Author: tmaret Date: Fri Aug 18 13:11:46 2017 New Revision: 1805421 URL: http://svn.apache.org/viewvc?rev=1805421&view=rev Log: SLING-6984 - Allow to disable service user
* Implement UserVisitor#visitDisableServiceUser * Add integration test Modified: sling/trunk/bundles/extensions/repoinit/it/src/main/provisioning/repoinit.txt sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/ProvisioningModelIT.java sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/U.java sling/trunk/bundles/extensions/repoinit/parser/src/main/java/org/apache/sling/repoinit/parser/operations/DisableServiceUser.java sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java Modified: sling/trunk/bundles/extensions/repoinit/it/src/main/provisioning/repoinit.txt URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/repoinit/it/src/main/provisioning/repoinit.txt?rev=1805421&r1=1805420&r2=1805421&view=diff ============================================================================== --- sling/trunk/bundles/extensions/repoinit/it/src/main/provisioning/repoinit.txt (original) +++ sling/trunk/bundles/extensions/repoinit/it/src/main/provisioning/repoinit.txt Fri Aug 18 13:11:46 2017 @@ -45,6 +45,9 @@ set ACL for userFromProvisioningModel deny jcr:write on /repoinit/fromProvisioningModel end +create service user thirdUserFromProvisioningModel +disable service user thirdUserFromProvisioningModel : "Disabled for testing reason" + register namespace (slingtest) http://sling.apache.org/ns/test/repoinit-it/v1.0 register nodetypes Modified: sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/ProvisioningModelIT.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/ProvisioningModelIT.java?rev=1805421&r1=1805420&r2=1805421&view=diff ============================================================================== --- sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/ProvisioningModelIT.java (original) +++ sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/ProvisioningModelIT.java Fri Aug 18 13:11:46 2017 @@ -37,6 +37,7 @@ public class ProvisioningModelIT { private static final String TEST_PATH = "/repoinit/fromProvisioningModel"; private static final String TEST_USER = "userFromProvisioningModel"; private static final String SECOND_TEST_USER = "secondUserFromProvisioningModel"; + private static final String THIRD_TEST_USER = "thirdUserFromProvisioningModel"; private final String uniqueID = UUID.randomUUID().toString(); @Rule @@ -58,6 +59,13 @@ public class ProvisioningModelIT { public void usersCreated() throws Exception { assertTrue("Expecting user " + TEST_USER, U.userExists(session, TEST_USER)); assertTrue("Expecting user " + SECOND_TEST_USER, U.userExists(session, SECOND_TEST_USER)); + assertTrue("Expecting user " + THIRD_TEST_USER, U.userExists(session, THIRD_TEST_USER)); + } + + @Test + public void userDisabled() throws Exception { + assertTrue(String.format("Expecting user %s to be disabled", THIRD_TEST_USER), U.userIsDisabled(session, THIRD_TEST_USER)); + assertFalse(String.format("Expecting user %s to be enabled", TEST_USER), U.userIsDisabled(session,TEST_USER)); } @Test Modified: sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/U.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/U.java?rev=1805421&r1=1805420&r2=1805421&view=diff ============================================================================== --- sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/U.java (original) +++ sling/trunk/bundles/extensions/repoinit/it/src/test/java/org/apache/sling/repoinit/it/U.java Fri Aug 18 13:11:46 2017 @@ -28,6 +28,7 @@ import javax.jcr.SimpleCredentials; import org.apache.jackrabbit.api.JackrabbitSession; import org.apache.jackrabbit.api.security.user.Authorizable; +import org.apache.jackrabbit.api.security.user.User; /** Test utilities */ public class U { @@ -35,7 +36,18 @@ public class U { final Authorizable a = ((JackrabbitSession)session).getUserManager().getAuthorizable(id); return a != null; } - + + public static boolean userIsDisabled(Session session, String id) throws RepositoryException { + final Authorizable a = ((JackrabbitSession)session).getUserManager().getAuthorizable(id); + if (a == null) { + throw new IllegalStateException("Authorizable not found:" + id); + } + if (a.isGroup()) { + throw new IllegalStateException("Authorizable is a group:" + id); + } + return ((User)a).isDisabled(); + } + public static Session getServiceSession(Session session, String serviceId) throws LoginException, RepositoryException { return session.impersonate(new SimpleCredentials(serviceId, new char[0])); } Modified: sling/trunk/bundles/extensions/repoinit/parser/src/main/java/org/apache/sling/repoinit/parser/operations/DisableServiceUser.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/repoinit/parser/src/main/java/org/apache/sling/repoinit/parser/operations/DisableServiceUser.java?rev=1805421&r1=1805420&r2=1805421&view=diff ============================================================================== --- sling/trunk/bundles/extensions/repoinit/parser/src/main/java/org/apache/sling/repoinit/parser/operations/DisableServiceUser.java (original) +++ sling/trunk/bundles/extensions/repoinit/parser/src/main/java/org/apache/sling/repoinit/parser/operations/DisableServiceUser.java Fri Aug 18 13:11:46 2017 @@ -29,7 +29,7 @@ public class DisableServiceUser extends } @Override - protected String getParametersDescription() { + public String getParametersDescription() { final StringBuilder sb = new StringBuilder(); sb.append(super.getParametersDescription()); if(reason!=null) { Modified: sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java?rev=1805421&r1=1805420&r2=1805421&view=diff ============================================================================== --- sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java (original) +++ sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserUtil.java Fri Aug 18 13:11:46 2017 @@ -62,6 +62,20 @@ public class UserUtil { authorizable.remove(); } + public static void disableUser(Session session, String id, String reason) throws RepositoryException { + if (reason == null) { + throw new IllegalArgumentException("reason can't be null"); + } + Authorizable authorizable = getUserManager(session).getAuthorizable(id); + if (authorizable == null) { + throw new IllegalStateException("Authorizable not found: " + id); + } + if (authorizable.isGroup()) { + throw new IllegalStateException("Can't disable a group: " + id); + } + ((User)authorizable).disable(reason); + } + /** Create a user - fails if it already exists */ public static void createUser(Session session, String username, String password) throws RepositoryException { getUserManager(session).createUser(username, password); Modified: sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java?rev=1805421&r1=1805420&r2=1805421&view=diff ============================================================================== --- sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java (original) +++ sling/trunk/bundles/jcr/repoinit/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java Fri Aug 18 13:11:46 2017 @@ -22,6 +22,7 @@ import org.apache.sling.repoinit.parser. import org.apache.sling.repoinit.parser.operations.CreateUser; import org.apache.sling.repoinit.parser.operations.DeleteServiceUser; import org.apache.sling.repoinit.parser.operations.DeleteUser; +import org.apache.sling.repoinit.parser.operations.DisableServiceUser; /** OperationVisitor which processes only operations related to * service users and ACLs. Having several such specialized visitors @@ -100,4 +101,16 @@ class UserVisitor extends DoNothingVisit } } + @Override + public void visitDisableServiceUser(DisableServiceUser dsu) { + final String username = dsu.getUsername(); + final String reason = dsu.getParametersDescription(); + log.info("Disabling service user {} reason {}", new String[]{username, reason}); + try { + UserUtil.disableUser(session, username, reason); + } catch(Exception e) { + report(e, "Unable to disable service user [" + username + "]:" + e); + } + } + }