X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.jcr%2Fsrc%2Forg%2Fargeo%2Fjcr%2Fsecurity%2FJcrAuthorizations.java;fp=org.argeo.jcr%2Fsrc%2Forg%2Fargeo%2Fjcr%2Fsecurity%2FJcrAuthorizations.java;h=0000000000000000000000000000000000000000;hb=85688af22a77f82e7762e11e6eb38c6367eddb6c;hp=3e8e3a2ff6216f1968ae4cd862cae686bcaf6556;hpb=77a5498dd5d10d2442127022efd6501a7dbddbae;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.jcr/src/org/argeo/jcr/security/JcrAuthorizations.java b/org.argeo.jcr/src/org/argeo/jcr/security/JcrAuthorizations.java
deleted file mode 100644
index 3e8e3a2ff..000000000
--- a/org.argeo.jcr/src/org/argeo/jcr/security/JcrAuthorizations.java
+++ /dev/null
@@ -1,223 +0,0 @@
-/*
- * Copyright (C) 2007-2012 Argeo GmbH
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *         http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.argeo.jcr.security;
-
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.jcr.Repository;
-import javax.jcr.RepositoryException;
-import javax.jcr.Session;
-import javax.jcr.security.AccessControlManager;
-import javax.jcr.security.Privilege;
-
-import org.argeo.jcr.ArgeoJcrException;
-import org.argeo.jcr.JcrUtils;
-import org.argeo.jcr.SimplePrincipal;
-
-/** Apply authorizations to a JCR repository. */
-public class JcrAuthorizations implements Runnable {
-	// private final static Log log =
-	// LogFactory.getLog(JcrAuthorizations.class);
-
-	private Repository repository;
-	private String workspace = null;
-
-	private String securityWorkspace = "security";
-
-	/**
-	 * key := privilege1,privilege2/path/to/node<br/>
-	 * value := group1,group2,user1
-	 */
-	private Map<String, String> principalPrivileges = new HashMap<String, String>();
-
-	public void run() {
-		String currentWorkspace = workspace;
-		Session session = null;
-		try {
-			if (workspace != null && workspace.equals("*")) {
-				session = repository.login();
-				String[] workspaces = session.getWorkspace()
-						.getAccessibleWorkspaceNames();
-				JcrUtils.logoutQuietly(session);
-				for (String wksp : workspaces) {
-					currentWorkspace = wksp;
-					if (currentWorkspace.equals(securityWorkspace))
-						continue;
-					session = repository.login(currentWorkspace);
-					initAuthorizations(session);
-					JcrUtils.logoutQuietly(session);
-				}
-			} else {
-				session = repository.login(workspace);
-				initAuthorizations(session);
-			}
-		} catch (Exception e) {
-			JcrUtils.discardQuietly(session);
-			throw new ArgeoJcrException(
-					"Cannot set authorizations " + principalPrivileges
-							+ " on workspace " + currentWorkspace, e);
-		} finally {
-			JcrUtils.logoutQuietly(session);
-		}
-	}
-
-	protected void processWorkspace(String workspace) {
-		Session session = null;
-		try {
-			session = repository.login(workspace);
-			initAuthorizations(session);
-		} catch (Exception e) {
-			JcrUtils.discardQuietly(session);
-			throw new ArgeoJcrException("Cannot set authorizations "
-					+ principalPrivileges + " on repository " + repository, e);
-		} finally {
-			JcrUtils.logoutQuietly(session);
-		}
-	}
-
-	/** @deprecated call {@link #run()} instead. */
-	@Deprecated
-	public void init() {
-		run();
-	}
-
-	protected void initAuthorizations(Session session)
-			throws RepositoryException {
-		AccessControlManager acm = session.getAccessControlManager();
-
-		for (String privileges : principalPrivileges.keySet()) {
-			String path = null;
-			int slashIndex = privileges.indexOf('/');
-			if (slashIndex == 0) {
-				throw new ArgeoJcrException("Privilege " + privileges
-						+ " badly formatted it starts with /");
-			} else if (slashIndex > 0) {
