This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.jcr.repoinit-1.0.0 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-repoinit.git
commit ae75f44616810c7f99022b83fbf2962746ace708 Author: Bertrand Delacretaz <[email protected]> AuthorDate: Mon Dec 21 09:49:23 2015 +0000 SLING-5355 - jcr module added, work in progress git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/acldef/jcr@1721113 13f79535-47bb-0310-9956-ffa450edef68 --- pom.xml | 128 +++++++++++++++++++++ .../sling/acldef/jcr/AclOperationVisitor.java | 82 +++++++++++++ .../apache/sling/acldef/jcr/ServiceUserUtil.java | 48 ++++++++ .../sling/acldef/jcr/CreateServiceUsersTest.java | 103 +++++++++++++++++ 4 files changed, 361 insertions(+) diff --git a/pom.xml b/pom.xml new file mode 100644 index 0000000..8845101 --- /dev/null +++ b/pom.xml @@ -0,0 +1,128 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + + <parent> + <groupId>org.apache.sling</groupId> + <artifactId>sling</artifactId> + <version>25</version> + <relativePath/> + </parent> + + <artifactId>org.apache.sling.acldef.jcr</artifactId> + <packaging>bundle</packaging> + <version>0.0.1-SNAPSHOT</version> + <name>Apache Sling ACL Definitions JCR module</name> + <description> + Applies ACLs to a JCR repository based on the output + of the ACL Definition Language parser. + </description> + + <scm> + <connection>scm:svn:https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/acldef-jcr</connection> + <developerConnection>scm:svn:https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/acldef-jcr</developerConnection> + <url>https://svn.apache.org/repos/asf/sling/trunk/contrib/extensions/acldef-jcr</url> + </scm> + + <build> + <plugins> + <plugin> + <groupId>org.apache.felix</groupId> + <artifactId>maven-scr-plugin</artifactId> + </plugin> + <plugin> + <groupId>org.apache.felix</groupId> + <artifactId>maven-bundle-plugin</artifactId> + <extensions>true</extensions> + </plugin> + </plugins> + </build> + + <dependencies> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-simple</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>javax.jcr</groupId> + <artifactId>jcr</artifactId> + <version>2.0</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.apache.jackrabbit</groupId> + <artifactId>jackrabbit-api</artifactId> + <version>2.11.3</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.apache.jackrabbit</groupId> + <artifactId>jackrabbit-jcr-commons</artifactId> + <version>2.2.9</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.apache.sling</groupId> + <artifactId>org.apache.sling.acldef.parser</artifactId> + <version>0.0.1-SNAPSHOT</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + </dependency> + <dependency> + <groupId>commons-io</groupId> + <artifactId>commons-io</artifactId> + <version>2.4</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.sling</groupId> + <artifactId>org.apache.sling.testing.osgi-mock</artifactId> + <version>1.6.0</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.sling</groupId> + <artifactId>org.apache.sling.testing.jcr-mock</artifactId> + <version>1.1.10</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.sling</groupId> + <artifactId>org.apache.sling.testing.sling-mock</artifactId> + <version>1.6.0</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.sling</groupId> + <artifactId>org.apache.sling.testing.sling-mock-oak</artifactId> + <version>1.0.1-SNAPSHOT</version> + <scope>test</scope> + </dependency> + </dependencies> +</project> diff --git a/src/main/java/org/apache/sling/acldef/jcr/AclOperationVisitor.java b/src/main/java/org/apache/sling/acldef/jcr/AclOperationVisitor.java new file mode 100644 index 0000000..48ff05e --- /dev/null +++ b/src/main/java/org/apache/sling/acldef/jcr/AclOperationVisitor.java @@ -0,0 +1,82 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sling.acldef.jcr; + +import javax.jcr.Session; + +import org.apache.sling.acldef.parser.operations.CreateServiceUser; +import org.apache.sling.acldef.parser.operations.DeleteServiceUser; +import org.apache.sling.acldef.parser.operations.OperationVisitor; +import org.apache.sling.acldef.parser.operations.SetAclPaths; +import org.apache.sling.acldef.parser.operations.SetAclPrincipals; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** Processes the Operations produced by the ACL + * definitions parser to create the users and + * set the ACLs defined by the parser input. + */ +public class AclOperationVisitor implements OperationVisitor { + + private final Logger log = LoggerFactory.getLogger(getClass()); + + private Session session; + + /** Create a visitor using the supplied JCR Session. + * @param s must have sufficient rights to create users + * and set ACLs. + */ + public AclOperationVisitor(Session s) { + session = s; + } + + private void report(Exception e, String message) { + throw new RuntimeException(message, e); + } + + @Override + public void visitCreateServiceUser(CreateServiceUser s) { + final String id = s.getUsername(); + log.info("Creating service user {}", id); + try { + ServiceUserUtil.createServiceUser(session, id); + } catch(Exception e) { + report(e, "Unable