Merge pull request #395 from wttech/custom-restrictions

added custom restrictions

app/aem/actions.main/src/main/java/com/cognifide/apm/main/actions/allow/Allow.java

@@ -31,6 +31,7 @@
 import com.cognifide.apm.main.utils.PathUtils;
 import java.util.Collections;
 import java.util.List;
+import java.util.Map;
 import javax.jcr.PathNotFoundException;
 import javax.jcr.RepositoryException;
 import org.apache.commons.lang3.StringUtils;
@@ -51,25 +52,25 @@ public class Allow implements Action {
   private final boolean ignoreNonExistingPaths;
 
   public Allow(String path, List<String> permissions,
-      String glob, List<String> ntNames,
-      List<String> itemNames, boolean ignoreNonExistingPaths) {
+      String glob, List<String> ntNames, List<String> itemNames, Map<String, Object> customRestrictions,
+      boolean ignoreNonExistingPaths) {
     this.path = path;
     this.permissions = permissions;
-    this.restrictions = new Restrictions(glob, ntNames, itemNames);
+    this.restrictions = new Restrictions(glob, ntNames, itemNames, customRestrictions);
     this.ignoreNonExistingPaths = ignoreNonExistingPaths;
   }
 
   @Override
-  public ActionResult simulate(final Context context) {
+  public ActionResult simulate(Context context) {
     return process(context, true);
   }
 
   @Override
-  public ActionResult execute(final Context context) {
+  public ActionResult execute(Context context) {
     return process(context, false);
   }
 
-  private ActionResult process(final Context context, boolean simulate) {
+  private ActionResult process(Context context, boolean simulate) {
     ActionResult actionResult = context.createActionResult();
     try {
       Authorizable authorizable = context.getCurrentAuthorizable();
@@ -78,7 +79,7 @@ private ActionResult process(final Context context, boolean simulate) {
         actionResult.changeStatus(Status.SKIPPED, "Skipped adding allow privilege for " + authorizable.getID() + " on " + path);
       } else {
         context.getSession().getNode(path);
-        final PermissionActionHelper permissionActionHelper = new PermissionActionHelper(
+        PermissionActionHelper permissionActionHelper = new PermissionActionHelper(
             context.getValueFactory(), path, permissions, restrictions);
         LOGGER.info(String.format("Adding permissions %s for authorizable with id = %s for path = %s %s",
             permissions.toString(), context.getCurrentAuthorizable().getID(), path, restrictions));
@@ -92,11 +93,12 @@ private ActionResult process(final Context context, boolean simulate) {
           String preparedGlob = recalculateGlob(restrictions.getGlob());
           new Allow(path, Collections.singletonList("MODIFY_PAGE"),
               preparedGlob + "*/jcr:content*", restrictions.getNtNames(), restrictions.getItemNames(),
+              restrictions.getCustomRestrictions(),
               ignoreNonExistingPaths
           ).process(context, simulate);
         }
       }
-    } catch (final PathNotFoundException e) {
+    } catch (PathNotFoundException e) {
       if (ignoreNonExistingPaths) {
         actionResult.logWarning("Path " + path + " not found");
       } else {

app/aem/actions.main/src/main/java/com/cognifide/apm/main/actions/allow/AllowMapper.java

@@ -29,6 +29,7 @@
 import com.cognifide.apm.api.actions.annotations.Required;
 import com.cognifide.apm.main.actions.ActionGroup;
 import java.util.List;
+import java.util.Map;
 
 @Mapper(value = "ALLOW", group = ActionGroup.CORE)
 public class AllowMapper {
@@ -51,9 +52,10 @@ public Action create(
       @Required(value = "permissions", description = "e.g.: [READ, 'jcr:all']") List<String> permissions,
       @Named(value = "glob", description = "regular expression to narrow set of paths") String glob,
       @Named(value = "types", description = "list of jcr types which will be affected") List<String> types,
-      @Named(value = "properties", description = "list of properties which will be affected ") List<String> items,
+      @Named(value = "properties", description = "list of properties which will be affected") List<String> items,
+      @Named(value = "restrictions", description = "map of custom restrictions") Map<String, Object> restrictions,
       @Flag(value = IF_EXISTS, description = "script doesn't fail if path doesn't exist") boolean ifExists) {
-    return new Allow(path, permissions, glob, types, items, ifExists);
+    return new Allow(path, permissions, glob, types, items, restrictions, ifExists);
   }
 
