [another]]
\ No newline at end of file
+SetAclPaths on /libs /apps
+ AclLine REMOVE_ALL {principals=[user1, user2]}
+ AclLine ALLOW {principals=[user1, user2], privileges=[jcr:read]}
+ AclLine REMOVE_ALL {principals=[another]}
+ AclLine ALLOW {principals=[another], privileges=[x:y]}
\ No newline at end of file
Modified: sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-30-output.txt
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-30-output.txt?rev=1720525&r1=1720524&r2=1720525&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-30-output.txt
(original)
+++ sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-30-output.txt
Thu Dec 17 11:44:58 2015
@@ -1 +1,6 @@
-SetAcl on [user1, u2] : [ALLOW [jcr:read] for null, DENY [jcr:write] for null, DENY [jcr:lockManagement]
for null, REMOVE [jcr:understand, some:other] for null]
\ No newline at end of file
+SetAclPrincipals for user1 u2
+ AclLine REMOVE_ALL {paths=[/libs, /apps]}
+ AclLine ALLOW {paths=[/content], privileges=[jcr:read]}
+ AclLine DENY {paths=[/apps], privileges=[jcr:write]}
+ AclLine DENY {nodetypes=[sling:Folder, nt:unstructured], paths=[/apps, /content], privileges=[jcr:lockManagement]}
+ AclLine REMOVE {paths=[/apps], privileges=[jcr:understand, some:other]}
\ No newline at end of file
Copied: sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-99-output.txt
(from r1720303, sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-20-output.txt)
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-99-output.txt?p2=sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-99-output.txt&p1=sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-20-output.txt&r1=1720303&r2=1720525&rev=1720525&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-20-output.txt
(original)
+++ sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-99-output.txt
Thu Dec 17 11:44:58 2015
@@ -1,6 +1,17 @@
CreateServiceUser user1
CreateServiceUser u-ser_2
-SetAcl on [/libs, /apps] : [REMOVE_ALL null for [user1, u-ser_2], ALLOW [jcr:read] for [user1,
u-ser_2], DENY [jcr:write] for [u-ser_2], DENY [jcr:lockManagement] for [user1], REMOVE [jcr:understand,
some:other] for [u3]]
+SetAclPaths on /libs /apps
+ AclLine REMOVE_ALL {principals=[user1, u-ser_2]}
+ AclLine ALLOW {principals=[user1, u-ser_2], privileges=[jcr:read]}
+ AclLine DENY {principals=[u-ser_2], privileges=[jcr:write]}
+ AclLine DENY {principals=[user1], privileges=[jcr:lockManagement]}
+ AclLine REMOVE {principals=[u3], privileges=[jcr:understand, some:other]}
CreateServiceUser bob_the_service
-SetAcl on [/tmp] : [ALLOW [some:otherPrivilege] for [bob_the_service]]
+SetAclPaths on /tmp
+ AclLine ALLOW {principals=[bob_the_service], privileges=[some:otherPrivilege]}
+SetAclPrincipals for alice bob fred
+ AclLine REMOVE_ALL {paths=[/]}
+ AclLine ALLOW {paths=[/content, /var], privileges=[jcr:read]}
+ AclLine DENY {paths=[/content/example.com], privileges=[jcr:write]}
+ AclLine DENY {nodetypes=[example:Page], paths=[/], privileges=[jcr:all]}
CreateServiceUser the-last-one
\ No newline at end of file
Copied: sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-99.txt
(from r1720303, sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-20.txt)
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-99.txt?p2=sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-99.txt&p1=sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-20.txt&r1=1720303&r2=1720525&rev=1720525&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-20.txt
(original)
+++ sling/trunk/contrib/extensions/acldef-parser/src/test/resources/testcases/test-99.txt
Thu Dec 17 11:44:58 2015
@@ -17,4 +17,12 @@ set ACL on /tmp
allow some:otherPrivilege for bob_the_service
end
+set ACL for alice, bob,fred
+ remove * on /
+ allow jcr:read on /content,/var
+ deny jcr:write on /content/example.com
+ deny jcr:all on / nodetypes example:Page
+
+end
+
create service user the-last-one
\ No newline at end of file
|