- private Repository repository;
- private Executor systemExecutor;
-
- /**
- * key := privilege1,privilege2/path/to/node<br/>
- * value := group1,group2
- */
- private Map<String, String> groupPrivileges = new HashMap<String, String>();
-
- public void init() {
- Runnable action = new Runnable() {
- public void run() {
- JackrabbitSession session = null;
- try {
- session = (JackrabbitSession) repository.login();
- initAuthorizations(session);
- } catch (Exception e) {
- JcrUtils.discardQuietly(session);
- } finally {
- JcrUtils.logoutQuietly(session);
- }
- }
- };
-
- if (systemExecutor != null)
- systemExecutor.execute(action);
- else
- action.run();
- }
-
- protected void initAuthorizations(JackrabbitSession session)
- throws RepositoryException {
- JackrabbitAccessControlManager acm = (JackrabbitAccessControlManager) session
- .getAccessControlManager();
- UserManager um = session.getUserManager();
-
- for (String privileges : groupPrivileges.keySet()) {
- String path = null;
- int slashIndex = privileges.indexOf('/');
- if (slashIndex == 0) {
- throw new ArgeoException("Privilege " + privileges
- + " badly formatted it starts with /");
- } else if (slashIndex > 0) {
- path = privileges.substring(slashIndex);
- privileges = privileges.substring(0, slashIndex);
- }
-
- if (path == null)
- path = "/";
-
- List<Privilege> privs = new ArrayList<Privilege>();
- for (String priv : privileges.split(",")) {
- privs.add(acm.privilegeFromName(priv));
- }
-
- String groupNames = groupPrivileges.get(privileges);
- for (String groupName : groupNames.split(",")) {
- Group group = (Group) um.getAuthorizable(groupName);
- if (group == null)
- group = um.createGroup(groupName);
-
- AccessControlPolicy policy = null;
- AccessControlPolicyIterator policyIterator = acm
- .getApplicablePolicies(path);
- if (policyIterator.hasNext()) {
- policy = policyIterator.nextAccessControlPolicy();
- } else {
- AccessControlPolicy[] existingPolicies = acm
- .getPolicies(path);
- policy = existingPolicies[0];
- }
- if (policy instanceof AccessControlList) {
- ((AccessControlList) policy).addAccessControlEntry(
- group.getPrincipal(),
- privs.toArray(new Privilege[privs.size()]));
- acm.setPolicy(path, policy);
+ private List<String> groupPrefixes = new ArrayList<String>();
+
+ @Override
+ protected Principal getOrCreatePrincipal(Session session,
+ String principalName) throws RepositoryException {
+ UserManager um = ((JackrabbitSession) session).getUserManager();
+ Authorizable authorizable = um.getAuthorizable(principalName);
+ if (authorizable == null) {
+ groupPrefixes: for (String groupPrefix : groupPrefixes) {
+ if (principalName.startsWith(groupPrefix)) {
+ authorizable = um.createGroup(principalName);
+ log.info("Created group " + principalName);
+ break groupPrefixes;