This is an automated email from the ASF dual-hosted git repository. angela pushed a commit to branch SLING-10785 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-feature-cpconverter.git
commit 9e68d72fd1a7e4237ed2eb4e1cafa4224366e75c Author: angela <[email protected]> AuthorDate: Thu Sep 2 14:30:00 2021 +0200 SLING-10785 : AclManager.addAcl adds an entry not an access control list --- .../cpconverter/accesscontrol/AclManager.java | 2 +- .../accesscontrol/DefaultAclManager.java | 2 +- .../handlers/RepPolicyEntryHandler.java | 2 +- .../handlers/RepPrincipalPolicyEntryHandler.java | 2 +- .../cpconverter/accesscontrol/AclManagerTest.java | 26 +++++++++++----------- .../accesscontrol/EnforcePrincipalBasedTest.java | 4 ++-- 6 files changed, 19 insertions(+), 19 deletions(-) diff --git a/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManager.java b/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManager.java index fc4cefd..0879d6a 100644 --- a/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManager.java +++ b/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManager.java @@ -39,7 +39,7 @@ public interface AclManager { void addMapping(@NotNull Mapping mapping); - boolean addAcl(@NotNull String systemUser, @NotNull AccessControlEntry acl); + boolean addAccessControlEntry(@NotNull String systemUser, @NotNull AccessControlEntry acl); void addRepoinitExtension(@NotNull List<VaultPackageAssembler> packageAssemblers, @NotNull FeaturesManager featureManager) throws IOException, ConverterException; diff --git a/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/DefaultAclManager.java b/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/DefaultAclManager.java index 89ffe92..620da26 100644 --- a/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/DefaultAclManager.java +++ b/src/main/java/org/apache/sling/feature/cpconverter/accesscontrol/DefaultAclManager.java @@ -144,7 +144,7 @@ public class DefaultAclManager implements AclManager, EnforceInfo { } @Override - public boolean addAcl(@NotNull String systemUser, @NotNull AccessControlEntry acl) { + public boolean addAccessControlEntry(@NotNull String systemUser, @NotNull AccessControlEntry acl) { if (getSystemUser(systemUser).isPresent()) { acls.computeIfAbsent(systemUser, k -> new LinkedList<>()).add(acl); return true; diff --git a/src/main/java/org/apache/sling/feature/cpconverter/handlers/RepPolicyEntryHandler.java b/src/main/java/org/apache/sling/feature/cpconverter/handlers/RepPolicyEntryHandler.java index 69ef44f..c61cf4b 100644 --- a/src/main/java/org/apache/sling/feature/cpconverter/handlers/RepPolicyEntryHandler.java +++ b/src/main/java/org/apache/sling/feature/cpconverter/handlers/RepPolicyEntryHandler.java @@ -77,7 +77,7 @@ public class RepPolicyEntryHandler extends AbstractPolicyEntryHandler { // handle restrictions added in jr2 format (i.e. not located below rep:restrictions node) addRestrictions(ace, attributes); - processCurrentAce = aclManager.addAcl(principalName, ace); + processCurrentAce = aclManager.addAccessControlEntry(principalName, ace); if (processCurrentAce) { entries.add(ace); } else { diff --git a/src/main/java/org/apache/sling/feature/cpconverter/handlers/RepPrincipalPolicyEntryHandler.java b/src/main/java/org/apache/sling/feature/cpconverter/handlers/RepPrincipalPolicyEntryHandler.java index 3881074..a5b2575 100644 --- a/src/main/java/org/apache/sling/feature/cpconverter/handlers/RepPrincipalPolicyEntryHandler.java +++ b/src/main/java/org/apache/sling/feature/cpconverter/handlers/RepPrincipalPolicyEntryHandler.java @@ -85,7 +85,7 @@ public final class RepPrincipalPolicyEntryHandler extends AbstractPolicyEntryHan AccessControlEntry ace = new AccessControlEntry(true, privileges, effectivePath, true); // NOTE: nt-definition doesn't allow for jr2-type restrictions defined right below the entry. // instead always requires rep:restrictions child node - processCurrentAce = aclManager.addAcl(principalName, ace); + processCurrentAce = aclManager.addAccessControlEntry(principalName, ace); if (processCurrentAce) { aces.add(ace); } else { diff --git a/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManagerTest.java b/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManagerTest.java index 36acca2..0479571 100644 --- a/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManagerTest.java +++ b/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/AclManagerTest.java @@ -79,8 +79,8 @@ public class AclManagerTest { public void makeSureAclsAreCreatedOnlyoutsideSytemUsersPaths() throws Exception { aclManager.addSystemUser(new SystemUser("acs-commons-package-replication-status-event-service", new