You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by pa...@apache.org on 2018/01/25 20:56:53 UTC
[sling-org-apache-sling-jcr-repoinit] 01/01: SLING-7227: Add ability to register custom privileges.

This is an automated email from the ASF dual-hosted git repository.

pauls pushed a commit to branch SLING-7227
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-repoinit.git

commit 0d44b78ee924f4490b29fcae940a37bd8e28699b
Author: Karl Pauls <ka...@gmail.com>
AuthorDate: Thu Jan 25 21:56:40 2018 +0100

    SLING-7227:  Add ability to register custom privileges.
---
 .../sling/jcr/repoinit/impl/DoNothingVisitor.java  |   6 ++
 .../repoinit/impl/JcrRepoInitOpsProcessorImpl.java |   1 +
 .../sling/jcr/repoinit/impl/PrivilegeVisitor.java  |  39 ++++++++
 .../sling/jcr/repoinit/RegisterPrivilegeTest.java  | 105 +++++++++++++++++++++
 4 files changed, 151 insertions(+)

diff --git a/src/main/java/org/apache/sling/jcr/repoinit/impl/DoNothingVisitor.java b/src/main/java/org/apache/sling/jcr/repoinit/impl/DoNothingVisitor.java
index 623f1e0..a1a6a31 100644
--- a/src/main/java/org/apache/sling/jcr/repoinit/impl/DoNothingVisitor.java
+++ b/src/main/java/org/apache/sling/jcr/repoinit/impl/DoNothingVisitor.java
@@ -27,6 +27,7 @@ import org.apache.sling.repoinit.parser.operations.DisableServiceUser;
 import org.apache.sling.repoinit.parser.operations.OperationVisitor;
 import org.apache.sling.repoinit.parser.operations.RegisterNamespace;
 import org.apache.sling.repoinit.parser.operations.RegisterNodetypes;
+import org.apache.sling.repoinit.parser.operations.RegisterPrivilege;
 import org.apache.sling.repoinit.parser.operations.SetAclPaths;
 import org.apache.sling.repoinit.parser.operations.SetAclPrincipals;
 import org.slf4j.Logger;
@@ -97,6 +98,11 @@ class DoNothingVisitor implements OperationVisitor {
     }
 
