Example 71 with NodeIterator
use of javax.jcr.NodeIterator in project jackrabbit by apache.
the class VirtualNodeTypeStateManager method recursiveRemove.
/**
* Adds a subtree of itemstates as 'removed' to a list of events
*
* @param events
* @param parent
* @param node
* @throws RepositoryException
*/
private void recursiveRemove(List<EventState> events, NodeImpl parent, NodeImpl node) throws RepositoryException {
events.add(EventState.childNodeRemoved(parent.getNodeId(), parent.getPrimaryPath(), node.getNodeId(), node.getPrimaryPath().getLastElement(), ((NodeTypeImpl) parent.getPrimaryNodeType()).getQName(), parent.getMixinTypeNames(), node.getSession()));
NodeIterator niter = node.getNodes();
while (niter.hasNext()) {
NodeImpl n = (NodeImpl) niter.nextNode();
recursiveRemove(events, node, n);
}
}
Also used :
NodeIterator(javax.jcr.NodeIterator)
NodeTypeImpl(org.apache.jackrabbit.core.nodetype.NodeTypeImpl)
NodeImpl(org.apache.jackrabbit.core.NodeImpl)
Example 72 with NodeIterator
use of javax.jcr.NodeIterator in project jackrabbit by apache.
the class VirtualNodeTypeStateManager method recursiveAdd.
/**
* Adds a subtree of itemstates as 'added' to a list of events
*
* @param events
* @param parent
* @param node
* @throws RepositoryException
*/
private void recursiveAdd(List<EventState> events, NodeImpl parent, NodeImpl node) throws RepositoryException {
events.add(EventState.childNodeAdded(parent.getNodeId(), parent.getPrimaryPath(), node.getNodeId(), node.getPrimaryPath().getLastElement(), ((NodeTypeImpl) parent.getPrimaryNodeType()).getQName(), parent.getMixinTypeNames(), node.getSession()));
PropertyIterator iter = node.getProperties();
while (iter.hasNext()) {
PropertyImpl prop = (PropertyImpl) iter.nextProperty();
events.add(EventState.propertyAdded((NodeId) node.getId(), node.getPrimaryPath(), prop.getPrimaryPath().getLastElement(), ((NodeTypeImpl) node.getPrimaryNodeType()).getQName(), node.getMixinTypeNames(), node.getSession()));
}
NodeIterator niter = node.getNodes();
while (niter.hasNext()) {
NodeImpl n = (NodeImpl) niter.nextNode();
recursiveAdd(events, node, n);
}
}
Also used :
NodeIterator(javax.jcr.NodeIterator)
NodeTypeImpl(org.apache.jackrabbit.core.nodetype.NodeTypeImpl)
NodeImpl(org.apache.jackrabbit.core.NodeImpl)
PropertyIterator(javax.jcr.PropertyIterator)
NodeId(org.apache.jackrabbit.core.id.NodeId)
PropertyImpl(org.apache.jackrabbit.core.PropertyImpl)
Example 73 with NodeIterator
use of javax.jcr.NodeIterator in project jackrabbit by apache.
the class ACLEditor method setPolicy.
