You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by pa...@apache.org on 2018/11/30 23:40:45 UTC
[sling-org-apache-sling-serviceusermapper] branch master updated:
SLING-8142: Add a require validation mode to the servicemapper
This is an automated email from the ASF dual-hosted git repository.
pauls pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-serviceusermapper.git
The following commit(s) were added to refs/heads/master by this push:
new 61a0958 SLING-8142: Add a require validation mode to the servicemapper
61a0958 is described below
commit 61a095829209a7dfe64221dc6a72ea5ff676c01e
Author: Karl Pauls <ka...@gmail.com>
AuthorDate: Sat Dec 1 00:40:37 2018 +0100
SLING-8142: Add a require validation mode to the servicemapper
---
.../impl/ServiceUserMappedBundleFilter.java | 8 ++--
.../impl/ServiceUserMapperImpl.java | 49 ++++++++++++++++++----
2 files changed, 44 insertions(+), 13 deletions(-)
diff --git a/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMappedBundleFilter.java b/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMappedBundleFilter.java
index ae95071..cb19ed0 100644
--- a/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMappedBundleFilter.java
+++ b/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMappedBundleFilter.java
@@ -108,11 +108,11 @@ public class ServiceUserMappedBundleFilter implements EventListenerHook, FindHoo
private boolean isValid(Bundle bundle, Object serviceName, String subserviceName) {
String bundleServiceName = mapper.getServiceName(bundle);
if (bundleServiceName.equals(serviceName)) {
- Iterable<String> principals = mapper.getServicePrincipalNames(bundle, subserviceName);
+ Iterable<String> principals = mapper.getServicePrincipalNamesInternal(bundle, subserviceName);
if (principals != null && principals.iterator().hasNext()) {
return true;
}
- String user = mapper.getServiceUserID(bundle, subserviceName);
+ String user = mapper.getServiceUserIDInternal(bundle, subserviceName);
if (user != null && !user.isEmpty()) {
return true;
}
@@ -130,11 +130,11 @@ public class ServiceUserMappedBundleFilter implements EventListenerHook, FindHoo
return false;
}
}
- Iterable<String> principals = mapper.getServicePrincipalNames(bundle, subserviceName);
+ Iterable<String> principals = mapper.getServicePrincipalNamesInternal(bundle, subserviceName);
if (principals != null && principals.iterator().hasNext()) {
return true;
}
- String user = mapper.getServiceUserID(bundle, subserviceName);
+ String user = mapper.getServiceUserIDInternal(bundle, subserviceName);
if (user != null && !user.isEmpty()) {
return true;
}
diff --git a/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl.java b/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl.java
index 492513b..97224f7 100644
--- a/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl.java
+++ b/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl.java
@@ -84,6 +84,8 @@ public class ServiceUserMapperImpl implements ServiceUserMapper {
" default user is defined, a " +
"default mapping is applied which uses the service user \"serviceuser--\" + bundleId + [\"--\" + subServiceName]")
boolean user_enable_default_mapping() default true;
+
+ boolean require_validation() default false;
}
/** default log */
@@ -111,6 +113,8 @@ public class ServiceUserMapperImpl implements ServiceUserMapper {
boolean registerAsync = true;
+ private volatile boolean requireValidation = false;
+
private final AtomicReference<ServiceRegistration> defaultRegistration = new AtomicReference<>();
@Activate
@@ -141,6 +145,7 @@ public class ServiceUserMapperImpl implements ServiceUserMapper {
}
this.defaultUser = config.user_default();
this.useDefaultMapping = config.user_enable_default_mapping();
+ this.requireValidation = config.require_validation();
RegistrationSet registrationSet = null;
this.bundleContext = bundleContext;
@@ -175,7 +180,9 @@ public class ServiceUserMapperImpl implements ServiceUserMapper {
@Reference(cardinality=ReferenceCardinality.MULTIPLE, policy= ReferencePolicy.DYNAMIC)
protected synchronized void bindServiceUserValidator(final ServiceUserValidator serviceUserValidator) {
userValidators.add(serviceUserValidator);
- restartAllActiveServiceUserMappedServices();
+ if (!requireValidation || !principalsValidators.isEmpty()) {
+ restartAllActiveServiceUserMappedServices();
+ }
}
/**
@@ -194,7 +201,9 @@ public class ServiceUserMapperImpl implements ServiceUserMapper {
@Reference(cardinality=ReferenceCardinality.MULTIPLE, policy= ReferencePolicy.DYNAMIC)
protected synchronized void bindServicePrincipalsValidator(final ServicePrincipalsValidator servicePrincipalsValidator) {
