You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by bd...@apache.org on 2021/05/27 14:30:52 UTC
[sling-org-apache-sling-repoinit-parser] branch fix/SLING-10277
created (now 9275e1d)
This is an automated email from the ASF dual-hosted git repository.
bdelacretaz pushed a change to branch fix/SLING-10277
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-repoinit-parser.git.
at 9275e1d SLING-10277 - REGISTER PRIVILEGE and SET ACL should support lists of STRING and NAMESPACED_ITEM
This branch includes the following new commits:
new 9275e1d SLING-10277 - REGISTER PRIVILEGE and SET ACL should support lists of STRING and NAMESPACED_ITEM
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[sling-org-apache-sling-repoinit-parser] 01/01: SLING-10277 -
REGISTER PRIVILEGE and SET ACL should support lists of STRING and
NAMESPACED_ITEM
Posted by bd...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
bdelacretaz pushed a commit to branch fix/SLING-10277
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-repoinit-parser.git
commit 9275e1d4f85bbc05dd050324bf9820b89ac5330d
Author: Bertrand Delacretaz <bd...@apache.org>
AuthorDate: Thu May 27 16:29:21 2021 +0200
SLING-10277 - REGISTER PRIVILEGE and SET ACL should support lists of STRING and NAMESPACED_ITEM
---
src/main/javacc/RepoInitGrammar.jjt | 15 +++++++++++++--
src/test/resources/testcases/test-10-output.txt | 1 +
src/test/resources/testcases/test-10.txt | 1 +
src/test/resources/testcases/test-42-output.txt | 8 +++++++-
src/test/resources/testcases/test-42.txt | 10 +++++++++-
src/test/resources/testcases/test-99-output.txt | 3 +++
src/test/resources/testcases/test-99.txt | 3 +++
7 files changed, 37 insertions(+), 4 deletions(-)
diff --git a/src/main/javacc/RepoInitGrammar.jjt b/src/main/javacc/RepoInitGrammar.jjt
index e052655..1e4236d 100644
--- a/src/main/javacc/RepoInitGrammar.jjt
+++ b/src/main/javacc/RepoInitGrammar.jjt
@@ -230,6 +230,17 @@ List<String> namespacedItemsList() :
{ return priv; }
}
+List<String> privilegesList() :
+{
+ Token t = null;
+ List<String> priv = new ArrayList<String>();
+}
+{
+ ( t=<NAMESPACED_ITEM> | t=<STRING> ) { priv.add(t.image); }
+ ( <COMMA> ( t=<NAMESPACED_ITEM> | t=<STRING> ) { priv.add(t.image); } )*
+ { return priv; }
+}
+
String usernameList() :
{
List<String> names = new ArrayList<String>();
@@ -365,7 +376,7 @@ void userPrivilegesLine(List<AclLine> lines) :
}
{
line = privilegesLineOperation()
- tmp = namespacedItemsList() { line.setProperty(AclLine.PROP_PRIVILEGES, tmp); }
+ tmp = privilegesList() { line.setProperty(AclLine.PROP_PRIVILEGES, tmp); }
<FOR>
tmp = principalsList() { line.setProperty(AclLine.PROP_PRINCIPALS, tmp); }
restrictions = restrictions() { line.setRestrictions(restrictions); }
@@ -605,7 +616,7 @@ void registerPrivilegeStatement(List<Operation> result) :
List<String> aggregates = new ArrayList<String>();
}
{
- <REGISTER> ((<ABSTRACT>) {isAbstract = true;})? <PRIVILEGE> (privilege = <STRING> | privilege = <NAMESPACED_ITEM>) (<WITH> aggregates = principalsList())?
+ <REGISTER> ((<ABSTRACT>) {isAbstract = true;})? <PRIVILEGE> (privilege = <STRING> | privilege = <NAMESPACED_ITEM>) (<WITH> aggregates = privilegesList())?