/**
* @see AccessControlEditor#setPolicy(String,AccessControlPolicy)
*/
public void setPolicy(String nodePath, AccessControlPolicy policy) throws AccessControlException, PathNotFoundException, RepositoryException {
checkProtectsNode(nodePath);
checkValidPolicy(nodePath, policy);
ACLTemplate acl = (ACLTemplate) policy;
NodeImpl acNode = getAcNode(nodePath);
if (acNode == null) {
throw new PathNotFoundException("No such node " + nodePath);
}
// write the entries to the node
NodeImpl aclNode;
if (acNode.hasNode(N_POLICY)) {
aclNode = acNode.getNode(N_POLICY);
// remove all existing aces
for (NodeIterator aceNodes = aclNode.getNodes(); aceNodes.hasNext(); ) {
NodeImpl aceNode = (NodeImpl) aceNodes.nextNode();
removeItem(aceNode);
}
} else {
/* doesn't exist yet -> create */
aclNode = addNode(acNode, N_POLICY, NT_REP_ACL);
}
/* add all new entries defined on the template */
AccessControlEntry[] aces = acl.getAccessControlEntries();
for (AccessControlEntry ace1 : aces) {
AccessControlEntryImpl ace = (AccessControlEntryImpl) ace1;
// create the ACE node
Name nodeName = getUniqueNodeName(aclNode, "entry");
Name ntName = (ace.isAllow()) ? NT_REP_GRANT_ACE : NT_REP_DENY_ACE;
NodeImpl aceNode = addNode(aclNode, nodeName, ntName);
ValueFactory vf = session.getValueFactory();
// write the rep:principalName property
setProperty(aceNode, P_PRINCIPAL_NAME, vf.createValue(ace.getPrincipal().getName()));
// ... and the rep:privileges property
Privilege[] privs = ace.getPrivileges();
Value[] vs = new Value[privs.length];
for (int j = 0; j < privs.length; j++) {
vs[j] = vf.createValue(privs[j].getName(), PropertyType.NAME);
}
setProperty(aceNode, P_PRIVILEGES, vs);
// store the restrictions:
Set<Name> restrNames = ace.getRestrictions().keySet();
for (Name restrName : restrNames) {
Value value = ace.getRestriction(restrName);
setProperty(aceNode, restrName, value);
}
}
// mark the parent modified.
markModified((NodeImpl) aclNode.getParent());
}
Also used :
NodeIterator(javax.jcr.NodeIterator)
AccessControlEntryImpl(org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl)
NodeImpl(org.apache.jackrabbit.core.NodeImpl)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
ValueFactory(javax.jcr.ValueFactory)
Name(org.apache.jackrabbit.spi.Name)
Value(javax.jcr.Value)
PathNotFoundException(javax.jcr.PathNotFoundException)
Privilege(javax.jcr.security.Privilege)
Example 74 with NodeIterator
use of javax.jcr.NodeIterator in project jackrabbit by apache.
the class MembershipCache method traverseAndCollect.
/**
* traverses the groups structure to find the groups of which the given authorizable is member of.
*
* @param authorizableNodeIdentifier Identifier of the authorizable node
* @param pIds output set to update of group node ids that were found via the property memberships
* @param nIds output set to update of group node ids that were found via the node memberships
* @param node the node to traverse
* @throws RepositoryException if an error occurs
*/
private void traverseAndCollect(String authorizableNodeIdentifier, Set<String> pIds, Set<String> nIds, NodeImpl node) throws RepositoryException {
if (node.isNodeType(NT_REP_GROUP)) {
String groupId = node.getIdentifier();
if (node.hasProperty(P_MEMBERS)) {
for (Value value : node.getProperty(P_MEMBERS).getValues()) {
String v = value.getString();
if (v.equals(authorizableNodeIdentifier)) {
pIds.add(groupId);
}
}
}
NodeIterator iter = node.getNodes();
while (iter.hasNext()) {
NodeImpl child = (NodeImpl) iter.nextNode();
if (child.isNodeType(NT_REP_MEMBERS)) {
isMemberOfNodeBaseMembershipGroup(authorizableNodeIdentifier, groupId, nIds, child);
}
}
} else {
NodeIterator iter = node.getNodes();
while (iter.hasNext()) {
NodeImpl child = (NodeImpl) iter.nextNode();
traverseAndCollect(authorizableNodeIdentifier, pIds, nIds, child);
}
}
}
Also used :
NodeIterator(javax.jcr.NodeIterator)
NodeImpl(org.apache.jackrabbit.core.NodeImpl)
Value(javax.jcr.Value)
Example 75 with NodeIterator
use of javax.jcr.NodeIterator in project jackrabbit by apache.
the class ACLProvider method getEffectivePolicies.
