private SimpleDateFormat usersDatePath = new SimpleDateFormat("YYYY/MM");
- public HomeRepository(Repository repository) {
+ private final boolean remote;
+
+ public HomeRepository(Repository repository, boolean remote) {
super(repository);
+ this.remote = remote;
putDescriptor(NodeConstants.CN, NodeConstants.HOME);
- LoginContext lc;
- try {
- lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_DATA_ADMIN);
- lc.login();
- } catch (javax.security.auth.login.LoginException e1) {
- throw new CmsException("Cannot login as systrem", e1);
- }
- Subject.doAs(lc.getSubject(), new PrivilegedAction<Void>() {
-
- @Override
- public Void run() {
- try {
- Session adminSession = getRepository().login();
- initJcr(adminSession);
- } catch (RepositoryException e) {
- throw new CmsException("Cannot init JCR home", e);
- }
- return null;
+ if (!remote) {
+ LoginContext lc;
+ try {
+ lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_DATA_ADMIN);
+ lc.login();
+ } catch (javax.security.auth.login.LoginException e1) {
+ throw new CmsException("Cannot login as systrem", e1);
}
+ Subject.doAs(lc.getSubject(), new PrivilegedAction<Void>() {
+
+ @Override
+ public Void run() {
+ try {
+ Session adminSession = getDefaultRepository().login();
+ initJcr(adminSession);
+ } catch (RepositoryException e) {
+ throw new CmsException("Cannot init JCR home", e);
+ }
+ return null;
+ }
- });
+ });
+ }
}
@Override
- protected void processNewSession(Session session) {
+ protected void processNewSession(Session session, String workspaceName) {
String username = session.getUserID();
- if (username == null)
+ if (username == null || username.toString().equals(""))
return;
if (session.getUserID().equals(NodeConstants.ROLE_ANONYMOUS))
return;
if (checkedUsers.contains(username))
return;
- Session adminSession = KernelUtils.openAdminSession(getRepository(), session.getWorkspace().getName());
+ Session adminSession = KernelUtils.openAdminSession(getRepository(workspaceName), workspaceName);
try {
- syncJcr(adminSession, username);
+ syncJcr(adminSession, username, workspaceName);
checkedUsers.add(username);
} finally {
JcrUtils.logoutQuietly(adminSession);
JcrUtils.addPrivilege(adminSession, groupsBasePath, NodeConstants.ROLE_USER_ADMIN, Privilege.JCR_READ);
adminSession.save();
} catch (RepositoryException e) {
- throw new CmsException("Cannot initialize node user admin", e);
+ throw new CmsException("Cannot initialize home repository", e);
} finally {
JcrUtils.logoutQuietly(adminSession);
}
}
- private void syncJcr(Session session, String username) {
+ protected synchronized void syncJcr(Session adminSession, String username, String workspaceName) {
+ // only in the default workspace
+ if (workspaceName != null)
+ return;
+ // skip system users
+ if (username.endsWith(NodeConstants.ROLES_BASEDN))
+ return;
+
try {
- Node userHome = NodeUtils.getUserHome(session, username);
+ Node userHome = NodeUtils.getUserHome(adminSession, username);
if (userHome == null) {
String homePath = generateUserPath(username);
- if (session.itemExists(homePath))// duplicate user id
- userHome = session.getNode(homePath).getParent().addNode(JcrUtils.lastPathElement(homePath));
+ if (adminSession.itemExists(homePath))// duplicate user id
+ userHome = adminSession.getNode(homePath).getParent().addNode(JcrUtils.lastPathElement(homePath));
else
- userHome = JcrUtils.mkdirs(session, homePath);
+ userHome = JcrUtils.mkdirs(adminSession, homePath);
// userHome = JcrUtils.mkfolders(session, homePath);
userHome.addMixin(NodeTypes.NODE_USER_HOME);
+ userHome.addMixin(NodeType.MIX_CREATED);
userHome.setProperty(NodeNames.LDAP_UID, username);
- session.save();
+ adminSession.save();
- JcrUtils.clearAccessControList(session, homePath, username);
- JcrUtils.addPrivilege(session, homePath, username, Privilege.JCR_ALL);
+ JcrUtils.clearAccessControList(adminSession, homePath, username);
+ JcrUtils.addPrivilege(adminSession, homePath, username, Privilege.JCR_ALL);
}
- if (session.hasPendingChanges())
- session.save();
+ if (adminSession.hasPendingChanges())
+ adminSession.save();
} catch (RepositoryException e) {
- JcrUtils.discardQuietly(session);
+ JcrUtils.discardQuietly(adminSession);
throw new CmsException("Cannot sync node security model for " + username, e);
}
}
String relPath = JcrUtils.replaceInvalidChars(cn);
newWorkgroup = JcrUtils.mkdirs(adminSession.getNode(groupsBasePath), relPath, NodeType.NT_UNSTRUCTURED);
newWorkgroup.addMixin(NodeTypes.NODE_GROUP_HOME);
+ newWorkgroup.addMixin(NodeType.MIX_CREATED);
newWorkgroup.setProperty(NodeNames.LDAP_CN, cn);
adminSession.save();
- JcrUtils.addPrivilege(adminSession, newWorkgroup.getPath(), dn.toString(), Privilege.JCR_READ);
+ JcrUtils.addPrivilege(adminSession, newWorkgroup.getPath(), dn.toString(), Privilege.JCR_ALL);
adminSession.save();
} catch (RepositoryException e) {
throw new CmsException("Cannot create workgroup", e);
}
+ public boolean isRemote() {
+ return remote;
+ }
+
}
projects / lgpl / argeo-commons.git / blobdiff