SLING-10908 Update to Parent 46 (#2)
improve configuration description
diff --git a/bnd.bnd b/bnd.bnd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/bnd.bnd
diff --git a/pom.xml b/pom.xml
index 61983f5..9fc0925 100644
--- a/pom.xml
+++ b/pom.xml
@@ -21,14 +21,13 @@
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.sling</groupId>
- <artifactId>sling</artifactId>
- <version>26</version>
+ <artifactId>sling-bundle-parent</artifactId>
+ <version>46</version>
<relativePath/>
</parent>
<artifactId>org.apache.sling.jcr.resourcesecurity</artifactId>
<version>1.0.3-SNAPSHOT</version>
- <packaging>bundle</packaging>
<name>Apache Sling JCR Resource Security</name>
<description>
@@ -41,44 +40,20 @@
<url>https://gitbox.apache.org/repos/asf?p=sling-org-apache-sling-jcr-resourcesecurity.git</url>
</scm>
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.felix</groupId>
- <artifactId>maven-scr-plugin</artifactId>
- </plugin>
- <plugin>
- <groupId>org.apache.felix</groupId>
- <artifactId>maven-bundle-plugin</artifactId>
- <extensions>true</extensions>
- <configuration>
- <instructions>
- </instructions>
- </configuration>
- </plugin>
- </plugins>
- </build>
- <reporting>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-javadoc-plugin</artifactId>
- <configuration>
- <excludePackageNames>
- org.apache.sling.jcr.resourcesecurity.impl
- </excludePackageNames>
- </configuration>
- </plugin>
- </plugins>
- </reporting>
+ <properties>
+ <site.javadoc.exclude>org.apache.sling.jcr.resourcesecurity.impl</site.javadoc.exclude>
+ <project.build.outputTimestamp>1</project.build.outputTimestamp>
+ <sling.java.version>8</sling.java.version>
+ </properties>
+
<dependencies>
<dependency>
<groupId>org.osgi</groupId>
- <artifactId>org.osgi.core</artifactId>
+ <artifactId>org.osgi.service.component.annotations</artifactId>
</dependency>
<dependency>
<groupId>org.osgi</groupId>
- <artifactId>org.osgi.compendium</artifactId>
+ <artifactId>org.osgi.service.metatype.annotations</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
@@ -87,7 +62,6 @@
<dependency>
<groupId>javax.jcr</groupId>
<artifactId>jcr</artifactId>
- <version>2.0</version>
</dependency>
<dependency>
<groupId>org.apache.sling</groupId>
@@ -101,11 +75,5 @@
<version>1.0.1-SNAPSHOT</version>
<scope>provided</scope>
</dependency>
- <dependency>
- <groupId>org.apache.sling</groupId>
- <artifactId>org.apache.sling.commons.osgi</artifactId>
- <version>2.2.0</version>
- <scope>provided</scope>
- </dependency>
</dependencies>
</project>
diff --git a/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java b/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java
index 62c2b44..66ded8a 100644
--- a/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java
+++ b/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java
@@ -18,45 +18,31 @@
*/
package org.apache.sling.jcr.resourcesecurity.impl;
-import java.util.Map;
-
import javax.jcr.RepositoryException;
import javax.jcr.Session;
-import org.apache.felix.scr.annotations.Activate;
-import org.apache.felix.scr.annotations.Component;
-import org.apache.felix.scr.annotations.ConfigurationPolicy;
-import org.apache.felix.scr.annotations.Properties;
-import org.apache.felix.scr.annotations.Property;
-import org.apache.felix.scr.annotations.Service;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ResourceResolver;
-import org.apache.sling.commons.osgi.PropertiesUtil;
import org.apache.sling.resourceaccesssecurity.AllowingResourceAccessGate;
import org.apache.sling.resourceaccesssecurity.ResourceAccessGate;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.ConfigurationPolicy;
+import org.osgi.service.metatype.annotations.AttributeDefinition;
+import org.osgi.service.metatype.annotations.Designate;
+import org.osgi.service.metatype.annotations.ObjectClassDefinition;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
-@Component(configurationFactory=true, policy=ConfigurationPolicy.REQUIRE, metatype=true,
