sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cziege...@apache.org
Subject svn commit: r1768534 - in /sling/trunk/bundles/jcr/repoinit/src: main/java/org/apache/sling/jcr/repoinit/impl/ test/java/org/apache/sling/jcr/repoinit/impl/
Date Mon, 07 Nov 2016 15:28:33 GMT
Author: cziegeler
Date: Mon Nov  7 15:28:33 2016
New Revision: 1768534

URL: http://svn.apache.org/viewvc?rev=1768534&view=rev
Log:
SLING-6219 : Allow to create users with repoinit

Added:
    sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclVisitor.java
  (with props)
    sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java
      - copied, changed from r1768533, sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/ServiceUserUtil.java
Removed:
    sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/ServiceUserUtil.java
Modified:
    sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java
    sling/trunk/bundles/jcr/repoinit/src/test/java/org/apache/sling/jcr/repoinit/impl/TestUtil.java

Added: sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclVisitor.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclVisitor.java?rev=1768534&view=auto
==============================================================================
--- sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclVisitor.java
(added)
+++ sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclVisitor.java
Mon Nov  7 15:28:33 2016
@@ -0,0 +1,107 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.jcr.repoinit.impl;
+
+import static org.apache.sling.repoinit.parser.operations.AclLine.PROP_PATHS;
+import static org.apache.sling.repoinit.parser.operations.AclLine.PROP_PRINCIPALS;
+import static org.apache.sling.repoinit.parser.operations.AclLine.PROP_PRIVILEGES;
+
+import java.util.List;
+
+import javax.jcr.Node;
+import javax.jcr.Session;
+
+import org.apache.sling.repoinit.parser.operations.AclLine;
+import org.apache.sling.repoinit.parser.operations.CreatePath;
+import org.apache.sling.repoinit.parser.operations.PathSegmentDefinition;
+import org.apache.sling.repoinit.parser.operations.SetAclPaths;
+import org.apache.sling.repoinit.parser.operations.SetAclPrincipals;
+
+/** OperationVisitor which processes only operations related to ACLs.
+ * Having several such specialized visitors
+ * makes it easy to control the execution order.
+ */
+class AclVisitor extends DoNothingVisitor {
+
+    /** Create a visitor using the supplied JCR Session.
+     * @param s must have sufficient rights to create users
+     *      and set ACLs.
+     */
+    public AclVisitor(Session s) {
+        super(s);
+    }
+
+    private List<String> require(AclLine line, String propertyName) {
+        final List<String> result = line.getProperty(propertyName);
+        if(result == null) {
+            throw new IllegalStateException("Missing property " + propertyName + " on " +
line);
+        }
+        return result;
+    }
+
+    private void setAcl(AclLine line, Session s, List<String> principals, List<String>
paths, List<String> privileges, boolean isAllow) {
+        try {
+            log.info("Adding ACL '{}' entry '{}' for {} on {}", isAllow ? "allow" : "deny",
privileges, principals, paths);
+            AclUtil.setAcl(s, principals, paths, privileges, isAllow);
+        } catch(Exception e) {
+            throw new RuntimeException("Failed to set ACL (" + e.toString() + ") " + line,
e);
+        }
+    }
+
+    @Override
+    public void visitSetAclPrincipal(SetAclPrincipals s) {
+        final List<String> principals = s.getPrincipals();
+        for(AclLine line : s.getLines()) {
+            final boolean isAllow = line.getAction().equals(AclLine.Action.ALLOW);
+            setAcl(line, session, principals, require(line, PROP_PATHS), require(line, PROP_PRIVILEGES),
isAllow);
+        }
+     }
+
+    @Override
+    public void visitSetAclPaths(SetAclPaths s) {
+        final List<String> paths = s.getPaths();
+        for(AclLine line : s.getLines()) {
+            final boolean isAllow = line.getAction().equals(AclLine.Action.ALLOW);
+            setAcl(line, session, require(line, PROP_PRINCIPALS), paths, require(line, PROP_PRIVILEGES),
isAllow);
+        }
+    }
+
+    @Override
+    public void visitCreatePath(CreatePath cp) {
+        String parentPath = "";
+            for(PathSegmentDefinition psd : cp.getDefinitions()) {
+                final String fullPath = parentPath + "/" + psd.getSegment();
+                try {
+                    if(session.itemExists(fullPath)) {
+                        log.info("Path already exists, nothing to do (and not checking its
primary type for now): {}", fullPath);
+                    } else {
+                        final Node n = parentPath.equals("") ? session.getRootNode() : session.getNode(parentPath);
+                        log.info("Creating node {} with primary type {}", fullPath, psd.getPrimaryType());
+                        n.addNode(psd.getSegment(), psd.getPrimaryType());
+                    }
+                } catch(Exception e) {
+                    throw new RuntimeException("CreatePath execution failed at " + psd +
": " + e, e);
+                }
+                parentPath += "/" + psd.getSegment();
+            }
+        try {
+            session.save();
+        } catch(Exception e) {
+            throw new RuntimeException("Session.save failed: "+ e, e);
+        }
+    }
+}

Propchange: sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclVisitor.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclVisitor.java
------------------------------------------------------------------------------
    svn:keywords = author date id revision rev url

Copied: sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java
(from r1768533, sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/ServiceUserUtil.java)
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java?p2=sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java&p1=sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/ServiceUserUtil.java&r1=1768533&r2=1768534&rev=1768534&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/ServiceUserUtil.java
(original)
+++ sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java
Mon Nov  7 15:28:33 2016
@@ -24,8 +24,8 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.api.security.user.UserManager;
 
