You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by dk...@apache.org on 2019/10/22 14:05:13 UTC
[sling-org-apache-sling-app-cms] 01/02: Minor - syncing dependency
versions from Sling App to poms
This is an automated email from the ASF dual-hosted git repository.
dklco pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-app-cms.git
commit 51dc4fd55c285f3a35dc70a9103903982b270ac9
Author: Dan Klco <dk...@apache.org>
AuthorDate: Tue Oct 22 10:02:41 2019 -0400
Minor - syncing dependency versions from Sling App to poms
---
api/pom.xml | 8 ++-
.../java/org/apache/sling/cms/CMSConstants.java | 2 +-
core/pom.xml | 12 ++--
.../core/internal/filters/CMSSecurityFilter.java | 61 +++++++++++-------
.../usergenerated/impl/ApproveUGCOperation.java | 2 +-
.../impl/UserGeneratedContentServiceImpl.java | 2 +-
pom.xml | 72 +++++++++++-----------
7 files changed, 93 insertions(+), 66 deletions(-)
diff --git a/api/pom.xml b/api/pom.xml
index cdd8106..af0a45d 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -4,7 +4,9 @@
in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to
in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See
the License for the specific language governing permissions and limitations under the License. -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"
+>
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>org.apache.sling.cms</artifactId>
@@ -75,6 +77,10 @@
<artifactId>servlet-api</artifactId>
</dependency>
<dependency>
+ <groupId>org.apache.jackrabbit</groupId>
+ <artifactId>jackrabbit-api</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.api</artifactId>
</dependency>
diff --git a/api/src/main/java/org/apache/sling/cms/CMSConstants.java b/api/src/main/java/org/apache/sling/cms/CMSConstants.java
index 58416f7..044d1cb 100644
--- a/api/src/main/java/org/apache/sling/cms/CMSConstants.java
+++ b/api/src/main/java/org/apache/sling/cms/CMSConstants.java
@@ -17,7 +17,7 @@
package org.apache.sling.cms;
import org.apache.jackrabbit.JcrConstants;
-import org.apache.sling.jcr.resource.JcrResourceConstants;
+import org.apache.sling.jcr.resource.api.JcrResourceConstants;
/**
* Constants used throughout the Sling CMS
diff --git a/core/pom.xml b/core/pom.xml
index 01ff742..0979634 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -4,7 +4,9 @@
in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to
in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See
the License for the specific language governing permissions and limitations under the License. -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"
+>
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>org.apache.sling.cms</artifactId>
@@ -182,10 +184,6 @@
</dependency>
<dependency>
<groupId>org.apache.sling</groupId>
- <artifactId>org.apache.sling.jcr.base</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.commons.johnzon</artifactId>
</dependency>
<dependency>
@@ -267,5 +265,9 @@
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.commons.classloader</artifactId>
</dependency>
+ <dependency>
+ <artifactId>oak-jcr</artifactId>
+ <groupId>org.apache.jackrabbit</groupId>
+ </dependency>
</dependencies>
</project>
\ No newline at end of file
diff --git a/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilter.java b/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilter.java
index 6c2a433..97cf1ee 100644
--- a/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilter.java
+++ b/core/src/main/java/org/apache/sling/cms/core/internal/filters/CMSSecurityFilter.java
@@ -23,6 +23,7 @@ import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;
+import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
@@ -34,12 +35,12 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
+import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.sling.api.SlingHttpServletRequest;
-import org.apache.sling.jcr.base.util.AccessControlUtil;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
@@ -107,26 +108,7 @@ public class CMSSecurityFilter implements Filter {
// check to see if the user is a member of the specified group
if (StringUtils.isNotBlank(config.group())) {
- Authorizable auth;
- try {
- Session session = slingRequest.getResourceResolver().adaptTo(Session.class);
