1 package org
.argeo
.jcr
.security
;
4 import javax
.jcr
.RepositoryException
;
5 import javax
.jcr
.Session
;
6 import javax
.jcr
.version
.VersionManager
;
8 import org
.argeo
.ArgeoException
;
9 import org
.argeo
.jcr
.ArgeoJcrConstants
;
10 import org
.argeo
.jcr
.ArgeoJcrUtils
;
11 import org
.argeo
.jcr
.ArgeoNames
;
12 import org
.argeo
.jcr
.ArgeoTypes
;
13 import org
.argeo
.jcr
.JcrUtils
;
15 /** Utilities related to Argeo security model in JCR */
16 public class SecurityJcrUtils
implements ArgeoJcrConstants
{
18 * Creates an Argeo user home, does nothing if it already exists. Session is
21 public static Node
createUserHomeIfNeeded(Session session
, String username
) {
23 String homePath
= generateUserHomePath(username
);
24 if (session
.itemExists(homePath
))
25 return session
.getNode(homePath
);
27 Node userHome
= JcrUtils
.mkdirs(session
, homePath
);
28 userHome
.addMixin(ArgeoTypes
.ARGEO_USER_HOME
);
29 userHome
.setProperty(ArgeoNames
.ARGEO_USER_ID
, username
);
31 //JcrUtils.addPrivilege(session, homePath, username, "jcr:all");
34 } catch (RepositoryException e
) {
35 JcrUtils
.discardQuietly(session
);
36 throw new ArgeoException("Cannot create home for " + username
37 + " in workspace " + session
.getWorkspace().getName(), e
);
41 private static String
generateUserHomePath(String username
) {
42 String homeBasePath
= DEFAULT_HOME_BASE_PATH
;
43 return homeBasePath
+ '/' + JcrUtils
.firstCharsToPath(username
, 2)
48 * Creates a user profile in the home of this user. Creates the home if
49 * needed, but throw an exception if a profile already exists. The session
50 * is not saved and the node is in a checkedOut state (that is, it requires
51 * a subsequent checkin after saving the session).
53 public static Node
createUserProfile(Session session
, String username
) {
55 Node userHome
= createUserHomeIfNeeded(session
, username
);
56 if (userHome
.hasNode(ArgeoNames
.ARGEO_PROFILE
))
57 throw new ArgeoException(
58 "There is already a user profile under " + userHome
);
59 Node userProfile
= userHome
.addNode(ArgeoNames
.ARGEO_PROFILE
);
60 userProfile
.addMixin(ArgeoTypes
.ARGEO_USER_PROFILE
);
61 userProfile
.setProperty(ArgeoNames
.ARGEO_USER_ID
, username
);
62 userProfile
.setProperty(ArgeoNames
.ARGEO_ENABLED
, true);
63 userProfile
.setProperty(ArgeoNames
.ARGEO_ACCOUNT_NON_EXPIRED
, true);
64 userProfile
.setProperty(ArgeoNames
.ARGEO_ACCOUNT_NON_LOCKED
, true);
65 userProfile
.setProperty(ArgeoNames
.ARGEO_CREDENTIALS_NON_EXPIRED
,
68 } catch (RepositoryException e
) {
69 JcrUtils
.discardQuietly(session
);
70 throw new ArgeoException("Cannot create user profile for "
71 + username
+ " in workspace "
72 + session
.getWorkspace().getName(), e
);
77 * Create user profile if needed, the session IS saved.
79 * @return the user profile
81 public static Node
createUserProfileIfNeeded(Session securitySession
,
84 Node userHome
= createUserHomeIfNeeded(securitySession
, username
);
85 Node userProfile
= userHome
.hasNode(ArgeoNames
.ARGEO_PROFILE
) ? userHome
86 .getNode(ArgeoNames
.ARGEO_PROFILE
) : createUserProfile(
87 securitySession
, username
);
88 if (securitySession
.hasPendingChanges())
89 securitySession
.save();
90 VersionManager versionManager
= securitySession
.getWorkspace()
92 if (versionManager
.isCheckedOut(userProfile
.getPath()))
93 versionManager
.checkin(userProfile
.getPath());
95 } catch (RepositoryException e
) {
96 JcrUtils
.discardQuietly(securitySession
);
97 throw new ArgeoException("Cannot create user profile for "
98 + username
+ " in workspace "
99 + securitySession
.getWorkspace().getName(), e
);
104 * @return null if not found *
106 public static Node
getUserProfile(Session session
, String username
) {
108 Node userHome
= ArgeoJcrUtils
.getUserHome(session
, username
);
109 if (userHome
== null)
111 if (userHome
.hasNode(ArgeoNames
.ARGEO_PROFILE
))
112 return userHome
.getNode(ArgeoNames
.ARGEO_PROFILE
);
115 } catch (RepositoryException e
) {
116 throw new ArgeoException(
117 "Cannot find profile for user " + username
, e
);
121 private SecurityJcrUtils() {