   @Mapping(
@@ -71,8 +73,9 @@ public Action create(
       @Required(value = "path", description = "e.g.: '/content/dam'") String path,
       @Named(value = "glob", description = "regular expression to narrow set of paths") String glob,
       @Named(value = "types", description = "list of jcr types which will be affected") List<String> types,
-      @Named(value = "properties", description = "list of properties which will be affected ") List<String> items,
+      @Named(value = "properties", description = "list of properties which will be affected") List<String> items,
+      @Named(value = "restrictions", description = "map of custom restrictions") Map<String, Object> restrictions,
       @Flag(value = IF_EXISTS, description = "script doesn't fail if path doesn't exist") boolean ifExists) {
-    return new Allow(path, permissions, glob, types, items, ifExists);
+    return new Allow(path, permissions, glob, types, items, restrictions, ifExists);
   }
 }

app/aem/actions.main/src/main/java/com/cognifide/apm/main/actions/deny/Deny.java

@@ -31,6 +31,7 @@
 import com.cognifide.apm.main.utils.PathUtils;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
 import javax.jcr.PathNotFoundException;
 import javax.jcr.RepositoryException;
 import org.apache.commons.lang3.StringUtils;
@@ -50,26 +51,26 @@ public class Deny implements Action {
 
   private final boolean ignoreNonExistingPaths;
 
-  public Deny(final String path, final List<String> permissions,
-      final String glob, List<String> ntNames, final List<String> itemNames,
-      final boolean ignoreNonExistingPaths) {
+  public Deny(String path, List<String> permissions,
+      String glob, List<String> ntNames, List<String> itemNames, Map<String, Object> customRestrictions,
+      boolean ignoreNonExistingPaths) {
     this.path = path;
     this.permissions = permissions;
-    this.restrictions = new Restrictions(glob, ntNames, itemNames);
+    this.restrictions = new Restrictions(glob, ntNames, itemNames, customRestrictions);
     this.ignoreNonExistingPaths = ignoreNonExistingPaths;
   }
 
   @Override
-  public ActionResult simulate(final Context context) {
+  public ActionResult simulate(Context context) {
     return process(context, true);
   }
 
   @Override
-  public ActionResult execute(final Context context) {
+  public ActionResult execute(Context context) {
     return process(context, false);
   }
 
-  private ActionResult process(final Context context, boolean simulate) {
+  private ActionResult process(Context context, boolean simulate) {
     ActionResult actionResult = context.createActionResult();
     try {
       Authorizable authorizable = context.getCurrentAuthorizable();
@@ -78,7 +79,7 @@ private ActionResult process(final Context context, boolean simulate) {
         actionResult.changeStatus(Status.SKIPPED, "Skipped adding deny privilege for " + authorizable.getID() + " on " + path);
       } else {
         context.getSession().getNode(path);
-        final PermissionActionHelper permissionActionHelper = new PermissionActionHelper(
+        PermissionActionHelper permissionActionHelper = new PermissionActionHelper(
             context.getValueFactory(), path, permissions, restrictions);
         LOGGER.info(String.format("Denying permissions %s for authorizable with id = %s for path = %s %s",
             permissions.toString(), context.getCurrentAuthorizable().getID(), path, restrictions));
@@ -93,18 +94,18 @@ private ActionResult process(final Context context, boolean simulate) {
           globModifyPermission.add("MODIFY_PAGE");
           String preparedGlob = recalculateGlob(restrictions.getGlob());
           new Deny(path, globModifyPermission,
-              preparedGlob + "*/jcr:content*", restrictions.getNtNames(), restrictions.getItemNames(),
+              preparedGlob + "*/jcr:content*", restrictions.getNtNames(), restrictions.getItemNames(), restrictions.getCustomRestrictions(),
               ignoreNonExistingPaths)
               .process(context, simulate);
         }
       }
-    } catch (final PathNotFoundException e) {
+    } catch (PathNotFoundException e) {
       if (ignoreNonExistingPaths) {
         actionResult.logWarning("Path " + path + " not found");
       } else {
         actionResult.logError("Path " + path + " not found");
       }
-    } catch (final RepositoryException | PermissionException | ActionExecutionException e) {
+    } catch (RepositoryException | PermissionException | ActionExecutionException e) {
       actionResult.logError(MessagingUtils.createMessage(e));
     }
     return actionResult;

app/aem/actions.main/src/main/java/com/cognifide/apm/main/actions/deny/DenyMapper.java

