Put Eclipse and JCR components in subdirs in order to clarify indirect

[lgpl/argeo-commons.git] / jcr / org.argeo.cms.jcr / src / org / argeo / security / jackrabbit / ArgeoAccessControlProvider.java

diff --git a/jcr/org.argeo.cms.jcr/src/org/argeo/security/jackrabbit/ArgeoAccessControlProvider.java b/jcr/org.argeo.cms.jcr/src/org/argeo/security/jackrabbit/ArgeoAccessControlProvider.java
new file mode 100644 (file)
index 0000000..bffe531
--- /dev/null
+++ b/jcr/org.argeo.cms.jcr/src/org/argeo/security/jackrabbit/ArgeoAccessControlProvider.java
@@ -0,0 +1,30 @@
+package org.argeo.security.jackrabbit;
+
+import java.security.Principal;
+import java.util.Map;
+import java.util.Set;
+
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+
+import org.apache.jackrabbit.core.security.authorization.acl.ACLProvider;
+
+/** Argeo specific access control provider */
+public class ArgeoAccessControlProvider extends ACLProvider {
+
+       @SuppressWarnings({ "rawtypes", "unchecked" })
+       @Override
+       public void init(Session systemSession, Map configuration) throws RepositoryException {
+               if (!configuration.containsKey(PARAM_ALLOW_UNKNOWN_PRINCIPALS))
+                       configuration.put(PARAM_ALLOW_UNKNOWN_PRINCIPALS, "true");
+               if (!configuration.containsKey(PARAM_OMIT_DEFAULT_PERMISSIONS))
+                       configuration.put(PARAM_OMIT_DEFAULT_PERMISSIONS, "true");
+               super.init(systemSession, configuration);
+       }
+
+       @Override
+       public boolean canAccessRoot(Set<Principal> principals) throws RepositoryException {
+               return super.canAccessRoot(principals);
+       }
+
+}