You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by dk...@apache.org on 2019/11/18 08:08:20 UTC
[sling-org-apache-sling-app-cms] branch master updated (2a9f5ba ->
724e4ad)
This is an automated email from the ASF dual-hosted git repository.
dklco pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-app-cms.git.
from 2a9f5ba Update administration.md
new 23996e3 Updating versions to latest from starter
new 3f42e20 Combining the publish into security filter to resolve challenges around previewing non-published files.
new 724e4ad Merge branch 'master' of git@github.com:apache/sling-org-apache-sling-app-cms.git
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
builder/src/main/provisioning/boot.txt | 12 ++--
builder/src/main/provisioning/composum.txt | 4 +-
builder/src/main/provisioning/healthcheck.txt | 2 +-
builder/src/main/provisioning/repoinit.txt | 4 +-
builder/src/main/provisioning/scripting.txt | 16 ++---
builder/src/main/provisioning/sling-caconfig.txt | 4 +-
builder/src/main/provisioning/sling.txt | 49 +++++++--------
builder/src/main/provisioning/standalone.txt | 2 +-
builder/src/main/provisioning/webapp.txt | 2 +-
.../core/internal/filters/CMSSecurityFilter.java | 14 +++--
.../internal/filters/CMSSecurityFilterConfig.java | 15 +++--
.../cms/core/internal/filters/PublishFilter.java | 71 ----------------------
12 files changed, 66 insertions(+), 129 deletions(-)
delete mode 100644 core/src/main/java/org/apache/sling/cms/core/internal/filters/PublishFilter.java
[sling-org-apache-sling-app-cms] 01/03: Updating versions to latest
from starter
Posted by dk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
dklco pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-app-cms.git
commit 23996e38cd87f125a797f04d471f0ba6c14abebb
Author: Dan Klco <dk...@apache.org>
AuthorDate: Mon Nov 18 03:05:25 2019 -0500
Updating versions to latest from starter
---
builder/src/main/provisioning/boot.txt | 12 +++---
builder/src/main/provisioning/composum.txt | 4 +-
builder/src/main/provisioning/healthcheck.txt | 2 +-
builder/src/main/provisioning/repoinit.txt | 4 +-
builder/src/main/provisioning/scripting.txt | 16 ++++----
builder/src/main/provisioning/sling-caconfig.txt | 4 +-
builder/src/main/provisioning/sling.txt | 49 ++++++++++++------------
builder/src/main/provisioning/standalone.txt | 2 +-
builder/src/main/provisioning/webapp.txt | 2 +-
9 files changed, 49 insertions(+), 46 deletions(-)
diff --git a/builder/src/main/provisioning/boot.txt b/builder/src/main/provisioning/boot.txt
index b5b48db..4659de7 100644
--- a/builder/src/main/provisioning/boot.txt
+++ b/builder/src/main/provisioning/boot.txt
@@ -34,7 +34,9 @@
[artifacts]
org.osgi/org.osgi.util.function/1.1.0
- org.osgi/org.osgi.util.promise/1.1.0
+ org.osgi/org.osgi.util.promise/1.1.1
+ org.osgi/org.osgi.util.pushstream/1.0.1
+ org.osgi/org.osgi.service.log/1.4.0
org.apache.sling/org.apache.sling.javax.activation/0.1.0
org.apache.geronimo.specs/geronimo-annotation_1.3_spec/1.1
org.apache.servicemix.specs/org.apache.servicemix.specs.jaxws-api-2.2/2.9.0
@@ -46,18 +48,18 @@
org.apache.servicemix.bundles/org.apache.servicemix.bundles.jaxb-impl/2.2.11_1
org.slf4j/slf4j-api/${slf4j.version}
org.apache.sling/org.apache.sling.commons.log/5.1.10
- org.apache.sling/org.apache.sling.commons.logservice/1.0.6
+ org.apache.sling/org.apache.sling.commons.logservice/1.1.0
org.slf4j/jcl-over-slf4j/${slf4j.version}
org.slf4j/log4j-over-slf4j/${slf4j.version}
org.apache.sling/org.apache.sling.settings/1.3.10
org.apache.sling/org.apache.sling.launchpad.installer/1.2.2
org.apache.sling/org.apache.sling.installer.core/3.9.0
org.apache.sling/org.apache.sling.installer.provider.file/1.1.0
- org.apache.sling/org.apache.sling.installer.factory.configuration/1.2.2
- org.apache.felix/org.apache.felix.configadmin/1.9.14
+ org.apache.sling/org.apache.sling.installer.factory.configuration/1.2.4
+ org.apache.felix/org.apache.felix.configadmin/1.9.16
org.apache.felix/org.apache.felix.eventadmin/1.5.0
org.apache.aries/org.apache.aries.util/1.1.3
# dependency with javax.inject - required for Sling Models (SLING-4710)
org.apache.geronimo.specs/geronimo-atinject_1.0_spec/1.1
- org.apache.commons/commons-lang3/3.8.1
+ org.apache.commons/commons-lang3/3.9
diff --git a/builder/src/main/provisioning/composum.txt b/builder/src/main/provisioning/composum.txt
