Merge branch 'release/2.0.4'

README.md

@@ -18,7 +18,7 @@ See also our talk at [AdaptTo 2016](https://adapt.to/2016/en/schedule/ac-tool.ht
 
 # Requirements
 
-The AC Tool requires Java 7 and AEM 6.1 or above (use v1.x for older versions)
+The AC Tool requires Java 7 and AEM 6.1 (SP1) or above (use v1.x for older versions)
 
 # Installation
 

accesscontroltool-bundle/pom.xml

@@ -11,7 +11,7 @@
     <parent>
         <groupId>biz.netcentric.cq.tools.accesscontroltool</groupId>
         <artifactId>accesscontroltool</artifactId>
-        <version>2.0.3</version>
+        <version>2.0.4</version>
     </parent>
 
     <!-- ====================================================================== -->
@@ -103,6 +103,10 @@
             <groupId>com.day.cq</groupId>
             <artifactId>cq-commons</artifactId>
         </dependency>
+        <dependency>
+            <groupId>com.adobe.granite</groupId>
+            <artifactId>com.adobe.granite.crypto</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.yaml</groupId>
             <artifactId>snakeyaml</artifactId>

accesscontroltool-bundle/src/main/java/biz/netcentric/cq/tools/actool/aceinstaller/AceBeanInstaller.java

@@ -13,8 +13,9 @@
 
 import javax.jcr.Session;
 
+import biz.netcentric.cq.tools.actool.configmodel.AcConfiguration;
 import biz.netcentric.cq.tools.actool.configmodel.AceBean;
-import biz.netcentric.cq.tools.actool.history.AcInstallationLog;
+import biz.netcentric.cq.tools.actool.history.InstallationLogger;
 
 /** Installs AceBeans to content paths. */
 public interface AceBeanInstaller {
@@ -28,7 +29,7 @@ public interface AceBeanInstaller {
      * @param installationLog the installation log
      * @param authorizablesToRemoveAcesFor
      * @param intermediateSaves whether the session should be saved after each path (for each ACL) */
-    void installPathBasedACEs(final Map<String, Set<AceBean>> pathBasedAceMapFromConfig, final Session session,
-            final AcInstallationLog installationLog, Set<String> authorizablesToRemoveAcesFor, boolean intermediateSaves) throws Exception;
+    void installPathBasedACEs(final Map<String, Set<AceBean>> pathBasedAceMapFromConfig, final AcConfiguration acConfiguration, final Session session,
+            final InstallationLogger installationLog, Set<String> authorizablesToRemoveAcesFor, boolean intermediateSaves) throws Exception;
 
 }

accesscontroltool-bundle/src/main/java/biz/netcentric/cq/tools/actool/aceinstaller/AceBeanInstallerClassic.java

@@ -40,7 +40,7 @@
 import biz.netcentric.cq.tools.actool.configmodel.AceBean;
 import biz.netcentric.cq.tools.actool.helper.AccessControlUtils;
 import biz.netcentric.cq.tools.actool.helper.RestrictionsHolder;
-import biz.netcentric.cq.tools.actool.history.AcInstallationLog;
+import biz.netcentric.cq.tools.actool.history.InstallationLogger;
 
 /** The way ACEs were installed in version one is still available and can be configured in "global_config" section by setting
  * "installAclsIncrementally=false". */
@@ -54,7 +54,7 @@ public class AceBeanInstallerClassic extends BaseAceBeanInstaller implements Ace
      * 
      * @throws RepositoryException */
     protected void installAcl(Set<AceBean> aceBeanSetFromConfig, String path, Set<String> principalsToRemoveAcesFor, Session session,
-            AcInstallationLog installLog) throws RepositoryException {
+            InstallationLogger installLog) throws RepositoryException {
 
         // Remove all config contained authorizables from ACL of this path
         int countRemoved = AccessControlUtils.deleteAllEntriesForPrincipalsFromACL(session,
@@ -80,7 +80,7 @@ protected void installAcl(Set<AceBean> aceBeanSetFromConfig, String path, Set<St
     *
     * @throws NoSuchMethodException */
    private void installAce(AceBean aceBean, final Session session, Principal principal,
-            AcInstallationLog installLog) throws RepositoryException {
+            InstallationLogger installLog) throws RepositoryException {
 
