in src/main/java/org/apache/sling/starter/access/models/Ace.java [324:362]
protected Map<String, String[]> populateEntriesFromPreviousFailedPost(Map<String, List<RestrictionItem>> allowMap,
Map<String, List<RestrictionItem>> denyMap,
Map<String, RestrictionDefinition> srMap) {
Map<String, String[]> toDeleteFieldValues = getFieldValuesForPattern(RESTRICTION_PATTERN_DELETE);
Map<String, String[]> fieldValues = getFieldValuesForPattern(RESTRICTION_PATTERN);
Set<Entry<String, String[]>> fieldValuesEntrySet = fieldValues.entrySet();
for (Entry<String, String[]> entry : fieldValuesEntrySet) {
String deleteKey = String.format("%s%s", entry.getKey(), SlingPostConstants.SUFFIX_DELETE);
if (toDeleteFieldValues.containsKey(deleteKey)) {
//it was requested to be deleted in the previous POST attempt
continue;
}
Matcher matcher = RESTRICTION_PATTERN.matcher(entry.getKey());
if (matcher.matches()) {
String privilegeName = matcher.group(1);
String restrictionName = matcher.group(2);
boolean isAllow = "Allow".equals(matcher.group(3));
RestrictionDefinition rd = srMap.get(restrictionName);
if (rd != null) {
Object value = entry.getValue();
String[] strings = entry.getValue();
if (rd.getRequiredType().isArray()) {
value = strings;
} else if (strings.length > 0) {
//use the first one?
value = strings[0];
}
RestrictionItem ri = new RestrictionItem(rd, value, false);
Map<String, List<RestrictionItem>> map = isAllow ? allowMap : denyMap;
List<RestrictionItem> list = map.computeIfAbsent(privilegeName, n -> new ArrayList<>());
list.add(ri);
}
}
}
return fieldValues;
}