index 1d68a9a..9462b39 100644
--- a/builder/src/main/provisioning/composum.txt
+++ b/builder/src/main/provisioning/composum.txt
@@ -17,7 +17,7 @@
# under the License.
[feature name=composum-nodes]
[variables]
- composum.nodes.version=1.11.3
+ composum.nodes.version=1.11.5
[artifacts startLevel=20]
@@ -26,7 +26,7 @@
com.composum.sling.core/composum-sling-core-jslibs/${composum.nodes.version}
com.composum.sling.core/composum-sling-package-manager/${composum.nodes.version}
com.composum.sling.core.osgi/composum-sling-osgi-package-installer/${composum.nodes.version}
- org.apache.jackrabbit.vault/org.apache.jackrabbit.vault/3.2.8
+ org.apache.jackrabbit.vault/org.apache.jackrabbit.vault/3.4.0
[configurations]
diff --git a/builder/src/main/provisioning/healthcheck.txt b/builder/src/main/provisioning/healthcheck.txt
index 9b2a83a..b487486 100644
--- a/builder/src/main/provisioning/healthcheck.txt
+++ b/builder/src/main/provisioning/healthcheck.txt
@@ -38,7 +38,7 @@
hc.tags=["systemalive"]
targetStartLevel=I"30"
- org.apache.felix.hc.generalchecks.ServicesCheck-systemalive
+ org.apache.felix.hc.generalchecks.ServicesCheck
hc.tags=["systemalive"]
services.list=[
"org.apache.sling.jcr.api.SlingRepository",
diff --git a/builder/src/main/provisioning/repoinit.txt b/builder/src/main/provisioning/repoinit.txt
index 7250cd1..9a9bf9a 100644
--- a/builder/src/main/provisioning/repoinit.txt
+++ b/builder/src/main/provisioning/repoinit.txt
@@ -19,8 +19,8 @@
[feature name=repoinit]
[artifacts]
- org.apache.sling/org.apache.sling.repoinit.parser/1.2.4
- org.apache.sling/org.apache.sling.jcr.repoinit/1.1.10
+ org.apache.sling/org.apache.sling.repoinit.parser/1.2.6
+ org.apache.sling/org.apache.sling.jcr.repoinit/1.1.12
org.apache.sling/org.apache.sling.provisioning.model/1.8.4
[:repoinit]
diff --git a/builder/src/main/provisioning/scripting.txt b/builder/src/main/provisioning/scripting.txt
index dd73d84..75bd30a 100644
--- a/builder/src/main/provisioning/scripting.txt
+++ b/builder/src/main/provisioning/scripting.txt
@@ -21,19 +21,19 @@
[artifacts]
org.apache.sling/org.apache.sling.scripting.api/2.2.0
- org.apache.sling/org.apache.sling.scripting.core/2.0.56
+ org.apache.sling/org.apache.sling.scripting.core/2.0.58
org.apache.sling/org.apache.sling.scripting.javascript/3.0.4
org.apache.sling/org.apache.sling.scripting.jsp/2.3.4
org.apache.sling/org.apache.sling.scripting.jsp-api/1.0.0
org.apache.sling/org.apache.sling.scripting.el-api/1.0.0
org.apache.sling/org.apache.sling.scripting.jsp.taglib/2.4.0
- org.antlr/antlr4-runtime/4.7.1
- org.apache.sling/org.apache.sling.scripting.sightly.runtime/1.1.0-1.4.0
- org.apache.sling/org.apache.sling.scripting.sightly.compiler/1.1.2-1.4.0
- org.apache.sling/org.apache.sling.scripting.sightly.compiler.java/1.1.2-1.4.0
- org.apache.sling/org.apache.sling.scripting.sightly/1.1.2-1.4.0