RepoPath("/home/users/system/foo"), new RepoPath("/home/users/system"))); - aclManager.addAcl("acs-commons-package-replication-status-event-service", newAcl(true, "jcr:read,rep:write,rep:indexDefinitionManagement", "/_sling_tests/not/system/user/path")); - aclManager.addAcl("acs-commons-package-replication-status-event-service", newAcl(true, "jcr:read,crx:replicate,jcr:removeNode", "/home/users/system")); + aclManager.addAccessControlEntry("acs-commons-package-replication-status-event-service", newAccessControlEntry(true, "jcr:read,rep:write,rep:indexDefinitionManagement", "/_sling_tests/not/system/user/path")); + aclManager.addAccessControlEntry("acs-commons-package-replication-status-event-service", newAccessControlEntry(true, "jcr:read,crx:replicate,jcr:removeNode", "/home/users/system")); VaultPackageAssembler assembler = mock(VaultPackageAssembler.class); when(assembler.getEntry(anyString())).thenReturn(tempDir.toFile()); @@ -123,7 +123,7 @@ public class AclManagerTest { aclManager.reset(); aclManager.addSystemUser(new SystemUser("acs-commons-package-replication-status-event-service", new RepoPath("/home/users/system/foo"), new RepoPath("/home/users/system"))); - aclManager.addAcl("acs-commons-package-replication-status-event-service", newAcl(true, "jcr:read,rep:write,rep:indexDefinitionManagement", "/_sling_tests/not/system/user/path")); + aclManager.addAccessControlEntry("acs-commons-package-replication-status-event-service", newAccessControlEntry(true, "jcr:read,rep:write,rep:indexDefinitionManagement", "/_sling_tests/not/system/user/path")); VaultPackageAssembler assembler = mock(VaultPackageAssembler.class); when(assembler.getEntry(anyString())).thenReturn(tempDir.toFile()); @@ -158,7 +158,7 @@ public class AclManagerTest { @Test public void testAddACLforUnknownUser() throws Exception { // we expect this acl to not show up because the user is unknown - aclManager.addAcl("acs-commons-on-deploy-scripts-service", newAcl(true, "jcr:read,crx:replicate,jcr:removeNode", "/home/users/system")); + aclManager.addAccessControlEntry("acs-commons-on-deploy-scripts-service", newAccessControlEntry(true, "jcr:read,crx:replicate,jcr:removeNode", "/home/users/system")); VaultPackageAssembler assembler = mock(VaultPackageAssembler.class); when(assembler.getEntry(anyString())).thenReturn(new File(System.getProperty("java.io.tmpdir"))); @@ -177,8 +177,8 @@ public class AclManagerTest { @Test public void pathWithSpecialCharactersTest() throws Exception { aclManager.addSystemUser(new SystemUser("sys-usr", new RepoPath("/home/users/system/foo"), new RepoPath("/home/users/system"))); - aclManager.addAcl("sys-usr", newAcl(true, "jcr:read", "/content/_cq_tags")); - aclManager.addAcl("sys-usr", newAcl(true, "jcr:write", "/content/cq:tags")); + aclManager.addAccessControlEntry("sys-usr", newAccessControlEntry(true, "jcr:read", "/content/_cq_tags")); + aclManager.addAccessControlEntry("sys-usr", newAccessControlEntry(true, "jcr:write", "/content/cq:tags")); VaultPackageAssembler assembler = mock(VaultPackageAssembler.class); when(assembler.getEntry(anyString())).thenReturn(new File(System.getProperty("java.io.tmpdir"))); Feature feature = new Feature(new ArtifactId("org.apache.sling", "org.apache.sling.cp2fm", "0.0.1", null, null)); @@ -212,7 +212,7 @@ public class AclManagerTest { aclManager.addSystemUser(new SystemUser("sys-usr", new RepoPath("/home/users/system/foo"), new RepoPath("/home/users/system"))); aclManager.addGroup(new Group("test", new RepoPath("/home/groups/test"), new RepoPath("/home/groups/test"))); - aclManager.addAcl("sys-usr", newAcl(true, "jcr:read", "/home/groups/test")); + aclManager.addAccessControlEntry("sys-usr", newAccessControlEntry(true, "jcr:read", "/home/groups/test")); VaultPackageAssembler assembler = mock(VaultPackageAssembler.class); when(assembler.getEntry(anyString())).thenReturn(new File(System.getProperty("java.io.tmpdir"))); Feature feature = new Feature(new ArtifactId("org.apache.sling", "org.apache.sling.cp2fm", "0.0.1", null, null)); @@ -230,7 +230,7 @@ public class AclManagerTest { aclManager.addSystemUser(new SystemUser("sys-usr", new RepoPath("/home/users/system/foo"), new RepoPath("/home/users/system"))); aclManager.addGroup(new Group("test", new RepoPath("/home/groups/test"), new RepoPath("/home/groups/test"))); - aclManager.addAcl("sys-usr", newAcl(true, "jcr:read", "/content/test")); + aclManager.addAccessControlEntry("sys-usr", newAccessControlEntry(true, "jcr:read", "/content/test")); VaultPackageAssembler assembler = mock(VaultPackageAssembler.class); when(assembler.getEntry(anyString())).thenReturn(new File(System.getProperty("java.io.tmpdir"))); Feature feature = new Feature(new