-				path = privileges.substring(slashIndex);
-				privileges = privileges.substring(0, slashIndex);
-			}
-
-			if (path == null)
-				path = "/";
-
-			List<Privilege> privs = new ArrayList<Privilege>();
-			for (String priv : privileges.split(",")) {
-				privs.add(acm.privilegeFromName(priv));
-			}
-
-			String principalNames = principalPrivileges.get(privileges);
-			for (String principalName : principalNames.split(",")) {
-				Principal principal = getOrCreatePrincipal(session,
-						principalName);
-				JcrUtils.addPrivileges(session, path, principal, privs);
-				// if (log.isDebugEnabled()) {
-				// StringBuffer privBuf = new StringBuffer();
-				// for (Privilege priv : privs)
-				// privBuf.append(priv.getName());
-				// log.debug("Added privileges " + privBuf + " to "
-				// + principal.getName() + " on " + path + " in '"
-				// + session.getWorkspace().getName() + "'");
-				// }
-			}
-		}
-
-		// if (log.isDebugEnabled())
-		// log.debug("JCR authorizations applied on '"
-		// + session.getWorkspace().getName() + "'");
-	}
-
-	/**
-	 * Returns a {@link SimplePrincipal}, does not check whether it exists since
-	 * such capabilities is not provided by the standard JCR API. Can be
-	 * overridden to provide smarter handling
-	 */
-	protected Principal getOrCreatePrincipal(Session session,
-			String principalName) throws RepositoryException {
-		return new SimplePrincipal(principalName);
-	}
-
-	// public static void addPrivileges(Session session, Principal principal,
-	// String path, List<Privilege> privs) throws RepositoryException {
-	// AccessControlManager acm = session.getAccessControlManager();
-	// // search for an access control list
-	// AccessControlList acl = null;
-	// AccessControlPolicyIterator policyIterator = acm
-	// .getApplicablePolicies(path);
-	// if (policyIterator.hasNext()) {
-	// while (policyIterator.hasNext()) {
-	// AccessControlPolicy acp = policyIterator
-	// .nextAccessControlPolicy();
-	// if (acp instanceof AccessControlList)
-	// acl = ((AccessControlList) acp);
-	// }
-	// } else {
-	// AccessControlPolicy[] existingPolicies = acm.getPolicies(path);
-	// for (AccessControlPolicy acp : existingPolicies) {
-	// if (acp instanceof AccessControlList)
-	// acl = ((AccessControlList) acp);
-	// }
-	// }
-	//
-	// if (acl != null) {
-	// acl.addAccessControlEntry(principal,
-	// privs.toArray(new Privilege[privs.size()]));
-	// acm.setPolicy(path, acl);
-	// session.save();
-	// if (log.isDebugEnabled()) {
-	// StringBuffer buf = new StringBuffer("");
-	// for (int i = 0; i < privs.size(); i++) {
-	// if (i != 0)
-	// buf.append(',');
-	// buf.append(privs.get(i).getName());
-	// }
-	// log.debug("Added privilege(s) '" + buf + "' to '"
-	// + principal.getName() + "' on " + path
-	// + " from workspace '"
-	// + session.getWorkspace().getName() + "'");
-	// }
-	// } else {
-	// throw new ArgeoJcrException("Don't know how to apply  privileges "
-	// + privs + " to " + principal + " on " + path
-	// + " from workspace '" + session.getWorkspace().getName()
-	// + "'");
-	// }
-	// }
-
-	@Deprecated
-	public void setGroupPrivileges(Map<String, String> groupPrivileges) {
-		this.principalPrivileges = groupPrivileges;
-	}
-
-	public void setPrincipalPrivileges(Map<String, String> principalPrivileges) {
-		this.principalPrivileges = principalPrivileges;
-	}
-
-	public void setRepository(Repository repository) {
-		this.repository = repository;
-	}
-
-	public void setWorkspace(String workspace) {
-		this.workspace = workspace;
-	}
-
-	public void setSecurityWorkspace(String securityWorkspace) {
-		this.securityWorkspace = securityWorkspace;
-	}
-
-}