You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ol...@apache.org on 2019/07/01 18:33:56 UTC
[sling-org-apache-sling-clam] branch master updated: SLING-8258
Provide HTTP API for Sling Clam
This is an automated email from the ASF dual-hosted git repository.
olli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-clam.git
The following commit(s) were added to refs/heads/master by this push:
new 0ac1f3d SLING-8258 Provide HTTP API for Sling Clam
0ac1f3d is described below
commit 0ac1f3dc6c9afbfaddf511346d557559890bae2b
Author: Oliver Lietz <ol...@apache.org>
AuthorDate: Mon Jul 1 20:33:38 2019 +0200
SLING-8258 Provide HTTP API for Sling Clam
* Make additional authorization optional
---
.../clam/http/internal/ClamJcrScanServlet.java | 22 +++++++++++++---------
.../internal/ClamJcrScanServletConfiguration.java | 2 +-
2 files changed, 14 insertions(+), 10 deletions(-)
diff --git a/src/main/java/org/apache/sling/clam/http/internal/ClamJcrScanServlet.java b/src/main/java/org/apache/sling/clam/http/internal/ClamJcrScanServlet.java
index 878eeb4..0da7131 100644
--- a/src/main/java/org/apache/sling/clam/http/internal/ClamJcrScanServlet.java
+++ b/src/main/java/org/apache/sling/clam/http/internal/ClamJcrScanServlet.java
@@ -20,6 +20,7 @@ package org.apache.sling.clam.http.internal;
import java.io.IOException;
import java.util.Arrays;
+import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
@@ -117,15 +118,18 @@ public class ClamJcrScanServlet extends SlingAllMethodsServlet {
@Override
protected void doPost(@NotNull final SlingHttpServletRequest request, @NotNull final SlingHttpServletResponse response) throws ServletException, IOException {
- boolean isAuthorized = false;
- try {
- isAuthorized = isAuthorized(request, Arrays.asList(configuration.scan_authorized_groups()));
- } catch (Exception e) {
- logger.error(e.getMessage(), e);
- }
- if (!isAuthorized) {
- handleError(response, HttpServletResponse.SC_FORBIDDEN, null);
- return;
+ final List<String> groups = Arrays.asList(configuration.scan_authorized_groups());
+ if (!groups.isEmpty()) {
+ boolean isAuthorized = false;
+ try {
+ isAuthorized = isAuthorized(request, groups);
+ } catch (Exception e) {
+ logger.error(e.getMessage(), e);
+ }
+ if (!isAuthorized) {
+ handleError(response, HttpServletResponse.SC_FORBIDDEN, null);
+ return;
+ }
}
final String path;
diff --git a/src/main/java/org/apache/sling/clam/http/internal/ClamJcrScanServletConfiguration.java b/src/main/java/org/apache/sling/clam/http/internal/ClamJcrScanServletConfiguration.java
index b8b9b76..348580f 100644
--- a/src/main/java/org/apache/sling/clam/http/internal/ClamJcrScanServletConfiguration.java
+++ b/src/main/java/org/apache/sling/clam/http/internal/ClamJcrScanServletConfiguration.java
@@ -32,7 +32,7 @@ import org.osgi.service.metatype.annotations.Option;
name = "scan authorized groups",
description = "User groups authorized for scanning"
)
- String[] scan_authorized_groups() default {"clam-scan"};
+ String[] scan_authorized_groups() default {};
@AttributeDefinition(
name = "default property types",