You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by bd...@apache.org on 2015/12/24 18:01:21 UTC
svn commit: r1721643 - in /sling/trunk/contrib/extensions/acldef: ./
provisioning/ provisioning/src/ provisioning/src/main/
provisioning/src/main/java/ provisioning/src/main/java/org/
provisioning/src/main/java/org/apache/ provisioning/src/main/java/or...
Author: bdelacretaz
Date: Thu Dec 24 17:01:20 2015
New Revision: 1721643
URL: http://svn.apache.org/viewvc?rev=1721643&view=rev
Log:
SLING-5355 - provisioning model support, work in progress
Added:
sling/trunk/contrib/extensions/acldef/provisioning/ (with props)
sling/trunk/contrib/extensions/acldef/provisioning/pom.xml
sling/trunk/contrib/extensions/acldef/provisioning/src/
sling/trunk/contrib/extensions/acldef/provisioning/src/main/
sling/trunk/contrib/extensions/acldef/provisioning/src/main/java/
sling/trunk/contrib/extensions/acldef/provisioning/src/main/java/org/
sling/trunk/contrib/extensions/acldef/provisioning/src/main/java/org/apache/
sling/trunk/contrib/extensions/acldef/provisioning/src/main/java/org/apache/sling/
sling/trunk/contrib/extensions/acldef/provisioning/src/main/java/org/apache/sling/acldef/
sling/trunk/contrib/extensions/acldef/provisioning/src/main/java/org/apache/sling/acldef/provisioning/
sling/trunk/contrib/extensions/acldef/provisioning/src/main/java/org/apache/sling/acldef/provisioning/AclConfigsProvider.java
sling/trunk/contrib/extensions/acldef/provisioning/src/test/
sling/trunk/contrib/extensions/acldef/provisioning/src/test/java/
sling/trunk/contrib/extensions/acldef/provisioning/src/test/java/org/
sling/trunk/contrib/extensions/acldef/provisioning/src/test/java/org/apache/
sling/trunk/contrib/extensions/acldef/provisioning/src/test/java/org/apache/sling/
sling/trunk/contrib/extensions/acldef/provisioning/src/test/java/org/apache/sling/acldef/
sling/trunk/contrib/extensions/acldef/provisioning/src/test/java/org/apache/sling/acldef/provisioning/
sling/trunk/contrib/extensions/acldef/provisioning/src/test/java/org/apache/sling/acldef/provisioning/AclModelTest.java
sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/
sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/
sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/aclmodel.txt
sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/moreacls.txt
sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/noacl.txt
Modified:
sling/trunk/contrib/extensions/acldef/pom.xml
Modified: sling/trunk/contrib/extensions/acldef/pom.xml
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef/pom.xml?rev=1721643&r1=1721642&r2=1721643&view=diff
==============================================================================
--- sling/trunk/contrib/extensions/acldef/pom.xml (original)
+++ sling/trunk/contrib/extensions/acldef/pom.xml Thu Dec 24 17:01:20 2015
@@ -36,5 +36,6 @@
<modules>
<module>parser</module>
<module>oak-jcr</module>
+ <module>provisioning</module>
</modules>
</project>
Propchange: sling/trunk/contrib/extensions/acldef/provisioning/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Thu Dec 24 17:01:20 2015
@@ -0,0 +1,14 @@
+target
+bin
+derby.log
+*.iml
+*.ipr
+*.iws
+.settings
+.project
+.classpath
+.externalToolBuilders
+maven-eclipse.xml
+sling
+
+
Added: sling/trunk/contrib/extensions/acldef/provisioning/pom.xml
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef/provisioning/pom.xml?rev=1721643&view=auto
==============================================================================
--- sling/trunk/contrib/extensions/acldef/provisioning/pom.xml (added)
+++ sling/trunk/contrib/extensions/acldef/provisioning/pom.xml Thu Dec 24 17:01:20 2015
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>sling</artifactId>
+ <version>25</version>
+ <relativePath/>
+ </parent>
+
+ <artifactId>org.apache.sling.acldef.provisioning</artifactId>
+ <packaging>jar</packaging>
+ <version>0.0.1-SNAPSHOT</version>
+ <name>Apache Sling ACL Definitions Provisioning Support</name>
+ <description>
+ Support for 'accesscontrol' sections in Sling
+ provisioning models
+ </description>
+
+ <properties>
+ <jackrabbit.version>2.10.0</jackrabbit.version>
+ </properties>
+
+ <scm>
+ <connection>scm:svn: https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/acldef/provisioning</connection>
+ <developerConnection>scm:svn: https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/acldef/provisioning</developerConnection>
+ <url> https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/acldef/provisioning</url>
+ </scm>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.provisioning.model</artifactId>
+ <version>1.4.1-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ </dependency>
+ </dependencies>
+</project>
Added: sling/trunk/contrib/extensions/acldef/provisioning/src/main/java/org/apache/sling/acldef/provisioning/AclConfigsProvider.java
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef/provisioning/src/main/java/org/apache/sling/acldef/provisioning/AclConfigsProvider.java?rev=1721643&view=auto
==============================================================================
--- sling/trunk/contrib/extensions/acldef/provisioning/src/main/java/org/apache/sling/acldef/provisioning/AclConfigsProvider.java (added)
+++ sling/trunk/contrib/extensions/acldef/provisioning/src/main/java/org/apache/sling/acldef/provisioning/AclConfigsProvider.java Thu Dec 24 17:01:20 2015
@@ -0,0 +1,100 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.acldef.provisioning;
+
+import org.apache.sling.provisioning.model.Configuration;
+import org.apache.sling.provisioning.model.Feature;
+import org.apache.sling.provisioning.model.Model;
+import org.apache.sling.provisioning.model.Section;
+
+/** Convert ACL definitions found as text in additional sections of
+ * a Sling provisioning model to model Configurations.