- org.apache.sling/org.apache.sling.scripting.sightly.js.provider/1.0.28
- org.apache.sling/org.apache.sling.scripting.sightly.models.provider/1.0.8
+ org.antlr/antlr4-runtime/4.7.2
+ org.apache.sling/org.apache.sling.scripting.sightly.runtime/1.1.2-1.4.0
+ org.apache.sling/org.apache.sling.scripting.sightly.compiler/1.2.0-1.4.0
+ org.apache.sling/org.apache.sling.scripting.sightly.compiler.java/1.1.4-1.4.0
+ org.apache.sling/org.apache.sling.scripting.sightly/1.2.0-1.4.0
+ org.apache.sling/org.apache.sling.scripting.sightly.js.provider/1.0.30
+ org.apache.sling/org.apache.sling.scripting.sightly.models.provider/1.0.10
org.apache.sling/org.apache.sling.scripting.sightly.repl/1.0.6
org.apache.servicemix.bundles/org.apache.servicemix.bundles.rhino/1.7.10_1
diff --git a/builder/src/main/provisioning/sling-caconfig.txt b/builder/src/main/provisioning/sling-caconfig.txt
index e76bb34..aa36b0c 100644
--- a/builder/src/main/provisioning/sling-caconfig.txt
+++ b/builder/src/main/provisioning/sling-caconfig.txt
@@ -20,9 +20,9 @@
[feature name=sling-caconfig]
[artifacts]
- org.apache.sling/org.apache.sling.caconfig.api/1.1.2
+ org.apache.sling/org.apache.sling.caconfig.api/1.2.0
org.apache.sling/org.apache.sling.caconfig.spi/1.3.4
- org.apache.sling/org.apache.sling.caconfig.impl/1.4.14
+ org.apache.sling/org.apache.sling.caconfig.impl/1.5.0
[:repoinit]
create path (sling:Folder) /conf
diff --git a/builder/src/main/provisioning/sling.txt b/builder/src/main/provisioning/sling.txt
index f40200c..97b5eec 100644
--- a/builder/src/main/provisioning/sling.txt
+++ b/builder/src/main/provisioning/sling.txt
@@ -29,15 +29,15 @@
[artifacts startLevel=5]
org.apache.felix/org.apache.felix.http.whiteboard/4.0.0
org.apache.sling/org.apache.sling.extensions.webconsolebranding/1.0.2
- org.apache.sling/org.apache.sling.extensions.webconsolesecurityprovider/1.2.2
+ org.apache.sling/org.apache.sling.extensions.webconsolesecurityprovider/1.2.4
org.apache.felix/org.apache.felix.inventory/1.0.6
org.apache.felix/org.apache.felix.prefs/1.1.0
- org.apache.felix/org.apache.felix.webconsole/4.3.8
+ org.apache.felix/org.apache.felix.webconsole/4.3.16
org.apache.felix/org.apache.felix.webconsole.plugins.ds/2.1.0
org.apache.felix/org.apache.felix.webconsole.plugins.obr/1.0.4
org.apache.felix/org.apache.felix.webconsole.plugins.packageadmin/1.0.4
org.apache.felix/org.apache.felix.webconsole.plugins.event/1.1.8
- org.apache.felix/org.apache.felix.webconsole.plugins.memoryusage/1.0.8
+ org.apache.felix/org.apache.felix.webconsole.plugins.memoryusage/1.0.10
org.apache.sling/org.apache.sling.commons.johnzon/1.1.2
org.apache.felix/org.apache.felix.bundlerepository/2.0.10
org.apache.sling/org.apache.sling.extensions.threaddump/0.2.2
@@ -48,20 +48,20 @@
commons-fileupload/commons-fileupload/1.3.3
org.apache.sling/org.apache.sling.commons.log.webconsole/1.0.0
org.apache.sling/org.apache.sling.api/2.20.0
