This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.jcr.repoinit-1.1.0 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-repoinit.git
commit b0edce3d00959f3858cd9c761f30bfea80fd4ffd Author: Carsten Ziegeler <[email protected]> AuthorDate: Mon Nov 7 15:13:32 2016 +0000 SLING-6219 : Move ACL handling into separate visitor git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/repoinit@1768529 13f79535-47bb-0310-9956-ffa450edef68 --- .../repoinit/impl/JcrRepoInitOpsProcessorImpl.java | 10 +- .../jcr/repoinit/impl/ServiceAndAclVisitor.java | 135 --------------------- .../sling/jcr/repoinit/impl/UserVisitor.java | 63 ++++++++++ 3 files changed, 69 insertions(+), 139 deletions(-) diff --git a/src/main/java/org/apache/sling/jcr/repoinit/impl/JcrRepoInitOpsProcessorImpl.java b/src/main/java/org/apache/sling/jcr/repoinit/impl/JcrRepoInitOpsProcessorImpl.java index bcf96b7..ca3aee0 100644 --- a/src/main/java/org/apache/sling/jcr/repoinit/impl/JcrRepoInitOpsProcessorImpl.java +++ b/src/main/java/org/apache/sling/jcr/repoinit/impl/JcrRepoInitOpsProcessorImpl.java @@ -30,18 +30,20 @@ import org.apache.sling.repoinit.parser.operations.OperationVisitor; @Component @Service(JcrRepoInitOpsProcessor.class) public class JcrRepoInitOpsProcessorImpl implements JcrRepoInitOpsProcessor { - + /** Apply the supplied operations: first the namespaces and nodetypes * registrations, then the service users, paths and ACLs. */ + @Override public void apply(Session session, List<Operation> ops) { - + final OperationVisitor [] visitors = { new NamespacesVisitor(session), new NodetypesVisitor(session), - new ServiceAndAclVisitor(session) + new UserVisitor(session), + new AclVisitor(session) }; - + for(OperationVisitor v : visitors) { for(Operation op : ops) { op.accept(v); diff --git a/src/main/java/org/apache/sling/jcr/repoinit/impl/ServiceAndAclVisitor.java b/src/main/java/org/apache/sling/jcr/repoinit/impl/ServiceAndAclVisitor.java deleted file mode 100644 index 35982b0..0000000 --- a/src/main/java/org/apache/sling/jcr/repoinit/impl/ServiceAndAclVisitor.java +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sling.jcr.repoinit.impl; - -import java.util.List; - -import javax.jcr.Node; -import javax.jcr.Session; - -import org.apache.sling.repoinit.parser.operations.AclLine; -import org.apache.sling.repoinit.parser.operations.CreatePath; -import org.apache.sling.repoinit.parser.operations.CreateServiceUser; -import org.apache.sling.repoinit.parser.operations.DeleteServiceUser; -import org.apache.sling.repoinit.parser.operations.PathSegmentDefinition; -import org.apache.sling.repoinit.parser.operations.SetAclPaths; -import org.apache.sling.repoinit.parser.operations.SetAclPrincipals; - -import static org.apache.sling.repoinit.parser.operations.AclLine.PROP_PATHS; -import static org.apache.sling.repoinit.parser.operations.AclLine.PROP_PRINCIPALS; -import static org.apache.sling.repoinit.parser.operations.AclLine.PROP_PRIVILEGES; - -/** OperationVisitor which processes only operations related to - * service users and ACLs. Having several such specialized visitors - * makes it easy to control the execution order. - */ -class ServiceAndAclVisitor extends DoNothingVisitor { - - /** Create a visitor using the supplied JCR Session. - * @param s must have sufficient rights to create users - * and set ACLs. - */ - public ServiceAndAclVisitor(Session s) { - super(s); - } - - @Override - public void visitCreateServiceUser(CreateServiceUser s) { - final String id = s.getUsername(); - try { - if(!ServiceUserUtil.serviceUserExists(session, id)) { - log.info("Creating service user {}", id); - ServiceUserUtil.createServiceUser(session, id); - } else { - log.info("Service user {} already exists, no changes made", id); - } - } catch(Exception e) { - report(e, "Unable to create service user [" + id + "]:" + e); - } - } - - @Override - public void visitDeleteServiceUser(DeleteServiceUser s) { - final String id = s.getUsername(); - log.info("Deleting service user {}", id); - try { - ServiceUserUtil.deleteServiceUser(session, id); - } catch(Exception e) { - report(e, "Unable