+ *
+ * These configs will be used by the oak-jcr bundle to execute
+ * the corresponding access control statements, after waiting for
+ * the required services and content to be available.
+ */
+public class AclConfigsProvider {
+ /** The default OSGi configuration factory PID of the configs that we supply */
+ public static final String DEFAULT_CONFIG_FACTORY_PID = "org.apache.sling.acldef.jcr.handler.AclDefConfigHandler";
+
+ /** The default name of our ACL definitions sections */
+ public static final String DEFAULT_ACLDEF_SECTION_NAME = "accesscontrol";
+
+ /** Name Prefix for property for the created Configurations: text of the ACL definition */
+ public static final String PROP_ACLDEFTEXT_PREFIX = "acldef.text.";
+
+ private final String sectionName;
+
+ /** Create a provider with a specific config PID and model section name */
+ public AclConfigsProvider(String configPid, String aclDefSectionName) {
+ sectionName = aclDefSectionName == null ? DEFAULT_ACLDEF_SECTION_NAME : aclDefSectionName;
+ }
+
+ /** Create a provider with the default config PID and model section name */
+ public AclConfigsProvider() {
+ this(null, null);
+ }
+
+ /** Create a Configuration with one property for each additional accesscontrol
+ * section found in the supplied model.
+ * The properties are named using the {@link #PROP_ACLDEFTEXT_PREFIX} followed
+ * by an integer index starting at 1.
+ * Each property contains the full text of the corresponding accesscontrol section,
+ * prefixed by a comment indicating which model and feature provided that section.
+ *
+ * @param m Model from which to extract accesscontrol sections
+ * @return a Configuration object as described above, null if the Model doesn't contain
+ * any additional sections with our section name.
+ */
+ public Configuration getAclDefConfigs(Model m) {
+ Configuration result = null;
+
+ int counter = 1;
+ for(Feature f : m.getFeatures()) {
+ for(Section s : f.getAdditionalSections(sectionName)) {
+ if(result == null) {
+ result = createConfiguration();
+ }
+ result.getProperties().put(PROP_ACLDEFTEXT_PREFIX + counter++, getCommentedContent(m, f, s));
+ }
+ }
+ return result;
+ }
+
+ private static String getCommentedContent(Model m, Feature f, Section s) {
+ final StringBuilder sb = new StringBuilder()
+ .append("# Configuration created from feature ")
+ .append(f.getName())
+ .append(" of model ")
+ .append(m.getLocation())
+ .append("\n")
+ .append(s.getContents().trim())
+ ;
+ return sb.toString();
+ }
+
+ /** Return the model section name to use to extract ACL definitions */
+ protected String getModelSectionName() {
+ return DEFAULT_ACLDEF_SECTION_NAME;
+ }
+
+ /** Create a Configuration with the appropriate PIDs */
+ protected Configuration createConfiguration() {
+ return new Configuration(null, DEFAULT_CONFIG_FACTORY_PID);
+ }
+}
\ No newline at end of file
Added: sling/trunk/contrib/extensions/acldef/provisioning/src/test/java/org/apache/sling/acldef/provisioning/AclModelTest.java
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef/provisioning/src/test/java/org/apache/sling/acldef/provisioning/AclModelTest.java?rev=1721643&view=auto
==============================================================================
--- sling/trunk/contrib/extensions/acldef/provisioning/src/test/java/org/apache/sling/acldef/provisioning/AclModelTest.java (added)
+++ sling/trunk/contrib/extensions/acldef/provisioning/src/test/java/org/apache/sling/acldef/provisioning/AclModelTest.java Thu Dec 24 17:01:20 2015
@@ -0,0 +1,106 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.acldef.provisioning;
+
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.Reader;
+
+import org.apache.sling.provisioning.model.Configuration;
+import org.apache.sling.provisioning.model.MergeUtility;
+import org.apache.sling.provisioning.model.Model;
+import org.apache.sling.provisioning.model.io.ModelReader;
+import org.junit.Before;
+import org.junit.Test;
+
+public class AclModelTest {
+
+ private Model model;
+
+ private void readModel(String resourcePath) throws IOException {
+ final InputStream is = getClass().getResourceAsStream(resourcePath);
+ assertNotNull("Expecting resource at " + resourcePath, is);
+ final Reader r = new InputStreamReader(is, "UTF-8");
+ try {
+ MergeUtility.merge(model, ModelReader.read(r, resourcePath));
+ } finally {
+ r.close();
+ }
+ }
+
+ @Before
+ public void setup() throws IOException {
+ model = new Model();
+ model.setLocation(getClass().getSimpleName());
+ }
+
+ private void assertConfig(Configuration c, int index, String ... expected) {
