You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by an...@apache.org on 2021/04/07 16:02:24 UTC
[sling-org-apache-sling-repoinit-parser] branch SLING-10277 created
(now 86557dc)
This is an automated email from the ASF dual-hosted git repository.
angela pushed a change to branch SLING-10277
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-repoinit-parser.git.
at 86557dc SLING-10277 : Privilege aggregates cannot have namespaced name but AC-Lines require namespaced privilege names
This branch includes the following new commits:
new 86557dc SLING-10277 : Privilege aggregates cannot have namespaced name but AC-Lines require namespaced privilege names
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[sling-org-apache-sling-repoinit-parser] 01/01: SLING-10277 :
Privilege aggregates cannot have namespaced name but AC-Lines require
namespaced privilege names
Posted by an...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
angela pushed a commit to branch SLING-10277
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-repoinit-parser.git
commit 86557dc1afa4fb8e1059e807486c8b2bd940255d
Author: angela <an...@adobe.com>
AuthorDate: Wed Apr 7 18:01:43 2021 +0200
SLING-10277 : Privilege aggregates cannot have namespaced name but AC-Lines require namespaced privilege names
---
src/main/javacc/RepoInitGrammar.jjt | 19 +++++++++++++++----
src/test/resources/testcases/test-42-output.txt | 4 ++--
src/test/resources/testcases/test-42.txt | 4 ++--
src/test/resources/testcases/test-99-output.txt | 6 +++++-
src/test/resources/testcases/test-99.txt | 10 ++++++++--
5 files changed, 32 insertions(+), 11 deletions(-)
diff --git a/src/main/javacc/RepoInitGrammar.jjt b/src/main/javacc/RepoInitGrammar.jjt
index 9bb7004..101c096 100644
--- a/src/main/javacc/RepoInitGrammar.jjt
+++ b/src/main/javacc/RepoInitGrammar.jjt
@@ -226,6 +226,17 @@ List<String> namespacedItemsList() :
{ return priv; }
}
+List<String> privilegesList() :
+{
+ Token t = null;
+ List<String> privilegeNames = new ArrayList<String>();
+}
+{
+ ( t=<NAMESPACED_ITEM> | t=<STRING> ) { privilegeNames.add(t.image); }
+ ( <COMMA> ( t=<NAMESPACED_ITEM> | t=<STRING> ) { privilegeNames.add(t.image); } )*
+ { return privilegeNames; }
+}
+
String usernameList() :
{
List<String> names = new ArrayList<String>();
@@ -361,7 +372,7 @@ void userPrivilegesLine(List<AclLine> lines) :
}
{
line = privilegesLineOperation()
- tmp = namespacedItemsList() { line.setProperty(AclLine.PROP_PRIVILEGES, tmp); }
+ tmp = privilegesList() { line.setProperty(AclLine.PROP_PRIVILEGES, tmp); }
<FOR>
tmp = principalsList() { line.setProperty(AclLine.PROP_PRINCIPALS, tmp); }
restrictions = restrictions() { line.setRestrictions(restrictions); }
@@ -442,7 +453,7 @@ void pathPrivilegesLine(List<AclLine> lines) :
}
{
line = privilegesLineOperation()
- tmp = namespacedItemsList() { line.setProperty(AclLine.PROP_PRIVILEGES, tmp); }
+ tmp = privilegesList() { line.setProperty(AclLine.PROP_PRIVILEGES, tmp); }
<ON> tmp = pathsList() { line.setProperty(AclLine.PROP_PATHS, tmp); }
( <NODETYPES> tmp = namespacedItemsList() { line.setProperty(AclLine.PROP_NODETYPES, tmp); }) ?
restrictions = restrictions() { line.setRestrictions(restrictions); }
@@ -492,7 +503,7 @@ void setAclRepository(List<Operation> result) :
line = new AclLine(AclLine.Action.REMOVE_ALL);
lines.add(line);
}
- | ( line = privilegesLineOperation() privileges = namespacedItemsList() )
+ | ( line = privilegesLineOperation() privileges = privilegesList() )
{
line.setProperty(AclLine.PROP_PRIVILEGES, privileges);
lines.add(line);
@@ -565,7 +576,7 @@ void registerPrivilegeStatement(List<Operation> result) :
List<String> aggregates = new ArrayList<String>();
}
{
- <REGISTER> ((<ABSTRACT>) {isAbstract = true;})? <PRIVILEGE> (privilege = <STRING> | privilege = <NAMESPACED_ITEM>) (<WITH> aggregates = principalsList())?
