@Before public void setup() { // ACEs from groups contained in config aceBean1 = new AceBean(); aceBean1.setPrincipal("group-A"); aceBean1.setActions(null); aceBean1.setActionsStringFromConfig(""); aceBean1.setPermission("deny"); aceBean1.setJcrPath("/content"); aceBean1.setPrivilegesString("jcr:read,crx:replicate"); aceBean1.setRepGlob(""); aceBean2 = new AceBean(); aceBean2.setPrincipal("group-A"); aceBean2.setActions(new String[] {"read", "replicate"}); aceBean1.setPermission("deny"); aceBean2.setJcrPath("/content"); aceBean2.setPrivilegesString(""); aceBean2.setRepGlob(""); aceBean3 = new AceBean(); }
public boolean validatePrivileges(final AceBean tmpAclBean, AccessControlManager aclManager) throws InvalidJcrPrivilegeException, DoubledDefinedJcrPrivilegeException { String currentEntryValue = tmpAclBean.getPrivilegesString(); String principal = tmpAclBean.getPrincipalName(); if (!StringUtils.isNotBlank(currentEntryValue)) { return false; } String[] privileges = currentEntryValue.split(","); Set<String> privilegesSet = new HashSet<String>(); for (int i = 0; i < privileges.length; i++) { // remove leading and trailing blanks from privilege name privileges[i] = StringUtils.strip(privileges[i]); if (!Validators.isValidJcrPrivilege(privileges[i], aclManager)) { String errorMessage = getBeanDescription(this.currentBeanCounter, principal) + ", invalid jcr privilege: " + privileges[i]; LOG.error(errorMessage); throw new InvalidJcrPrivilegeException(errorMessage); } if (!privilegesSet.add(privileges[i])) { String errorMessage = getBeanDescription(this.currentBeanCounter, principal) + ", doubled defined jcr privilege: " + privileges[i]; LOG.error(errorMessage); throw new DoubledDefinedJcrPrivilegeException(errorMessage); } } tmpAclBean.setPrivilegesString(currentEntryValue); return true; }