X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=server%2Fruntime%2Forg.argeo.server.jackrabbit%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fjackrabbit%2Fremote%2FSimpleSessionProvider.java;h=8e8b1d945ce22f2c7a3883d74cfc0f6673150b57;hb=8b8ee149b20e2578a55e17413fa5f7399ff7ba14;hp=6647eb94bf77f958a9f5aa27884976aada8afd93;hpb=a3aed6b17b3a5de5f37170bf88a939fb8aae6e68;p=lgpl%2Fargeo-commons.git diff --git a/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/remote/SimpleSessionProvider.java b/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/remote/SimpleSessionProvider.java index 6647eb94b..8e8b1d945 100644 --- a/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/remote/SimpleSessionProvider.java +++ b/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/remote/SimpleSessionProvider.java @@ -1,24 +1,37 @@ package org.argeo.jackrabbit.remote; import java.io.Serializable; +import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; +import java.util.Iterator; +import java.util.List; import java.util.Map; import javax.jcr.LoginException; +import javax.jcr.Node; import javax.jcr.Repository; import javax.jcr.RepositoryException; import javax.jcr.Session; +import javax.jcr.Value; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.jackrabbit.api.JackrabbitSession; +import org.apache.jackrabbit.api.security.user.Group; +import org.apache.jackrabbit.api.security.user.User; +import org.apache.jackrabbit.api.security.user.UserManager; import org.apache.jackrabbit.server.SessionProvider; import org.argeo.ArgeoException; +import org.argeo.jcr.ArgeoNames; import org.argeo.jcr.JcrUtils; -/** To be injected, typically of scope="session" */ +/** + * To be injected, typically of scope="session". Implements an open session in + * view patter: a new JCR session is created for each request + */ public class SimpleSessionProvider implements SessionProvider, Serializable { private static final long serialVersionUID = 2270957712453841368L; @@ -34,7 +47,10 @@ public class SimpleSessionProvider implements SessionProvider, Serializable { RepositoryException { if (openSessionInView) { - return rep.login(workspace); + JackrabbitSession session = (JackrabbitSession) rep + .login(workspace); + writeRemoteRoles(session); + return session; } else { // since sessions is transient it can't be restored from the session if (sessions == null) @@ -43,7 +59,9 @@ public class SimpleSessionProvider implements SessionProvider, Serializable { if (!sessions.containsKey(workspace)) { try { - Session session = rep.login(null, workspace); + JackrabbitSession session = (JackrabbitSession) rep.login( + null, workspace); + writeRemoteRoles(session); if (log.isTraceEnabled()) log.trace("User " + session.getUserID() + " logged into " + request.getServletPath()); @@ -64,11 +82,60 @@ public class SimpleSessionProvider implements SessionProvider, Serializable { } } + protected void writeRemoteRoles(JackrabbitSession session) + throws RepositoryException { + // retrieve roles + String userId = session.getUserID(); + UserManager userManager = session.getUserManager(); + User user = (User) userManager.getAuthorizable(userId); + if (user == null) { + // anonymous + return; + } + List userGroupIds = new ArrayList(); + if (user != null) + for (Iterator it = user.memberOf(); it.hasNext();) + userGroupIds.add(it.next().getID()); + + // write roles if needed + Node userProfile = JcrUtils.getUserProfile(session); + boolean writeRoles = false; + if (userProfile.hasProperty(ArgeoNames.ARGEO_REMOTE_ROLES)) { + Value[] roles = userProfile.getProperty( + ArgeoNames.ARGEO_REMOTE_ROLES).getValues(); + if (roles.length != userGroupIds.size()) + writeRoles = true; + else + for (int i = 0; i < roles.length; i++) + if (!roles[i].getString().equals(userGroupIds.get(i))) + writeRoles = true; + } else + writeRoles = true; + + if (writeRoles) { + session.getWorkspace().getVersionManager() + .checkout(userProfile.getPath()); + String[] roleIds = userGroupIds.toArray(new String[userGroupIds + .size()]); + userProfile.setProperty(ArgeoNames.ARGEO_REMOTE_ROLES, roleIds); + JcrUtils.updateLastModified(userProfile); + session.save(); + session.getWorkspace().getVersionManager() + .checkin(userProfile.getPath()); + } + + } + public void releaseSession(Session session) { if (log.isTraceEnabled()) log.trace("Releasing JCR session " + session); - if (openSessionInView) - JcrUtils.logoutQuietly(session); + if (openSessionInView) { + if (session.isLive()) { + session.logout(); + if (log.isTraceEnabled()) + log.trace("Logged out remote JCR session " + session); + } + } } public void init() { @@ -81,7 +148,7 @@ public class SimpleSessionProvider implements SessionProvider, Serializable { if (session.isLive()) { session.logout(); if (log.isDebugEnabled()) - log.debug("Logged out JCR session " + session); + log.debug("Logged out remote JCR session " + session); } } }