         if (aceBean.isInitialContentOnlyConfig()) {
             return;
@@ -126,7 +126,7 @@ private void installAce(AceBean aceBean, final Session session, Principal princi
      *         AccessControlList (comprising the entres being installed for the actions).
      * @throws RepositoryException */
     private JackrabbitAccessControlList installActions(AceBean aceBean, Principal principal, JackrabbitAccessControlList acl,
-            Session session, AccessControlManager acMgr, AcInstallationLog installLog) throws RepositoryException {
+            Session session, AccessControlManager acMgr, InstallationLogger installLog) throws RepositoryException {
         final Map<String, Boolean> actionMap = aceBean.getActionMap();
         if (actionMap.isEmpty()) {
             return acl;

accesscontroltool-bundle/src/main/java/biz/netcentric/cq/tools/actool/aceinstaller/AceBeanInstallerIncremental.java

@@ -49,7 +49,7 @@
 import biz.netcentric.cq.tools.actool.helper.AcHelper;
 import biz.netcentric.cq.tools.actool.helper.AccessControlUtils;
 import biz.netcentric.cq.tools.actool.helper.Constants;
-import biz.netcentric.cq.tools.actool.history.AcInstallationLog;
+import biz.netcentric.cq.tools.actool.history.InstallationLogger;
 
 @Service
 @Component
@@ -66,7 +66,7 @@ public class AceBeanInstallerIncremental extends BaseAceBeanInstaller implements
      * 
      * @throws RepositoryException */
     protected void installAcl(Set<AceBean> aceBeanSetFromConfig, String path, Set<String> principalsInConfiguration, Session session,
-            AcInstallationLog installLog) throws RepositoryException {
+            InstallationLogger installLog) throws RepositoryException {
 
         boolean hadPendingChanges = session.hasPendingChanges();
 
@@ -210,7 +210,7 @@ protected JackrabbitAccessControlList getAccessControlList(AccessControlManager
     }
 
     private Set<AceBean> transformActionsIntoPrivileges(Set<AceBean> aceBeanSetFromConfig, Session session,
-            AcInstallationLog installLog) throws RepositoryException {
+            InstallationLogger installLog) throws RepositoryException {
 
 
         Set<AceBean> aceBeanSetWithPrivilegesOnly = new LinkedHashSet<AceBean>();
@@ -230,7 +230,7 @@ private Set<AceBean> transformActionsIntoPrivileges(Set<AceBean> aceBeanSetFromC
     }
 
     private Set<AceBean> getPrincipalAceBeansForActionAceBeanCached(AceBean origAceBean, Session session,
-            AcInstallationLog installLog) throws RepositoryException {
+            InstallationLogger installLog) throws RepositoryException {
 
         String cacheKey = (definesContent(origAceBean.getJcrPathForPolicyApi(), session) ? "definesContent" : "simple")
                 + "-" + origAceBean.getPermission() + "-" + getRestrictionsComparable(origAceBean.getRestrictions()) + "-"

accesscontroltool-bundle/src/main/java/biz/netcentric/cq/tools/actool/aceinstaller/BaseAceBeanInstaller.java

@@ -8,7 +8,7 @@
  */
 package biz.netcentric.cq.tools.actool.aceinstaller;
 
-import static biz.netcentric.cq.tools.actool.history.AcInstallationLog.msHumanReadable;
+import static biz.netcentric.cq.tools.actool.history.PersistableInstallationLogger.msHumanReadable;
 
 import java.security.Principal;
 import java.util.Arrays;
@@ -33,12 +33,13 @@
 import org.slf4j.LoggerFactory;
 
 import biz.netcentric.cq.tools.actool.comparators.AcePermissionComparator;
+import biz.netcentric.cq.tools.actool.configmodel.AcConfiguration;
 import biz.netcentric.cq.tools.actool.configmodel.AceBean;
 import biz.netcentric.cq.tools.actool.configmodel.Restriction;
 import biz.netcentric.cq.tools.actool.helper.AccessControlUtils;
 import biz.netcentric.cq.tools.actool.helper.ContentHelper;
 import biz.netcentric.cq.tools.actool.helper.RestrictionsHolder;
-import biz.netcentric.cq.tools.actool.history.AcInstallationLog;
+import biz.netcentric.cq.tools.actool.history.InstallationLogger;
 
 /** Base Class */
 public abstract class BaseAceBeanInstaller implements AceBeanInstaller {
@@ -48,8 +49,9 @@ public abstract class BaseAceBeanInstaller implements AceBeanInstaller {
     @Override
     public void installPathBasedACEs(
             final Map<String, Set<AceBean>> pathBasedAceMapFromConfig,
+            final AcConfiguration acConfiguration,
             final Session session,
-            final AcInstallationLog history, Set<String> principalsToRemoveAcesFor,
+            final InstallationLogger history, Set<String> principalsToRemoveAcesFor,
             boolean intermediateSaves) throws Exception {
 
