Author: olli
Date: Thu Mar 9 16:15:11 2017
New Revision: 1786198
URL: http://svn.apache.org/viewvc?rev=1786198&view=rev
Log:
SLING-6182 repoinit fails to set ACL on previously created principal
do not use AccessControlUtils for regular principals
Modified:
sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclUtil.java
Modified:
sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclUtil.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclUtil.java?rev=1786198&r1=1786197&r2=1786198&view=diff
==============================================================================
---
sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclUtil.java
(original)
+++
sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/AclUtil.java
Thu Mar 9 16:15:11 2017
@@ -33,7 +33,9 @@ import javax.jcr.security.Privilege;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
+import org.apache.jackrabbit.api.security.user.Authorizable;
import
org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
+import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -52,21 +54,30 @@ public class AclUtil {
return (JackrabbitAccessControlManager) acm;
}
- public static void setAcl(Session s, List<String> principals, List<String>
paths, List<String> privileges, boolean isAllow)
+ public static void setAcl(Session session, List<String> principals,
List<String> paths, List<String> privileges, boolean isAllow)
throws UnsupportedRepositoryOperationException,
RepositoryException {
final String [] privArray = privileges.toArray(new
String[privileges.size()]);
- final Privilege[] jcrPriv = AccessControlUtils.privilegesFromNames(s,
privArray);
+ final Privilege[] jcrPriv =
AccessControlUtils.privilegesFromNames(session, privArray);
for(String path : paths) {
- if(!s.nodeExists(path)) {
+ if(!session.nodeExists(path)) {
throw new PathNotFoundException("Cannot set ACL on
non-existent path " + path);
}
- JackrabbitAccessControlList acl =
AccessControlUtils.getAccessControlList(s, path);
+ JackrabbitAccessControlList acl =
AccessControlUtils.getAccessControlList(session, path);
AccessControlEntry[] existingAces = acl.getAccessControlEntries();
boolean changed = false;
for (String name : principals) {
- final Principal principal = AccessControlUtils.getPrincipal(s,
name);
+ final Principal principal;
+ if (EveryonePrincipal.NAME.equals(name)) {
+ principal = AccessControlUtils.getPrincipal(session, name);
+ } else {
+ final Authorizable authorizable =
UserUtil.getAuthorizable(session, name);
+ if (authorizable == null) {
+ throw new IllegalStateException("Authorizable not
found:" + name);
+ }
+ principal = authorizable.getPrincipal();
+ }
if (principal == null) {
throw new IllegalStateException("Principal not found: " +
name);
}
@@ -79,7 +90,7 @@ public class AclUtil {
changed = true;
}
if ( changed ) {
- getJACM(s).setPolicy(path, acl);
+ getJACM(session).setPolicy(path, acl);
}
}
