X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.server.jackrabbit%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fjackrabbit%2FJackrabbitAuthorizations.java;fp=org.argeo.server.jackrabbit%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fjackrabbit%2FJackrabbitAuthorizations.java;h=e880b6700fcbfb85c405be766c5d9561c22f5236;hb=1df1bf64759d35d3d72b9d96b26b71118fdbe031;hp=0000000000000000000000000000000000000000;hpb=3a3d316af102ba410d1d9e6de349d0c8f7ac044f;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/JackrabbitAuthorizations.java b/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/JackrabbitAuthorizations.java new file mode 100644 index 000000000..e880b6700 --- /dev/null +++ b/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/JackrabbitAuthorizations.java @@ -0,0 +1,66 @@ +/* + * Copyright (C) 2007-2012 Argeo GmbH + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.argeo.jackrabbit; + +import java.security.Principal; +import java.util.Arrays; +import java.util.List; + +import javax.jcr.RepositoryException; +import javax.jcr.Session; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.jackrabbit.api.JackrabbitSession; +import org.apache.jackrabbit.api.security.user.Authorizable; +import org.apache.jackrabbit.api.security.user.UserManager; +import org.argeo.ArgeoException; +import org.argeo.jcr.security.JcrAuthorizations; + +/** Apply authorizations to a Jackrabbit repository. */ +public class JackrabbitAuthorizations extends JcrAuthorizations { + private final static Log log = LogFactory + .getLog(JackrabbitAuthorizations.class); + + private List groupPrefixes = Arrays + .asList(new String[] { "ROLE_" });// new ArrayList(); + + @Override + protected Principal getOrCreatePrincipal(Session session, + String principalName) throws RepositoryException { + UserManager um = ((JackrabbitSession) session).getUserManager(); + synchronized (um) { + Authorizable authorizable = um.getAuthorizable(principalName); + if (authorizable == null) { + groupPrefixes: for (String groupPrefix : groupPrefixes) { + if (principalName.startsWith(groupPrefix)) { + authorizable = um.createGroup(principalName); + log.info("Created group " + principalName); + break groupPrefixes; + } + } + if (authorizable == null) + throw new ArgeoException("Authorizable " + principalName + + " not found"); + } + return authorizable.getPrincipal(); + } + } + + public void setGroupPrefixes(List groupsToCreate) { + this.groupPrefixes = groupsToCreate; + } +}