-/** Utilities for Service Users management */
-public class ServiceUserUtil {
+/** Utilities for (Service) Users management */
+public class UserUtil {
 
     public static UserManager getUserManager(Session session) throws RepositoryException
{
         if(!(session instanceof JackrabbitSession)) {
@@ -33,16 +33,16 @@ public class ServiceUserUtil {
         }
         return ((JackrabbitSession)session).getUserManager();
     }
-    
+
     public static Authorizable getAuthorizable(Session session, String username) throws RepositoryException
{
         return getUserManager(session).getAuthorizable(username);
     }
-    
+
     /** Create a service user - fails if it already exists */
     public static void createServiceUser(Session s, String username) throws RepositoryException
{
         getUserManager(s).createSystemUser(username, null);
     }
-    
+
     /** True if specified service user exists */
     public static boolean serviceUserExists(Session session, String username) throws RepositoryException
{
         boolean result = false;
@@ -53,7 +53,31 @@ public class ServiceUserUtil {
         }
         return result;
     }
-    
+
+    public static void deleteUser(Session s, String username) throws RepositoryException
{
+        final Authorizable a = getUserManager(s).getAuthorizable(username);
+        if(a == null) {
+            throw new IllegalStateException("Authorizable not found:" + username);
+        }
+        a.remove();
+    }
+
+    /** Create a service user - fails if it already exists */
+    public static void createUser(Session s, String username, String password) throws RepositoryException
{
+        getUserManager(s).createUser(username, password);
+    }
+
+    /** True if specified user exists */
+    public static boolean serviceExists(Session session, String username) throws RepositoryException
{
+        boolean result = false;
+        final Authorizable a = getAuthorizable(session, username);
+        if (a != null) {
+            final User u = (User)a;
+            result = !u.isSystemUser();
+        }
+        return result;
+    }
+
     public static void deleteServiceUser(Session s, String username) throws RepositoryException
{
         final Authorizable a = getUserManager(s).getAuthorizable(username);
         if(a == null) {
@@ -61,5 +85,4 @@ public class ServiceUserUtil {
         }
         a.remove();
     }
-    
 }

Modified: sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java?rev=1768534&r1=1768533&r2=1768534&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java
(original)
+++ sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java
Mon Nov  7 15:28:33 2016
@@ -19,7 +19,9 @@ package org.apache.sling.jcr.repoinit.im
 import javax.jcr.Session;
 
 import org.apache.sling.repoinit.parser.operations.CreateServiceUser;
+import org.apache.sling.repoinit.parser.operations.CreateUser;
 import org.apache.sling.repoinit.parser.operations.DeleteServiceUser;
+import org.apache.sling.repoinit.parser.operations.DeleteUser;
 
 /** OperationVisitor which processes only operations related to
  *  service users and ACLs. Having several such specialized visitors
@@ -39,9 +41,9 @@ class UserVisitor extends DoNothingVisit
     public void visitCreateServiceUser(CreateServiceUser s) {
         final String id = s.getUsername();
         try {
-            if(!ServiceUserUtil.serviceUserExists(session, id)) {
+            if(!UserUtil.serviceUserExists(session, id)) {
                 log.info("Creating service user {}", id);
-                ServiceUserUtil.createServiceUser(session, id);
+                UserUtil.createServiceUser(session, id);
             } else {
                 log.info("Service user {} already exists, no changes made", id);
             }
@@ -55,9 +57,36 @@ class UserVisitor extends DoNothingVisit
         final String id = s.getUsername();
         log.info("Deleting service user {}", id);
         try {
-            ServiceUserUtil.deleteServiceUser(session, id);
+            UserUtil.deleteServiceUser(session, id);
         } catch(Exception e) {
             report(e, "Unable to delete service user [" + id + "]:" + e);
         }
     }
+
+    @Override
+    public void visitCreateUser(CreateUser u) {
+        final String id = u.getUsername();
+        try {
+            if(!UserUtil.serviceExists(session, id)) {
+                log.info("Creating user {}", id);
+                UserUtil.createUser(session, id, u.getPassword());
+            } else {
+                log.info("User {} already exists, no changes made", id);
+            }
+        } catch(Exception e) {
+            report(e, "Unable to create user [" + id + "]:" + e);
+        }
+    }
+
+    @Override
+    public void visitDeleteUser(DeleteUser u) {
+        final String id = u.getUsername();
+        log.info("Deleting user {}", id);
+        try {
+            UserUtil.deleteUser(session, id);
+        } catch(Exception e) {
+            report(e, "Unable to delete user [" + id + "]:" + e);
+        }
+    }
+
 }

Modified: sling/trunk/bundles/jcr/repoinit/src/test/java/org/apache/sling/jcr/repoinit/impl/TestUtil.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/repoinit/src/test/java/org/apache/sling/jcr/repoinit/impl/TestUtil.java?rev=1768534&r1=1768533&r2=1768534&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/repoinit/src/test/java/org/apache/sling/jcr/repoinit/impl/TestUtil.java
(original)
+++ sling/trunk/bundles/jcr/repoinit/src/test/java/org/apache/sling/jcr/repoinit/impl/TestUtil.java
Mon Nov  7 15:28:33 2016
@@ -62,7 +62,7 @@ public class TestUtil {
     }
 
     public void assertServiceUser(String info, String id, boolean expectToExist) throws RepositoryException
{
-        final Authorizable a = ServiceUserUtil.getUserManager(adminSession).getAuthorizable(id);
+        final Authorizable a = UserUtil.getUserManager(adminSession).getAuthorizable(id);
         if(!expectToExist) {
             assertNull(info + ", expecting Principal to be absent:" + id, a);
         } else {



Mime
View raw message