     @Override
+    public void visitRegisterPrivilege(RegisterPrivilege rp) {
+
+    }
+
+    @Override
     public void visitDisableServiceUser(DisableServiceUser dsu) {
     }
 }
diff --git a/src/main/java/org/apache/sling/jcr/repoinit/impl/JcrRepoInitOpsProcessorImpl.java b/src/main/java/org/apache/sling/jcr/repoinit/impl/JcrRepoInitOpsProcessorImpl.java
index 2bdeb81..3fa9bb9 100644
--- a/src/main/java/org/apache/sling/jcr/repoinit/impl/JcrRepoInitOpsProcessorImpl.java
+++ b/src/main/java/org/apache/sling/jcr/repoinit/impl/JcrRepoInitOpsProcessorImpl.java
@@ -44,6 +44,7 @@ public class JcrRepoInitOpsProcessorImpl implements JcrRepoInitOpsProcessor {
         final OperationVisitor [] visitors = {
                 new NamespacesVisitor(session),
                 new NodetypesVisitor(session),
+                new PrivilegeVisitor(session),
                 new UserVisitor(session),
                 new AclVisitor(session)
         };
diff --git a/src/main/java/org/apache/sling/jcr/repoinit/impl/PrivilegeVisitor.java b/src/main/java/org/apache/sling/jcr/repoinit/impl/PrivilegeVisitor.java
new file mode 100644
index 0000000..ecbb0d6
--- /dev/null
+++ b/src/main/java/org/apache/sling/jcr/repoinit/impl/PrivilegeVisitor.java
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.jcr.repoinit.impl;
+
+
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
+import org.apache.sling.repoinit.parser.operations.RegisterPrivilege;
+
+import javax.jcr.Session;
+
+public class PrivilegeVisitor extends DoNothingVisitor {
+    public PrivilegeVisitor(Session session) {
+        super(session);
+    }
+
+    @Override
+    public void visitRegisterPrivilege(RegisterPrivilege rp) {
+        try {
+            ((JackrabbitWorkspace) session.getWorkspace()).getPrivilegeManager()
+                    .registerPrivilege(rp.getPrivilegeName(), rp.isAbstract(), rp.getDeclaredAggregateNames().toArray(new String[0]));
+        } catch (Exception e) {
+            report(e, "Unable to register privilege from: " + rp);
+        }
+    }
+}
diff --git a/src/test/java/org/apache/sling/jcr/repoinit/RegisterPrivilegeTest.java b/src/test/java/org/apache/sling/jcr/repoinit/RegisterPrivilegeTest.java
new file mode 100644
index 0000000..39a6976
--- /dev/null
+++ b/src/test/java/org/apache/sling/jcr/repoinit/RegisterPrivilegeTest.java
@@ -0,0 +1,105 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.jcr.repoinit;
+
+import org.apache.jackrabbit.api.JackrabbitWorkspace;
+import org.apache.sling.jcr.repoinit.impl.TestUtil;
+import org.apache.sling.repoinit.parser.RepoInitParsingException;
+import org.apache.sling.testing.mock.sling.ResourceResolverType;
+import org.apache.sling.testing.mock.sling.junit.SlingContext;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.security.Privilege;
+import java.util.HashSet;
+import java.util.Set;
+
+import static java.util.Arrays.asList;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+public class RegisterPrivilegeTest {
+    @Rule
+    public final SlingContext context = new SlingContext(ResourceResolverType.JCR_OAK);
+
+    private TestUtil U;
+
+    @Before
+    public void setup() throws RepositoryException, RepoInitParsingException {
+        U = new TestUtil(context);
+        U.parseAndExecute("register privilege withoutabstract_withoutaggregates1");
+        U.parseAndExecute("register privilege withoutabstract_withoutaggregates2");
+        U.parseAndExecute("register privilege withoutabstract_withoutaggregates3");
+        U.parseAndExecute("register privilege withabstract_withoutaggregates as abstract");
+        U.parseAndExecute("register privilege withoutabstract_withaggregates with withoutabstract_withoutaggregates1,withoutabstract_withoutaggregates2");
+        U.parseAndExecute("register privilege withabstract_withaggregates as abstract with withoutabstract_withoutaggregates1,withoutabstract_withoutaggregates3");
+    }
+
+    @After
+    public void cleanup() throws RepositoryException, RepoInitParsingException {
+        U.cleanup();
+    }
+
+    @Test
+    public void testRegisterPrivilegeWithoutAbstractWithoutAggregates() throws Exception {
+        Privilege privilege = ((JackrabbitWorkspace) U.getAdminSession().getWorkspace()).getPrivilegeManager().getPrivilege("withoutabstract_withoutaggregates1");
+
+        assertFalse(privilege.isAbstract());
+        assertTrue(privilege.getDeclaredAggregatePrivileges().length == 0);
+    }
+
+    @Test
+    public void testRegisterPrivilegeWitAbstractWithoutAggregates() throws Exception {
+        Privilege privilege = ((JackrabbitWorkspace) U.getAdminSession().getWorkspace()).getPrivilegeManager().getPrivilege("withabstract_withoutaggregates");
+
+        assertTrue(privilege.isAbstract());
+        assertTrue(privilege.getDeclaredAggregatePrivileges().length == 0);
+    }
+
+    @Test
+    public void testRegisterPrivilegeWithoutAbstractWithAggregates() throws Exception {
+        Privilege privilege = ((JackrabbitWorkspace) U.getAdminSession().getWorkspace()).getPrivilegeManager().getPrivilege("withoutabstract_withaggregates");
+
+        assertFalse(privilege.isAbstract());
+        assertTrue(privilege.getDeclaredAggregatePrivileges().length == 2);
+
+        Set<String> names = new HashSet<>();
+        for (Privilege p : privilege.getDeclaredAggregatePrivileges()) {
+            names.add(p.getName());
+        }
+        assertEquals(names, new HashSet<String>(asList("withoutabstract_withoutaggregates1","withoutabstract_withoutaggregates2")));
+    }
+
+    @Test
+    public void testRegisterPrivilegeWitAbstractWithAggregates() throws Exception {
+        Privilege privilege = ((JackrabbitWorkspace) U.getAdminSession().getWorkspace()).getPrivilegeManager().getPrivilege("withabstract_withaggregates");
+
+        assertTrue(privilege.isAbstract());
+        assertTrue(privilege.getDeclaredAggregatePrivileges().length == 2);
+
+        Set<String> names = new HashSet<>();
+        for (Privilege p : privilege.getDeclaredAggregatePrivileges()) {
+            names.add(p.getName());
+        }
+        assertEquals(names, new HashSet<String>(asList("withoutabstract_withoutaggregates1","withoutabstract_withoutaggregates3")));
+    }
+
+}

-- 
To stop receiving notification emails like this one, please contact
pauls@apache.org.