You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by bd...@apache.org on 2021/05/28 09:31:14 UTC
[sling-org-apache-sling-repoinit-parser] branch master updated: SLING-10277 - REGISTER PRIVILEGE and SET ACL should support lists of … (#12)
This is an automated email from the ASF dual-hosted git repository.
bdelacretaz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-repoinit-parser.git
The following commit(s) were added to refs/heads/master by this push:
new be349ad SLING-10277 - REGISTER PRIVILEGE and SET ACL should support lists of … (#12)
be349ad is described below
commit be349adcf42894208bbeddf4a532eb97f9ea8fd8
Author: Bertrand Delacretaz <bd...@apache.org>
AuthorDate: Fri May 28 11:31:08 2021 +0200
SLING-10277 - REGISTER PRIVILEGE and SET ACL should support lists of … (#12)
* SLING-10277 - REGISTER PRIVILEGE and SET ACL should support lists of STRING and NAMESPACED_ITEM
* SLING-10277 - more precise test privilege name
---
src/main/javacc/RepoInitGrammar.jjt | 15 +++++++++++++--
src/test/resources/testcases/test-10-output.txt | 1 +
src/test/resources/testcases/test-10.txt | 1 +
src/test/resources/testcases/test-42-output.txt | 8 +++++++-
src/test/resources/testcases/test-42.txt | 10 +++++++++-
src/test/resources/testcases/test-99-output.txt | 3 +++
src/test/resources/testcases/test-99.txt | 3 +++
7 files changed, 37 insertions(+), 4 deletions(-)
diff --git a/src/main/javacc/RepoInitGrammar.jjt b/src/main/javacc/RepoInitGrammar.jjt
index e052655..1e4236d 100644
--- a/src/main/javacc/RepoInitGrammar.jjt
+++ b/src/main/javacc/RepoInitGrammar.jjt
@@ -230,6 +230,17 @@ List<String> namespacedItemsList() :
{ return priv; }
}
+List<String> privilegesList() :
+{
+ Token t = null;
+ List<String> priv = new ArrayList<String>();
+}
+{
+ ( t=<NAMESPACED_ITEM> | t=<STRING> ) { priv.add(t.image); }
+ ( <COMMA> ( t=<NAMESPACED_ITEM> | t=<STRING> ) { priv.add(t.image); } )*
+ { return priv; }
+}
+
String usernameList() :
{
List<String> names = new ArrayList<String>();
@@ -365,7 +376,7 @@ void userPrivilegesLine(List<AclLine> lines) :
}
{
line = privilegesLineOperation()
- tmp = namespacedItemsList() { line.setProperty(AclLine.PROP_PRIVILEGES, tmp); }
+ tmp = privilegesList() { line.setProperty(AclLine.PROP_PRIVILEGES, tmp); }
<FOR>
tmp = principalsList() { line.setProperty(AclLine.PROP_PRINCIPALS, tmp); }
restrictions = restrictions() { line.setRestrictions(restrictions); }
@@ -605,7 +616,7 @@ void registerPrivilegeStatement(List<Operation> result) :
List<String> aggregates = new ArrayList<String>();
}
{
- <REGISTER> ((<ABSTRACT>) {isAbstract = true;})? <PRIVILEGE> (privilege = <STRING> | privilege = <NAMESPACED_ITEM>) (<WITH> aggregates = principalsList())?
+ <REGISTER> ((<ABSTRACT>) {isAbstract = true;})? <PRIVILEGE> (privilege = <STRING> | privilege = <NAMESPACED_ITEM>) (<WITH> aggregates = privilegesList())?
{
result.add(new RegisterPrivilege(privilege.image, isAbstract, aggregates));
}
diff --git a/src/test/resources/testcases/test-10-output.txt b/src/test/resources/testcases/test-10-output.txt
index 67053a0..15ab2df 100644
--- a/src/test/resources/testcases/test-10-output.txt
+++ b/src/test/resources/testcases/test-10-output.txt
@@ -1,6 +1,7 @@
SetAclPaths on /libs /apps / /content/example.com/some-other_path
AclLine REMOVE_ALL {principals=[user1, user2]}
AclLine ALLOW {principals=[user1, user2], privileges=[jcr:read]}
+ AclLine ALLOW {principals=[user4], privileges=[privilege_without_namespace]}
AclLine DENY {principals=[user2], privileges=[jcr:write, something:else, another:one]}
AclLine DENY {principals=[user1], privileges=[jcr:lockManagement]}
AclLine DENY {principals=[user2], privileges=[jcr:modifyProperties]} restrictions=[rep:itemNames=[prop1, prop2]]
\ No newline at end of file
diff --git a/src/test/resources/testcases/test-10.txt b/src/test/resources/testcases/test-10.txt
index 479685b..ce23aa4 100644
--- a/src/test/resources/testcases/test-10.txt
+++ b/src/test/resources/testcases/test-10.txt
@@ -4,6 +4,7 @@
set ACL on /libs,/apps, /, /content/example.com/some-other_path
remove * for user1,user2
allow jcr:read for user1,user2
+ allow privilege_without_namespace for user4
deny jcr:write,something:else,another:one for user2
deny jcr:lockManagement for user1
diff --git a/src/test/resources/testcases/test-42-output.txt b/src/test/resources/testcases/test-42-output.txt
index 3fc8e0c..aaa8aac 100644
--- a/src/test/resources/testcases/test-42-output.txt
+++ b/src/test/resources/testcases/test-42-output.txt
@@ -1,6 +1,12 @@