@@ -29,6 +29,7 @@
 import com.cognifide.apm.api.actions.annotations.Required;
 import com.cognifide.apm.main.actions.ActionGroup;
 import java.util.List;
+import java.util.Map;
 
 @Mapper(value = "DENY", group = ActionGroup.CORE)
 public class DenyMapper {
@@ -51,9 +52,10 @@ public Action create(
       @Required(value = "permissions", description = "e.g.: [READ, 'jcr:all']") List<String> permissions,
       @Named(value = "glob", description = "regular expression to narrow set of paths") String glob,
       @Named(value = "types", description = "list of jcr types which will be affected") List<String> types,
-      @Named(value = "properties", description = "list of properties which will be affected ") List<String> items,
+      @Named(value = "properties", description = "list of properties which will be affected") List<String> items,
+      @Named(value = "restrictions", description = "map of custom restrictions") Map<String, Object> restrictions,
       @Flag(value = IF_EXISTS, description = "script doesn't fail if path doesn't exist") boolean ifExists) {
-    return new Deny(path, permissions, glob, types, items, ifExists);
+    return new Deny(path, permissions, glob, types, items, restrictions, ifExists);
   }
 
   @Mapping(
@@ -71,8 +73,9 @@ public Action create(
       @Required(value = "path", description = "e.g.: '/content/dam'") String path,
       @Named(value = "glob", description = "regular expression to narrow set of paths") String glob,
       @Named(value = "types", description = "list of jcr types which will be affected") List<String> types,
-      @Named(value = "properties", description = "list of properties which will be affected ") List<String> items,
+      @Named(value = "properties", description = "list of properties which will be affected") List<String> items,
+      @Named(value = "restrictions", description = "map of custom restrictions") Map<String, Object> restrictions,
       @Flag(value = IF_EXISTS, description = "script doesn't fail if path doesn't exist") boolean ifExists) {
-    return new Deny(path, permissions, glob, types, items, ifExists);
+    return new Deny(path, permissions, glob, types, items, restrictions, ifExists);
   }
 }

app/aem/actions.main/src/main/java/com/cognifide/apm/main/permissions/Restrictions.java

@@ -21,6 +21,7 @@
 package com.cognifide.apm.main.permissions;
 
 import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -40,54 +41,75 @@ public class Restrictions {
   private static final String STRICT = "STRICT";
 
   private final String glob;
+
   private final List<String> ntNames;
+
   private final List<String> itemNames;
 
-  public Restrictions(String glob, List<String> ntNames, List<String> itemNames) {
+  private final Map<String, Object> customRestrictions;
+
+  public Restrictions(String glob, List<String> ntNames, List<String> itemNames, Map<String, Object> customRestrictions) {
     this.glob = glob;
     this.ntNames = notNullCopy(ntNames);
     this.itemNames = notNullCopy(itemNames);
+    this.customRestrictions = notNullCopy(customRestrictions);
   }
 
   private List<String> notNullCopy(List<String> strings) {
     return strings != null ? ImmutableList.copyOf(strings) : Collections.emptyList();
   }
 
-  public Map<String, Value> getSingleValueRestrictions(ValueFactory valueFactory) {
+  private Map<String, Object> notNullCopy(Map<String, Object> items) {
+    return items != null ? ImmutableMap.copyOf(items) : Collections.emptyMap();
+  }
+
+  public Map<String, Value> getSingleValueRestrictions(ValueFactory valueFactory) throws ValueFormatException {
     Map<String, Value> result = new HashMap<>();
-    if (StringUtils.isNotBlank(glob)) {
-      result.put("rep:glob", normalizeGlob(valueFactory));
+    addRestriction(valueFactory, result, "rep:glob", glob);
+    for (Map.Entry<String, Object> entry : customRestrictions.entrySet()) {
+      if (entry.getValue() instanceof String) {
+        addRestriction(valueFactory, result, entry.getKey(), (String) entry.getValue());
+      }
     }
     return result;
   }
 
