1 package org
.argeo
.jackrabbit
;
3 import java
.util
.ArrayList
;
4 import java
.util
.HashMap
;
7 import java
.util
.concurrent
.Executor
;
9 import javax
.jcr
.Repository
;
10 import javax
.jcr
.RepositoryException
;
11 import javax
.jcr
.security
.AccessControlList
;
12 import javax
.jcr
.security
.AccessControlPolicy
;
13 import javax
.jcr
.security
.AccessControlPolicyIterator
;
14 import javax
.jcr
.security
.Privilege
;
16 import org
.apache
.commons
.logging
.Log
;
17 import org
.apache
.commons
.logging
.LogFactory
;
18 import org
.apache
.jackrabbit
.api
.JackrabbitSession
;
19 import org
.apache
.jackrabbit
.api
.security
.JackrabbitAccessControlManager
;
20 import org
.apache
.jackrabbit
.api
.security
.user
.Group
;
21 import org
.apache
.jackrabbit
.api
.security
.user
.UserManager
;
22 import org
.argeo
.ArgeoException
;
23 import org
.argeo
.jcr
.JcrUtils
;
25 public class JackrabbitAuthorizations
{
26 private final static Log log
= LogFactory
27 .getLog(JackrabbitAuthorizations
.class);
29 private Repository repository
;
30 private Executor systemExecutor
;
33 * key := privilege1,privilege2/path/to/node<br/>
34 * value := group1,group2
36 private Map
<String
, String
> groupPrivileges
= new HashMap
<String
, String
>();
39 systemExecutor
.execute(new Runnable() {
41 JackrabbitSession session
= null;
43 session
= (JackrabbitSession
) repository
.login();
44 initAuthorizations(session
);
45 } catch (Exception e
) {
46 JcrUtils
.discardQuietly(session
);
48 JcrUtils
.logoutQuietly(session
);
54 protected void initAuthorizations(JackrabbitSession session
)
55 throws RepositoryException
{
56 JackrabbitAccessControlManager acm
= (JackrabbitAccessControlManager
) session
57 .getAccessControlManager();
58 UserManager um
= session
.getUserManager();
60 for (String privileges
: groupPrivileges
.keySet()) {
62 int slashIndex
= privileges
.indexOf('/');
63 if (slashIndex
== 0) {
64 throw new ArgeoException("Privilege " + privileges
65 + " badly formatted it starts with /");
66 } else if (slashIndex
> 0) {
67 path
= privileges
.substring(slashIndex
);
68 privileges
= privileges
.substring(0, slashIndex
);
74 List
<Privilege
> privs
= new ArrayList
<Privilege
>();
75 for (String priv
: privileges
.split(",")) {
76 privs
.add(acm
.privilegeFromName(priv
));
79 String groupNames
= groupPrivileges
.get(privileges
);
80 for (String groupName
: groupNames
.split(",")) {
81 Group group
= (Group
) um
.getAuthorizable(groupName
);
83 group
= um
.createGroup(groupName
);
85 AccessControlPolicy policy
= null;
86 AccessControlPolicyIterator policyIterator
= acm
87 .getApplicablePolicies(path
);
88 if (policyIterator
.hasNext()) {
89 policy
= policyIterator
.nextAccessControlPolicy();
91 AccessControlPolicy
[] existingPolicies
= acm
93 policy
= existingPolicies
[0];
95 if (policy
instanceof AccessControlList
) {
96 ((AccessControlList
) policy
).addAccessControlEntry(
98 privs
.toArray(new Privilege
[privs
.size()]));
99 acm
.setPolicy(path
, policy
);
101 if (log
.isDebugEnabled())
102 log
.debug("Added privileges " + privileges
+ " to "
103 + groupName
+ " on " + path
);
109 public void setGroupPrivileges(Map
<String
, String
> groupPrivileges
) {
110 this.groupPrivileges
= groupPrivileges
;
113 public void setRepository(Repository repository
) {
114 this.repository
= repository
;
117 public void setSystemExecutor(Executor systemExecutor
) {
118 this.systemExecutor
= systemExecutor
;