import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
-import org.apache.jackrabbit.core.security.SecurityConstants;
import org.argeo.cms.CmsException;
import org.argeo.jcr.JcrRepositoryWrapper;
import org.argeo.jcr.JcrUtils;
-import org.argeo.node.ArgeoNames;
-import org.argeo.node.ArgeoTypes;
import org.argeo.node.NodeConstants;
+import org.argeo.node.NodeNames;
+import org.argeo.node.NodeTypes;
import org.argeo.node.NodeUtils;
/**
class HomeRepository extends JcrRepositoryWrapper implements KernelConstants {
/** The home base path. */
private String homeBasePath = "/home";
- private String peopleBasePath = NodeConstants.PEOPLE_BASE_PATH;
+// private String peopleBasePath = NodeConstants.PEOPLE_BASE_PATH;
private Set<String> checkedUsers = new HashSet<String>();
public HomeRepository(Repository repository) {
- setRepository(repository);
+ super(repository);
+ putDescriptor(NodeConstants.CN, NodeConstants.HOME);
LoginContext lc;
try {
lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_DATA_ADMIN);
@Override
public Void run() {
try {
- initJcr(getRepository().login());
+ Session adminSession = getRepository().login();
+ initJcr(adminSession);
} catch (RepositoryException e) {
throw new CmsException("Cannot init JCR home", e);
}
return;
// if (session.getUserID().equals(AuthConstants.ROLE_KERNEL))
// return;
- if (session.getUserID().equals(SecurityConstants.ADMIN_ID))
- return;
+// if (session.getUserID().equals(SecurityConstants.ADMIN_ID))
+// return;
if (checkedUsers.contains(username))
return;
private void initJcr(Session adminSession) {
try {
JcrUtils.mkdirs(adminSession, homeBasePath);
- JcrUtils.mkdirs(adminSession, peopleBasePath);
+// JcrUtils.mkdirs(adminSession, peopleBasePath);
adminSession.save();
JcrUtils.addPrivilege(adminSession, homeBasePath,
NodeConstants.ROLE_USER_ADMIN, Privilege.JCR_READ);
- JcrUtils.addPrivilege(adminSession, peopleBasePath,
- NodeConstants.ROLE_USER_ADMIN, Privilege.JCR_ALL);
+// JcrUtils.addPrivilege(adminSession, peopleBasePath,
+// NodeConstants.ROLE_USER_ADMIN, Privilege.JCR_ALL);
adminSession.save();
} catch (RepositoryException e) {
throw new CmsException("Cannot initialize node user admin", e);
}
}
- private Node syncJcr(Session session, String username) {
+ private void syncJcr(Session session, String username) {
try {
Node userHome = NodeUtils.getUserHome(session, username);
if (userHome == null) {
else
userHome = JcrUtils.mkdirs(session, homePath);
// userHome = JcrUtils.mkfolders(session, homePath);
- userHome.addMixin(ArgeoTypes.ARGEO_USER_HOME);
- userHome.setProperty(ArgeoNames.ARGEO_USER_ID, username);
+ userHome.addMixin(NodeTypes.NODE_USER_HOME);
+ userHome.setProperty(NodeNames.LDAP_UID, username);
session.save();
JcrUtils.clearAccessControList(session, homePath, username);
Privilege.JCR_ALL);
}
- Node userProfile = NodeUtils.getUserProfile(session, username);
- // new user
- if (userProfile == null) {
- String personPath = generateUserPath(peopleBasePath, username);
- Node personBase;
- if (session.itemExists(personPath))// duplicate user id
- personBase = session.getNode(personPath).getParent()
- .addNode(JcrUtils.lastPathElement(personPath));
- else
- personBase = JcrUtils.mkdirs(session, personPath);
- userProfile = personBase.addNode(ArgeoNames.ARGEO_PROFILE);
- userProfile.addMixin(ArgeoTypes.ARGEO_USER_PROFILE);
- userProfile.setProperty(ArgeoNames.ARGEO_USER_ID, username);
- // userProfile.setProperty(ArgeoNames.ARGEO_ENABLED, true);
- // userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_EXPIRED,
- // true);
- // userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_LOCKED,
- // true);
- // userProfile.setProperty(ArgeoNames.ARGEO_CREDENTIALS_NON_EXPIRED,
- // true);
- session.save();
-
- JcrUtils.clearAccessControList(session, userProfile.getPath(),
- username);
- JcrUtils.addPrivilege(session, userProfile.getPath(), username,
- Privilege.JCR_READ);
- }
+// Node userProfile = NodeUtils.getUserProfile(session, username);
+// // new user
+// if (userProfile == null) {
+// String personPath = generateUserPath(peopleBasePath, username);
+// Node personBase;
+// if (session.itemExists(personPath))// duplicate user id
+// personBase = session.getNode(personPath).getParent()
+// .addNode(JcrUtils.lastPathElement(personPath));
+// else
+// personBase = JcrUtils.mkdirs(session, personPath);
+// userProfile = personBase.addNode(ArgeoNames.ARGEO_PROFILE);
+// userProfile.addMixin(ArgeoTypes.ARGEO_USER_PROFILE);
+// userProfile.setProperty(ArgeoNames.ARGEO_USER_ID, username);
+// // userProfile.setProperty(ArgeoNames.ARGEO_ENABLED, true);
+// // userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_EXPIRED,
+// // true);
+// // userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_LOCKED,
+// // true);
+// // userProfile.setProperty(ArgeoNames.ARGEO_CREDENTIALS_NON_EXPIRED,
+// // true);
+// session.save();
+//
+// JcrUtils.clearAccessControList(session, userProfile.getPath(),
+// username);
+// JcrUtils.addPrivilege(session, userProfile.getPath(), username,
+// Privilege.JCR_READ);
+// }
// Remote roles
// if (roles != null) {
// }
if (session.hasPendingChanges())
session.save();
- return userProfile;
+// return userProfile;
} catch (RepositoryException e) {
JcrUtils.discardQuietly(session);
throw new CmsException("Cannot sync node security model for "