- UserManager userManager = AccessControlUtil.getUserManager(session);
- log.trace("Retrieved user manager {} with session {}", userManager, session);
- auth = userManager.getAuthorizable(slingRequest.getUserPrincipal());
- if (auth != null) {
- log.trace("Checking to see if user {} is in required group {}", auth.getID(),
- config.group());
- Iterator<Group> groups = ((User) auth).memberOf();
- while (groups.hasNext()) {
- if (groups.next().getID().equals(config.group())) {
- allowed = true;
- break;
- }
- }
- }
- } catch (Exception e) {
- log.error("Exception determing group membership", e);
- }
+ allowed = checkGroupMembership(slingRequest);
// just check to make sure the user is logged in
} else {
@@ -151,6 +133,43 @@ public class CMSSecurityFilter implements Filter {
chain.doFilter(request, response);
}
+ private boolean checkGroupMembership(SlingHttpServletRequest slingRequest) {
+ boolean allowed = false;
+ try {
+ Session session = slingRequest.getResourceResolver().adaptTo(Session.class);
+ UserManager userManager = null;
+ if (session instanceof JackrabbitSession) {
+ userManager = ((JackrabbitSession) session).getUserManager();
+ }
+ if (userManager == null) {
+ log.warn("Unable to retrieve user manager");
+ return false;
+ }
+ log.trace("Retrieved user manager {} with session {}", userManager, session);
+ Authorizable auth;
+
+ auth = userManager.getAuthorizable(slingRequest.getUserPrincipal());
+ if (auth == null) {
+ log.warn("Unable to retrieve user from principal {}", slingRequest.getUserPrincipal());
+ return false;
+ }
+
+ log.trace("Checking to see if user {} is in required group {}", auth.getID(), config.group());
+ Iterator<Group> groups = ((User) auth).memberOf();
+ while (groups.hasNext()) {
+ if (groups.next().getID().equals(config.group())) {
+ allowed = true;
+ break;
+ }
+ }
+
+ } catch (RepositoryException e) {
+ log.error("Unexpected exception checking group membership", e);
+ return false;
+ }
+ return allowed;
+ }
+
@Override
public void destroy() {
// Nothing required
diff --git a/core/src/main/java/org/apache/sling/cms/core/usergenerated/impl/ApproveUGCOperation.java b/core/src/main/java/org/apache/sling/cms/core/usergenerated/impl/ApproveUGCOperation.java
index af3072d..f18efe5 100644
--- a/core/src/main/java/org/apache/sling/cms/core/usergenerated/impl/ApproveUGCOperation.java
+++ b/core/src/main/java/org/apache/sling/cms/core/usergenerated/impl/ApproveUGCOperation.java
@@ -30,7 +30,7 @@ import org.apache.sling.api.resource.ModifiableValueMap;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ResourceUtil;
import org.apache.sling.cms.usergenerated.UserGeneratedContentService.APPROVE_ACTION;
-import org.apache.sling.jcr.resource.JcrResourceConstants;
+import org.apache.sling.jcr.resource.api.JcrResourceConstants;
import org.apache.sling.servlets.post.Modification;
import org.apache.sling.servlets.post.PostOperation;
import org.apache.sling.servlets.post.PostResponse;
diff --git a/core/src/main/java/org/apache/sling/cms/core/usergenerated/impl/UserGeneratedContentServiceImpl.java b/core/src/main/java/org/apache/sling/cms/core/usergenerated/impl/UserGeneratedContentServiceImpl.java
index 9c4d536..f5fd28d 100644
--- a/core/src/main/java/org/apache/sling/cms/core/usergenerated/impl/UserGeneratedContentServiceImpl.java
+++ b/core/src/main/java/org/apache/sling/cms/core/usergenerated/impl/UserGeneratedContentServiceImpl.java
@@ -32,7 +32,7 @@ import org.apache.sling.api.resource.ResourceUtil;
import org.apache.sling.cms.CMSConstants;
import org.apache.sling.cms.usergenerated.UGCBucketConfig;
import org.apache.sling.cms.usergenerated.UserGeneratedContentService;
-import org.apache.sling.jcr.resource.JcrResourceConstants;
+import org.apache.sling.jcr.resource.api.JcrResourceConstants;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
diff --git a/pom.xml b/pom.xml
index b9ab0f8..c941211 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,8 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
-<!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional
- information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except
- in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to