         StopWatch stopWatch = new StopWatch();
@@ -86,7 +88,7 @@ public void installPathBasedACEs(
                     new AcePermissionComparator());
             orderedAceBeanSetFromConfig.addAll(aceBeanSetFromConfig);
 
-            Set<String> principalsToRemoveAcesForAtThisPath = history.getAcConfiguration().getAuthorizablesConfig()
+            Set<String> principalsToRemoveAcesForAtThisPath = acConfiguration.getAuthorizablesConfig()
                     .removeUnmanagedPrincipalNamesAtPath(path, principalsToRemoveAcesFor);
             installAcl(orderedAceBeanSetFromConfig, path, principalsToRemoveAcesForAtThisPath, session, history);
 
@@ -101,18 +103,18 @@ public void installPathBasedACEs(
                     + " parent paths missing for creation of intial content (those paths were skipped, see verbose log for details)");
         }
 
-        history.addMessage(LOG, "Finished installation of " + paths.size() + " ACLs in "
-                + msHumanReadable(stopWatch.getTime())
-                + " (changed ACLs=" + history.getCountAclsChanged() + " unchanged ACLs=" + history.getCountAclsUnchanged()
-                + " path does not exist=" + history.getCountAclsPathDoesNotExist() + " action cache hit/miss="
+        history.addMessage(LOG, "ACL Update Statistics: Changed=" + history.getCountAclsChanged() + " Unchanged=" + history.getCountAclsUnchanged()
+                + " Path not found=" + history.getCountAclsPathDoesNotExist() + " (action cache hit/miss="
                 + history.getCountActionCacheHit() + "/" + history.getCountActionCacheMiss() + ")");
+        history.addMessage(LOG, "*** Finished installation of " + paths.size() + " ACLs in "
+                + msHumanReadable(stopWatch.getTime()));
     }
 
     /** Installs a full set of ACE beans that form an ACL for the path
      * 
      * @throws RepositoryException */
     protected abstract void installAcl(Set<AceBean> aceBeanSetFromConfig, String path, Set<String> authorizablesToRemoveAcesFor,
-            Session session, AcInstallationLog history) throws RepositoryException;
+            Session session, InstallationLogger history) throws RepositoryException;
 
 
     protected boolean installPrivileges(AceBean aceBean, Principal principal, JackrabbitAccessControlList acl, Session session,

accesscontroltool-bundle/src/main/java/biz/netcentric/cq/tools/actool/api/InstallationLog.java

@@ -10,14 +10,20 @@
 
 import biz.netcentric.cq.tools.actool.installationhistory.AcInstallationHistoryPojo;
 
+/**
+ * Access to log messages being emitted
+ *
+ */
 public interface InstallationLog extends AcInstallationHistoryPojo {
 
+    // This is only set for the installhook mechanism
     String getCrxPackageName();
 
     String getMessageHistory();
 
     String getVerboseMessageHistory();
-
+
+    // TODO: move to separate interface InstallationResult which extends this interface
     int getCountAclsUnchanged();
 
     int getCountAclsChanged();

accesscontroltool-bundle/src/main/java/biz/netcentric/cq/tools/actool/authorizableinstaller/AuthorizableInstallerService.java

@@ -11,13 +11,17 @@
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 
+import com.adobe.granite.crypto.CryptoException;
+
+import biz.netcentric.cq.tools.actool.configmodel.AcConfiguration;
 import biz.netcentric.cq.tools.actool.configmodel.AuthorizablesConfig;
-import biz.netcentric.cq.tools.actool.history.AcInstallationLog;
+import biz.netcentric.cq.tools.actool.history.InstallationLogger;
 
 public interface AuthorizableInstallerService {
 
-    public void installAuthorizables(
-            AuthorizablesConfig principalMapFromConfig,
-            final Session session, AcInstallationLog installLog) throws RepositoryException, AuthorizableCreatorException;
-
+    void installAuthorizables(
+            AcConfiguration acConfiguration,
+            AuthorizablesConfig authorizablesConfigBeans,
+            final Session session, InstallationLogger installLog)
+    throws RepositoryException, AuthorizableCreatorException, CryptoException;
 }