register privilege withoutabstract_withoutaggregates
+register privilege ns:withoutabstract_withoutaggregatesNS
register abstract privilege withabstract_withoutaggregates
+register abstract privilege ns:withabstract_withoutaggregatesNS
register privilege withoutabstract_withaggregate with bla
register privilege withoutabstract_withaggregates with bla,blub
+register privilege withoutabstract_withaggregates with bla,ns:namespacedA
+register privilege ns:withoutabstract_withaggregates with bla,ns:namespacedB
register abstract privilege withabstract_withaggregate with foo
-register abstract privilege withabstract_withaggregates with foo,bar
\ No newline at end of file
+register abstract privilege withabstract_withaggregates with foo,bar
+register abstract privilege withabstract_withaggregates with foo,ns:namespacedC
+register abstract privilege ns:withabstract_withaggregates with foo,ns:namespacedD
\ No newline at end of file
diff --git a/src/test/resources/testcases/test-42.txt b/src/test/resources/testcases/test-42.txt
index 3fc8e0c..1cab5b8 100644
--- a/src/test/resources/testcases/test-42.txt
+++ b/src/test/resources/testcases/test-42.txt
@@ -1,6 +1,14 @@
register privilege withoutabstract_withoutaggregates
+register privilege ns:withoutabstract_withoutaggregatesNS
register abstract privilege withabstract_withoutaggregates
+register abstract privilege ns:withabstract_withoutaggregatesNS
+
register privilege withoutabstract_withaggregate with bla
register privilege withoutabstract_withaggregates with bla,blub
+register privilege withoutabstract_withaggregates with bla,ns:namespacedA
+register privilege ns:withoutabstract_withaggregates with bla,ns:namespacedB
+
register abstract privilege withabstract_withaggregate with foo
-register abstract privilege withabstract_withaggregates with foo,bar
\ No newline at end of file
+register abstract privilege withabstract_withaggregates with foo,bar
+register abstract privilege withabstract_withaggregates with foo,ns:namespacedC
+register abstract privilege ns:withabstract_withaggregates with foo,ns:namespacedD
\ No newline at end of file
diff --git a/src/test/resources/testcases/test-99-output.txt b/src/test/resources/testcases/test-99-output.txt
index 248a216..924f011 100644
--- a/src/test/resources/testcases/test-99-output.txt
+++ b/src/test/resources/testcases/test-99-output.txt
@@ -3,6 +3,7 @@ CreateServiceUser u-ser_2
SetAclPaths on /libs /apps
AclLine REMOVE_ALL {principals=[user1, u-ser_2]}
AclLine ALLOW {principals=[user1, u-ser_2], privileges=[jcr:read]}
+ AclLine ALLOW {principals=[user4], privileges=[privilege_without_namespace]}
AclLine DENY {principals=[u-ser_2], privileges=[jcr:write]}
AclLine DENY {principals=[user1], privileges=[jcr:lockManagement]}
AclLine REMOVE {principals=[u3], privileges=[jcr:understand, some:other]}
@@ -34,8 +35,10 @@ RegisterNodetypes:
register privilege crx:replicate
register privilege priv
register abstract privilege abstract_priv
+register abstract privilege namespaced:priv3
register privilege priv with declared_aggregate_priv
register privilege priv with declared_aggregate_priv1,declared_aggregate_priv2
+register privilege priv with declared_aggregate_priv1,namespaced:_priv4
CreateUser userE (with encoded password), password=afdgwdsdf, passwordEncoding=someEncoding
CreateUser one_with-more-chars.ok:/123456 (with encoded password), password=pw-with.ok-:/13456, passwordEncoding=encoding_with.ok-:/12345
CreateUser userF with path /for/userF
diff --git a/src/test/resources/testcases/test-99.txt b/src/test/resources/testcases/test-99.txt
index d8a24e5..415db2b 100644
--- a/src/test/resources/testcases/test-99.txt
+++ b/src/test/resources/testcases/test-99.txt
@@ -13,6 +13,7 @@ create service user user1, u-ser_2
set ACL on /libs,/apps
remove * for user1,u-ser_2
allow jcr:read for user1,u-ser_2
+ allow privilege_without_namespace for user4
deny jcr:write for u-ser_2
deny jcr:lockManagement for user1
@@ -66,8 +67,10 @@ register nodetypes
register privilege crx:replicate
register privilege priv
register abstract privilege abstract_priv
+register abstract privilege namespaced:priv3
register privilege priv with declared_aggregate_priv
register privilege priv with declared_aggregate_priv1,declared_aggregate_priv2
+register privilege priv with declared_aggregate_priv1,namespaced:_priv4
create user userE with password {someEncoding} afdgwdsdf
create user one_with-more-chars.ok:/123456 with password {encoding_with.ok-:/12345} pw-with.ok-:/13456