+  private void addRestriction(ValueFactory valueFactory, Map<String, Value> result, String key, String value) throws ValueFormatException {
+    if (StringUtils.isNotBlank(value)) {
+      if (key.equals("rep:glob")) {
+        result.put(key, normalizeGlob(valueFactory));
+      } else {
+        result.put(key, valueFactory.createValue(value, PropertyType.NAME));
+      }
+    }
+  }
+
   private Value normalizeGlob(ValueFactory valueFactory) {
     if (STRICT.equalsIgnoreCase(glob)) {
       return valueFactory.createValue(StringUtils.EMPTY);
     }
     return valueFactory.createValue(glob);
   }
 
-  public Map<String, Value[]> getMultiValueRestrictions(ValueFactory valueFactory)
-      throws ValueFormatException {
-
+  public Map<String, Value[]> getMultiValueRestrictions(ValueFactory valueFactory) throws ValueFormatException {
     Map<String, Value[]> result = new HashMap<>();
     addRestrictions(valueFactory, result, "rep:ntNames", ntNames);
     addRestrictions(valueFactory, result, "rep:itemNames", itemNames);
+    for (Map.Entry<String, Object> entry : customRestrictions.entrySet()) {
+      if (entry.getValue() instanceof List) {
+        addRestrictions(valueFactory, result, entry.getKey(), (List<String>) entry.getValue());
+      }
+    }
     return result;
   }
 
-  private void addRestrictions(ValueFactory valueFactory, Map<String, Value[]> result, String key, List<String> names)
-      throws ValueFormatException {
-
+  private void addRestrictions(ValueFactory valueFactory, Map<String, Value[]> result, String key, List<String> names) throws ValueFormatException {
     if (names != null && !names.isEmpty()) {
       result.put(key, createRestrictions(valueFactory, names));
     }
   }
 
-  private Value[] createRestrictions(ValueFactory valueFactory, List<String> names)
-      throws ValueFormatException {
-
+  private Value[] createRestrictions(ValueFactory valueFactory, List<String> names) throws ValueFormatException {
     Value[] values = new Value[names.size()];
     for (int index = 0; index < names.size(); index++) {
       values[index] = valueFactory.createValue(names.get(index), PropertyType.NAME);

app/aem/core/src/main/java/com/cognifide/apm/core/actions/MapperDescriptorFactory.java

@@ -34,6 +34,7 @@
 import com.cognifide.apm.core.actions.ParameterDescriptor.RequiredParameterDescriptor;
 import com.cognifide.apm.core.grammar.ApmInteger;
 import com.cognifide.apm.core.grammar.ApmList;
+import com.cognifide.apm.core.grammar.ApmMap;
 import com.cognifide.apm.core.grammar.ApmString;
 import com.cognifide.apm.core.grammar.ApmType;
 import com.google.common.collect.ImmutableList;
@@ -43,6 +44,7 @@
 import java.lang.reflect.ParameterizedType;
 import java.lang.reflect.Type;
 import java.util.List;
+import java.util.Map;
 import java.util.Optional;
 
 public class MapperDescriptorFactory {
@@ -53,10 +55,10 @@ public MapperDescriptor create(Class<?> mapperClass) {
       throw new InvalidActionMapperException("Mapper must be annotated with " + Mapper.class.getName());
     }
 
-    final Object mapper = createInstance(mapperClass);
-    final String name = mapperAnnotation.value();
-    final String group = mapperAnnotation.group();
-    final List<MappingDescriptor> mappingDescriptors = Lists.newArrayList();
+    Object mapper = createInstance(mapperClass);
+    String name = mapperAnnotation.value();
+    String group = mapperAnnotation.group();
+    List<MappingDescriptor> mappingDescriptors = Lists.newArrayList();
     for (Method method : mapperClass.getDeclaredMethods()) {
       create(mapperAnnotation, method).ifPresent(mappingDescriptors::add);
     }
@@ -138,6 +140,8 @@ private Class<? extends ApmType> getApmType(Type type) {
       Class rawType = (Class) parameterizedType.getRawType();
       if (List.class.equals(rawType)) {
         return ApmList.class;
+      } else if (Map.class.equals(rawType)) {
+        return ApmMap.class;
       }
     }
     return null;