]>
git.argeo.org Git - gpl/argeo-suite.git/blob - SuiteUtils.java
531d3a35c050ab6408cf8533f9a5c47f9493be2b
1 package org
.argeo
.app
.core
;
3 import java
.util
.HashSet
;
4 import java
.util
.Optional
;
8 import javax
.jcr
.RepositoryException
;
9 import javax
.jcr
.Session
;
10 import javax
.jcr
.nodetype
.NodeType
;
11 import javax
.jcr
.security
.Privilege
;
12 import javax
.security
.auth
.x500
.X500Principal
;
13 import javax
.xml
.namespace
.QName
;
15 import org
.argeo
.api
.acr
.Content
;
16 import org
.argeo
.api
.cms
.CmsConstants
;
17 import org
.argeo
.api
.cms
.CmsSession
;
18 import org
.argeo
.app
.api
.EntityType
;
19 import org
.argeo
.cms
.auth
.RoleNameUtils
;
20 import org
.argeo
.jcr
.JcrException
;
21 import org
.argeo
.jcr
.JcrUtils
;
22 import org
.argeo
.util
.naming
.LdapAttrs
;
23 import org
.argeo
.util
.naming
.LdapObjs
;
25 /** Utilities around the Argeo Suite APIs. */
26 public class SuiteUtils
{
28 public static String
getUserNodePath(String userDn
) {
29 String uid
= RoleNameUtils
.getLastRdnValue(userDn
);
30 return EntityType
.user
.basePath() + '/' + uid
;
34 private static Node
getOrCreateUserNode(Session adminSession
, String userDn
) {
36 Node usersBase
= adminSession
.getNode(EntityType
.user
.basePath());
37 String uid
= RoleNameUtils
.getLastRdnValue(userDn
);
39 if (!usersBase
.hasNode(uid
)) {
40 userNode
= usersBase
.addNode(uid
, NodeType
.NT_UNSTRUCTURED
);
41 userNode
.addMixin(EntityType
.user
.get());
42 userNode
.addMixin(NodeType
.MIX_CREATED
);
43 userNode
.setProperty(LdapAttrs
.distinguishedName
.property(), userDn
.toString());
44 userNode
.setProperty(LdapAttrs
.uid
.property(), uid
);
46 // JackrabbitSecurityUtils.denyPrivilege(adminSession, userNode.getPath(), SuiteRole.coworker.dn(),
47 // Privilege.JCR_READ);
48 JcrUtils
.addPrivilege(adminSession
, userNode
.getPath(), new X500Principal(userDn
.toString()).getName(),
50 JcrUtils
.addPrivilege(adminSession
, userNode
.getPath(), CmsConstants
.ROLE_USER_ADMIN
,
53 userNode
= usersBase
.getNode(uid
);
56 } catch (RepositoryException e
) {
57 throw new JcrException("Cannot create user node for " + userDn
, e
);
62 public static Node
getCmsSessionNode(Session session
, CmsSession cmsSession
) {
64 return session
.getNode(getUserNodePath(cmsSession
.getUserDn()) + '/' + cmsSession
.getUuid().toString());
65 } catch (RepositoryException e
) {
66 throw new JcrException("Cannot get session dir for " + cmsSession
, e
);
71 public static Node
getOrCreateCmsSessionNode(Session adminSession
, CmsSession cmsSession
) {
73 String userDn
= cmsSession
.getUserDn();
74 // String uid = userDn.get(userDn.size() - 1);
75 Node userNode
= getOrCreateUserNode(adminSession
, userDn
);
76 // if (!usersBase.hasNode(uid)) {
77 // userNode = usersBase.addNode(uid, NodeType.NT_UNSTRUCTURED);
78 // userNode.addMixin(EntityType.user.get());
79 // userNode.addMixin(NodeType.MIX_CREATED);
80 // usersBase.setProperty(LdapAttrs.uid.property(), uid);
81 // usersBase.setProperty(LdapAttrs.distinguishedName.property(), userDn.toString());
82 // adminSession.save();
84 // userNode = usersBase.getNode(uid);
86 String cmsSessionUuid
= cmsSession
.getUuid().toString();
88 if (!userNode
.hasNode(cmsSessionUuid
)) {
89 cmsSessionNode
= userNode
.addNode(cmsSessionUuid
, NodeType
.NT_UNSTRUCTURED
);
90 cmsSessionNode
.addMixin(NodeType
.MIX_CREATED
);
92 JcrUtils
.addPrivilege(adminSession
, cmsSessionNode
.getPath(), cmsSession
.getUserRole(),
95 cmsSessionNode
= userNode
.getNode(cmsSessionUuid
);
97 return cmsSessionNode
;
98 } catch (RepositoryException e
) {
99 throw new JcrException("Cannot create session dir for " + cmsSession
, e
);
103 public static Set
<String
> extractRoles(String
[] semiColArr
) {
104 Set
<String
> res
= new HashSet
<>();
105 // TODO factorize and make it more robust
106 final String rolesPrefix
= "roles:=\"";
107 // first one is layer id
108 for (int i
= 1; i
< semiColArr
.length
; i
++) {
109 if (semiColArr
[i
].startsWith(rolesPrefix
)) {
110 String rolesStr
= semiColArr
[i
].substring(rolesPrefix
.length());
112 rolesStr
= rolesStr
.substring(0, rolesStr
.lastIndexOf('\"'));
113 // TODO support AND (&) as well
114 String
[] roles
= rolesStr
.split("\\|");// OR (|)
115 for (String role
: roles
) {
116 res
.add(role
.trim());
123 synchronized static public long findNextId(Content hierarchyUnit
, QName cclass
) {
124 if (!hierarchyUnit
.hasContentClass(LdapObjs
.posixGroup
.qName()))
125 throw new IllegalArgumentException(hierarchyUnit
+ " is not a POSIX group");
127 long min
= hierarchyUnit
.get(LdapAttrs
.gidNumber
.qName(), Long
.class).orElseThrow();
128 long currentMax
= 0l;
129 for (Content childHu
: hierarchyUnit
) {
130 if (!childHu
.hasContentClass(LdapObjs
.organizationalUnit
.qName()))
132 // FIXME filter out functional hierarchy unit
133 for (Content role
: childHu
) {
134 if (role
.hasContentClass(cclass
)) {
136 if (LdapObjs
.posixAccount
.qName().equals(cclass
)) {
137 Long id
= role
.get(LdapAttrs
.uidNumber
.qName(), Long
.class).orElseThrow();
144 if (currentMax
== 0l)
146 return currentMax
+ 1;
150 private SuiteUtils() {