This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.distribution.sample-0.1.4 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-distribution-sample.git
commit f2fa793e89b7aca9d2c7bfff161a0febd227fc4e Author: Marius Petria <[email protected]> AuthorDate: Mon Nov 9 13:41:52 2015 +0000 SLING-5281: allow execution with calling user session git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/distribution/sample@1713432 13f79535-47bb-0310-9956-ffa450edef68 --- .../org/apache/sling/distribution/test/Init.java | 60 ++++++++++++++++------ ...onAgentFactory-impersonate-publish-reverse.json | 17 ++++++ ...tory-impersonate-publish-reverse-scheduled.json | 9 ++++ ...stributionAgentFactory-impersonate-publish.json | 13 +++++ ...stributionAgentFactory-impersonate-reverse.json | 13 +++++ ...PackageExporterFactory-impersonate-reverse.json | 6 +++ ...DistributionPackageExporterFactory-reverse.json | 0 ...apperImpl.amended-distributionAgentService.json | 5 ++ .../libs/sling/distribution/services.json | 3 ++ .../libs/sling/distribution/settings.json | 3 ++ 10 files changed, 113 insertions(+), 16 deletions(-) diff --git a/src/main/java/org/apache/sling/distribution/test/Init.java b/src/main/java/org/apache/sling/distribution/test/Init.java index 409b3b2..9721595 100644 --- a/src/main/java/org/apache/sling/distribution/test/Init.java +++ b/src/main/java/org/apache/sling/distribution/test/Init.java @@ -25,8 +25,11 @@ import org.apache.felix.scr.annotations.Component; import org.apache.felix.scr.annotations.Reference; import org.apache.jackrabbit.api.JackrabbitSession; import org.apache.jackrabbit.api.security.user.Authorizable; +import org.apache.jackrabbit.api.security.user.User; import org.apache.jackrabbit.api.security.user.UserManager; import javax.jcr.security.Privilege; + +import org.apache.jackrabbit.commons.JcrUtils; import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils; import org.apache.sling.jcr.api.SlingRepository; import org.slf4j.Logger; @@ -48,41 +51,66 @@ public class Init { public void activate() throws Exception { try { - final String userName = "testDistributionUser"; + final String defaultAgentUserName = "distribution-agent-user"; + final String serviceUserName = "testDistributionUser"; + final String distributorUserName = "testDistributorUser"; + Session session = slingRepository.loginAdministrative(null); JackrabbitSession jackrabittSession = (JackrabbitSession) session; UserManager userManager = jackrabittSession.getUserManager(); - Authorizable user = userManager.getAuthorizable(userName); + Authorizable serviceUser = userManager.getAuthorizable(serviceUserName); - if (user == null) { + if (serviceUser == null) { try { - user = userManager.createSystemUser(userName, null); - log.error("created system user", user); + serviceUser = userManager.createSystemUser(serviceUserName, null); + log.info("created system user {}", serviceUserName); } catch (Throwable t) { - user = userManager.createUser(userName, "123"); - log.error("created regular user", user); - + serviceUser = userManager.createUser(serviceUserName, "123"); + log.info("created regular user {}", serviceUserName); } } - if (user != null) { - AccessControlUtils.addAccessControlEntry(session, "/", user.getPrincipal(), new String[]{ Privilege.JCR_ALL }, true); + if (serviceUser != null) { + AccessControlUtils.addAccessControlEntry(session, "/var/sling/distribution/packages", serviceUser.getPrincipal(), new String[]{ Privilege.JCR_ALL }, true); + AccessControlUtils.addAccessControlEntry(session, "/content", serviceUser.getPrincipal(), new String[]{ Privilege.JCR_ALL }, true); + AccessControlUtils.addAccessControlEntry(session, null, serviceUser.getPrincipal(), new String[]{ Privilege.JCR_ALL }, true); - AccessControlUtils.addAccessControlEntry(session, null, user.getPrincipal(), new String[]{ Privilege.JCR_ALL }, true); + } - session.save(); + Authorizable distributorUser = userManager.getAuthorizable(distributorUserName); - session.logout(); + if (distributorUser == null) { + distributorUser = userManager.createUser(distributorUserName, "123"); + log.info("created regular user {}", distributorUserName); } - } catch (Throwable t) { - log.error("cannot create