principalsValidators.add(servicePrincipalsValidator);
- restartAllActiveServiceUserMappedServices();
+ if (!requireValidation || !userValidators.isEmpty()) {
+ restartAllActiveServiceUserMappedServices();
+ }
}
/**
@@ -213,7 +222,18 @@ public class ServiceUserMapperImpl implements ServiceUserMapper {
public String getServiceUserID(final Bundle bundle, final String subServiceName) {
final String serviceName = getServiceName(bundle);
final String userId = internalGetUserId(serviceName, subServiceName);
- final boolean valid = isValidUser(userId, serviceName, subServiceName);
+ final boolean valid = isValidUser(userId, serviceName, subServiceName, false);
+ final String result = valid ? userId : null;
+ log.debug(
+ "getServiceUserID(bundle {}, subServiceName {}) returns [{}] (raw userId={}, valid={})",
+ new Object[] { bundle, subServiceName, result, userId, valid });
+ return result;
+ }
+
+ String getServiceUserIDInternal(final Bundle bundle, final String subServiceName) {
+ final String serviceName = getServiceName(bundle);
+ final String userId = internalGetUserId(serviceName, subServiceName);
+ final boolean valid = isValidUser(userId, serviceName, subServiceName, requireValidation);
final String result = valid ? userId : null;
log.debug(
"getServiceUserID(bundle {}, subServiceName {}) returns [{}] (raw userId={}, valid={})",
@@ -228,7 +248,18 @@ public class ServiceUserMapperImpl implements ServiceUserMapper {
public Iterable<String> getServicePrincipalNames(Bundle bundle, String subServiceName) {
final String serviceName = getServiceName(bundle);
final Iterable<String> names = internalGetPrincipalNames(serviceName, subServiceName);
- final boolean valid = areValidPrincipals(names, serviceName, subServiceName);
+ final boolean valid = areValidPrincipals(names, serviceName, subServiceName, false);
+ final Iterable<String> result = valid ? names : null;
+ log.debug(
+ "getServicePrincipalNames(bundle {}, subServiceName {}) returns [{}] (raw principalNames={}, valid={})",
+ new Object[] { bundle, subServiceName, result, names, valid});
+ return result;
+ }
+
+ Iterable<String> getServicePrincipalNamesInternal(Bundle bundle, String subServiceName) {
+ final String serviceName = getServiceName(bundle);
+ final Iterable<String> names = internalGetPrincipalNames(serviceName, subServiceName);
+ final boolean valid = areValidPrincipals(names, serviceName, subServiceName, requireValidation);
final Iterable<String> result = valid ? names : null;
log.debug(
"getServicePrincipalNames(bundle {}, subServiceName {}) returns [{}] (raw principalNames={}, valid={})",
@@ -343,7 +374,7 @@ public class ServiceUserMapperImpl implements ServiceUserMapper {
private void executeServiceRegistrations(final RegistrationSet registrationSet) {
- ServiceRegistration reg = defaultRegistration.getAndSet(null);
+ ServiceRegistration reg = defaultRegistration.getAndSet(null);
if (reg != null) {
reg.unregister();
}
@@ -444,12 +475,12 @@ public class ServiceUserMapperImpl implements ServiceUserMapper {
return this.defaultUser;
}
- private boolean isValidUser(final String userId, final String serviceName, final String subServiceName) {
+ private boolean isValidUser(final String userId, final String serviceName, final String subServiceName, boolean require) {
if (userId == null) {
log.debug("isValidUser: userId is null -> invalid");
return false;
}
- if ( !userValidators.isEmpty() ) {
+ if ( !userValidators.isEmpty() || require) {
for (final ServiceUserValidator validator : userValidators) {
if ( validator.isValid(userId, serviceName, subServiceName) ) {
log.debug("isValidUser: Validator {} accepts userId [{}] -> valid", validator, userId);
@@ -464,12 +495,12 @@ public class ServiceUserMapperImpl implements ServiceUserMapper {
}
}
- private boolean areValidPrincipals(final Iterable<String> principalNames, final String serviceName, final String subServiceName) {
+ private boolean areValidPrincipals(final Iterable<String> principalNames, final String serviceName, final String subServiceName, boolean require) {
if (principalNames == null) {
log.debug("areValidPrincipals: principalNames are null -> invalid");
return false;
}
- if ( !principalsValidators.isEmpty() ) {
+ if ( !principalsValidators.isEmpty() || require ) {
for (final ServicePrincipalsValidator validator : principalsValidators) {
if ( validator.isValid(principalNames, serviceName, subServiceName) ) {
log.debug("areValidPrincipals: Validator {} accepts principal names [{}] -> valid", validator, principalNames);