X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=server%2Fruntime%2Forg.argeo.server.jackrabbit%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fjackrabbit%2FJackrabbitAuthorizations.java;h=3a731df58a74b9c47c5fc5c36585ebb3567d70a6;hb=74d57e72f4454df37c709fd4960e39ce9b793761;hp=8c1204c0e09b57b2296015cadd00520bf0ea7be2;hpb=e890c9d9d57069b464b406405797f38e7263f3b1;p=lgpl%2Fargeo-commons.git diff --git a/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/JackrabbitAuthorizations.java b/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/JackrabbitAuthorizations.java index 8c1204c0e..3a731df58 100644 --- a/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/JackrabbitAuthorizations.java +++ b/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/JackrabbitAuthorizations.java @@ -17,6 +17,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.jackrabbit.api.JackrabbitSession; import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager; +import org.apache.jackrabbit.api.security.user.Authorizable; import org.apache.jackrabbit.api.security.user.Group; import org.apache.jackrabbit.api.security.user.UserManager; import org.argeo.ArgeoException; @@ -87,31 +88,37 @@ public class JackrabbitAuthorizations { Group group = (Group) um.getAuthorizable(groupName); if (group == null) group = um.createGroup(groupName); - - AccessControlPolicy policy = null; - AccessControlPolicyIterator policyIterator = acm - .getApplicablePolicies(path); - if (policyIterator.hasNext()) { - policy = policyIterator.nextAccessControlPolicy(); - } else { - AccessControlPolicy[] existingPolicies = acm - .getPolicies(path); - policy = existingPolicies[0]; - } - if (policy instanceof AccessControlList) { - ((AccessControlList) policy).addAccessControlEntry( - group.getPrincipal(), - privs.toArray(new Privilege[privs.size()])); - acm.setPolicy(path, policy); - } - if (log.isDebugEnabled()) - log.debug("Added privileges " + privileges + " to " - + groupName + " on " + path); + addPrivileges(session, group, path, privs); } } session.save(); } + public static void addPrivileges(JackrabbitSession session, + Authorizable authorizable, String path, List privs) + throws RepositoryException { + JackrabbitAccessControlManager acm = (JackrabbitAccessControlManager) session + .getAccessControlManager(); + AccessControlPolicy policy = null; + AccessControlPolicyIterator policyIterator = acm + .getApplicablePolicies(path); + if (policyIterator.hasNext()) { + policy = policyIterator.nextAccessControlPolicy(); + } else { + AccessControlPolicy[] existingPolicies = acm.getPolicies(path); + policy = existingPolicies[0]; + } + if (policy instanceof AccessControlList) { + ((AccessControlList) policy).addAccessControlEntry( + authorizable.getPrincipal(), + privs.toArray(new Privilege[privs.size()])); + acm.setPolicy(path, policy); + } + if (log.isDebugEnabled()) + log.debug("Added privileges " + privs + " to " + authorizable + + " on " + path); + } + public void setGroupPrivileges(Map groupPrivileges) { this.groupPrivileges = groupPrivileges; }