You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by tm...@apache.org on 2017/08/18 13:11:46 UTC
svn commit: r1805421 - in /sling/trunk/bundles:
extensions/repoinit/it/src/main/provisioning/
extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/
extensions/repoinit/parser/src/main/java/org/apache/sling/repoinit/parser/operations/
jcr/r...
Author: tmaret
Date: Fri Aug 18 13:11:46 2017
New Revision: 1805421
URL: http://svn.apache.org/viewvc?rev=1805421&view=rev
Log:
SLING-6984 - Allow to disable service user
* Implement UserVisitor#visitDisableServiceUser
* Add integration test
Modified:
sling/trunk/bundles/extensions/repoinit/it/src/main/provisioning/repoinit.txt
sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/ProvisioningModelIT.java
sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/U.java
sling/trunk/bundles/extensions/repoinit/parser/src/main/java/org/apache/sling/repoinit/parser/operations/DisableServiceUser.java
sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java
sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java
Modified: sling/trunk/bundles/extensions/repoinit/it/src/main/provisioning/repoinit.txt
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/repoinit/it/src/main/provisioning/repoinit.txt?rev=1805421&r1=1805420&r2=1805421&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/repoinit/it/src/main/provisioning/repoinit.txt (original)
+++ sling/trunk/bundles/extensions/repoinit/it/src/main/provisioning/repoinit.txt Fri Aug 18 13:11:46 2017
@@ -45,6 +45,9 @@ set ACL for userFromProvisioningModel
deny jcr:write on /repoinit/fromProvisioningModel
end
+create service user thirdUserFromProvisioningModel
+disable service user thirdUserFromProvisioningModel : "Disabled for testing reason"
+
register namespace (slingtest) http://sling.apache.org/ns/test/repoinit-it/v1.0
register nodetypes
Modified: sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/ProvisioningModelIT.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/ProvisioningModelIT.java?rev=1805421&r1=1805420&r2=1805421&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/ProvisioningModelIT.java (original)
+++ sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/ProvisioningModelIT.java Fri Aug 18 13:11:46 2017
@@ -37,6 +37,7 @@ public class ProvisioningModelIT {
private static final String TEST_PATH = "/repoinit/fromProvisioningModel";
private static final String TEST_USER = "userFromProvisioningModel";
private static final String SECOND_TEST_USER = "secondUserFromProvisioningModel";
+ private static final String THIRD_TEST_USER = "thirdUserFromProvisioningModel";
private final String uniqueID = UUID.randomUUID().toString();
@Rule
@@ -58,6 +59,13 @@ public class ProvisioningModelIT {
public void usersCreated() throws Exception {
assertTrue("Expecting user " + TEST_USER, U.userExists(session, TEST_USER));
assertTrue("Expecting user " + SECOND_TEST_USER, U.userExists(session, SECOND_TEST_USER));
+ assertTrue("Expecting user " + THIRD_TEST_USER, U.userExists(session, THIRD_TEST_USER));
+ }
+
+ @Test
+ public void userDisabled() throws Exception {
+ assertTrue(String.format("Expecting user %s to be disabled", THIRD_TEST_USER), U.userIsDisabled(session, THIRD_TEST_USER));
+ assertFalse(String.format("Expecting user %s to be enabled", TEST_USER), U.userIsDisabled(session,TEST_USER));
}
@Test
Modified: sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/U.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/U.java?rev=1805421&r1=1805420&r2=1805421&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/U.java (original)
+++ sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/U.java Fri Aug 18 13:11:46 2017
@@ -28,6 +28,7 @@ import javax.jcr.SimpleCredentials;
import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.user.Authorizable;
+import org.apache.jackrabbit.api.security.user.User;
/** Test utilities */
public class U {
@@ -35,7 +36,18 @@ public class U {
final Authorizable a = ((JackrabbitSession)session).getUserManager().getAuthorizable(id);
return a != null;
}
-
+
+ public static boolean userIsDisabled(Session session, String id) throws RepositoryException {
+ final Authorizable a = ((JackrabbitSession)session).getUserManager().getAuthorizable(id);
+ if (a == null) {
+ throw new IllegalStateException("Authorizable not found:" + id);
+ }
+ if (a.isGroup()) {
+ throw new IllegalStateException("Authorizable is a group:" + id);
+ }
+ return ((User)a).isDisabled();
+ }
+
public static Session getServiceSession(Session session, String serviceId) throws LoginException, RepositoryException {
return session.impersonate(new SimpleCredentials(serviceId, new char[0]));
}
Modified: sling/trunk/bundles/extensions/repoinit/parser/src/main/java/org/apache/sling/repoinit/parser/operations/DisableServiceUser.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/repoinit/parser/src/main/java/org/apache/sling/repoinit/parser/operations/DisableServiceUser.java?rev=1805421&r1=1805420&r2=1805421&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/repoinit/parser/src/main/java/org/apache/sling/repoinit/parser/operations/DisableServiceUser.java (original)
+++ sling/trunk/bundles/extensions/repoinit/parser/src/main/java/org/apache/sling/repoinit/parser/operations/DisableServiceUser.java Fri Aug 18 13:11:46 2017
@@ -29,7 +29,7 @@ public class DisableServiceUser extends
}
@Override
- protected String getParametersDescription() {
+ public String getParametersDescription() {
final StringBuilder sb = new StringBuilder();
sb.append(super.getParametersDescription());
if(reason!=null) {
Modified: sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java?rev=1805421&r1=1805420&r2=1805421&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java (original)
+++ sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java Fri Aug 18 13:11:46 2017
@@ -62,6 +62,20 @@ public class UserUtil {
authorizable.remove();
}
+ public static void disableUser(Session session, String id, String reason) throws RepositoryException {
+ if (reason == null) {
+ throw new IllegalArgumentException("reason can't be null");
+ }
+ Authorizable authorizable = getUserManager(session).getAuthorizable(id);
+ if (authorizable == null) {
+ throw new IllegalStateException("Authorizable not found: " + id);
+ }
+ if (authorizable.isGroup()) {
+ throw new IllegalStateException("Can't disable a group: " + id);
+ }
+ ((User)authorizable).disable(reason);
+ }
+
/** Create a user - fails if it already exists */
public static void createUser(Session session, String username, String password) throws RepositoryException {
getUserManager(session).createUser(username, password);
Modified: sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java?rev=1805421&r1=1805420&r2=1805421&view=diff
==============================================================================
--- sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java (original)
+++ sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java Fri Aug 18 13:11:46 2017
@@ -22,6 +22,7 @@ import org.apache.sling.repoinit.parser.
import org.apache.sling.repoinit.parser.operations.CreateUser;
import org.apache.sling.repoinit.parser.operations.DeleteServiceUser;
import org.apache.sling.repoinit.parser.operations.DeleteUser;
+import org.apache.sling.repoinit.parser.operations.DisableServiceUser;
/** OperationVisitor which processes only operations related to
* service users and ACLs. Having several such specialized visitors
@@ -100,4 +101,16 @@ class UserVisitor extends DoNothingVisit
}
}
+ @Override
+ public void visitDisableServiceUser(DisableServiceUser dsu) {
+ final String username = dsu.getUsername();
+ final String reason = dsu.getParametersDescription();
+ log.info("Disabling service user {} reason {}", new String[]{username, reason});
+ try {
+ UserUtil.disableUser(session, username, reason);
+ } catch(Exception e) {
+ report(e, "Unable to disable service user [" + username + "]:" + e);
+ }
+ }
+
}