This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.jcr.repoinit-1.1.0 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-repoinit.git
commit 697158d1cfead819aea9a58572b0b95810f50a33 Author: Oliver Lietz <[email protected]> AuthorDate: Fri Oct 21 15:57:37 2016 +0000 SLING-6171 Unable to set up ACLs for the 'everyone' principal git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/repoinit@1766056 13f79535-47bb-0310-9956-ffa450edef68 --- .../apache/sling/jcr/repoinit/impl/AclUtil.java | 22 +++++----- .../apache/sling/jcr/repoinit/EveryoneTest.java | 49 ++++++++++++++++++++++ 2 files changed, 59 insertions(+), 12 deletions(-) diff --git a/src/main/java/org/apache/sling/jcr/repoinit/impl/AclUtil.java b/src/main/java/org/apache/sling/jcr/repoinit/impl/AclUtil.java index e0828f8..43b9445 100644 --- a/src/main/java/org/apache/sling/jcr/repoinit/impl/AclUtil.java +++ b/src/main/java/org/apache/sling/jcr/repoinit/impl/AclUtil.java @@ -28,7 +28,6 @@ import javax.jcr.security.Privilege; import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager; -import org.apache.jackrabbit.api.security.user.Authorizable; import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils; /** Utilities for ACL management */ @@ -38,31 +37,30 @@ public class AclUtil { final AccessControlManager acm = s.getAccessControlManager(); if(!(acm instanceof JackrabbitAccessControlManager)) { throw new IllegalStateException( - "AccessControlManager is not a JackrabbitAccessControlManager:" + "AccessControlManager is not a JackrabbitAccessControlManager:" + acm.getClass().getName()); } return (JackrabbitAccessControlManager) acm; } - - public static void setAcl(Session s, List<String> principals, List<String> paths, List<String> privileges, boolean isAllow) + + public static void setAcl(Session s, List<String> principals, List<String> paths, List<String> privileges, boolean isAllow) throws UnsupportedRepositoryOperationException, RepositoryException { - + final String [] privArray = privileges.toArray(new String[privileges.size()]); final Privilege[] jcrPriv = AccessControlUtils.privilegesFromNames(s, privArray); - + for(String path : paths) { if(!s.nodeExists(path)) { throw new PathNotFoundException("Cannot set ACL on non-existent path " + path); } JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(s, path); - for(String principal : principals) { - final Authorizable a = ServiceUserUtil.getAuthorizable(s, principal); - if(a == null) { - throw new IllegalStateException("Principal not found:" + principal); + for (String name : principals) { + final Principal principal = AccessControlUtils.getPrincipal(s, name); + if (principal == null) { + throw new IllegalStateException("Principal not found: " + name); } - final Principal p = a.getPrincipal(); - acl.addEntry(p, jcrPriv, isAllow); + acl.addEntry(principal, jcrPriv, isAllow); } getJACM(s).setPolicy(path, acl); } diff --git a/src/test/java/org/apache/sling/jcr/repoinit/EveryoneTest.java b/src/test/java/org/apache/sling/jcr/repoinit/EveryoneTest.java new file mode 100644 index 0000000..8ca3fd8 --- /dev/null +++ b/src/test/java/org/apache/sling/jcr/repoinit/EveryoneTest.java @@ -0,0 +1,49 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sling.jcr.repoinit; + +import javax.jcr.RepositoryException; + +import org.apache.sling.jcr.repoinit.impl.TestUtil; +import org.apache.sling.repoinit.parser.RepoInitParsingException; +import org.apache.sling.testing.mock.sling.ResourceResolverType; +import org.apache.sling.testing.mock.sling.junit.SlingContext; +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; + +public class EveryoneTest { + + @Rule + public final SlingContext context = new SlingContext(ResourceResolverType.JCR_OAK); + + private TestUtil testUtil; + + @Before + public void setup() throws Exception { + final String statement = "create path (sling:Folder) /content"; + testUtil = new TestUtil(context); + testUtil.parseAndExecute(statement); + } + + @Test + public void setAclForEveryone() throws RepositoryException, RepoInitParsingException { + final String statement = "set ACL for everyone\n allow jcr:read on /content\nend"; + testUtil.parseAndExecute(statement); + } + +} -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