- in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See
+<!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional
+ information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to
+ in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See
the License for the specific language governing permissions and limitations under the License. -->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
@@ -58,19 +58,13 @@
<dependency>
<groupId>org.apache.cocoon</groupId>
<artifactId>cocoon-serializers-charsets</artifactId>
- <version>1.0.2</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.commons</groupId>
- <artifactId>commons-math</artifactId>
- <version>2.2</version>
+ <version>1.0.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.felix</groupId>
<artifactId>org.apache.felix.webconsole</artifactId>
- <version>4.2.0</version>
+ <version>4.3.8</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -88,13 +82,13 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <version>4.5.5</version>
+ <version>4.5.6</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.jackrabbit</groupId>
<artifactId>jackrabbit-api</artifactId>
- <version>2.14.4</version>
+ <version>2.18.2</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -106,7 +100,13 @@
<dependency>
<groupId>org.apache.jackrabbit</groupId>
<artifactId>oak-core</artifactId>
- <version>1.6.8</version>
+ <version>1.16.0</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.jackrabbit</groupId>
+ <artifactId>oak-jcr</artifactId>
+ <version>1.16.0</version>
<scope>provided</scope>
</dependency>
@@ -114,13 +114,13 @@
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.api</artifactId>
- <version>2.18.0</version>
+ <version>2.20.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.caconfig.api</artifactId>
- <version>1.0.0</version>
+ <version>1.1.2</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -132,13 +132,13 @@
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.commons.johnzon</artifactId>
- <version>1.0.0</version>
+ <version>1.1.2</version>
<scope>provided</scope>
</dependency>
<dependency>
- <artifactId>org.apache.sling.engine</artifactId>
- <version>2.6.12</version>
<groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.engine</artifactId>
+ <version>2.6.18</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -161,26 +161,20 @@
</dependency>
<dependency>
<groupId>org.apache.sling</groupId>
- <artifactId>org.apache.sling.jcr.base</artifactId>
- <version>2.0.6</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.jcr.resource</artifactId>
- <version>2.3.8</version>
+ <version>3.0.18</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.models.api</artifactId>
- <version>1.3.6</version>
+ <version>1.3.8</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.rewriter</artifactId>
- <version>1.0.4</version>
+ <version>1.2.2</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -192,27 +186,33 @@
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.servlets.post</artifactId>
- <version>2.3.22</version>
+ <version>2.3.30</version>
<scope>provided</scope>
</dependency>
<!-- Utilities / Misc -->
<dependency>
+ <groupId>org.apache.commons</groupId>
<artifactId>commons-email</artifactId>
<version>1.5</version>
- <groupId>org.apache.commons</groupId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
- <version>3.4</version>
+ <version>3.8.1</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-math</artifactId>
+ <version>2.2</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
- <version>1.4</version>
+ <version>2.6</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -256,7 +256,7 @@
<dependency>
<groupId>org.apache.pdfbox</groupId>
<artifactId>pdfbox</artifactId>
- <version>2.0.12</version>
+ <version>2.0.16</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -274,7 +274,7 @@
<dependency>
<groupId>org.apache.tika</groupId>
<artifactId>tika-core</artifactId>
- <version>1.19.1</version>
+ <version>1.21</version>
<scope>provided</scope>
</dependency>
@@ -282,7 +282,7 @@
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.testing.sling-mock.junit4</artifactId>
- <version>2.3.0</version>
+ <version>2.3.16</version>
<scope>test</scope>
</dependency>
<dependency>