@Before
public void setup() {
// ACEs from groups contained in config
aceBean1 = new AceBean();
aceBean1.setPrincipal("group-A");
aceBean1.setActions(null);
aceBean1.setActionsStringFromConfig("");
aceBean1.setPermission("deny");
aceBean1.setJcrPath("/content");
aceBean1.setPrivilegesString("jcr:read,crx:replicate");
aceBean1.setRepGlob("");
aceBean2 = new AceBean();
aceBean2.setPrincipal("group-A");
aceBean2.setActions(new String[] {"read", "replicate"});
aceBean1.setPermission("deny");
aceBean2.setJcrPath("/content");
aceBean2.setPrivilegesString("");
aceBean2.setRepGlob("");
aceBean3 = new AceBean();
}
public boolean validatePrivileges(final AceBean tmpAclBean, AccessControlManager aclManager)
throws InvalidJcrPrivilegeException, DoubledDefinedJcrPrivilegeException {
String currentEntryValue = tmpAclBean.getPrivilegesString();
String principal = tmpAclBean.getPrincipalName();
if (!StringUtils.isNotBlank(currentEntryValue)) {
return false;
}
String[] privileges = currentEntryValue.split(",");
Set<String> privilegesSet = new HashSet<String>();
for (int i = 0; i < privileges.length; i++) {
// remove leading and trailing blanks from privilege name
privileges[i] = StringUtils.strip(privileges[i]);
if (!Validators.isValidJcrPrivilege(privileges[i], aclManager)) {
String errorMessage =
getBeanDescription(this.currentBeanCounter, principal)
+ ", invalid jcr privilege: "
+ privileges[i];
LOG.error(errorMessage);
throw new InvalidJcrPrivilegeException(errorMessage);
}
if (!privilegesSet.add(privileges[i])) {
String errorMessage =
getBeanDescription(this.currentBeanCounter, principal)
+ ", doubled defined jcr privilege: "
+ privileges[i];
LOG.error(errorMessage);
throw new DoubledDefinedJcrPrivilegeException(errorMessage);
}
}
tmpAclBean.setPrivilegesString(currentEntryValue);
return true;
}