ArtifactId("org.apache.sling", "org.apache.sling.cp2fm", "0.0.1", null, null)); @@ -260,7 +260,7 @@ public class AclManagerTest { aclManager.addSystemUser(new SystemUser("sys-usr", new RepoPath("/home/users/system/foo"), new RepoPath("/home/users/system"))); aclManager.addGroup(new Group("test", new RepoPath("/home/groups/test"), new RepoPath("/home/groups/test"))); - aclManager.addAcl("sys-usr", newAcl(true, "jcr:read", "/home/groups/test/foo")); + aclManager.addAccessControlEntry("sys-usr", newAccessControlEntry(true, "jcr:read", "/home/groups/test/foo")); VaultPackageAssembler assembler = mock(VaultPackageAssembler.class); when(assembler.getEntry(anyString())).thenReturn(new File(System.getProperty("java.io.tmpdir"))); Feature feature = new Feature(new ArtifactId("org.apache.sling", "org.apache.sling.cp2fm", "0.0.1", null, null)); @@ -275,7 +275,7 @@ public class AclManagerTest { aclManager.addSystemUser(new SystemUser("sys-usr", new RepoPath("/home/users/system/foo"), new RepoPath("/home/users/system"))); aclManager.addUser(new User("test", new RepoPath("/home/users/test"), new RepoPath("/home/users/test"))); - aclManager.addAcl("sys-usr", newAcl(true, "jcr:read", "/home/users/test/foo")); + aclManager.addAccessControlEntry("sys-usr", newAccessControlEntry(true, "jcr:read", "/home/users/test/foo")); VaultPackageAssembler assembler = mock(VaultPackageAssembler.class); when(assembler.getEntry(anyString())).thenReturn(new File(System.getProperty("java.io.tmpdir"))); Feature feature = new Feature(new ArtifactId("org.apache.sling", "org.apache.sling.cp2fm", "0.0.1", null, null)); @@ -290,7 +290,7 @@ public class AclManagerTest { aclManager.addSystemUser(new SystemUser("sys-usr", new RepoPath("/home/users/system/foo"), new RepoPath("/home/users/system"))); aclManager.addUser(new User("test", new RepoPath("/home/users/test"), new RepoPath("/home/users/test"))); - aclManager.addAcl("sys-usr", newAcl(true, "jcr:read", "/content/test")); + aclManager.addAccessControlEntry("sys-usr", newAccessControlEntry(true, "jcr:read", "/content/test")); VaultPackageAssembler assembler = mock(VaultPackageAssembler.class); when(assembler.getEntry(anyString())).thenReturn(new File(System.getProperty("java.io.tmpdir"))); Feature feature = new Feature(new ArtifactId("org.apache.sling", "org.apache.sling.cp2fm", "0.0.1", null, null)); @@ -319,7 +319,7 @@ public class AclManagerTest { aclManager.addSystemUser(new SystemUser("sys-usr", new RepoPath("/home/users/system/foo"), new RepoPath("/home/users/system"))); aclManager.addUser(new User("test", new RepoPath("/home/users/test"), new RepoPath("/home/users/test"))); - aclManager.addAcl("sys-usr", newAcl(true, "jcr:read", "/home/users/notMatching")); + aclManager.addAccessControlEntry("sys-usr", newAccessControlEntry(true, "jcr:read", "/home/users/notMatching")); VaultPackageAssembler assembler = mock(VaultPackageAssembler.class); when(assembler.getEntry(anyString())).thenReturn(new File(System.getProperty("java.io.tmpdir"))); Feature feature = new Feature(new ArtifactId("org.apache.sling", "org.apache.sling.cp2fm", "0.0.1", null, null)); @@ -375,7 +375,7 @@ public class AclManagerTest { verifyNoInteractions(fm); } - private static AccessControlEntry newAcl(boolean isAllow, String privileges, String path) { + private static AccessControlEntry newAccessControlEntry(boolean isAllow, String privileges, String path) { return new AccessControlEntry(isAllow, Arrays.asList(privileges.split(",")), new RepoPath(PlatformNameFormat.getRepositoryPath(path))); } diff --git a/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/EnforcePrincipalBasedTest.java b/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/EnforcePrincipalBasedTest.java index 026eaba..67be3f2 100644 --- a/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/EnforcePrincipalBasedTest.java +++ b/src/test/java/org/apache/sling/feature/cpconverter/accesscontrol/EnforcePrincipalBasedTest.java @@ -314,8 +314,8 @@ public class EnforcePrincipalBasedTest { private Extension getRepoInitExtension(@NotNull AclManager aclManager, @NotNull RepoPath accessControlledPath, @NotNull SystemUser systemUser, boolean isPrincipalBased) throws Exception { aclManager.addSystemUser(systemUser); - AccessControlEntry acl = new AccessControlEntry(true, Collections.singletonList("jcr:read"), accessControlledPath, isPrincipalBased); - aclManager.addAcl(systemUser.getId(), acl); + AccessControlEntry ace = new AccessControlEntry(true, Collections.singletonList("jcr:read"), accessControlledPath, isPrincipalBased); + aclManager.addAccessControlEntry(systemUser.getId(), ace); aclManager.addRepoinitExtension(Collections.singletonList(assembler), fm);
