This is an automated email from the ASF dual-hosted git repository.

cziegeler pushed a commit to branch SLING-9622
in repository 
https://gitbox.apache.org/repos/asf/sling-org-apache-sling-auth-core.git


The following commit(s) were added to refs/heads/SLING-9622 by this push:
     new e399e02  SLING-9622 : Handle mapping within auth.core bundle and 
update auth requirements when mapping changes
e399e02 is described below

commit e399e0249e5d6c4e64d5092d9963a1e4ddc2b607
Author: Carsten Ziegeler <[email protected]>
AuthorDate: Tue Aug 4 19:12:43 2020 +0200

    SLING-9622 : Handle mapping within auth.core bundle and update auth 
requirements when mapping changes
---
 .../impl/SlingAuthenticatorServiceListener.java    | 22 ++++++---
 .../SlingAuthenticatorServiceListenerTest.java     | 57 ++++++++++++++++++++++
 2 files changed, 73 insertions(+), 6 deletions(-)

diff --git 
a/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticatorServiceListener.java
 
b/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticatorServiceListener.java
index 6c24a8b..ca967f6 100644
--- 
a/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticatorServiceListener.java
+++ 
b/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticatorServiceListener.java
@@ -256,13 +256,23 @@ public class SlingAuthenticatorServiceListener implements 
AllServiceListener, Ev
 
     private Set<String> buildPathsSet(final ResourceMapper mapper, final 
String[] authReqPaths) {
         final Set<String> paths = new HashSet<>();
-        for(final String authReq : authReqPaths) {
-            if (authReq != null && authReq.length() > 0) {
-                paths.add(authReq);
+        for(String authReq : authReqPaths) {
+            if (authReq != null ) {
+                authReq = authReq.trim();
+                if ( authReq.length() > 0 ) {
+                    final String prefix;
+                    if ( authReq.startsWith("+") || authReq.startsWith("-") ) {
+                        prefix = authReq.substring(0, 1);
+                    } else {
+                        prefix = "+";
+                        authReq = prefix.concat(authReq);
+                    }
+                    paths.add(authReq);
 
-                if ( mapper != null ) {
-                    for(final String mappedPath : 
mapper.getAllMappings(authReq)) {
-                        paths.add(mappedPath);
+                    if ( mapper != null ) {
+                        for(final String mappedPath : 
mapper.getAllMappings(authReq.substring(1))) {
+                            paths.add(prefix.concat(mappedPath));
+                        }
                     }
                 }
             }
diff --git 
a/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorServiceListenerTest.java
 
b/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorServiceListenerTest.java
index 065f613..feffc93 100644
--- 
a/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorServiceListenerTest.java
+++ 
b/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorServiceListenerTest.java
@@ -44,7 +44,18 @@ public class SlingAuthenticatorServiceListenerTest {
     private void assertPaths(final 
PathBasedHolderCache<AuthenticationRequirementHolder> cache,
             final String[] paths,
             final ServiceReference<?>[] refs) {
+        assertPaths(cache, paths, refs, null);
+    }
+
+    private void assertPaths(final 
PathBasedHolderCache<AuthenticationRequirementHolder> cache,
+            final String[] paths,
+            final ServiceReference<?>[] refs,
+            final boolean[] requireAuth) {
         assertEquals(paths.length, refs.length);
+        if ( requireAuth != null ) {
+            assertEquals(paths.length, requireAuth.length);
+        }
+
         assertEquals(paths.length, cache.getHolders().size());
         for(final AuthenticationRequirementHolder h : cache.getHolders()) {
             boolean found = false;
@@ -52,6 +63,10 @@ public class SlingAuthenticatorServiceListenerTest {
             while ( !found && index < paths.length ) {
                 if (paths[index].equals(h.path) && 
refs[index].equals(h.serviceReference) ) {
                     found = true;
+
+                    if ( requireAuth != null ) {
+                        assertEquals(requireAuth[index], 
h.requiresAuthentication());
+                    }
                 } else {
                     index++;
                 }
@@ -247,4 +262,46 @@ public class SlingAuthenticatorServiceListenerTest {
 
         assertTrue(cache.getHolders().isEmpty());
     }
+
+    @Test public void testAllowDeny() throws LoginException {
+        final PathBasedHolderCache<AuthenticationRequirementHolder> cache = 
new PathBasedHolderCache<AuthenticationRequirementHolder>();
+        final BundleContext context = mock(BundleContext.class);
+
+        final SlingAuthenticatorServiceListener listener = 
SlingAuthenticatorServiceListener.createListener(context, callable -> 
callable.run(), createFactoryForMapper(null), cache);
+
+        final ServiceReference<?> ref = createServiceReference(new String[] 
{"-/path1", "+/path2", "/path3"});
+        listener.serviceChanged(new ServiceEvent(ServiceEvent.REGISTERED, 
ref));
+
+        assertPaths(cache, new String[] {"/path1", "/path2", "/path3"},
+                           new ServiceReference<?>[] {ref, ref, ref},
+                           new boolean[] {false, true, true});
+    }
+
+    @Test public void testAllowDenyWithMapping() throws LoginException {
+        final PathBasedHolderCache<AuthenticationRequirementHolder> cache = 
new PathBasedHolderCache<AuthenticationRequirementHolder>();
+        final BundleContext context = mock(BundleContext.class);
+
+        final ResourceMapper mapper = mock(ResourceMapper.class);
+        
when(mapper.getAllMappings("/path1")).thenReturn(Arrays.asList("/path1", 
"/path1a", "/path1b"));
+        
when(mapper.getAllMappings("/path2")).thenReturn(Arrays.asList("/path2", 
"/path2a", "/path2b"));
+        
when(mapper.getAllMappings("/path3")).thenReturn(Arrays.asList("/path3", 
"/path3a", "/path3b"));
+        final SlingAuthenticatorServiceListener listener = 
SlingAuthenticatorServiceListener.createListener(context, callable -> 
callable.run(), createFactoryForMapper(mapper), cache);
+
+        final ServiceReference<?> ref = createServiceReference(new String[] 
{"-/path1", "+/path2", "/path3"});
+        listener.serviceChanged(new ServiceEvent(ServiceEvent.REGISTERED, 
ref));
+
+        assertPaths(cache, new String[] {"/path1", "/path2", "/path3", 
"/path1a", "/path2a", "/path3a", "/path1b", "/path2b", "/path3b"},
+                           new ServiceReference<?>[] {ref, ref, ref, ref, ref, 
ref, ref, ref, ref},
+                           new boolean[] {false, true, true, false, true, 
true, false, true, true});
+
+        // update mapping
+        
when(mapper.getAllMappings("/path1")).thenReturn(Arrays.asList("/path1", 
"/path1c"));
+        
when(mapper.getAllMappings("/path2")).thenReturn(Arrays.asList("/path2", 
"/path2c"));
+        
when(mapper.getAllMappings("/path3")).thenReturn(Arrays.asList("/path3", 
"/path3c"));
+        listener.handleEvent(null);
+
+        assertPaths(cache, new String[] {"/path1", "/path2", "/path3", 
"/path1c", "/path2c", "/path3c"},
+                new ServiceReference<?>[] {ref, ref, ref, ref, ref, ref},
+                new boolean[] {false, true, true, false, true, true});
+    }
 }

Reply via email to