user", t); - } + JcrUtils.getOrCreateByPath("/content", "sling:Folder", session); + if (distributorUser != null) { + AccessControlUtils.addAccessControlEntry(session, "/var/sling/distribution/packages", distributorUser.getPrincipal(), new String[]{ Privilege.JCR_ALL }, true); + AccessControlUtils.addAccessControlEntry(session, "/content", distributorUser.getPrincipal(), new String[]{ Privilege.JCR_ALL }, true); + AccessControlUtils.addAccessControlEntry(session, "/libs/sling/distribution", distributorUser.getPrincipal(), new String[]{ Privilege.JCR_ALL }, true); + AccessControlUtils.addAccessControlEntry(session, null, distributorUser.getPrincipal(), new String[]{ Privilege.JCR_ALL }, true); + } + + Authorizable defaultAgentUser = userManager.getAuthorizable(defaultAgentUserName); + + if (defaultAgentUser == null) { + defaultAgentUser = userManager.createUser(defaultAgentUserName, "123"); + log.info("created regular user {}", defaultAgentUserName); + ((User) distributorUser).getImpersonation().grantImpersonation(defaultAgentUser.getPrincipal()); + ((User) serviceUser).getImpersonation().grantImpersonation(defaultAgentUser.getPrincipal()); + } + + session.save(); + session.logout(); + } catch (Throwable t) { + log.error("cannot create user", t); + } } diff --git a/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.author/impersonate-publish-reverse/org.apache.sling.distribution.agent.impl.ReverseDistributionAgentFactory-impersonate-publish-reverse.json b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.author/impersonate-publish-reverse/org.apache.sling.distribution.agent.impl.ReverseDistributionAgentFactory-impersonate-publish-reverse.json new file mode 100644 index 0000000..2f63e6f --- /dev/null +++ b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.author/impersonate-publish-reverse/org.apache.sling.distribution.agent.impl.ReverseDistributionAgentFactory-impersonate-publish-reverse.json @@ -0,0 +1,17 @@ +{ + "jcr:primaryType": "sling:OsgiConfig", + + "name": "impersonate-publish-reverse", + + "requestAuthorizationStrategy.target" : "(name=privilegeRead)", + + "packageBuilder.target": "(name=vlt)", + + "transportSecretProvider.target" : "(name=publishAdmin)", + + "packageExporter.endpoints": [ + "http://localhost:4503/libs/sling/distribution/services/exporters/impersonate-reverse"; + ], + + "triggers.target": "(name=impersonate-publish-reverse-scheduled)" +} \ No newline at end of file diff --git a/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.author/impersonate-publish-reverse/org.apache.sling.distribution.trigger.impl.ScheduledDistributionTriggerFactory-impersonate-publish-reverse-scheduled.json b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.author/impersonate-publish-reverse/org.apache.sling.distribution.trigger.impl.ScheduledDistributionTriggerFactory-impersonate-publish-reverse-scheduled.json new file mode 100644 index 0000000..042b021 --- /dev/null +++ b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.author/impersonate-publish-reverse/org.apache.sling.distribution.trigger.impl.ScheduledDistributionTriggerFactory-impersonate-publish-reverse-scheduled.json @@ -0,0 +1,9 @@ +{ + "jcr:primaryType": "sling:OsgiConfig", + + "name": "impersonate-publish-reverse-scheduled", + "action": "pull", + "seconds": "30", + + "serviceName" : "distributionService" +} \ No newline at end of file diff --git a/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.author/impersonate-publish/org.apache.sling.distribution.agent.impl.ForwardDistributionAgentFactory-impersonate-publish.json b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.author/impersonate-publish/org.apache.sling.distribution.agent.impl.ForwardDistributionAgentFactory-impersonate-publish.json new file mode 100644 index 0000000..cd4201f --- /dev/null +++ b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.author/impersonate-publish/org.apache.sling.distribution.agent.impl.ForwardDistributionAgentFactory-impersonate-publish.json @@ -0,0 +1,13 @@ +{ + "jcr:primaryType": "sling:OsgiConfig", + + "name": "impersonate-publish", + + "packageBuilder.target": "(name=vlt)", + + "transportSecretProvider.target" : "(name=publishAdmin)", + + "packageImporter.endpoints": [ + "http://localhost:4503/libs/sling/distribution/services/importers/default"; + ] +} \ No newline at end of file diff --git a/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.publish/impersonate-reverse/org.apache.sling.distribution.agent.impl.QueueDistributionAgentFactory-impersonate-reverse.json b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.publish/impersonate-reverse/org.apache.sling.distribution.agent.impl.QueueDistributionAgentFactory-impersonate-reverse.json new file mode 100644 index 0000000..07d266d --- /dev/null +++ b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.publish/impersonate-reverse/org.apache.sling.distribution.agent.impl.QueueDistributionAgentFactory-impersonate-reverse.json @@ -0,0 +1,13 @@ +{ + "jcr:primaryType": "sling:OsgiConfig", + "name": "impersonate-reverse", + + "serviceName" : "distributionService", + + "requestAuthorizationStrategy.target" : "(name=privilegeRead)", + + "packageBuilder.target" : "(name=vlt)", + + "triggers.target": "(name=reverse-userGeneratedContent)" + +} \ No newline at end of file diff --git a/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.publish/impersonate-reverse/org.apache.sling.distribution.packaging.impl.exporter.AgentDistributionPackageExporterFactory-impersonate-reverse.json b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.publish/impersonate-reverse/org.apache.sling.distribution.packaging.impl.exporter.AgentDistributionPackageExporterFactory-impersonate-reverse.json new file mode 100644 index 0000000..478cc0e --- /dev/null +++ b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.publish/impersonate-reverse/org.apache.sling.distribution.packaging.impl.exporter.AgentDistributionPackageExporterFactory-impersonate-reverse.json @@ -0,0 +1,6 @@ +{ + "jcr:primaryType": "sling:OsgiConfig", + "name": "impersonate-reverse", + + "agent.target": "(name=impersonate-reverse)" +} \ No newline at end of file diff --git a/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.publish/org.apache.sling.distribution.packaging.impl.exporter.AgentDistributionPackageExporterFactory-reverse.json b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install.publish/reverse/org.apache.sling.distribution.packaging.impl.exporter.AgentDistributionPackageExporterFactory-reverse.json similarity index 100% rename from src/main/resources/SLING-CONTENT/libs/sling/distribution/install.publish/org.apache.sling.distribution.packaging.impl.exporter.AgentDistributionPackageExporterFactory-reverse.json rename to src/main/resources/SLING-CONTENT/libs/sling/distribution/install.publish/reverse/org.apache.sling.distribution.packaging.impl.exporter.AgentDistributionPackageExporterFactory-reverse.json diff --git a/src/main/resources/SLING-CONTENT/libs/sling/distribution/install/org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl.amended-distributionAgentService.json b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install/org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl.amended-distributionAgentService.json new file mode 100644 index 0000000..b03aab2 --- /dev/null +++ b/src/main/resources/SLING-CONTENT/libs/sling/distribution/install/org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl.amended-distributionAgentService.json @@ -0,0 +1,5 @@ +{ + "jcr:primaryType": "sling:OsgiConfig", + "user.default": "", + "user.mapping": "org.apache.sling.distribution.core:defaultAgentService=distribution-agent-user" +} diff --git a/src/main/resources/SLING-CONTENT/libs/sling/distribution/services.json b/src/main/resources/SLING-CONTENT/libs/sling/distribution/services.json new file mode 100644 index 0000000..68baa9c --- /dev/null +++ b/src/main/resources/SLING-CONTENT/libs/sling/distribution/services.json @@ -0,0 +1,3 @@ +{ + "jcr:primaryType": "sling:Folder" +} \ No newline at end of file diff --git a/src/main/resources/SLING-CONTENT/libs/sling/distribution/settings.json b/src/main/resources/SLING-CONTENT/libs/sling/distribution/settings.json new file mode 100644 index 0000000..68baa9c --- /dev/null +++ b/src/main/resources/SLING-CONTENT/libs/sling/distribution/settings.json @@ -0,0 +1,3 @@ +{ + "jcr:primaryType": "sling:Folder" +} \ No newline at end of file -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