- org.apache.sling/org.apache.sling.auth.core/1.4.2
+ org.apache.sling/org.apache.sling.auth.core/1.4.4
[artifacts startLevel=10]
org.apache.felix/org.apache.felix.http.sslfilter/1.2.6
- org.apache.pdfbox/pdfbox/2.0.16
- org.apache.pdfbox/fontbox/2.0.16
+ org.apache.pdfbox/pdfbox/2.0.17
+ org.apache.pdfbox/fontbox/2.0.17
org.apache.pdfbox/jempbox/1.8.16
- org.apache.tika/tika-core/1.21
- org.apache.tika/tika-parsers/1.21
+ org.apache.tika/tika-core/1.22
+ org.apache.tika/tika-parsers/1.22
[artifacts startLevel=15]
org.apache.sling/org.apache.sling.jcr.jcr-wrapper/2.0.0
org.apache.sling/org.apache.sling.jcr.api/2.4.0
- org.apache.sling/org.apache.sling.jcr.base/3.0.6
+ org.apache.sling/org.apache.sling.jcr.base/3.1.0
org.apache.sling/org.apache.sling.jcr.registration/1.0.6
org.apache.jackrabbit/jackrabbit-api/${jackrabbit.version}
org.apache.jackrabbit/jackrabbit-jcr-commons/${jackrabbit.version}
@@ -78,26 +78,27 @@
io.dropwizard.metrics/metrics-core/3.2.6
org.apache.sling/org.apache.sling.commons.metrics/1.2.6
com.google.guava/guava/15.0
+ org.apache.sling/org.apache.sling.resource.filter/1.0.0
[artifacts]
commons-collections/commons-collections/3.2.2
- org.apache.commons/commons-collections4/4.2
- commons-codec/commons-codec/1.12
+ org.apache.commons/commons-collections4/4.4
+ commons-codec/commons-codec/1.13
org.apache.commons/commons-math/2.2
- org.apache.httpcomponents/httpcore-osgi/4.4.10
- org.apache.httpcomponents/httpclient-osgi/4.5.6
+ org.apache.httpcomponents/httpcore-osgi/4.4.12
+ org.apache.httpcomponents/httpclient-osgi/4.5.10
org.apache.sling/org.apache.sling.adapter/2.1.10
org.apache.sling/org.apache.sling.auth.form/1.0.16
org.apache.sling/org.apache.sling.bundleresource.impl/2.3.2
org.apache.sling/org.apache.sling.commons.classloader/1.4.4
org.apache.sling/org.apache.sling.commons.compiler/2.3.6
- org.apache.sling/org.apache.sling.commons.fsclassloader/1.0.10
- org.apache.sling/org.apache.sling.commons.mime/2.2.0
+ org.apache.sling/org.apache.sling.commons.fsclassloader/1.0.12
+ org.apache.sling/org.apache.sling.commons.mime/2.2.2
org.apache.sling/org.apache.sling.commons.osgi/2.4.0
- org.apache.sling/org.apache.sling.commons.scheduler/2.7.2
- org.apache.sling/org.apache.sling.commons.threads/3.2.18
- org.apache.sling/org.apache.sling.engine/2.6.18
- org.apache.sling/org.apache.sling.fsresource/2.1.14
+ org.apache.sling/org.apache.sling.commons.scheduler/2.7.4
+ org.apache.sling/org.apache.sling.commons.threads/3.2.20
+ org.apache.sling/org.apache.sling.engine/2.6.20
+ org.apache.sling/org.apache.sling.fsresource/2.1.16
org.apache.sling/org.apache.sling.i18n/2.5.14
org.apache.sling/org.apache.sling.installer.console/1.0.2
org.apache.sling/org.apache.sling.installer.provider.jcr/3.1.26
@@ -106,13 +107,13 @@
org.apache.sling/org.apache.sling.jcr.resource/3.0.18
org.apache.sling/org.apache.sling.models.api/1.3.8
