SLING-7144: Make the JcrSystemUserValidator identifiy disabled system users as invalid. Patch provided by Angela Schreiber - Thanks.
git-svn-id: https://svn.apache.org/repos/asf/sling/trunk@1812116 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/src/main/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidator.java b/src/main/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidator.java
index b331dfe..4101e44 100644
--- a/src/main/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidator.java
+++ b/src/main/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidator.java
@@ -128,7 +128,7 @@
if (administrativeSession instanceof JackrabbitSession) {
final UserManager userManager = ((JackrabbitSession) administrativeSession).getUserManager();
final Authorizable authorizable = userManager.getAuthorizable(serviceUserId);
- if (authorizable != null && !authorizable.isGroup() && (isSystemUser((User)authorizable))) {
+ if (isValidSystemUser(authorizable)) {
validIds.add(serviceUserId);
log.debug("The provided service user id {} is a known JCR system user id", serviceUserId);
return true;
@@ -191,7 +191,7 @@
return pName;
}
});
- if (authorizable != null && !authorizable.isGroup() && (isSystemUser((User) authorizable))) {
+ if (isValidSystemUser(authorizable)) {
validPrincipalNames.add(pName);
log.debug("The provided service principal name {} is a known JCR system user", pName);
} else {
@@ -210,16 +210,28 @@
return invalid.isEmpty();
}
- private boolean isSystemUser(final User user){
- if (isSystemUserMethod != null) {
- try {
- return (Boolean) isSystemUserMethod.invoke(user);
- } catch (Exception e) {
- log.debug("Exception while invoking isSystemUser method", e);
- return true;
+ private boolean isValidSystemUser(final Authorizable authorizable){
+ if (authorizable == null || authorizable.isGroup()) {
+ return false;
+ }
+
+ User user = (User) authorizable;
+ try {
+ if (!user.isDisabled()) {
+ if (isSystemUserMethod != null) {
+ try {
+ return (Boolean) isSystemUserMethod.invoke(user);
+ } catch (Exception e) {
+ log.debug("Exception while invoking isSystemUser method", e);
+ return true;
+ }
+ } else {
+ return true;
+ }
}
- } else {
- return true;
- }
+ } catch (RepositoryException e) {
+ log.debug("Exception while invoking isDisabled method", e);
+ }
+ return false;
}
}
\ No newline at end of file