to create service user [" + id + "]:" + e); + } + } + + @Override + public void visitDeleteServiceUser(DeleteServiceUser s) { + final String id = s.getUsername(); + log.info("Deleting service user {}", id); + try { + ServiceUserUtil.deleteServiceUser(session, id); + } catch(Exception e) { + report(e, "Unable to delete service user [" + id + "]:" + e); + } + } + + @Override + public void visitSetAclPrincipal(SetAclPrincipals s) { + log.warn("TODO - set ACL for Principals"); + } + + @Override + public void visitSetAclPaths(SetAclPaths s) { + log.warn("TODO - set ACL for Paths"); + } +} diff --git a/src/main/java/org/apache/sling/acldef/jcr/ServiceUserUtil.java b/src/main/java/org/apache/sling/acldef/jcr/ServiceUserUtil.java new file mode 100644 index 0000000..265c7df --- /dev/null +++ b/src/main/java/org/apache/sling/acldef/jcr/ServiceUserUtil.java @@ -0,0 +1,48 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sling.acldef.jcr; + +import javax.jcr.RepositoryException; +import javax.jcr.Session; + +import org.apache.jackrabbit.api.JackrabbitSession; +import org.apache.jackrabbit.api.security.user.Authorizable; +import org.apache.jackrabbit.api.security.user.UserManager; + +/** Utilities for Service Users management */ +public class ServiceUserUtil { + + public static UserManager getUserManager(Session session) throws RepositoryException { + if(!(session instanceof JackrabbitSession)) { + throw new IllegalArgumentException("Session is not a JackrabbitSession"); + } + return ((JackrabbitSession)session).getUserManager(); + } + + public static void createServiceUser(Session s, String username) throws RepositoryException { + getUserManager(s).createSystemUser(username, null); + } + + public static void deleteServiceUser(Session s, String username) throws RepositoryException { + final Authorizable a = getUserManager(s).getAuthorizable(username); + if(a == null) { + throw new IllegalStateException("Authorizable not found:" + username); + } + a.remove(); + } + +} diff --git a/src/test/java/org/apache/sling/acldef/jcr/CreateServiceUsersTest.java b/src/test/java/org/apache/sling/acldef/jcr/CreateServiceUsersTest.java new file mode 100644 index 0000000..46a7334 --- /dev/null +++ b/src/test/java/org/apache/sling/acldef/jcr/CreateServiceUsersTest.java @@ -0,0 +1,103 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sling.acldef.jcr; + +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; + +import java.io.Reader; +import java.io.StringReader; +import java.util.List; +import java.util.concurrent.atomic.AtomicLong; + +import javax.jcr.RepositoryException; +import javax.jcr.Session; + +import org.apache.commons.io.IOUtils; +import org.apache.jackrabbit.api.security.user.Authorizable; +import org.apache.jackrabbit.api.security.user.User; +import org.apache.jackrabbit.api.security.user.UserManager; +import org.apache.sling.acldef.parser.ACLDefinitions; +import org.apache.sling.acldef.parser.ParseException; +import org.apache.sling.acldef.parser.operations.Operation; +import org.apache.sling.testing.mock.sling.ResourceResolverType; +import org.apache.sling.testing.mock.sling.junit.SlingContext; +import org.junit.After; +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; + +/** Test the creation and delete of service users */ +public class CreateServiceUsersTest { + + @Rule + public final SlingContext context = new SlingContext(ResourceResolverType.JCR_OAK); + + private Session session; + private UserManager userManager; + private AtomicLong counter = new AtomicLong(System.currentTimeMillis()); + private long id; + + private List<Operation> parse(String input) throws ParseException { + final Reader r = new StringReader(input); + try { + return new ACLDefinitions(r).parse(); + } finally { + IOUtils.closeQuietly(r); + } + } + + @Before + public void setup() throws RepositoryException { + session = context.resourceResolver().adaptTo(Session.class); + userManager = ServiceUserUtil.getUserManager(session); + id = counter.incrementAndGet(); + } + + @After + public void cleanup() { + session.logout(); + } + + private void assertServiceUser(String info, String id, boolean expectToExist) throws RepositoryException { + final Authorizable a = userManager.getAuthorizable(id); + if(!expectToExist) { + assertNull(info + ", expecting Principal to be absent:" + id, a); + } else { + assertNotNull(info + ", expecting Principal to exist:" + id, a); + final User u = (User)a; + assertNotNull(info + ", expecting Principal to be a System user:" + id, u.isSystemUser()); + } + } + + private void exec(String input) throws ParseException { + final AclOperationVisitor v = new AclOperationVisitor(session); + for(Operation o : parse(input)) { + o.accept(v); + } + } + + @Test + public void createDeleteTest() throws Exception { + final String userId = "bob_" + id; + assertServiceUser("at start of test", userId, false); + exec("create service user " + userId); + assertServiceUser("affter creating user", userId, true); + exec("delete service user " + userId); + assertServiceUser("after deleting user", userId, false); + } +} -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
