This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.serviceusermapper-1.1.0 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-serviceusermapper.git
commit 3d65ad79c9ed6e186e6274565dd3e3318519f406 Author: Antonio Sanso <[email protected]> AuthorDate: Thu Feb 19 10:30:03 2015 +0000 SLING-3854 - Add configuration option to restrict service user mapper to system users git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/extensions/serviceusermapper@1660832 13f79535-47bb-0310-9956-ffa450edef68 --- .../serviceusermapping/ServiceUserValidator.java | 35 +++++++ .../impl/ServiceUserMapperImpl.java | 101 +++++++++++++++------ .../sling/serviceusermapping/package-info.java | 2 +- .../impl/ServiceUserMapperImplTest.java | 38 ++++++++ 4 files changed, 149 insertions(+), 27 deletions(-) diff --git a/src/main/java/org/apache/sling/serviceusermapping/ServiceUserValidator.java b/src/main/java/org/apache/sling/serviceusermapping/ServiceUserValidator.java new file mode 100644 index 0000000..7930582 --- /dev/null +++ b/src/main/java/org/apache/sling/serviceusermapping/ServiceUserValidator.java @@ -0,0 +1,35 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sling.serviceusermapping; + +import aQute.bnd.annotation.ConsumerType; + +/** + * The {@code ServiceUserValidator} allows to implement validation of configured + * service user mappings. + */ +@ConsumerType +public interface ServiceUserValidator { + + /** + * Validates the configured service user ID. + * + * @param serviceUserId The ID of the configured service user. + * @return {@code true} if the configured service user is valid; {@code false} otherwise. + */ + boolean isValid(String serviceUserId, String serviceName, String subServiceName); +} \ No newline at end of file diff --git a/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl.java b/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl.java index 02e22f6..914a642 100644 --- a/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl.java +++ b/src/main/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImpl.java @@ -23,6 +23,7 @@ import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Vector; import org.apache.felix.scr.annotations.Activate; import org.apache.felix.scr.annotations.Component; @@ -32,9 +33,11 @@ import org.apache.felix.scr.annotations.PropertyUnbounded; import org.apache.felix.scr.annotations.Reference; import org.apache.felix.scr.annotations.ReferenceCardinality; import org.apache.felix.scr.annotations.ReferencePolicy; +import org.apache.felix.scr.annotations.References; import org.apache.felix.scr.annotations.Service; import org.apache.sling.commons.osgi.PropertiesUtil; import org.apache.sling.serviceusermapping.ServiceUserMapper; +import org.apache.sling.serviceusermapping.ServiceUserValidator; import org.osgi.framework.Bundle; import org.osgi.framework.Constants; import org.slf4j.Logger; @@ -45,11 +48,18 @@ import org.slf4j.LoggerFactory; label = "Apache Sling Service User Mapper Service", description = "Configuration for the service mapping service names to names of users.") @Service(value=ServiceUserMapper.class) -@Reference(name="amendment", - referenceInterface=MappingConfigAmendment.class, - cardinality=ReferenceCardinality.OPTIONAL_MULTIPLE, - policy=ReferencePolicy.DYNAMIC, - updated="updateAmendment") +@References( { + @Reference(name="amendment", + referenceInterface=MappingConfigAmendment.class, + cardinality=ReferenceCardinality.OPTIONAL_MULTIPLE, + policy=ReferencePolicy.DYNAMIC, + updated="updateAmendment"), + @Reference(name = "serviceUserValidator ", referenceInterface = ServiceUserValidator.class, + bind = "bindServiceUserValidator", unbind = "unbindServiceUserValidator", + cardinality= ReferenceCardinality.OPTIONAL_MULTIPLE, policy= ReferencePolicy.DYNAMIC) + +}) + public class ServiceUserMapperImpl implements ServiceUserMapper { @Property( @@ -83,6 +93,8 @@ public class ServiceUserMapperImpl implements ServiceUserMapper { private Mapping[] activeMappings = new Mapping[0]; + private Vector <ServiceUserValidator> validators = new Vector<ServiceUserValidator>(); + @Activate @Modified void configure(final Map<String, Object> config) { @@ -96,7 +108,7 @@ public class ServiceUserMapperImpl implements ServiceUserMapper { final Mapping mapping = new Mapping(prop.trim()); mappings.add(mapping); } catch (final IllegalArgumentException iae) { - log.info("configure: Ignoring '{}': {}", prop, iae.getMessage()); + log.error("configure: Ignoring '{}': {}", prop, iae.getMessage()); } } } @@ -107,31 +119,32 @@ public class ServiceUserMapperImpl implements ServiceUserMapper { this.updateMappings(); } } + + /** + * bind the serviceUserValidator + * @param serviceUserValidator + * @param properties + */ + protected void bindServiceUserValidator(final ServiceUserValidator serviceUserValidator, final Map<String, Object> properties){ + validators.add(serviceUserValidator); + } + + /** + * unbind the serviceUserValidator + * @param serviceUserValidator + * @param properties + */ + protected void unbindServiceUserValidator(final ServiceUserValidator