You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by en...@apache.org on 2019/10/28 21:00:25 UTC
[sling-org-apache-sling-jcr-jackrabbit-accessmanager] branch master
updated: SLING-8811 The ModifyAce and DeleteAce response should include the
principalIds that were changed in the "changes" list
This is an automated email from the ASF dual-hosted git repository.
enorman pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-jackrabbit-accessmanager.git
The following commit(s) were added to refs/heads/master by this push:
new 76180a0 SLING-8811 The ModifyAce and DeleteAce response should include the principalIds that were changed in the "changes" list
76180a0 is described below
commit 76180a07930e9dababca11aa424ab0d27e1eaa06
Author: Eric Norman <en...@apache.org>
AuthorDate: Mon Oct 28 14:00:16 2019 -0700
SLING-8811 The ModifyAce and DeleteAce response should include the
principalIds that were changed in the "changes" list
---
.../accessmanager/post/DeleteAcesServlet.java | 18 +++++++++++++++---
.../accessmanager/post/ModifyAceServlet.java | 18 ++++++++++++++++--
2 files changed, 31 insertions(+), 5 deletions(-)
diff --git a/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.java b/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.java
index baac3ac..0a1d48b 100644
--- a/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.java
+++ b/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.java
@@ -127,7 +127,7 @@ public class DeleteAcesServlet extends AbstractAccessPostServlet implements Dele
Session session = request.getResourceResolver().adaptTo(Session.class);
String resourcePath = request.getResource().getPath();
String[] applyTo = request.getParameterValues(SlingPostConstants.RP_APPLY_TO);
- deleteAces(session, resourcePath, applyTo);
+ deleteAces(session, resourcePath, applyTo, changes);
}
/* (non-Javadoc)
@@ -135,7 +135,14 @@ public class DeleteAcesServlet extends AbstractAccessPostServlet implements Dele
*/
public void deleteAces(Session jcrSession, String resourcePath,
String[] principalNamesToDelete) throws RepositoryException {
-
+ deleteAces(jcrSession, resourcePath, principalNamesToDelete, null);
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.sling.jcr.jackrabbit.accessmanager.DeleteAces#deleteAces(javax.jcr.Session, java.lang.String, java.lang.String[])
+ */
+ protected void deleteAces(Session jcrSession, String resourcePath,
+ String[] principalNamesToDelete, List<Modification> changes) throws RepositoryException {
if (principalNamesToDelete == null) {
throw new RepositoryException("principalIds were not sumitted.");
} else {
@@ -177,6 +184,7 @@ public class DeleteAcesServlet extends AbstractAccessPostServlet implements Dele
try {
AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(jcrSession);
AccessControlList updatedAcl = getAccessControlListOrNull(accessControlManager, resourcePath, false);
+
// if there is no AccessControlList, then there is nothing to be deleted
if (updatedAcl == null) {
// log the warning about principals where no ACE was found
@@ -208,7 +216,11 @@ public class DeleteAcesServlet extends AbstractAccessPostServlet implements Dele
// log the warning about principals where no ACE was found
for (String pid : pidSet) {
- if (!removedPidSet.contains(pid)) {
+ if (removedPidSet.contains(pid)) {
+ if (changes != null) {
+ changes.add(Modification.onDeleted(pid));
+ }
+ } else {
log.warn("No AccessControlEntry was found to be deleted for principal: " + pid);
}
}
diff --git a/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/ModifyAceServlet.java b/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/ModifyAceServlet.java
index f8f19a5..7ef6dd3 100644
--- a/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/ModifyAceServlet.java
+++ b/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/ModifyAceServlet.java
@@ -217,7 +217,7 @@ public class ModifyAceServlet extends AbstractAccessPostServlet implements Modif
}
String order = request.getParameter("order");
modifyAce(session, resourcePath, principalId, privileges, order, restrictions, mvRestrictions,
- removeRestrictionNames, false);
+ removeRestrictionNames, false, changes);
}
@@ -249,7 +249,7 @@ public class ModifyAceServlet extends AbstractAccessPostServlet implements Modif
modifyAce(jcrSession, resourcePath, principalId, privileges, order,
restrictions, mvRestrictions, removeRestrictionNames, true);
}
-
+
/* (non-Javadoc)
* @see org.apache.sling.jcr.jackrabbit.accessmanager.ModifyAce#modifyAce(javax.jcr.Session, java.lang.String, java.lang.String, java.util.Map, java.lang.String, java.util.Map, java.util.Map, java.util.Set, boolean)
*/
@@ -257,6 +257,13 @@ public class ModifyAceServlet extends AbstractAccessPostServlet implements Modif
public void modifyAce(Session jcrSession, String resourcePath, String principalId, Map<String, String> privileges,
String order, Map<String, Value> restrictions, Map<String, Value[]> mvRestrictions,
Set<String> removeRestrictionNames, boolean autoSave) throws RepositoryException {
+ modifyAce(jcrSession, resourcePath, principalId, privileges, order,
+ restrictions, mvRestrictions, removeRestrictionNames, autoSave, null);
+ }
+
+ protected void modifyAce(Session jcrSession, String resourcePath, String principalId, Map<String, String> privileges,
+ String order, Map<String, Value> restrictions, Map<String, Value[]> mvRestrictions,
+ Set<String> removeRestrictionNames, boolean autoSave, List<Modification> changes) throws RepositoryException {
if (jcrSession == null) {
throw new RepositoryException("JCR Session not found");
}
@@ -264,6 +271,8 @@ public class ModifyAceServlet extends AbstractAccessPostServlet implements Modif
if (principalId == null) {
throw new RepositoryException("principalId was not submitted.");
}
+
+ // validate that the submitted name is valid
PrincipalManager principalManager = AccessControlUtil.getPrincipalManager(jcrSession);
Principal principal = principalManager.getPrincipal(principalId);
if (principal == null) {
@@ -315,6 +324,11 @@ public class ModifyAceServlet extends AbstractAccessPostServlet implements Modif
restrictions,
mvRestrictions,
removeRestrictionNames);
+
+ if (changes != null) {
+ changes.add(Modification.onModified(principal.getName()));
+ }
+
if (autoSave && jcrSession.hasPendingChanges()) {
jcrSession.save();
}