X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=server%2Fruntime%2Forg.argeo.server.jcr%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fjcr%2FJcrUtils.java;h=0d889626ec065c2f9d7848a2ac3f7032187a06ba;hb=3baeb167c9a92d1f915904bb956632c0aff65b2b;hp=3364ebfea896fbb79d391756bb8ec4cd27ae6e8e;hpb=2c4852dcd20d4cde88776c527ae935f242ae1e77;p=lgpl%2Fargeo-commons.git diff --git a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java index 3364ebfea..0d889626e 100644 --- a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java +++ b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java @@ -1289,6 +1289,23 @@ public class JcrUtils implements ArgeoJcrConstants { Principal principal, List privs) throws RepositoryException { AccessControlManager acm = session.getAccessControlManager(); + AccessControlList acl = getAccessControlList(acm, path); + acl.addAccessControlEntry(principal, + privs.toArray(new Privilege[privs.size()])); + acm.setPolicy(path, acl); + if (log.isDebugEnabled()) { + StringBuffer privBuf = new StringBuffer(); + for (Privilege priv : privs) + privBuf.append(priv.getName()); + log.debug("Added privileges " + privBuf + " to " + principal + + " on " + path); + } + session.save(); + } + + /** Gets access control list for this path, throws exception if not found */ + public static AccessControlList getAccessControlList( + AccessControlManager acm, String path) throws RepositoryException { // search for an access control list AccessControlList acl = null; AccessControlPolicyIterator policyIterator = acm @@ -1307,19 +1324,21 @@ public class JcrUtils implements ArgeoJcrConstants { acl = ((AccessControlList) acp); } } + if (acl != null) + return acl; + else + throw new ArgeoException("ACL not found at " + path); + } - if (acl != null) { - acl.addAccessControlEntry(principal, - privs.toArray(new Privilege[privs.size()])); - acm.setPolicy(path, acl); - if (log.isDebugEnabled()) - log.debug("Added privileges " + privs + " to " + principal - + " on " + path); - } else { - throw new ArgeoException("Don't know how to apply privileges " - + privs + " to " + principal + " on " + path); + /** Clear authorizations for a user at this path */ + public static void clearAccesControList(Session session, String path, + String username) throws RepositoryException { + AccessControlManager acm = session.getAccessControlManager(); + AccessControlList acl = getAccessControlList(acm, path); + for (AccessControlEntry ace : acl.getAccessControlEntries()) { + if (ace.getPrincipal().getName().equals(username)) { + acl.removeAccessControlEntry(ace); + } } - session.save(); } - }