core/org.argeo.suite.core/src/org/argeo/suite/SuiteUtils.java

   1 package org.argeo.suite;
   2
   3 import javax.jcr.Node;
   4 import javax.jcr.RepositoryException;
   5 import javax.jcr.Session;
   6 import javax.jcr.nodetype.NodeType;
   7 import javax.jcr.security.Privilege;
   8 import javax.naming.ldap.LdapName;
   9 import javax.security.auth.x500.X500Principal;
  10
  11 import org.argeo.api.NodeConstants;
  12 import org.argeo.cms.auth.CmsSession;
  13 import org.argeo.entity.EntityType;
  14 import org.argeo.jackrabbit.security.JackrabbitSecurityUtils;
  15 import org.argeo.jcr.JcrException;
  16 import org.argeo.jcr.JcrUtils;
  17 import org.argeo.naming.LdapAttrs;
  18
  19 /** Utilities around the Argeo Suite APIs. */
  20 public class SuiteUtils {
  21
  22         public static String getUserNodePath(LdapName userDn) {
  23                 String uid = userDn.getRdn(userDn.size() - 1).getValue().toString();
  24                 return EntityType.user.basePath() + '/' + uid;
  25         }
  26
  27         public static Node getOrCreateUserNode(Session adminSession, LdapName userDn) {
  28                 try {
  29                         Node usersBase = adminSession.getNode(EntityType.user.basePath());
  30                         String uid = userDn.getRdn(userDn.size() - 1).getValue().toString();
  31                         Node userNode;
  32                         if (!usersBase.hasNode(uid)) {
  33                                 userNode = usersBase.addNode(uid, NodeType.NT_UNSTRUCTURED);
  34                                 userNode.addMixin(EntityType.user.get());
  35                                 userNode.addMixin(NodeType.MIX_CREATED);
  36                                 userNode.setProperty(LdapAttrs.distinguishedName.property(), userDn.toString());
  37                                 userNode.setProperty(LdapAttrs.uid.property(), uid);
  38                                 adminSession.save();
  39                                 JackrabbitSecurityUtils.denyPrivilege(adminSession, userNode.getPath(), SuiteRole.coworker.dn(),
  40                                                 Privilege.JCR_READ);
  41                                 JcrUtils.addPrivilege(adminSession, userNode.getPath(), new X500Principal(userDn.toString()).getName(),
  42                                                 Privilege.JCR_READ);
  43                                 JcrUtils.addPrivilege(adminSession, userNode.getPath(), NodeConstants.ROLE_USER_ADMIN,
  44                                                 Privilege.JCR_ALL);
  45                         } else {
  46                                 userNode = usersBase.getNode(uid);
  47                         }
  48                         return userNode;
  49                 } catch (RepositoryException e) {
  50                         throw new JcrException("Cannot create user node for " + userDn, e);
  51                 }
  52         }
  53
  54         public static Node getCmsSessionNode(Session session, CmsSession cmsSession) {
  55                 try {
  56                         return session.getNode(getUserNodePath(cmsSession.getUserDn()) + '/' + cmsSession.getUuid().toString());
  57                 } catch (RepositoryException e) {
  58                         throw new JcrException("Cannot get session dir for " + cmsSession, e);
  59                 }
  60         }
  61
  62         public static Node getOrCreateCmsSessionNode(Session adminSession, CmsSession cmsSession) {
  63                 try {
  64                         LdapName userDn = cmsSession.getUserDn();
  65 //                      String uid = userDn.get(userDn.size() - 1);
  66                         Node userNode = getOrCreateUserNode(adminSession, userDn);
  67 //                      if (!usersBase.hasNode(uid)) {
  68 //                              userNode = usersBase.addNode(uid, NodeType.NT_UNSTRUCTURED);
  69 //                              userNode.addMixin(EntityType.user.get());
  70 //                              userNode.addMixin(NodeType.MIX_CREATED);
  71 //                              usersBase.setProperty(LdapAttrs.uid.property(), uid);
  72 //                              usersBase.setProperty(LdapAttrs.distinguishedName.property(), userDn.toString());
  73 //                              adminSession.save();
  74 //                      } else {
  75 //                              userNode = usersBase.getNode(uid);
  76 //                      }
  77                         String cmsSessionUuid = cmsSession.getUuid().toString();
  78                         Node cmsSessionNode;
  79                         if (!userNode.hasNode(cmsSessionUuid)) {
  80                                 cmsSessionNode = userNode.addNode(cmsSessionUuid, NodeType.NT_UNSTRUCTURED);
  81                                 cmsSessionNode.addMixin(NodeType.MIX_CREATED);
  82                                 adminSession.save();
  83                                 JcrUtils.addPrivilege(adminSession, cmsSessionNode.getPath(), cmsSession.getUserRole(),
  84                                                 Privilege.JCR_ALL);
  85                         } else {
  86                                 cmsSessionNode = userNode.getNode(cmsSessionUuid);
  87                         }
  88                         return cmsSessionNode;
  89                 } catch (RepositoryException e) {
  90                         throw new JcrException("Cannot create session dir for " + cmsSession, e);
  91                 }
  92         }
  93
  94         /** Singleton. */
  95         private SuiteUtils() {
  96
  97         }
  98
  99 }