X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=server%2Fruntime%2Forg.argeo.server.jcr%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fjcr%2FJcrUtils.java;h=5afebcee4811073514c498b064e525b0450ace5b;hb=659c636b913024e967b25730fac6f4d30ae173a8;hp=9f3d761cafd79e8bdb51a7ae481fc9cfb32c847e;hpb=e499eba6852f5cc487ade0db65e6f9cfc4c5d45a;p=lgpl%2Fargeo-commons.git

diff --git a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java
index 9f3d761ca..5afebcee4 100644
--- a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java
+++ b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/JcrUtils.java
@@ -1242,25 +1242,46 @@ public class JcrUtils implements ArgeoJcrConstants {
 	 * exist. Session is saved. Synchronized to prevent concurrent modifications
 	 * of the same node.
 	 */
-	public synchronized static void addPrivileges(Session session, String path,
-			Principal principal, List<Privilege> privs)
+	public synchronized static Boolean addPrivileges(Session session,
+			String path, Principal principal, List<Privilege> privs)
 			throws RepositoryException {
 		// make sure the session is in line with the persisted state
 		session.refresh(false);
 		AccessControlManager acm = session.getAccessControlManager();
 		AccessControlList acl = getAccessControlList(acm, path);
-		acl.addAccessControlEntry(principal,
-				privs.toArray(new Privilege[privs.size()]));
+
+		accessControlEntries: for (AccessControlEntry ace : acl
+				.getAccessControlEntries()) {
+			Principal currentPrincipal = ace.getPrincipal();
+			if (currentPrincipal.getName().equals(principal.getName())) {
+				Privilege[] currentPrivileges = ace.getPrivileges();
+				if (currentPrivileges.length != privs.size())
+					break accessControlEntries;
+				for (int i = 0; i < currentPrivileges.length; i++) {
+					Privilege currP = currentPrivileges[i];
+					Privilege p = privs.get(i);
+					if (!currP.getName().equals(p.getName())) {
+						break accessControlEntries;
+					}
+				}
+				return false;
+			}
+		}
+
+		Privilege[] privileges = privs.toArray(new Privilege[privs.size()]);
+		acl.addAccessControlEntry(principal, privileges);
 		acm.setPolicy(path, acl);
 		if (log.isDebugEnabled()) {
 			StringBuffer privBuf = new StringBuffer();
 			for (Privilege priv : privs)
 				privBuf.append(priv.getName());
-			log.debug("Added privileges " + privBuf + " to " + principal
-					+ " on " + path);
+			log.debug("Added privileges " + privBuf + " to "
+					+ principal.getName() + " on " + path + " in '"
+					+ session.getWorkspace().getName() + "'");
 		}
 		session.refresh(true);
 		session.save();
+		return true;
 	}
 
 	/** Gets access control list for this path, throws exception if not found */