+ <REGISTER> ((<ABSTRACT>) {isAbstract = true;})? <PRIVILEGE> (privilege = <STRING> | privilege = <NAMESPACED_ITEM>) (<WITH> aggregates = privilegesList())?
{
result.add(new RegisterPrivilege(privilege.image, isAbstract, aggregates));
}
diff --git a/src/test/resources/testcases/test-42-output.txt b/src/test/resources/testcases/test-42-output.txt
index 3fc8e0c..227a054 100644
--- a/src/test/resources/testcases/test-42-output.txt
+++ b/src/test/resources/testcases/test-42-output.txt
@@ -1,6 +1,6 @@
register privilege withoutabstract_withoutaggregates
register abstract privilege withabstract_withoutaggregates
register privilege withoutabstract_withaggregate with bla
-register privilege withoutabstract_withaggregates with bla,blub
+register privilege withoutabstract_withaggregates with bla,jcr:read
register abstract privilege withabstract_withaggregate with foo
-register abstract privilege withabstract_withaggregates with foo,bar
\ No newline at end of file
+register abstract privilege withabstract_withaggregates with foo,jcr:read
\ No newline at end of file
diff --git a/src/test/resources/testcases/test-42.txt b/src/test/resources/testcases/test-42.txt
index 3fc8e0c..227a054 100644
--- a/src/test/resources/testcases/test-42.txt
+++ b/src/test/resources/testcases/test-42.txt
@@ -1,6 +1,6 @@
register privilege withoutabstract_withoutaggregates
register abstract privilege withabstract_withoutaggregates
register privilege withoutabstract_withaggregate with bla
-register privilege withoutabstract_withaggregates with bla,blub
+register privilege withoutabstract_withaggregates with bla,jcr:read
register abstract privilege withabstract_withaggregate with foo
-register abstract privilege withabstract_withaggregates with foo,bar
\ No newline at end of file
+register abstract privilege withabstract_withaggregates with foo,jcr:read
\ No newline at end of file
diff --git a/src/test/resources/testcases/test-99-output.txt b/src/test/resources/testcases/test-99-output.txt
index f721235..2aefa24 100644
--- a/src/test/resources/testcases/test-99-output.txt
+++ b/src/test/resources/testcases/test-99-output.txt
@@ -52,8 +52,12 @@ CreateServiceUser BF with forced path /path/service/BF
CreateGroup GF with forced path /path/group/GF
SetAclPaths on :home:alice#
AclLine ALLOW {principals=[alice, bob, carol], privileges=[jcr:one]}
+ AclLine ALLOW {principals=[larry], privileges=[priv]}
SetAclPrincipals for bob
- AclLine ALLOW {paths=[:home:alice#, /another/path, :home:larry#], privileges=[jcr:two]}
+ AclLine ALLOW {paths=[:home:alice#, /another/path], privileges=[jcr:two]}
+ AclLine ALLOW {paths=[:home:larry#], privileges=[priv]}
+SetAclPrincipalBased for bob
+ AclLine ALLOW {paths=[:home:alice#, /another/path], privileges=[priv]}
SetAclPaths on :home:alice#/sub/folder/of/their/homes
AclLine ALLOW {principals=[fred], privileges=[jcr:three]}
AddGroupMembers user1 user2 in group grpA
diff --git a/src/test/resources/testcases/test-99.txt b/src/test/resources/testcases/test-99.txt
index d95637c..45a14ed 100644
--- a/src/test/resources/testcases/test-99.txt
+++ b/src/test/resources/testcases/test-99.txt
@@ -93,11 +93,17 @@ create group GF with forced path /path/group/GF
# Home function maps to user and group home folders
set ACL on home(alice)
allow jcr:one for alice, bob, carol
+ allow priv for larry
end
set ACL for bob
- allow jcr:two on home(alice), /another/path, home(larry)
-end
+ allow jcr:two on home(alice), /another/path
+ allow priv on home(larry)
+end
+
+set principal ACL for bob
+ allow priv on home(alice), /another/path
+end
set ACL on home(alice)/sub/folder/of/their/homes
allow jcr:three for fred