/**
* @see org.apache.jackrabbit.core.security.authorization.AccessControlProvider#getEffectivePolicies(org.apache.jackrabbit.spi.Path,org.apache.jackrabbit.core.security.authorization.CompiledPermissions)
*/
public AccessControlPolicy[] getEffectivePolicies(Path absPath, CompiledPermissions permissions) throws ItemNotFoundException, RepositoryException {
if (absPath == null) {
// TODO: JCR-2774
log.warn("TODO: JCR-2774 - Repository level permissions.");
return new AccessControlPolicy[0];
}
String jcrPath = session.getJCRPath(absPath);
String pName = ISO9075.encode(session.getJCRName(ACLTemplate.P_NODE_PATH));
int ancestorCnt = absPath.getAncestorCount();
// search all ACEs whose rep:nodePath property equals the specified
// absPath or any of it's ancestors
StringBuilder stmt = new StringBuilder("/jcr:root");
stmt.append(acRoot.getPath());
stmt.append("//element(*,");
stmt.append(session.getJCRName(NT_REP_ACE));
stmt.append(")[");
for (int i = 0; i <= ancestorCnt; i++) {
String path = Text.getRelativeParent(jcrPath, i);
if (i > 0) {
stmt.append(" or ");
}
stmt.append("@");
stmt.append(pName);
stmt.append("='");
stmt.append(path.replaceAll("'", "''"));
stmt.append("'");
}
stmt.append("]");
QueryResult result;
try {
QueryManager qm = session.getWorkspace().getQueryManager();
Query q = qm.createQuery(stmt.toString(), Query.XPATH);
result = q.execute();
} catch (RepositoryException e) {
log.error("Unexpected error while searching effective policies. {}", e.getMessage());
throw new UnsupportedOperationException("Retrieve effective policies at absPath '" + jcrPath + "' not supported.", e);
}
/**
* Loop over query results and verify that
* - the corresponding ACE really takes effect on the specified absPath.
* - the corresponding ACL can be read by the editing session.
*/
Set<AccessControlPolicy> acls = new LinkedHashSet<AccessControlPolicy>();
for (NodeIterator it = result.getNodes(); it.hasNext(); ) {
Node aceNode = it.nextNode();
String accessControlledNodePath = Text.getRelativeParent(aceNode.getPath(), 2);
Path acPath = session.getQPath(accessControlledNodePath);
AccessControlPolicy[] policies = editor.getPolicies(accessControlledNodePath);
if (policies.length > 0) {
ACLTemplate acl = (ACLTemplate) policies[0];
for (AccessControlEntry ace : acl.getAccessControlEntries()) {
ACLTemplate.Entry entry = (ACLTemplate.Entry) ace;
if (entry.matches(jcrPath)) {
if (permissions.grants(acPath, Permission.READ_AC)) {
acls.add(new UnmodifiableAccessControlList(acl));
break;
} else {
throw new AccessDeniedException("Access denied at " + accessControlledNodePath);
}
}
}
}
}
return acls.toArray(new AccessControlPolicy[acls.size()]);
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
NodeIterator(javax.jcr.NodeIterator)
Path(org.apache.jackrabbit.spi.Path)
AccessControlPolicy(javax.jcr.security.AccessControlPolicy)
AccessDeniedException(javax.jcr.AccessDeniedException)
Query(javax.jcr.query.Query)
Node(javax.jcr.Node)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
RepositoryException(javax.jcr.RepositoryException)
QueryResult(javax.jcr.query.QueryResult)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
QueryManager(javax.jcr.query.QueryManager)
UnmodifiableAccessControlList(org.apache.jackrabbit.core.security.authorization.UnmodifiableAccessControlList)
Aggregations
NodeIterator (javax.jcr.NodeIterator)307
Node (javax.jcr.Node)214
Session (javax.jcr.Session)55
QueryResult (javax.jcr.query.QueryResult)52
RepositoryException (javax.jcr.RepositoryException)40
Query (javax.jcr.query.Query)40
Test (org.junit.Test)36
QueryManager (javax.jcr.query.QueryManager)34
PropertyIterator (javax.jcr.PropertyIterator)30
ArrayList (java.util.ArrayList)26
Property (javax.jcr.Property)24
Version (javax.jcr.version.Version)23
NoSuchElementException (java.util.NoSuchElementException)19
Value (javax.jcr.Value)19
NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)19
HashSet (java.util.HashSet)13
PathNotFoundException (javax.jcr.PathNotFoundException)12
JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)11
NodeImpl (org.apache.jackrabbit.core.NodeImpl)11
AbstractRepositoryTest (org.apache.jackrabbit.oak.jcr.AbstractRepositoryTest)11
