Author: pauls Date: Fri Oct 13 11:49:22 2017 New Revision: 1812116 URL: http://svn.apache.org/viewvc?rev=1812116&view=rev Log: SLING-7144: Make the JcrSystemUserValidator identifiy disabled system users as invalid. Patch provided by Angela Schreiber - Thanks.
Modified: sling/trunk/bundles/jcr/resource/src/main/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidator.java Modified: sling/trunk/bundles/jcr/resource/src/main/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidator.java URL: http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/resource/src/main/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidator.java?rev=1812116&r1=1812115&r2=1812116&view=diff ============================================================================== --- sling/trunk/bundles/jcr/resource/src/main/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidator.java (original) +++ sling/trunk/bundles/jcr/resource/src/main/java/org/apache/sling/jcr/resource/internal/JcrSystemUserValidator.java Fri Oct 13 11:49:22 2017 @@ -128,7 +128,7 @@ public class JcrSystemUserValidator impl if (administrativeSession instanceof JackrabbitSession) { final UserManager userManager = ((JackrabbitSession) administrativeSession).getUserManager(); final Authorizable authorizable = userManager.getAuthorizable(serviceUserId); - if (authorizable != null && !authorizable.isGroup() && (isSystemUser((User)authorizable))) { + if (isValidSystemUser(authorizable)) { validIds.add(serviceUserId); log.debug("The provided service user id {} is a known JCR system user id", serviceUserId); return true; @@ -191,7 +191,7 @@ public class JcrSystemUserValidator impl return pName; } }); - if (authorizable != null && !authorizable.isGroup() && (isSystemUser((User) authorizable))) { + if (isValidSystemUser(authorizable)) { validPrincipalNames.add(pName); log.debug("The provided service principal name {} is a known JCR system user", pName); } else { @@ -210,16 +210,28 @@ public class JcrSystemUserValidator impl return invalid.isEmpty(); } - private boolean isSystemUser(final User user){ - if (isSystemUserMethod != null) { - try { - return (Boolean) isSystemUserMethod.invoke(user); - } catch (Exception e) { - log.debug("Exception while invoking isSystemUser method", e); - return true; + private boolean isValidSystemUser(final Authorizable authorizable){ + if (authorizable == null || authorizable.isGroup()) { + return false; + } + + User user = (User) authorizable; + try { + if (!user.isDisabled()) { + if (isSystemUserMethod != null) { + try { + return (Boolean) isSystemUserMethod.invoke(user); + } catch (Exception e) { + log.debug("Exception while invoking isSystemUser method", e); + return true; + } + } else { + return true; + } } - } else { - return true; - } + } catch (RepositoryException e) { + log.debug("Exception while invoking isDisabled method", e); + } + return false; } } \ No newline at end of file