server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/security/SecurityJcrUtils.java

   1 package org.argeo.jcr.security;
   2
   3 import javax.jcr.Node;
   4 import javax.jcr.RepositoryException;
   5 import javax.jcr.Session;
   6 import javax.jcr.version.VersionManager;
   7
   8 import org.argeo.ArgeoException;
   9 import org.argeo.jcr.ArgeoJcrConstants;
  10 import org.argeo.jcr.ArgeoNames;
  11 import org.argeo.jcr.ArgeoTypes;
  12 import org.argeo.jcr.JcrUtils;
  13 import org.argeo.jcr.UserJcrUtils;
  14
  15 /** Utilities related to Argeo security model in JCR */
  16 @Deprecated
  17 public class SecurityJcrUtils implements ArgeoJcrConstants {
  18         /**
  19          * Creates an Argeo user home, does nothing if it already exists. Session is
  20          * NOT saved.
  21          */
  22         static Node createUserHomeIfNeeded(Session session, String username) {
  23                 try {
  24                         String homePath = generateUserHomePath(username);
  25                         if (session.itemExists(homePath))
  26                                 return session.getNode(homePath);
  27                         else {
  28                                 Node userHome = JcrUtils.mkdirs(session, homePath);
  29                                 userHome.addMixin(ArgeoTypes.ARGEO_USER_HOME);
  30                                 userHome.setProperty(ArgeoNames.ARGEO_USER_ID, username);
  31
  32                                 // JcrUtils.addPrivilege(session, homePath, username,
  33                                 // "jcr:all");
  34                                 return userHome;
  35                         }
  36                 } catch (RepositoryException e) {
  37                         JcrUtils.discardQuietly(session);
  38                         throw new ArgeoException("Cannot create home for " + username
  39                                         + " in workspace " + session.getWorkspace().getName(), e);
  40                 }
  41         }
  42
  43         private static String generateUserHomePath(String username) {
  44                 String homeBasePath = UserJcrUtils.DEFAULT_HOME_BASE_PATH;
  45                 return homeBasePath + '/' + JcrUtils.firstCharsToPath(username, 2)
  46                                 + '/' + username;
  47         }
  48
  49         /**
  50          * Creates a user profile in the home of this user. Creates the home if
  51          * needed, but throw an exception if a profile already exists. The session
  52          * is not saved and the node is in a checkedOut state (that is, it requires
  53          * a subsequent checkin after saving the session).
  54          */
  55         static Node createUserProfile(Session session, String username) {
  56                 try {
  57                         Node userHome = createUserHomeIfNeeded(session, username);
  58                         if (userHome.hasNode(ArgeoNames.ARGEO_PROFILE))
  59                                 throw new ArgeoException(
  60                                                 "There is already a user profile under " + userHome);
  61                         Node userProfile = userHome.addNode(ArgeoNames.ARGEO_PROFILE);
  62                         userProfile.addMixin(ArgeoTypes.ARGEO_USER_PROFILE);
  63                         userProfile.setProperty(ArgeoNames.ARGEO_USER_ID, username);
  64                         userProfile.setProperty(ArgeoNames.ARGEO_ENABLED, true);
  65                         userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_EXPIRED, true);
  66                         userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_LOCKED, true);
  67                         userProfile.setProperty(ArgeoNames.ARGEO_CREDENTIALS_NON_EXPIRED,
  68                                         true);
  69                         return userProfile;
  70                 } catch (RepositoryException e) {
  71                         JcrUtils.discardQuietly(session);
  72                         throw new ArgeoException("Cannot create user profile for "
  73                                         + username + " in workspace "
  74                                         + session.getWorkspace().getName(), e);
  75                 }
  76         }
  77
  78         /**
  79          * Create user profile if needed, the session IS saved.
  80          *
  81          * @return the user profile
  82          */
  83         static Node createUserProfileIfNeeded(Session securitySession,
  84                         String username) {
  85                 try {
  86                         Node userHome = createUserHomeIfNeeded(securitySession, username);
  87                         Node userProfile = userHome.hasNode(ArgeoNames.ARGEO_PROFILE) ? userHome
  88                                         .getNode(ArgeoNames.ARGEO_PROFILE) : createUserProfile(
  89                                         securitySession, username);
  90                         if (securitySession.hasPendingChanges())
  91                                 securitySession.save();
  92                         VersionManager versionManager = securitySession.getWorkspace()
  93                                         .getVersionManager();
  94                         if (versionManager.isCheckedOut(userProfile.getPath()))
  95                                 versionManager.checkin(userProfile.getPath());
  96                         return userProfile;
  97                 } catch (RepositoryException e) {
  98                         JcrUtils.discardQuietly(securitySession);
  99                         throw new ArgeoException("Cannot create user profile for "
 100                                         + username + " in workspace "
 101                                         + securitySession.getWorkspace().getName(), e);
 102                 }
 103         }
 104
 105         /**
 106          * @return null if not found *
 107          */
 108         static Node getUserProfile(Session session, String username) {
 109                 try {
 110                         Node userHome = UserJcrUtils.getUserHome(session, username);
 111                         if (userHome == null)
 112                                 return null;
 113                         if (userHome.hasNode(ArgeoNames.ARGEO_PROFILE))
 114                                 return userHome.getNode(ArgeoNames.ARGEO_PROFILE);
 115                         else
 116                                 return null;
 117                 } catch (RepositoryException e) {
 118                         throw new ArgeoException(
 119                                         "Cannot find profile for user " + username, e);
 120                 }
 121         }
 122
 123         private SecurityJcrUtils() {
 124         }
 125 }