X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FHomeRepository.java;h=6900be3addf85f1a9015e20f00c78599ec0afb37;hb=7add600d7837fb72f019de190bd5cafd817a0a0c;hp=270a542144c613f019366fa0f4bb279ce17267d0;hpb=06acf73a99f0e3908fe8998f1ff08dee109c5562;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java
index 270a54214..6900be3ad 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java
@@ -4,7 +4,6 @@ import java.security.PrivilegedAction;
 import java.util.HashSet;
 import java.util.Set;
 
-import javax.jcr.LoginException;
 import javax.jcr.Node;
 import javax.jcr.Repository;
 import javax.jcr.RepositoryException;
@@ -15,7 +14,7 @@ import javax.naming.ldap.LdapName;
 import javax.security.auth.Subject;
 import javax.security.auth.login.LoginContext;
 
-import org.argeo.ArgeoException;
+import org.apache.jackrabbit.core.security.SecurityConstants;
 import org.argeo.cms.CmsException;
 import org.argeo.cms.auth.AuthConstants;
 import org.argeo.jcr.ArgeoJcrConstants;
@@ -62,17 +61,42 @@ class HomeRepository extends JcrRepositoryWrapper implements KernelConstants, Ar
 		});
 	}
 
+	// @Override
+	// public Session login() throws LoginException, RepositoryException {
+	// Session session = super.login();
+	// String username = session.getUserID();
+	// if (username == null)
+	// return session;
+	// if (session.getUserID().equals(AuthConstants.ROLE_ANONYMOUS))
+	// return session;
+	//
+	// if (checkedUsers.contains(username))
+	// return session;
+	// Session adminSession = KernelUtils.openAdminSession(getRepository(),
+	// session.getWorkspace().getName());
+	// try {
+	// syncJcr(adminSession, username);
+	// checkedUsers.add(username);
+	// } finally {
+	// JcrUtils.logoutQuietly(adminSession);
+	// }
+	// return session;
+	// }
+
 	@Override
-	public Session login() throws LoginException, RepositoryException {
-		Session session = super.login();
+	protected void processNewSession(Session session) {
 		String username = session.getUserID();
 		if (username == null)
-			return session;
+			return;
 		if (session.getUserID().equals(AuthConstants.ROLE_ANONYMOUS))
-			return session;
+			return;
+		if (session.getUserID().equals(AuthConstants.ROLE_KERNEL))
+			return;
+		if (session.getUserID().equals(SecurityConstants.ADMIN_ID))
+			return;
 
 		if (checkedUsers.contains(username))
-			return session;
+			return;
 		Session adminSession = KernelUtils.openAdminSession(getRepository(), session.getWorkspace().getName());
 		try {
 			syncJcr(adminSession, username);
@@ -80,7 +104,6 @@ class HomeRepository extends JcrRepositoryWrapper implements KernelConstants, Ar
 		} finally {
 			JcrUtils.logoutQuietly(adminSession);
 		}
-		return session;
 	}
 
 	/*
@@ -133,10 +156,13 @@ class HomeRepository extends JcrRepositoryWrapper implements KernelConstants, Ar
 				userProfile = personBase.addNode(ArgeoNames.ARGEO_PROFILE);
 				userProfile.addMixin(ArgeoTypes.ARGEO_USER_PROFILE);
 				userProfile.setProperty(ArgeoNames.ARGEO_USER_ID, username);
-//				userProfile.setProperty(ArgeoNames.ARGEO_ENABLED, true);
-//				userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_EXPIRED, true);
-//				userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_LOCKED, true);
-//				userProfile.setProperty(ArgeoNames.ARGEO_CREDENTIALS_NON_EXPIRED, true);
+				// userProfile.setProperty(ArgeoNames.ARGEO_ENABLED, true);
+				// userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_EXPIRED,
+				// true);
+				// userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_LOCKED,
+				// true);
+				// userProfile.setProperty(ArgeoNames.ARGEO_CREDENTIALS_NON_EXPIRED,
+				// true);
 				session.save();
 
 				JcrUtils.clearAccessControList(session, userProfile.getPath(), username);
@@ -152,7 +178,7 @@ class HomeRepository extends JcrRepositoryWrapper implements KernelConstants, Ar
 			return userProfile;
 		} catch (RepositoryException e) {
 			JcrUtils.discardQuietly(session);
-			throw new ArgeoException("Cannot sync node security model for " + username, e);
+			throw new CmsException("Cannot sync node security model for " + username, e);
 		}
 	}
 
@@ -162,7 +188,7 @@ class HomeRepository extends JcrRepositoryWrapper implements KernelConstants, Ar
 		try {
 			dn = new LdapName(username);
 		} catch (InvalidNameException e) {
-			throw new ArgeoException("Invalid name " + username, e);
+			throw new CmsException("Invalid name " + username, e);
 		}
 		String userId = dn.getRdn(dn.size() - 1).getValue().toString();
 		int atIndex = userId.indexOf('@');
@@ -172,7 +198,7 @@ class HomeRepository extends JcrRepositoryWrapper implements KernelConstants, Ar
 			return base + '/' + JcrUtils.firstCharsToPath(domain, 2) + '/' + domain + '/'
 					+ JcrUtils.firstCharsToPath(name, 2) + '/' + name;
 		} else if (atIndex == 0 || atIndex == (userId.length() - 1)) {
-			throw new ArgeoException("Unsupported username " + userId);
+			throw new CmsException("Unsupported username " + userId);
 		} else {
 			return base + '/' + JcrUtils.firstCharsToPath(userId, 2) + '/' + userId;
 		}