Author: baedke
Date: Thu Dec  1 16:23:42 2016
New Revision: 1772235

URL: http://svn.apache.org/viewvc?rev=1772235&view=rev
Log:
OAK-4930: External Principal Management:  DynamicSyncContext makes redundant 
calls to IdentityProvider.getIdentity()

Partially reverting c1764700 which incorrectly uses an external identifier as a 
principal name (see OAK-5200).

Modified:
    jackrabbit/oak/branches/1.4/   (props changed)
    
jackrabbit/oak/branches/1.4/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DynamicSyncContext.java

Propchange: jackrabbit/oak/branches/1.4/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Dec  1 16:23:42 2016
@@ -1,3 +1,3 @@
 /jackrabbit/oak/branches/1.0:1665962
-/jackrabbit/oak/trunk:1733615,1733875,1733913,1733929,1734230,1734254,1734279,1734941,1735052,1735081,1735109,1735141,1735267,1735405,1735484,1735549,1735564,1735588,1735622,1735638,1735919,1735983,1736176,1737309-1737310,1737334,1737349,1737998,1738004,1738136,1738138,1738207,1738234,1738252,1738775,1738795,1738833,1738950,1738957,1738963,1739712,1739760,1739867,1739894,1739959-1739960,1740114,1740116,1740250,1740333,1740349,1740360,1740625-1740626,1740774,1740837,1740879,1740971,1741016,1741032,1741339,1741343,1742077,1742117,1742125,1742363,1742520,1742888,1742916,1743097,1743172,1743343,1743674,1744265,1744292,1744589,1744670,1744672,1744959,1745038,1745127,1745197,1745336,1745368,1746086,1746117,1746342,1746345,1746408,1746696,1746981,1747198,1747200,1747341-1747342,1747380,1747387,1747406,1747492,1747512,1747654,1748505,1748553,1748722,1748870,1749275,1749350,1749424,1749443,1749464,1749475,1749645,1749662,1749815,1749872,1749875,1749899,1750052,1750076-1750077,1750287,1750457
 
,1750462,1750465,1750495,1750626,1750809,1750886,1751410,1751445-1751446,1751478,1751753,1751755,1751871,1752198,1752202,1752259,1752273-1752274,1752283,1752292,1752438,1752447-1752448,1752508,1752596,1752616,1752659,1752672,1753262,1753331-1753332,1753335-1753336,1753355,1753444,1754117,1754239,1755157,1755191,1756520,1756580,1757119,1757166,1758213,1758713,1759433,1759795,1759826,1760326,1760340,1760373,1760387,1760486,1760492,1760494,1760661-1760662,1761412,1761444,1761571,1761762,1761787,1761876,1762453,1762612,1762632,1762635,1763347,1763355-1763356,1763378,1763465,1763735,1764678,1764705,1764814,1764898,1765817,1765983,1766071,1766423,1766496,1766519,1766554,1766644,1767265,1768446,1768637,1770982,1771022,1771093,1771098,1771739,1771852,1771870,1771902
+/jackrabbit/oak/trunk:1733615,1733875,1733913,1733929,1734230,1734254,1734279,1734941,1735052,1735081,1735109,1735141,1735267,1735405,1735484,1735549,1735564,1735588,1735622,1735638,1735919,1735983,1736176,1737309-1737310,1737334,1737349,1737998,1738004,1738136,1738138,1738207,1738234,1738252,1738775,1738795,1738833,1738950,1738957,1738963,1739712,1739760,1739867,1739894,1739959-1739960,1740114,1740116,1740250,1740333,1740349,1740360,1740625-1740626,1740774,1740837,1740879,1740971,1741016,1741032,1741339,1741343,1742077,1742117,1742125,1742363,1742520,1742888,1742916,1743097,1743172,1743343,1743674,1744265,1744292,1744589,1744670,1744672,1744959,1745038,1745127,1745197,1745336,1745368,1746086,1746117,1746342,1746345,1746408,1746696,1746981,1747198,1747200,1747341-1747342,1747380,1747387,1747406,1747492,1747512,1747654,1748505,1748553,1748722,1748870,1749275,1749350,1749424,1749443,1749464,1749475,1749645,1749662,1749815,1749872,1749875,1749899,1750052,1750076-1750077,1750287,1750457
 
,1750462,1750465,1750495,1750626,1750809,1750886,1751410,1751445-1751446,1751478,1751753,1751755,1751871,1752198,1752202,1752259,1752273-1752274,1752283,1752292,1752438,1752447-1752448,1752508,1752596,1752616,1752659,1752672,1753262,1753331-1753332,1753335-1753336,1753355,1753444,1754117,1754239,1755157,1755191,1756520,1756580,1757119,1757166,1758213,1758713,1759433,1759795,1759826,1760326,1760340,1760373,1760387,1760486,1760492,1760494,1760661-1760662,1761412,1761444,1761571,1761762,1761787,1761876,1762453,1762612,1762632,1762635,1763347,1763355-1763356,1763378,1763465,1763735,1764678,1764705,1764814,1764898,1765817,1765983,1766071,1766423,1766496,1766519,1766554,1766644,1767265,1768446,1768637,1770982,1771022,1771093,1771098,1771739,1771852,1771870,1771902,1772228
 /jackrabbit/trunk:1345480

Modified: 
jackrabbit/oak/branches/1.4/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DynamicSyncContext.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.4/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DynamicSyncContext.java?rev=1772235&r1=1772234&r2=1772235&view=diff
==============================================================================
--- 
jackrabbit/oak/branches/1.4/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DynamicSyncContext.java
 (original)
+++ 
jackrabbit/oak/branches/1.4/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DynamicSyncContext.java
 Thu Dec  1 16:23:42 2016
@@ -27,7 +27,6 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.api.security.user.UserManager;
 import 
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup;
-import 
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroupRef;
 import 
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity;
 import 
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException;
 import 
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProvider;
@@ -152,22 +151,16 @@ public class DynamicSyncContext extends
      */
     private void collectPrincipalNames(@Nonnull Set<String> principalNames, 
@Nonnull Iterable<ExternalIdentityRef> declaredGroupIdRefs, long depth) throws 
ExternalIdentityException {
         for (ExternalIdentityRef ref : declaredGroupIdRefs) {
-            if (ref instanceof ExternalGroupRef && depth < 2) {
-                //in this case we can avoid calling idp.getIdentity(), saving 
a roundtrip
-                principalNames.add(ref.getId());
-            }
-            else {
-                ExternalIdentity extId = idp.getIdentity(ref);
-                if (extId instanceof ExternalGroup) {
-                    principalNames.add(ref.getId());
-                    // recursively apply further membership until the 
configured depth is reached
-                    if (depth > 1) {
-                        collectPrincipalNames(principalNames, 
extId.getDeclaredGroups(), depth - 1);
-                    }
-                }
-                else {
-                    log.debug("Not an external group ({}) => ignore.", ref);
+            // get group
+            ExternalIdentity extId = idp.getIdentity(ref);
+            if (extId instanceof ExternalGroup) {
+                principalNames.add(extId.getPrincipalName());
+                // recursively apply further membership until the configured 
depth is reached
+                if (depth > 1) {
+                    collectPrincipalNames(principalNames, 
extId.getDeclaredGroups(), depth - 1);
                 }
+            } else {
+                log.debug("Not an external group ({}) => ignore.", extId);
             }
         }
     }


Reply via email to