+ protected synchronized void setHomeNodeAuthorizations(User user) {
+ // give all privileges on user home
+ // FIXME: fails on an empty repo
+ String userId = "<not yet set>";
+ try {
+ userId = user.getID();
+ Node userHome = null;
+ try {
+ userHome = JcrUtils.getUserHome(getSystemSession(), userId);
+ if (userHome == null) {
+ userHome = JcrUtils.createUserHomeIfNeeded(getSystemSession(), userId);
+ //log.warn("No home available for user "+userId);
+ return;
+ }
+ } catch (Exception e) {
+ // silent
+ }
+
+ if (userHome != null) {
+ String path = userHome.getPath();
+ Principal principal = user.getPrincipal();
+
+ JackrabbitAccessControlManager acm = (JackrabbitAccessControlManager) getSystemSession()
+ .getAccessControlManager();
+ JackrabbitAccessControlPolicy[] ps = acm
+ .getApplicablePolicies(principal);
+ if (ps.length == 0) {
+ // log.warn("No ACL found for " + user);
+ return;
+ }
+
+ JackrabbitAccessControlList list = (JackrabbitAccessControlList) ps[0];
+
+ // add entry
+ Privilege[] privileges = new Privilege[] { acm
+ .privilegeFromName(Privilege.JCR_ALL) };
+ Map<String, Value> restrictions = new HashMap<String, Value>();
+ ValueFactory vf = getSystemSession().getValueFactory();
+ restrictions.put("rep:nodePath",
+ vf.createValue(path, PropertyType.PATH));
+ restrictions.put("rep:glob", vf.createValue("*"));
+ list.addEntry(principal, privileges, true /* allow or deny */,
+ restrictions);
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ log.warn("Cannot set authorization on user node for " + userId
+ + ": " + e.getMessage());
+ }
+
+ }
+