Refactor JCR utils and home usage

[lgpl/argeo-commons.git] / server / runtime / org.argeo.server.jcr / src / main / java / org / argeo / jcr / security / JcrKeyring.java

diff --git a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/security/JcrKeyring.java b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/security/JcrKeyring.java
index c09209a7cd22b45a148bfb287c9d22dd395de602..a35bbd2724a878f30bc8cdd0a3d15f6b25d67d57 100644 (file)
--- a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/security/JcrKeyring.java
+++ b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/security/JcrKeyring.java
@@ -34,6 +34,7 @@ import org.argeo.ArgeoException;
 import org.argeo.jcr.ArgeoNames;
 import org.argeo.jcr.ArgeoTypes;
 import org.argeo.jcr.JcrUtils;
+import org.argeo.jcr.UserJcrUtils;
 import org.argeo.util.crypto.AbstractKeyring;
 import org.argeo.util.crypto.PBEKeySpecCallback;
 
@@ -62,7 +63,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
                        if (notYetSavedKeyring.get() != null)
                                return true;
 
-                       Node userHome = JcrUtils.getUserHome(session);
+                       Node userHome = UserJcrUtils.getUserHome(session);
                        return userHome.hasNode(ARGEO_KEYRING);
                } catch (RepositoryException e) {
                        throw new ArgeoException("Cannot check whether keyring is setup", e);
@@ -74,7 +75,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
                Binary binary = null;
                InputStream in = null;
                try {
-                       Node userHome = JcrUtils.getUserHome(session);
+                       Node userHome = UserJcrUtils.getUserHome(session);
                        if (userHome.hasNode(ARGEO_KEYRING))
                                throw new ArgeoException("Keyring already setup");
                        Node keyring = userHome.addNode(ARGEO_KEYRING);
@@ -125,7 +126,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
        @Override
        protected void handleKeySpecCallback(PBEKeySpecCallback pbeCallback) {
                try {
-                       Node userHome = JcrUtils.getUserHome(session);
+                       Node userHome = UserJcrUtils.getUserHome(session);
                        Node keyring;
                        if (userHome.hasNode(ARGEO_KEYRING))
                                keyring = userHome.getNode(ARGEO_KEYRING);
@@ -149,9 +150,9 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
                }
        }
 
-       /** The node must already exist at this path */
+       /** The node must already exist at this path. Session is saved. */
        @Override
-       protected void encrypt(String path, InputStream unencrypted) {
+       protected synchronized void encrypt(String path, InputStream unencrypted) {
                // should be called first for lazy initialization
                SecretKey secretKey = getSecretKey();
 
@@ -164,6 +165,8 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
                        Cipher cipher = createCipher();
                        if (!session.nodeExists(path))
                                throw new ArgeoException("No node at " + path);
+                       if (session.hasPendingChanges())
+                               session.save();
                        Node node = session.getNode(path);
                        node.addMixin(ArgeoTypes.ARGEO_ENCRYPTED);
                        SecureRandom random = new SecureRandom();
@@ -194,6 +197,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
                        in = new CipherInputStream(unencrypted, cipher);
                        binary = session.getValueFactory().createBinary(in);
                        node.setProperty(Property.JCR_DATA, binary);
+                       session.save();
                } catch (Exception e) {
                        throw new ArgeoException("Cannot encrypt", e);
                } finally {
@@ -206,7 +210,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
        }
 
        @Override
-       protected InputStream decrypt(String path) {
+       protected synchronized InputStream decrypt(String path) {
                // should be called first for lazy initialization
                SecretKey secretKey = getSecretKey();
 
@@ -246,7 +250,7 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
 
        protected Cipher createCipher() {
                try {
-                       Node userHome = JcrUtils.getUserHome(session);
+                       Node userHome = UserJcrUtils.getUserHome(session);
                        if (!userHome.hasNode(ARGEO_KEYRING))
                                throw new ArgeoException("Keyring not setup");
                        Node keyring = userHome.getNode(ARGEO_KEYRING);
@@ -258,16 +262,16 @@ public class JcrKeyring extends AbstractKeyring implements ArgeoNames {
                }
        }
 
-       public void changePassword(char[] oldPassword, char[] newPassword) {
-               // TODO Auto-generated method stub
-
+       public synchronized void changePassword(char[] oldPassword,
+                       char[] newPassword) {
+               // TODO decrypt with old pw / encrypt with new pw all argeo:encrypted
        }
 
-       public Session getSession() {
+       public synchronized Session getSession() {
                return session;
        }
 
-       public void setSession(Session session) {
+       public synchronized void setSession(Session session) {
                this.session = session;
        }