org.apache.sling/org.apache.sling.models.impl/1.4.10
- org.apache.sling/org.apache.sling.resourceresolver/1.6.8
+ org.apache.sling/org.apache.sling.resourceresolver/1.6.14
org.apache.sling/org.apache.sling.serviceusermapper/1.4.4
- org.apache.sling/org.apache.sling.serviceuser.webconsole/1.0.0
+ org.apache.sling/org.apache.sling.serviceuser.webconsole/1.0.2
org.apache.sling/org.apache.sling.servlets.get/2.1.40
- org.apache.sling/org.apache.sling.servlets.post/2.3.30
- org.apache.sling/org.apache.sling.servlets.resolver/2.5.2
- org.apache.sling/org.apache.sling.xss/2.1.8
+ org.apache.sling/org.apache.sling.servlets.post/2.3.36
+ org.apache.sling/org.apache.sling.servlets.resolver/2.5.6
+ org.apache.sling/org.apache.sling.xss/2.1.10
javax.mail/mail/1.5.0-b01
org.apache.geronimo.bundles/jstl/1.2_1
diff --git a/builder/src/main/provisioning/standalone.txt b/builder/src/main/provisioning/standalone.txt
index d94cb76..de82de5 100644
--- a/builder/src/main/provisioning/standalone.txt
+++ b/builder/src/main/provisioning/standalone.txt
@@ -23,4 +23,4 @@
# Add a servlet implementation for the standalone case
[artifacts startLevel=5 runModes=:standalone]
org.apache.felix/org.apache.felix.http.servlet-api/1.1.2
- org.apache.felix/org.apache.felix.http.jetty/4.0.8
+ org.apache.felix/org.apache.felix.http.jetty/4.0.14
diff --git a/builder/src/main/provisioning/webapp.txt b/builder/src/main/provisioning/webapp.txt
index 50b82bc..bd35a39 100644
--- a/builder/src/main/provisioning/webapp.txt
+++ b/builder/src/main/provisioning/webapp.txt
@@ -22,4 +22,4 @@
# Add the felix servlet bridge for the webapp case
[artifacts runModes=:webapp]
- org.apache.felix/org.apache.felix.http.bridge/4.0.6
+ org.apache.felix/org.apache.felix.http.bridge/4.0.10
[sling-org-apache-sling-app-cms] 03/03: Merge branch 'master' of
git@github.com:apache/sling-org-apache-sling-app-cms.git
Posted by dk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
dklco pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-app-cms.git
commit 724e4add99d26283d35ed80cbf2cad9613ce46d5
Merge: 3f42e20 2a9f5ba
Author: Dan Klco <dk...@apache.org>
AuthorDate: Mon Nov 18 03:06:46 2019 -0500
Merge branch 'master' of git@github.com:apache/sling-org-apache-sling-app-cms.git
docs/administration.md | 3 ++-
docs/quickstart.md | 5 +++++
2 files changed, 7 insertions(+), 1 deletion(-)
[sling-org-apache-sling-app-cms] 02/03: Combining the publish into
security filter to resolve challenges around previewing non-published
files.
Posted by dk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
dklco pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-app-cms.git
commit 3f42e206943f37dfe24c9328232decbb201ebb77
Author: Dan Klco <dk...@apache.org>
AuthorDate: Mon Nov 18 03:06:13 2019 -0500
Combining the publish into security filter to resolve challenges around
previewing non-published files.
