[sling-org-apache-sling-feature-cpconverter] branch master updated: SLING-10081: adjust generated repo-init statements for service user creation to be with forced path. (#59)

[pauls]

This is an automated email from the ASF dual-hosted git repository.

pauls pushed a commit to branch master
in repository 
https://gitbox.apache.org/repos/asf/sling-org-apache-sling-feature-cpconverter.git


The following commit(s) were added to refs/heads/master by this push:
     new 7b12222  SLING-10081: adjust generated repo-init statements for 
service user creation to be with forced path. (#59)
7b12222 is described below

commit 7b12222b8a07dd17263a48ed2ef995cba85433d5
Author: Karl Pauls <pa...@apache.org>
AuthorDate: Fri Jan 29 15:54:29 2021 +0100

    SLING-10081: adjust generated repo-init statements for service user 
creation to be with forced path. (#59)
---
 pom.xml                                                           | 2 +-
 .../feature/cpconverter/accesscontrol/DefaultAclManager.java      | 4 +++-
 .../cpconverter/accesscontrol/EnforcePrincipalBasedTest.java      | 8 ++++----
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/pom.xml b/pom.xml
index 735da3a..a47161c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -244,7 +244,7 @@
     <dependency>
       <groupId>org.apache.sling</groupId>
       <artifactId>org.apache.sling.repoinit.parser</artifactId>
-      <version>1.6.2</version>
+      <version>1.6.3-SNAPSHOT</version>
       <scope>test</scope>
     </dependency>
   </dependencies>
diff --git 
a/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/DefaultAclManager.java
 
b/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/DefaultAclManager.java
index 456e884..fc252ec 100644
--- 
a/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/DefaultAclManager.java
+++ 
b/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/DefaultAclManager.java
@@ -152,7 +152,9 @@ public class DefaultAclManager implements AclManager {
     private void addUsersAndGroups(@NotNull Formatter formatter) {
         for (SystemUser systemUser : systemUsers) {
             // make sure all system users are created first
-            formatter.format("create service user %s with path %s%n", 
systemUser.getId(), calculateIntermediatePath(systemUser));
+            String forced = (enforcePrincipalBased(systemUser) ? "forced " : 
"");
+            formatter.format("create service user %s with %spath %s%n", 
systemUser.getId(), forced, calculateIntermediatePath(systemUser));
+
             if (aclIsBelow(systemUser.getPath())) {
                 throw new IllegalStateException("Detected policy on subpath of 
system-user: " + systemUser);
             }
diff --git 
a/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/EnforcePrincipalBasedTest.java
 
b/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/EnforcePrincipalBasedTest.java
index 13955dc..091e604 100644
--- 
a/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/EnforcePrincipalBasedTest.java
+++ 
b/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/EnforcePrincipalBasedTest.java
@@ -126,7 +126,7 @@ public class EnforcePrincipalBasedTest {
         Extension repoinitExtension = getRepoInitExtension(aclManager, 
accessControlledPath, systemUser, false);
 
         String expected =
-                "create service user user1 with path " + 
remappedIntermediatePath + System.lineSeparator() +
+                "create service user user1 with forced path " + 
remappedIntermediatePath + System.lineSeparator() +
                 "set principal ACL for user1" + System.lineSeparator() +
                 "allow jcr:read on /content/feature" + System.lineSeparator() +
                 "end" + System.lineSeparator();
@@ -145,7 +145,7 @@ public class EnforcePrincipalBasedTest {
         Extension repoinitExtension = getRepoInitExtension(aclManager, 
accessControlledPath, systemUser, true);
 
         String expected =
-                "create service user user1 with path " + 
remappedIntermediatePath + System.lineSeparator() +
+                "create service user user1 with forced path " + 
remappedIntermediatePath + System.lineSeparator() +
                         "set principal ACL for user1" + System.lineSeparator() 
+
                         "allow jcr:read on /content/feature" + 
System.lineSeparator() +
                         "end" + System.lineSeparator();
@@ -164,7 +164,7 @@ public class EnforcePrincipalBasedTest {
         Extension repoinitExtension = getRepoInitExtension(aclManager, 
accessControlledPath, systemUser, true);
 
         String expected =
-                "create service user user1 with path " + 
remappedIntermediatePath + System.lineSeparator() +
+                "create service user user1 with forced path " + 
remappedIntermediatePath + System.lineSeparator() +
                 "set principal ACL for user1" + System.lineSeparator() +
                 "allow jcr:read on home(user1)" + System.lineSeparator() +
                 "end" + System.lineSeparator();
@@ -202,7 +202,7 @@ public class EnforcePrincipalBasedTest {
         Extension repoinitExtension = getRepoInitExtension(aclManager, 
accessControlledPath, systemUser, false);
 
         String expected =
-                "create service user user1 with path " + 
remappedIntermediatePath + System.lineSeparator() +
+                "create service user user1 with forced path " + 
remappedIntermediatePath + System.lineSeparator() +
                 "set principal ACL for user1" + System.lineSeparator() +
                 "allow jcr:read on /content/feature" + System.lineSeparator() +
                 "end" + System.lineSeparator();