svn commit: r1882017 - in /jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol: AccessControlImporter.java AccessControlManagerImpl.java

[an...@apache.org]

Author: angela
Date: Fri Sep 25 13:28:44 2020
New Revision: 1882017

URL: http://svn.apache.org/viewvc?rev=1882017&view=rev
Log:
OAK-9236 : AccessControlManagerImpl, AccessControlImporter: fix sonar findings

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlImporter.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlImporter.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlImporter.java?rev=1882017&r1=1882016&r2=1882017&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlImporter.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlImporter.java Fri Sep 25 13:28:44 2020
@@ -262,10 +262,13 @@ public class AccessControlImporter imple
                         log.debug("Unknown principal {} -> Ignoring this ACE.", principalName);
                         ignore = true;
                         break;
-                    case ImportBehavior.ABORT:
-                        throw new AccessControlException("Unknown principal " + principalName);
                     case ImportBehavior.BESTEFFORT:
                         principal = new PrincipalImpl(principalName);
+                        break;
+                    case ImportBehavior.ABORT:
+                    default:
+                        throw new AccessControlException("Unknown principal " + principalName);
+
                 }
             }
         }

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java?rev=1882017&r1=1882016&r2=1882017&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/AccessControlManagerImpl.java Fri Sep 25 13:28:44 2020
@@ -396,7 +396,7 @@ public class AccessControlManagerImpl ex
         Result aceResult = searchAces(principals, r);
         Set<JackrabbitAccessControlList> effective = Sets.newTreeSet(new PolicyComparator());
 
-        Set<String> paths = Sets.newHashSet();
+        Set<String> processed = Sets.newHashSet();
         Predicate<Tree> predicate = new PrincipalPredicate(principals);
         for (ResultRow row : aceResult.getRows()) {
             String acePath = row.getPath();
@@ -409,13 +409,12 @@ public class AccessControlManagerImpl ex
             }
 
             String path = (REP_REPO_POLICY.equals(aclName)) ? null : accessControlledTree.getPath();
-            if (paths.contains(path)) {
-                continue;
-            }
-            JackrabbitAccessControlList policy = createACL(path, accessControlledTree, true, predicate);
-            if (policy != null) {
-                effective.add(policy);
-                paths.add(path);
+            if (!processed.contains(path)) {
+                JackrabbitAccessControlList policy = createACL(path, accessControlledTree, true, predicate);
+                if (policy != null) {
+                    effective.add(policy);
+                    processed.add(path);
+                }
             }
         }
         return effective.toArray(new AccessControlPolicy[0]);
@@ -622,16 +621,16 @@ public class AccessControlManagerImpl ex
 
             if (PermissionUtil.isAdminOrSystem(ImmutableSet.of(principal), configParams)) {
                 log.warn("Attempt to create an ACE for an administrative principal which always has full access: {}", getPath());
-                switch (Util.getImportBehavior(getConfig())) {
-                    case ImportBehavior.ABORT:
-                        throw new AccessControlException("Attempt to create an ACE for an administrative principal which always has full access.");
+                switch (importBehavior) {
                     case ImportBehavior.IGNORE:
                         return false;
                     case ImportBehavior.BESTEFFORT:
                         // just log warning, no other action required.
                         break;
+                    case ImportBehavior.ABORT:
                     default :
-                        throw new IllegalArgumentException("Invalid import behavior" + importBehavior);
+                        throw new AccessControlException("Attempt to create an ACE for an administrative principal which always has full access.");
+
                 }
             }
             return true;