serviceUserValidator, final Map<String, Object> properties){ + validators.remove(serviceUserValidator); + } /** * @see org.apache.sling.serviceusermapping.ServiceUserMapper#getServiceUserID(org.osgi.framework.Bundle, java.lang.String) */ public String getServiceUserID(final Bundle bundle, final String subServiceName) { final String serviceName = bundle.getSymbolicName(); - - // try with serviceInfo first - for (Mapping mapping : this.activeMappings) { - final String user = mapping.map(serviceName, subServiceName); - if (user != null) { - return user; - } - } - - // second round without serviceInfo - for (Mapping mapping : this.activeMappings) { - final String user = mapping.map(serviceName, null); - if (user != null) { - return user; - } - } - - // finally, fall back to default user - return this.defaultUser; + final String userId = internalGetUserId(serviceName, subServiceName); + return isValidUser(userId, serviceName, subServiceName) ? userId : null; } protected void bindAmendment(final MappingConfigAmendment amendment, final Map<String, Object> props) { @@ -147,7 +160,7 @@ public class ServiceUserMapperImpl implements ServiceUserMapper { synchronized ( this.amendments ) { if ( amendments.remove(key) != null ) { this.updateMappings(); - }; + } } } @@ -174,5 +187,41 @@ public class ServiceUserMapperImpl implements ServiceUserMapper { } activeMappings = mappings.toArray(new Mapping[mappings.size()]); } + + private String internalGetUserId(String serviceName, String subServiceName) { + // try with serviceInfo first + for (Mapping mapping : this.activeMappings) { + final String userId = mapping.map(serviceName, subServiceName); + if (userId != null) { + return userId; + } + } + + // second round without serviceInfo + for (Mapping mapping : this.activeMappings) { + final String userId = mapping.map(serviceName, null); + if (userId != null) { + return userId; + } + } + + // finally, fall back to default user + return this.defaultUser; + } + + private boolean isValidUser(String userId, String serviceName, String subServiceName) { + if (userId == null) { + return false; + } + if (validators != null && validators.size() > 0) { + for (ServiceUserValidator validator : validators) { + boolean valid = validator.isValid(userId, serviceName, subServiceName); + if (!valid) { + return false; + } + } + } + return true; + } } diff --git a/src/main/java/org/apache/sling/serviceusermapping/package-info.java b/src/main/java/org/apache/sling/serviceusermapping/package-info.java index 3ebac13..c05c7ae 100644 --- a/src/main/java/org/apache/sling/serviceusermapping/package-info.java +++ b/src/main/java/org/apache/sling/serviceusermapping/package-info.java @@ -17,7 +17,7 @@ * under the License. */ -@Version("1.0") +@Version("1.1") @Export(optional = "provide:=true") package org.apache.sling.serviceusermapping; diff --git a/src/test/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImplTest.java b/src/test/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImplTest.java index 2a98a45..ca5ba7f 100644 --- a/src/test/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImplTest.java +++ b/src/test/java/org/apache/sling/serviceusermapping/impl/ServiceUserMapperImplTest.java @@ -25,6 +25,7 @@ import java.util.Map; import junit.framework.TestCase; import org.apache.sling.commons.testing.osgi.MockBundle; +import org.apache.sling.serviceusermapping.ServiceUserValidator; import org.junit.Test; import org.osgi.framework.Bundle; import org.osgi.framework.Constants; @@ -100,6 +101,43 @@ public class ServiceUserMapperImplTest { TestCase.assertEquals(SAMPLE_SUB, sum.getServiceUserID(BUNDLE1, SUB)); TestCase.assertEquals(ANOTHER_SUB, sum.getServiceUserID(BUNDLE2, SUB)); } + + @Test + public void test_getServiceUserID_WithServiceUserValidator() { + @SuppressWarnings("serial") + Map<String, Object> config = new HashMap<String, Object>() { + { + put("user.mapping", new String[] { + BUNDLE_SYMBOLIC1 + "=" + SAMPLE, // + BUNDLE_SYMBOLIC2 + "=" + ANOTHER, // + BUNDLE_SYMBOLIC1 + ":" + SUB + "=" + SAMPLE_SUB, // + BUNDLE_SYMBOLIC2 + ":" + SUB + "=" + ANOTHER_SUB // + }); + put("user.default", NONE); + } + }; + + final ServiceUserMapperImpl sum = new ServiceUserMapperImpl(); + sum.configure(config); + ServiceUserValidator serviceUserValidator = new ServiceUserValidator() { + + public boolean isValid(String serviceUserId, String serviceName, + String subServiceName) { + if (SAMPLE.equals(serviceUserId)) { + return false; + } + return true; + } + }; + sum.bindServiceUserValidator(serviceUserValidator, null); + + TestCase.assertEquals(null, sum.getServiceUserID(BUNDLE1, null)); + TestCase.assertEquals(ANOTHER, sum.getServiceUserID(BUNDLE2, null)); + TestCase.assertEquals(null, sum.getServiceUserID(BUNDLE1, "")); + TestCase.assertEquals(ANOTHER, sum.getServiceUserID(BUNDLE2, "")); + TestCase.assertEquals(SAMPLE_SUB, sum.getServiceUserID(BUNDLE1, SUB)); + TestCase.assertEquals(ANOTHER_SUB, sum.getServiceUserID(BUNDLE2, SUB)); + } @Test public void test_amendment() { -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