{
result.add(new RegisterPrivilege(privilege.image, isAbstract, aggregates));
}
diff --git a/src/test/resources/testcases/test-10-output.txt b/src/test/resources/testcases/test-10-output.txt
index 67053a0..59282ad 100644
--- a/src/test/resources/testcases/test-10-output.txt
+++ b/src/test/resources/testcases/test-10-output.txt
@@ -1,6 +1,7 @@
SetAclPaths on /libs /apps / /content/example.com/some-other_path
AclLine REMOVE_ALL {principals=[user1, user2]}
AclLine ALLOW {principals=[user1, user2], privileges=[jcr:read]}
+ AclLine ALLOW {principals=[user4], privileges=[noNamespace]}
AclLine DENY {principals=[user2], privileges=[jcr:write, something:else, another:one]}
AclLine DENY {principals=[user1], privileges=[jcr:lockManagement]}
AclLine DENY {principals=[user2], privileges=[jcr:modifyProperties]} restrictions=[rep:itemNames=[prop1, prop2]]
\ No newline at end of file
diff --git a/src/test/resources/testcases/test-10.txt b/src/test/resources/testcases/test-10.txt
index 479685b..5e75ac3 100644
--- a/src/test/resources/testcases/test-10.txt
+++ b/src/test/resources/testcases/test-10.txt
@@ -4,6 +4,7 @@
set ACL on /libs,/apps, /, /content/example.com/some-other_path
remove * for user1,user2
allow jcr:read for user1,user2
+ allow noNamespace for user4
deny jcr:write,something:else,another:one for user2
deny jcr:lockManagement for user1
diff --git a/src/test/resources/testcases/test-42-output.txt b/src/test/resources/testcases/test-42-output.txt
index 3fc8e0c..aaa8aac 100644
--- a/src/test/resources/testcases/test-42-output.txt
+++ b/src/test/resources/testcases/test-42-output.txt
@@ -1,6 +1,12 @@
register privilege withoutabstract_withoutaggregates
+register privilege ns:withoutabstract_withoutaggregatesNS
register abstract privilege withabstract_withoutaggregates
+register abstract privilege ns:withabstract_withoutaggregatesNS
register privilege withoutabstract_withaggregate with bla
register privilege withoutabstract_withaggregates with bla,blub
+register privilege withoutabstract_withaggregates with bla,ns:namespacedA
+register privilege ns:withoutabstract_withaggregates with bla,ns:namespacedB
register abstract privilege withabstract_withaggregate with foo
-register abstract privilege withabstract_withaggregates with foo,bar
\ No newline at end of file
+register abstract privilege withabstract_withaggregates with foo,bar
+register abstract privilege withabstract_withaggregates with foo,ns:namespacedC
+register abstract privilege ns:withabstract_withaggregates with foo,ns:namespacedD
\ No newline at end of file
diff --git a/src/test/resources/testcases/test-42.txt b/src/test/resources/testcases/test-42.txt
index 3fc8e0c..1cab5b8 100644
--- a/src/test/resources/testcases/test-42.txt
+++ b/src/test/resources/testcases/test-42.txt
@@ -1,6 +1,14 @@
register privilege withoutabstract_withoutaggregates
+register privilege ns:withoutabstract_withoutaggregatesNS
register abstract privilege withabstract_withoutaggregates
+register abstract privilege ns:withabstract_withoutaggregatesNS
+
register privilege withoutabstract_withaggregate with bla
register privilege withoutabstract_withaggregates with bla,blub
+register privilege withoutabstract_withaggregates with bla,ns:namespacedA
+register privilege ns:withoutabstract_withaggregates with bla,ns:namespacedB
+
register abstract privilege withabstract_withaggregate with foo
-register abstract privilege withabstract_withaggregates with foo,bar
\ No newline at end of file
+register abstract privilege withabstract_withaggregates with foo,bar
+register abstract privilege withabstract_withaggregates with foo,ns:namespacedC
+register abstract privilege ns:withabstract_withaggregates with foo,ns:namespacedD
\ No newline at end of file
diff --git a/src/test/resources/testcases/test-99-output.txt b/src/test/resources/testcases/test-99-output.txt
index 248a216..0b43390 100644
--- a/src/test/resources/testcases/test-99-output.txt
+++ b/src/test/resources/testcases/test-99-output.txt
@@ -3,6 +3,7 @@ CreateServiceUser u-ser_2
SetAclPaths on /libs /apps
AclLine REMOVE_ALL {principals=[user1, u-ser_2]}
AclLine ALLOW {principals=[user1, u-ser_2], privileges=[jcr:read]}
+ AclLine ALLOW {principals=[user4], privileges=[noNamespace]}
AclLine DENY {principals=[u-ser_2], privileges=[jcr:write]}
AclLine DENY {principals=[user1], privileges=[jcr:lockManagement]}
AclLine REMOVE {principals=[u3], privileges=[jcr:understand, some:other]}
@@ -34,8 +35,10 @@ RegisterNodetypes:
register privilege crx:replicate
register privilege priv
register abstract privilege abstract_priv
+register abstract privilege namespaced:priv3
register privilege priv with declared_aggregate_priv
register privilege priv with declared_aggregate_priv1,declared_aggregate_priv2
+register privilege priv with declared_aggregate_priv1,namespaced:_priv4
CreateUser userE (with encoded password), password=afdgwdsdf, passwordEncoding=someEncoding
CreateUser one_with-more-chars.ok:/123456 (with encoded password), password=pw-with.ok-:/13456, passwordEncoding=encoding_with.ok-:/12345
CreateUser userF with path /for/userF
diff --git a/src/test/resources/testcases/test-99.txt b/src/test/resources/testcases/test-99.txt
index d8a24e5..0f04660 100644
--- a/src/test/resources/testcases/test-99.txt
+++ b/src/test/resources/testcases/test-99.txt
@@ -13,6 +13,7 @@ create service user user1, u-ser_2
set ACL on /libs,/apps
remove * for user1,u-ser_2
allow jcr:read for user1,u-ser_2
+ allow noNamespace for user4
deny jcr:write for u-ser_2
deny jcr:lockManagement for user1
@@ -66,8 +67,10 @@ register nodetypes
register privilege crx:replicate
register privilege priv
register abstract privilege abstract_priv
+register abstract privilege namespaced:priv3
register privilege priv with declared_aggregate_priv
register privilege priv with declared_aggregate_priv1,declared_aggregate_priv2
+register privilege priv with declared_aggregate_priv1,namespaced:_priv4
create user userE with password {someEncoding} afdgwdsdf
create user one_with-more-chars.ok:/123456 with password {encoding_with.ok-:/12345} pw-with.ok-:/13456