package org.argeo.suite;
+import java.util.HashSet;
+import java.util.Set;
+
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.naming.ldap.LdapName;
import javax.security.auth.x500.X500Principal;
+import org.argeo.api.NodeConstants;
import org.argeo.cms.auth.CmsSession;
import org.argeo.entity.EntityType;
import org.argeo.jackrabbit.security.JackrabbitSecurityUtils;
JackrabbitSecurityUtils.denyPrivilege(adminSession, userNode.getPath(), SuiteRole.coworker.dn(),
Privilege.JCR_READ);
JcrUtils.addPrivilege(adminSession, userNode.getPath(), new X500Principal(userDn.toString()).getName(),
+ Privilege.JCR_READ);
+ JcrUtils.addPrivilege(adminSession, userNode.getPath(), NodeConstants.ROLE_USER_ADMIN,
Privilege.JCR_ALL);
} else {
userNode = usersBase.getNode(uid);
}
+ public static Set<String> extractRoles(String[] semiColArr) {
+ Set<String> res = new HashSet<>();
+ // TODO factorize and make it more robust
+ final String rolesPrefix = "roles:=\"";
+ // first one is layer id
+ for (int i = 1; i < semiColArr.length; i++) {
+ if (semiColArr[i].startsWith(rolesPrefix)) {
+ String rolesStr = semiColArr[i].substring(rolesPrefix.length());
+ // remove last "
+ rolesStr = rolesStr.substring(0, rolesStr.lastIndexOf('\"'));
+ // TODO support AND (&) as well
+ String[] roles = rolesStr.split("\\|");// OR (|)
+ for (String role : roles) {
+ res.add(role.trim());
+ }
+ }
+ }
+ return res;
+ }
+
}