import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
+import javax.jcr.nodetype.NodeType;
import javax.jcr.security.Privilege;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
*/
class HomeRepository extends JcrRepositoryWrapper implements KernelConstants {
/** The home base path. */
- private String homeBasePath = "/home";
- // private String peopleBasePath = NodeConstants.PEOPLE_BASE_PATH;
+ private String homeBasePath = KernelConstants.DEFAULT_HOME_BASE_PATH;
+ private String groupsBasePath = KernelConstants.DEFAULT_GROUPS_BASE_PATH;
private Set<String> checkedUsers = new HashSet<String>();
});
}
- // @Override
- // public Session login() throws LoginException, RepositoryException {
- // Session session = super.login();
- // String username = session.getUserID();
- // if (username == null)
- // return session;
- // if (session.getUserID().equals(AuthConstants.ROLE_ANONYMOUS))
- // return session;
- //
- // if (checkedUsers.contains(username))
- // return session;
- // Session adminSession = KernelUtils.openAdminSession(getRepository(),
- // session.getWorkspace().getName());
- // try {
- // syncJcr(adminSession, username);
- // checkedUsers.add(username);
- // } finally {
- // JcrUtils.logoutQuietly(adminSession);
- // }
- // return session;
- // }
-
@Override
protected void processNewSession(Session session) {
String username = session.getUserID();
return;
if (session.getUserID().equals(NodeConstants.ROLE_ANONYMOUS))
return;
- // if (session.getUserID().equals(AuthConstants.ROLE_KERNEL))
- // return;
- // if (session.getUserID().equals(SecurityConstants.ADMIN_ID))
- // return;
if (checkedUsers.contains(username))
return;
private void initJcr(Session adminSession) {
try {
JcrUtils.mkdirs(adminSession, homeBasePath);
- // JcrUtils.mkdirs(adminSession, peopleBasePath);
+ JcrUtils.mkdirs(adminSession, groupsBasePath);
adminSession.save();
JcrUtils.addPrivilege(adminSession, homeBasePath, NodeConstants.ROLE_USER_ADMIN, Privilege.JCR_READ);
- // JcrUtils.addPrivilege(adminSession, peopleBasePath,
- // NodeConstants.ROLE_USER_ADMIN, Privilege.JCR_ALL);
+ JcrUtils.addPrivilege(adminSession, groupsBasePath, NodeConstants.ROLE_USER_ADMIN, Privilege.JCR_READ);
adminSession.save();
} catch (RepositoryException e) {
throw new CmsException("Cannot initialize node user admin", e);
JcrUtils.clearAccessControList(session, homePath, username);
JcrUtils.addPrivilege(session, homePath, username, Privilege.JCR_ALL);
}
-
- // Node userProfile = NodeUtils.getUserProfile(session, username);
- // // new user
- // if (userProfile == null) {
- // String personPath = generateUserPath(peopleBasePath, username);
- // Node personBase;
- // if (session.itemExists(personPath))// duplicate user id
- // personBase = session.getNode(personPath).getParent()
- // .addNode(JcrUtils.lastPathElement(personPath));
- // else
- // personBase = JcrUtils.mkdirs(session, personPath);
- // userProfile = personBase.addNode(ArgeoNames.ARGEO_PROFILE);
- // userProfile.addMixin(ArgeoTypes.ARGEO_USER_PROFILE);
- // userProfile.setProperty(ArgeoNames.ARGEO_USER_ID, username);
- // // userProfile.setProperty(ArgeoNames.ARGEO_ENABLED, true);
- // // userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_EXPIRED,
- // // true);
- // // userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_LOCKED,
- // // true);
- // //
- // userProfile.setProperty(ArgeoNames.ARGEO_CREDENTIALS_NON_EXPIRED,
- // // true);
- // session.save();
- //
- // JcrUtils.clearAccessControList(session, userProfile.getPath(),
- // username);
- // JcrUtils.addPrivilege(session, userProfile.getPath(), username,
- // Privilege.JCR_READ);
- // }
-
- // Remote roles
- // if (roles != null) {
- // writeRemoteRoles(userProfile, roles);
- // }
if (session.hasPendingChanges())
session.save();
- // return userProfile;
} catch (RepositoryException e) {
JcrUtils.discardQuietly(session);
throw new CmsException("Cannot sync node security model for " + username, e);
}
}
+ public void createWorkgroup(LdapName dn) {
+ Session adminSession = KernelUtils.openAdminSession(this);
+ String cn = dn.getRdn(dn.size() - 1).getValue().toString();
+ Node newWorkgroup = NodeUtils.getGroupHome(adminSession, cn);
+ if (newWorkgroup != null) {
+ JcrUtils.logoutQuietly(adminSession);
+ throw new CmsException("Workgroup " + newWorkgroup + " already exists for " + dn);
+ }
+ try {
+ // TODO enhance transformation of cn to a valid node name
+ String relPath = cn.replaceAll("[^a-zA-Z0-9]", "_");
+ newWorkgroup = JcrUtils.mkdirs(adminSession.getNode(groupsBasePath), relPath, NodeType.NT_UNSTRUCTURED);
+ newWorkgroup.addMixin(NodeTypes.NODE_GROUP_HOME);
+ newWorkgroup.setProperty(NodeNames.LDAP_CN, cn);
+ adminSession.save();
+ JcrUtils.addPrivilege(adminSession, newWorkgroup.getPath(), dn.toString(), Privilege.JCR_ALL);
+ adminSession.save();
+ } catch (RepositoryException e) {
+ throw new CmsException("Cannot create workgroup", e);
+ } finally {
+ JcrUtils.logoutQuietly(adminSession);
+ }
+
+ }
+
}
projects / lgpl / argeo-commons.git / blobdiff