+ final String key = AclConfigsProvider.PROP_ACLDEFTEXT_PREFIX + (index);
+ final Object obj = c.getProperties().get(key);
+ assertNotNull("Expecting property " + key, obj);
+ final String content = obj.toString();
+ for(String exp : expected) {
+ assertTrue("Expected " + exp + " in property " + key + " = "+ content, content.contains(exp));
+ }
+ }
+
+ @Test
+ public void singleFeature() throws IOException {
+ readModel("/models/aclmodel.txt");
+ final Configuration cfg = new AclConfigsProvider().getAclDefConfigs(model);
+
+ assertConfig(cfg, 1,
+ "feature testfeature", "model AclModelTest",
+ "\nset ACL for someuser", "allow line1", "\nend");
+ assertConfig(cfg, 2,
+ "feature testfeature", "model AclModelTest",
+ "\nset ACL for another\nend");
+ }
+
+ @Test
+ public void noAcl() throws IOException {
+ readModel("/models/noacl.txt");
+ assertNull("Expecting no Configuration", new AclConfigsProvider().getAclDefConfigs(model));
+ }
+
+ @Test
+ public void mergedModels() throws IOException {
+ readModel("/models/aclmodel.txt");
+ readModel("/models/moreacls.txt");
+ final Configuration cfg = new AclConfigsProvider().getAclDefConfigs(model);
+
+ // TODO make test more robust against section indexes
+ assertConfig(cfg, 3,
+ "feature testfeature", "model AclModelTest",
+ "\nset ACL for someuser", "allow line1", "\nend");
+ assertConfig(cfg, 4,
+ "feature testfeature", "model AclModelTest",
+ "\nset ACL for another\nend");
+ assertConfig(cfg, 1,
+ "feature otherfeature", "model AclModelTest",
+ "\nset ACL for bob\nend\n\ncreate service user P");
+ assertConfig(cfg, 2,
+ "feature otherfeature", "model AclModelTest",
+ "\ncreate service user S\ncreate service user T");
+ }
+
+}
Added: sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/aclmodel.txt
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/aclmodel.txt?rev=1721643&view=auto
==============================================================================
--- sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/aclmodel.txt (added)
+++ sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/aclmodel.txt Thu Dec 24 17:01:20 2015
@@ -0,0 +1,40 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# Test provisioning model that includes some :accesscontrol sections
+[feature name=testfeature]
+
+[variables]
+ felix.framework.version=5.0.0
+ slf4j.version = 1.6.2
+
+[artifacts]
+ org.apache.felix/org.apache.felix.framework/${felix.framework.version}
+ org.slf4j/slf4j-api/${slf4j.version}
+ org.slf4j/slf4j-simple/${slf4j.version}
+
+[:accesscontrol]
+set ACL for someuser
+ allow line1
+ deny line2
+end
+
+[:accesscontrol]
+set ACL for another
+end
\ No newline at end of file
Added: sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/moreacls.txt
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/moreacls.txt?rev=1721643&view=auto
==============================================================================
--- sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/moreacls.txt (added)
+++ sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/moreacls.txt Thu Dec 24 17:01:20 2015
@@ -0,0 +1,40 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# Test provisioning model with some :accesscontrol sections
+[feature name=otherfeature]
+
+[variables]
+ felix.framework.version=5.0.0
+ slf4j.version = 1.6.2
+
+[artifacts]
+ org.apache.felix/org.apache.felix.framework/${felix.framework.version}
+ org.slf4j/slf4j-api/${slf4j.version}
+ org.slf4j/slf4j-simple/${slf4j.version}
+
+[:accesscontrol]
+set ACL for bob
+end
+
+create service user P
+
+[:accesscontrol]
+create service user S
+create service user T
\ No newline at end of file
Added: sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/noacl.txt
URL: http://svn.apache.org/viewvc/sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/noacl.txt?rev=1721643&view=auto
==============================================================================
--- sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/noacl.txt (added)
+++ sling/trunk/contrib/extensions/acldef/provisioning/src/test/resources/models/noacl.txt Thu Dec 24 17:01:20 2015
@@ -0,0 +1,30 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# Test provisioning model with no :accesscontrol section
+[feature name=testfeature]
+
+[variables]
+ felix.framework.version=5.0.0
+ slf4j.version = 1.6.2
+
+[artifacts]
+ org.apache.felix/org.apache.felix.framework/${felix.framework.version}
+ org.slf4j/slf4j-api/${slf4j.version}
+ org.slf4j/slf4j-simple/${slf4j.version}
\ No newline at end of file