to delete service user [" + id + "]:" + e); - } - } - - private List<String> require(AclLine line, String propertyName) { - final List<String> result = line.getProperty(propertyName); - if(result == null) { - throw new IllegalStateException("Missing property " + propertyName + " on " + line); - } - return result; - } - - private void setAcl(AclLine line, Session s, List<String> principals, List<String> paths, List<String> privileges, boolean isAllow) { - try { - log.info("Adding ACL '{}' entry '{}' for {} on {}", isAllow ? "allow" : "deny", privileges, principals, paths); - AclUtil.setAcl(s, principals, paths, privileges, isAllow); - } catch(Exception e) { - throw new RuntimeException("Failed to set ACL (" + e.toString() + ") " + line, e); - } - } - - @Override - public void visitSetAclPrincipal(SetAclPrincipals s) { - final List<String> principals = s.getPrincipals(); - for(AclLine line : s.getLines()) { - final boolean isAllow = line.getAction().equals(AclLine.Action.ALLOW); - setAcl(line, session, principals, require(line, PROP_PATHS), require(line, PROP_PRIVILEGES), isAllow); - } - } - - @Override - public void visitSetAclPaths(SetAclPaths s) { - final List<String> paths = s.getPaths(); - for(AclLine line : s.getLines()) { - final boolean isAllow = line.getAction().equals(AclLine.Action.ALLOW); - setAcl(line, session, require(line, PROP_PRINCIPALS), paths, require(line, PROP_PRIVILEGES), isAllow); - } - } - - @Override - public void visitCreatePath(CreatePath cp) { - String parentPath = ""; - for(PathSegmentDefinition psd : cp.getDefinitions()) { - final String fullPath = parentPath + "/" + psd.getSegment(); - try { - if(session.itemExists(fullPath)) { - log.info("Path already exists, nothing to do (and not checking its primary type for now): {}", fullPath); - } else { - final Node n = parentPath.equals("") ? session.getRootNode() : session.getNode(parentPath); - log.info("Creating node {} with primary type {}", fullPath, psd.getPrimaryType()); - n.addNode(psd.getSegment(), psd.getPrimaryType()); - } - } catch(Exception e) { - throw new RuntimeException("CreatePath execution failed at " + psd + ": " + e, e); - } - parentPath += "/" + psd.getSegment(); - } - try { - session.save(); - } catch(Exception e) { - throw new RuntimeException("Session.save failed: "+ e, e); - } - } -} diff --git a/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java b/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java new file mode 100644 index 0000000..494803d --- /dev/null +++ b/src/main/java/org/apache/sling/jcr/repoinit/impl/UserVisitor.java @@ -0,0 +1,63 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sling.jcr.repoinit.impl; + +import javax.jcr.Session; + +import org.apache.sling.repoinit.parser.operations.CreateServiceUser; +import org.apache.sling.repoinit.parser.operations.DeleteServiceUser; + +/** OperationVisitor which processes only operations related to + * service users and ACLs. Having several such specialized visitors + * makes it easy to control the execution order. + */ +class UserVisitor extends DoNothingVisitor { + + /** Create a visitor using the supplied JCR Session. + * @param s must have sufficient rights to create users + * and set ACLs. + */ + public UserVisitor(Session s) { + super(s); + } + + @Override + public void visitCreateServiceUser(CreateServiceUser s) { + final String id = s.getUsername(); + try { + if(!ServiceUserUtil.serviceUserExists(session, id)) { + log.info("Creating service user {}", id); + ServiceUserUtil.createServiceUser(session, id); + } else { + log.info("Service user {} already exists, no changes made", id); + } + } catch(Exception e) { + report(e, "Unable to create service user [" + id + "]:" + e); + } + } + + @Override + public void visitDeleteServiceUser(DeleteServiceUser s) { + final String id = s.getUsername(); + log.info("Deleting service user {}", id); + try { + ServiceUserUtil.deleteServiceUser(session, id); + } catch(Exception e) { + report(e, "Unable to delete service user [" + id + "]:" + e); + } + } +} -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
