diff --git a/CHANGELOG.md b/CHANGELOG.md index 512ce423e0..085d4ebd90 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com) ## Added +- #3162 - Renovator MCP: ensure old source path is removed - #3205 - HttpClientFactory: Expose a method to customize the underlying HttpClient - #3209 - WARN org.apache.sling.models.impl.ModelAdapterFactory - Cannot provide default for java.util.List - #3197 - Encrypt user credentials in ACS Content Sync diff --git a/bundle/src/main/java/com/adobe/acs/commons/contentsync/impl/EncryptPasswordPostProcessor.java b/bundle/src/main/java/com/adobe/acs/commons/contentsync/impl/EncryptPasswordPostProcessor.java index b1291031b9..73541f10f8 100644 --- a/bundle/src/main/java/com/adobe/acs/commons/contentsync/impl/EncryptPasswordPostProcessor.java +++ b/bundle/src/main/java/com/adobe/acs/commons/contentsync/impl/EncryptPasswordPostProcessor.java @@ -22,12 +22,13 @@ import com.adobe.acs.commons.contentsync.ConfigurationUtils; import com.adobe.granite.crypto.CryptoSupport; import org.apache.sling.api.SlingHttpServletRequest; -import org.apache.sling.api.resource.ModifiableValueMap; import org.apache.sling.servlets.post.Modification; import org.apache.sling.servlets.post.SlingPostProcessor; import org.osgi.service.component.annotations.Component; import org.osgi.service.component.annotations.Reference; +import javax.jcr.Property; +import javax.jcr.Session; import java.util.List; /** @@ -42,21 +43,22 @@ public class EncryptPasswordPostProcessor implements SlingPostProcessor { @Override public void process(SlingHttpServletRequest slingRequest, List changes) throws Exception { + Session session = slingRequest.getResourceResolver().adaptTo(Session.class); for (Modification mod : changes) { + String path = mod.getSource(); + if (!path.startsWith(ConfigurationUtils.HOSTS_PATH)) { + continue; + } switch (mod.getType()) { case MODIFY: case CREATE: - String path = mod.getSource(); - if (path.startsWith(ConfigurationUtils.HOSTS_PATH)) { - ModifiableValueMap vm = slingRequest.getResource().adaptTo(ModifiableValueMap.class); - - String password = vm.get(PASSWORD_PROPERTY, String.class); + if (path.endsWith("/" + PASSWORD_PROPERTY) && session.propertyExists(path)) { + Property property = session.getProperty(path); + String password = property.getString(); // encrypt the password property if it is not already protected - if(password != null && !crypto.isProtected(password)) { + if (!crypto.isProtected(password)) { String encrypted = crypto.protect(password); - vm.put(PASSWORD_PROPERTY, encrypted); - - slingRequest.getResourceResolver().commit(); + property.setValue(encrypted); } } break; diff --git a/bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/renovator/MovingNode.java b/bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/renovator/MovingNode.java index d2bad74108..8344c8da02 100644 --- a/bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/renovator/MovingNode.java +++ b/bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/renovator/MovingNode.java @@ -185,6 +185,9 @@ public void findReferences(ResourceResolver rr, String referenceSearchRoot, int .filter(p -> isActivated(rr, p.getPagePath())) .map(ReferenceSearch.Info::getPagePath) .collect(Collectors.toCollection(() -> publishedReferences)); + if(isActivated(rr, sourcePath)){ + publishedReferences.add(destinationPath); + } } /** diff --git a/bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/renovator/MovingPage.java b/bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/renovator/MovingPage.java index 67fed4dcbd..d4a47ffd51 100644 --- a/bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/renovator/MovingPage.java +++ b/bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/renovator/MovingPage.java @@ -120,7 +120,7 @@ private void moveOrClonePage(ResourceResolver rr, PageManager manager, String co manager.move(source, getDestinationPath(), getPreviousSibling(), - true, + false, true, listToStringArray(getAllReferences()), listToStringArray(getPublishedReferences())); diff --git a/bundle/src/test/java/com/adobe/acs/commons/contentsync/impl/TestEncryptPasswordPostProcessor.java b/bundle/src/test/java/com/adobe/acs/commons/contentsync/impl/TestEncryptPasswordPostProcessor.java index 7174dc083f..e44e90c99f 100644 --- a/bundle/src/test/java/com/adobe/acs/commons/contentsync/impl/TestEncryptPasswordPostProcessor.java +++ b/bundle/src/test/java/com/adobe/acs/commons/contentsync/impl/TestEncryptPasswordPostProcessor.java @@ -25,6 +25,7 @@ import org.apache.sling.api.resource.Resource; import org.apache.sling.servlets.post.Modification; import org.apache.sling.servlets.post.ModificationType; +import org.apache.sling.testing.mock.sling.ResourceResolverType; import org.junit.Before; import org.junit.Rule; import org.junit.Test; @@ -40,7 +41,7 @@ public class TestEncryptPasswordPostProcessor { @Rule - public AemContext context = new AemContext(); + public AemContext context = new AemContext(ResourceResolverType.JCR_MOCK); private CryptoSupport crypto; @@ -62,14 +63,14 @@ public void testProtectPassword() throws Exception { "host", "http://localhost:4502", "username", "admin", "password", "admin"); context.request().setResource(resource); List changes = new ArrayList<>(); - changes.add(new Modification(ModificationType.CREATE, resource.getPath(), resource.getPath())); + changes.add(new Modification(ModificationType.CREATE, resource.getPath() + "/password", resource.getPath())); postProcessor.process(context.request(), changes); ArgumentCaptor captor = ArgumentCaptor.forClass(String.class); assertEquals("admin-encrypted", resource.getValueMap().get("password")); verify(crypto, times(1)).isProtected(captor.capture()); verify(crypto, times(1)).protect(captor.capture()); - } + } @Test public void testSkipProtectedPassword() throws Exception { @@ -77,7 +78,7 @@ public void testSkipProtectedPassword() throws Exception { "host", "http://localhost:4502", "username", "admin", "password", "admin-encrypted"); context.request().setResource(resource); List changes = new ArrayList<>(); - changes.add(new Modification(ModificationType.MODIFY, resource.getPath(), resource.getPath())); + changes.add(new Modification(ModificationType.MODIFY, resource.getPath() + "/password", resource.getPath())); postProcessor.process(context.request(), changes); @@ -89,7 +90,7 @@ public void testSkipProtectedPassword() throws Exception { @Test public void testIgnoreNonContentSyncPaths() throws Exception { - Resource resource = context.create().resource( "/var/unknown/host1", + Resource resource = context.create().resource("/var/unknown/host1", "host", "http://localhost:4502", "username", "admin", "password", "admin"); context.request().setResource(resource); List changes = new ArrayList<>(); @@ -105,7 +106,7 @@ public void testIgnoreNonContentSyncPaths() throws Exception { @Test public void testIgnoreNullPassword() throws Exception { - Resource resource = context.create().resource( HOSTS_PATH + "/host1", + Resource resource = context.create().resource(HOSTS_PATH + "/host1", "host", "http://localhost:4502", "username", "admin"); context.request().setResource(resource); List changes = new ArrayList<>();