- label="Apache Sling JCR Resource Access Gate",
- description="This access gate can be used to handle the access to resources" +
- " not backed by a JCR repository by providing ACLs in the " +
- "reposiory")
-@Service(value=ResourceAccessGate.class)
-@Properties({
- @Property(name=ResourceAccessGate.PATH, label="Path",
- description="The path is a regular expression for which resources the service should be called"),
- @Property(name=ResourceAccessGateFactory.PROP_PREFIX,
- label="Deep Check Prefix",
- description="If this value is configured with a prefix and the resource path starts with this" +
- " prefix, the prefix is removed from the path and the remaining part is appended " +
- " to the JCR path to check. For example if /foo/a/b/c is required, this prefix is " +
- " configured with /foo and the JCR node to check is /check, the permissions at " +
- " /check/a/b/c are checked."),
- @Property(name=ResourceAccessGateFactory.PROP_JCR_PATH,
- label="JCR Node",
- description="This node is checked for permissions to the resources."),
- @Property(name=ResourceAccessGate.OPERATIONS, value= {"read", "create", "update", "delete", "order-children"}, propertyPrivate=true),
- @Property(name=ResourceAccessGate.CONTEXT, value=ResourceAccessGate.PROVIDER_CONTEXT, propertyPrivate=true)
+@Component(configurationPolicy=ConfigurationPolicy.REQUIRE, service = ResourceAccessGate.class, property = {
+ ResourceAccessGate.OPERATIONS+"=read",
+ ResourceAccessGate.OPERATIONS+"=create",
+ ResourceAccessGate.OPERATIONS+"=update",
+ ResourceAccessGate.OPERATIONS+"=delete",
+ ResourceAccessGate.OPERATIONS+"=order-children",
+ ResourceAccessGate.CONTEXT+"="+ResourceAccessGate.PROVIDER_CONTEXT
})
+@Designate(factory = true, ocd = ResourceAccessGateFactory.Configuration.class)
public class ResourceAccessGateFactory
extends AllowingResourceAccessGate
implements ResourceAccessGate {
@@ -68,11 +54,32 @@
private String jcrPath;
private String prefix;
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(ResourceAccessGateFactory.class);
+
+ @ObjectClassDefinition(
+ name = "Apache Sling JCR Resource Access Gate",
+ description = "This access gate can be used to handle the access to resources" +
+ " not backed by a JCR repository by leveraging ACLs in the " +
+ "JCR repository")
+ public static @interface Configuration {
+ @AttributeDefinition(name = "Path", description = "The path is a regular expression which must match the affected resource path for this service to be called.")
+ String path() default ".*";
+ @AttributeDefinition(name = "Deep Check Prefix",
+ description="If this value is configured and the resource path starts with this" +
+ " prefix, the prefix is removed from the path and the remaining part is appended " +
+ " to the JCR path to check. For example if /foo/a/b/c is required, this prefix is " +
+ " configured with /foo and the JCR node to check is /check, the permissions at " +
+ " /check/a/b/c are checked.")
+ String checkpath_prefix();
+ @AttributeDefinition(name = "JCR Node Path", description = "The node given through this path is consulted for granting/denying permissions to the resources. If 'Deep Check Prefix' is used, then this only specifies the node's path prefix.")
+ String jcrPath();
+ }
@Activate
- protected void activate(final Map<String, Object> props) {
- this.jcrPath = PropertiesUtil.toString(props.get(PROP_JCR_PATH), null);
- this.prefix = PropertiesUtil.toString(props.get(PROP_PREFIX), null);
+ protected void activate(Configuration configuration) {
+ this.jcrPath = configuration.jcrPath();
+ this.prefix = configuration.checkpath_prefix();
if ( this.prefix != null && !this.prefix.endsWith("/") ) {
this.prefix = this.prefix + "/";
}
@@ -95,6 +102,7 @@
granted = session.hasPermission(checkPath, permission);
} catch (final RepositoryException re) {
// ignore
+ LOGGER.debug("Could not retrieve permission {} for path {}", checkPath, permission, re);
}
}
return granted ? GateResult.GRANTED : GateResult.DENIED;