This is an automated email from the ASF dual-hosted git repository. fschumacher pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push: new 61e533f Re-use roles and groups defined on users on MemoryUserDatabase creation 61e533f is described below commit 61e533f322f33de6cb4c78e9116baff22b880021 Author: Felix Schumacher <fschumac...@apache.org> AuthorDate: Thu May 14 20:19:18 2020 +0200 Re-use roles and groups defined on users on MemoryUserDatabase creation When the XML file for MemoryUserDatabse is digested, the order of the elements was important. It had to be roles, groups and than users. With this patch the order of the elements is not important anymore. If a user element defined a role or group before the corresponding role or group element, we now will re-use that element and add a possibly missing description. Bugzilla Id: 64442 --- conf/tomcat-users.xsd | 12 ++++++------ .../org/apache/catalina/users/MemoryUserDatabase.java | 19 ++++++++++++++++--- webapps/docs/changelog.xml | 4 ++++ 3 files changed, 26 insertions(+), 9 deletions(-) diff --git a/conf/tomcat-users.xsd b/conf/tomcat-users.xsd index 948bd01..6a3446c 100644 --- a/conf/tomcat-users.xsd +++ b/conf/tomcat-users.xsd @@ -24,21 +24,21 @@ version="1.0"> <xs:element name="tomcat-users"> <xs:complexType> - <xs:sequence> - <xs:element name="role" minOccurs="0" maxOccurs="unbounded"> + <xs:choice minOccurs="0" maxOccurs="unbounded"> + <xs:element name="role"> <xs:complexType> <xs:attribute name="rolename" use="required" type="users:entityname" /> <xs:attribute name="description" type="xs:string" /> </xs:complexType> </xs:element> - <xs:element name="group" minOccurs="0" maxOccurs="unbounded"> + <xs:element name="group"> <xs:complexType> <xs:attribute name="groupname" use="required" type="users:entityname" /> <xs:attribute name="description" type="xs:string" /> <xs:attribute name="roles" type="xs:string" /> </xs:complexType> </xs:element> - <xs:element name="user" minOccurs="0" maxOccurs="unbounded"> + <xs:element name="user"> <xs:complexType> <xs:attribute name="username" use="required" type="users:entityname" /> <xs:attribute name="fullname" type="xs:string" /> @@ -47,7 +47,7 @@ <xs:attribute name="groups" type="xs:string" /> </xs:complexType> </xs:element> - </xs:sequence> + </xs:choice> <xs:attribute name="version" type="xs:string" /> </xs:complexType> </xs:element> @@ -56,4 +56,4 @@ <xs:minLength value="1"/> </xs:restriction> </xs:simpleType> -</xs:schema> \ No newline at end of file +</xs:schema> diff --git a/java/org/apache/catalina/users/MemoryUserDatabase.java b/java/org/apache/catalina/users/MemoryUserDatabase.java index 1f44202..efde670 100644 --- a/java/org/apache/catalina/users/MemoryUserDatabase.java +++ b/java/org/apache/catalina/users/MemoryUserDatabase.java @@ -751,7 +751,14 @@ class MemoryGroupCreationFactory extends AbstractObjectCreationFactory { } String description = attributes.getValue("description"); String roles = attributes.getValue("roles"); - Group group = database.createGroup(groupname, description); + Group group = database.findGroup(groupname); + if (group == null) { + group = database.createGroup(groupname, description); + } else { + if (group.getDescription() == null) { + group.setDescription(description); + } + } if (roles != null) { while (roles.length() > 0) { String rolename = null; @@ -796,8 +803,14 @@ class MemoryRoleCreationFactory extends AbstractObjectCreationFactory { rolename = attributes.getValue("name"); } String description = attributes.getValue("description"); - Role role = database.createRole(rolename, description); - return role; + Role existingRole = database.findRole(rolename); + if (existingRole == null) { + return database.createRole(rolename, description); + } + if (existingRole.getDescription() == null) { + existingRole.setDescription(description); + } + return existingRole; } private final MemoryUserDatabase database; diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 0ce02e6..cb81ea7 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -64,6 +64,10 @@ Implement a few rewrite SSL env that correspond to Servlet request attributes. (remm) </fix> + <update> + <bug>64442</bug>Be more flexible with respect to the ordering of groups, + roles and users in the <code>tomcat-users.xml</code> file. (fschumacher) + </update> </changelog> </subsection> <subsection name="Coyote"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org