X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fuseradmin%2FSimpleJcrSecurityModel.java;h=9d26f13352ffbccbfb5ed9a6f237f0be2a707b91;hb=2b3904582518de706357fd2a8216a47ca77dfc39;hp=029719c3a858f2236a79a4db819f4a106389da47;hpb=6ddb7b6b224a00344a182761e42b2241a721224f;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/useradmin/SimpleJcrSecurityModel.java b/org.argeo.cms/src/org/argeo/cms/internal/useradmin/SimpleJcrSecurityModel.java index 029719c3a..9d26f1335 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/useradmin/SimpleJcrSecurityModel.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/useradmin/SimpleJcrSecurityModel.java @@ -22,17 +22,17 @@ import javax.jcr.RepositoryException; import javax.jcr.Session; import javax.jcr.Value; import javax.jcr.security.Privilege; -import javax.jcr.version.VersionManager; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.jackrabbit.core.security.user.UserAccessControlProvider; import org.argeo.ArgeoException; +import org.argeo.cms.internal.auth.JcrSecurityModel; import org.argeo.jcr.ArgeoJcrConstants; import org.argeo.jcr.ArgeoNames; import org.argeo.jcr.ArgeoTypes; import org.argeo.jcr.JcrUtils; import org.argeo.jcr.UserJcrUtils; -import org.argeo.security.jcr.JcrSecurityModel; /** * Manages data expected by the Argeo security model, such as user home and @@ -46,6 +46,21 @@ public class SimpleJcrSecurityModel implements JcrSecurityModel { /** The home base path. */ private String homeBasePath = "/home"; + private String peopleBasePath = ArgeoJcrConstants.PEOPLE_BASE_PATH; + + @Override + public void init(Session adminSession) throws RepositoryException { + JcrUtils.mkdirs(adminSession, homeBasePath); + JcrUtils.mkdirs(adminSession, peopleBasePath); + adminSession.save(); + + JcrUtils.addPrivilege(adminSession, homeBasePath, + UserAccessControlProvider.USER_ADMIN_GROUP_NAME, + Privilege.JCR_READ); + JcrUtils.addPrivilege(adminSession, peopleBasePath, + UserAccessControlProvider.USER_ADMIN_GROUP_NAME, + Privilege.JCR_ALL); + } public synchronized Node sync(Session session, String username, List roles) { @@ -78,9 +93,9 @@ public class SimpleJcrSecurityModel implements JcrSecurityModel { } Node userProfile = UserJcrUtils.getUserProfile(session, username); + // new user if (userProfile == null) { - String personPath = generateUserPath( - ArgeoJcrConstants.PEOPLE_BASE_PATH, username); + String personPath = generateUserPath(peopleBasePath, username); Node personBase = JcrUtils.mkdirs(session, personPath); userProfile = personBase.addNode(ArgeoNames.ARGEO_PROFILE); userProfile.addMixin(ArgeoTypes.ARGEO_USER_PROFILE); @@ -98,12 +113,6 @@ public class SimpleJcrSecurityModel implements JcrSecurityModel { username); JcrUtils.addPrivilege(session, userProfile.getPath(), username, Privilege.JCR_READ); - - VersionManager versionManager = session.getWorkspace() - .getVersionManager(); - if (versionManager.isCheckedOut(userProfile.getPath())) - versionManager.checkin(userProfile.getPath()); - } // Remote roles