---
.../core/internal/filters/CMSSecurityFilter.java | 14 +++--
.../internal/filters/CMSSecurityFilterConfig.java | 15 +++--
.../cms/core/internal/filters/PublishFilter.java | 71 ----------------------
3 files changed, 17 insertions(+), 83 deletions(-)
diff --git a/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilter.java b/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilter.java
index 97cf1ee..f58d207 100644
--- a/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilter.java
+++ b/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilter.java
@@ -41,6 +41,8 @@ import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.sling.api.SlingHttpServletRequest;
+import org.apache.sling.cms.CMSConstants;
+import org.apache.sling.cms.CMSUtils;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
@@ -64,6 +66,8 @@ public class CMSSecurityFilter implements Filter {
private List<Pattern> patterns = new ArrayList<>();
+ private static final String[] VALID_METHODS = new String[] { "GET", "HEAD" };
+
@Modified
@Activate
public void activate(CMSSecurityFilterConfig config) {
@@ -116,7 +120,6 @@ public class CMSSecurityFilter implements Filter {
allowed = true;
}
}
-
}
// permission checked failed, so return an unauthorized error
@@ -126,10 +129,13 @@ public class CMSSecurityFilter implements Filter {
((HttpServletResponse) response).sendError(401);
return;
}
- } else {
- log.trace("Not filtering request to host {}", request.getServerName());
+ } else if (ArrayUtils.contains(VALID_METHODS, slingRequest.getMethod())) {
+ Object editEnabled = slingRequest.getAttribute(CMSConstants.ATTR_EDIT_ENABLED);
+ if (!"true".equals(editEnabled) && !CMSUtils.isPublished(slingRequest.getResource())) {
+ ((HttpServletResponse) response).sendError(404);
+ return;
+ }
}
-
chain.doFilter(request, response);
}
diff --git a/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilterConfig.java b/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilterConfig.java
index d2c1d13..5c95f36 100644
--- a/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilterConfig.java
+++ b/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilterConfig.java
@@ -19,21 +19,20 @@ package org.apache.sling.cms.core.internal.filters;
import org.osgi.service.metatype.annotations.AttributeDefinition;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;
-
/**
* Configuration for the CMSSecurityFilter
*/
@ObjectClassDefinition(name = "%cms.security.filter.name", description = "%cms.security.filter.description", localization = "OSGI-INF/l10n/bundle")
public @interface CMSSecurityFilterConfig {
- @AttributeDefinition(name = "%hostDomains.name", description = "%hostDomains.description")
- String[] hostDomains();
+ @AttributeDefinition(name = "%hostDomains.name", description = "%hostDomains.description")
+ String[] hostDomains() default "localhost";
- @AttributeDefinition(name = "%allowedPatterns.name", description = "%allowedPatterns.description")
- String[] allowedPatterns() default { "^\\/content\\/starter/.*$", "^\\/static/.*$",
- "^\\/system\\/sling\\/form\\/login$" };
+ @AttributeDefinition(name = "%allowedPatterns.name", description = "%allowedPatterns.description")
+ String[] allowedPatterns() default { "^\\/content\\/starter/.*$", "^\\/static/.*$",
+ "^\\/system\\/sling\\/form\\/login$" };
- @AttributeDefinition(name = "%group.name", description = "%group.description")
- String group();
+ @AttributeDefinition(name = "%group.name", description = "%group.description")
+ String group();
}
diff --git a/core/src/main/java/org/apache/sling/cms/core/internal/filters/PublishFilter.java b/core/src/main/java/org/apache/sling/cms/core/internal/filters/PublishFilter.java
deleted file mode 100644
index 8e20b28..0000000
--- a/core/src/main/java/org/apache/sling/cms/core/internal/filters/PublishFilter.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sling.cms.core.internal.filters;
-
-import java.io.IOException;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.lang3.ArrayUtils;
-import org.apache.sling.api.SlingHttpServletRequest;
-import org.apache.sling.cms.CMSConstants;
-import org.apache.sling.cms.CMSUtils;
-import org.osgi.service.component.annotations.Component;
-
-/**
- * Denies requests to sling:Page and sling:File resources and children which are
- * not set to publish=true
- */
-@Component(service = { Filter.class }, property = { "sling.filter.scope=request",
- "service.ranking=" + Integer.MAX_VALUE, "sling.filter.pattern=/content/.+" })
-public class PublishFilter implements Filter {
-
- private static final String[] VALID_METHODS = new String[] { "GET", "HEAD" };
-
- @Override
- public void init(FilterConfig filterConfig) throws ServletException {
- // Nothing required
- }
-
- @Override
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
- throws IOException, ServletException {
- if (request instanceof SlingHttpServletRequest) {
- SlingHttpServletRequest slingRequest = (SlingHttpServletRequest) request;
- if (ArrayUtils.contains(VALID_METHODS, slingRequest.getMethod())) {
- Object editEnabled = slingRequest.getAttribute(CMSConstants.ATTR_EDIT_ENABLED);
- if (!"true".equals(editEnabled) && !CMSUtils.isPublished(slingRequest.getResource())) {
- ((HttpServletResponse) response).sendError(404);
- return;
- }
- }
- }
- chain.doFilter(request, response);
- }
-
- @Override
- public void destroy() {
- // Nothing required
- }
-
-}