X-Git-Url: https://git.argeo.org/?p=gpl%2Fargeo-suite.git;a=blobdiff_plain;f=core%2Forg.argeo.suite.core%2Fsrc%2Forg%2Fargeo%2Fsuite%2FSuiteUtils.java;fp=core%2Forg.argeo.suite.core%2Fsrc%2Forg%2Fargeo%2Fsuite%2FSuiteUtils.java;h=e63b5152c0b00430aad95bd83d5b12e2d392b7b5;hp=0000000000000000000000000000000000000000;hb=418ea1efbf3f0d6b706603c6ff1c0fdd17314773;hpb=70010c4afc5799622fcad5b075740d94da074798 diff --git a/core/org.argeo.suite.core/src/org/argeo/suite/SuiteUtils.java b/core/org.argeo.suite.core/src/org/argeo/suite/SuiteUtils.java new file mode 100644 index 0000000..e63b515 --- /dev/null +++ b/core/org.argeo.suite.core/src/org/argeo/suite/SuiteUtils.java @@ -0,0 +1,99 @@ +package org.argeo.suite; + +import javax.jcr.Node; +import javax.jcr.RepositoryException; +import javax.jcr.Session; +import javax.jcr.nodetype.NodeType; +import javax.jcr.security.Privilege; +import javax.naming.ldap.LdapName; +import javax.security.auth.x500.X500Principal; + +import org.argeo.api.NodeConstants; +import org.argeo.cms.auth.CmsSession; +import org.argeo.entity.EntityType; +import org.argeo.jackrabbit.security.JackrabbitSecurityUtils; +import org.argeo.jcr.JcrException; +import org.argeo.jcr.JcrUtils; +import org.argeo.naming.LdapAttrs; + +/** Utilities around the Argeo Suite APIs. */ +public class SuiteUtils { + + public static String getUserNodePath(LdapName userDn) { + String uid = userDn.getRdn(userDn.size() - 1).getValue().toString(); + return EntityType.user.basePath() + '/' + uid; + } + + public static Node getOrCreateUserNode(Session adminSession, LdapName userDn) { + try { + Node usersBase = adminSession.getNode(EntityType.user.basePath()); + String uid = userDn.getRdn(userDn.size() - 1).getValue().toString(); + Node userNode; + if (!usersBase.hasNode(uid)) { + userNode = usersBase.addNode(uid, NodeType.NT_UNSTRUCTURED); + userNode.addMixin(EntityType.user.get()); + userNode.addMixin(NodeType.MIX_CREATED); + userNode.setProperty(LdapAttrs.distinguishedName.property(), userDn.toString()); + userNode.setProperty(LdapAttrs.uid.property(), uid); + adminSession.save(); + JackrabbitSecurityUtils.denyPrivilege(adminSession, userNode.getPath(), SuiteRole.coworker.dn(), + Privilege.JCR_READ); + JcrUtils.addPrivilege(adminSession, userNode.getPath(), new X500Principal(userDn.toString()).getName(), + Privilege.JCR_READ); + JcrUtils.addPrivilege(adminSession, userNode.getPath(), NodeConstants.ROLE_USER_ADMIN, + Privilege.JCR_ALL); + } else { + userNode = usersBase.getNode(uid); + } + return userNode; + } catch (RepositoryException e) { + throw new JcrException("Cannot create user node for " + userDn, e); + } + } + + public static Node getCmsSessionNode(Session session, CmsSession cmsSession) { + try { + return session.getNode(getUserNodePath(cmsSession.getUserDn()) + '/' + cmsSession.getUuid().toString()); + } catch (RepositoryException e) { + throw new JcrException("Cannot get session dir for " + cmsSession, e); + } + } + + public static Node getOrCreateCmsSessionNode(Session adminSession, CmsSession cmsSession) { + try { + LdapName userDn = cmsSession.getUserDn(); +// String uid = userDn.get(userDn.size() - 1); + Node userNode = getOrCreateUserNode(adminSession, userDn); +// if (!usersBase.hasNode(uid)) { +// userNode = usersBase.addNode(uid, NodeType.NT_UNSTRUCTURED); +// userNode.addMixin(EntityType.user.get()); +// userNode.addMixin(NodeType.MIX_CREATED); +// usersBase.setProperty(LdapAttrs.uid.property(), uid); +// usersBase.setProperty(LdapAttrs.distinguishedName.property(), userDn.toString()); +// adminSession.save(); +// } else { +// userNode = usersBase.getNode(uid); +// } + String cmsSessionUuid = cmsSession.getUuid().toString(); + Node cmsSessionNode; + if (!userNode.hasNode(cmsSessionUuid)) { + cmsSessionNode = userNode.addNode(cmsSessionUuid, NodeType.NT_UNSTRUCTURED); + cmsSessionNode.addMixin(NodeType.MIX_CREATED); + adminSession.save(); + JcrUtils.addPrivilege(adminSession, cmsSessionNode.getPath(), cmsSession.getUserRole(), + Privilege.JCR_ALL); + } else { + cmsSessionNode = userNode.getNode(cmsSessionUuid); + } + return cmsSessionNode; + } catch (RepositoryException e) { + throw new JcrException("Cannot create session dir for " + cmsSession, e); + } + } + + /** Singleton. */ + private SuiteUtils() { + + } + +}