Search in sources :

Example 46 with Value

use of javax.jcr.Value in project jackrabbit-oak by apache.

the class ItemNameRestrictionTest method before.

@Override
public void before() throws Exception {
    super.before();
    Tree rootTree = root.getTree("/");
    NodeUtil f = new NodeUtil(rootTree).getOrAddTree("a/d/b/e/c/f", NodeTypeConstants.NT_OAK_UNSTRUCTURED);
    NodeUtil c = f.getParent();
    c.setString("prop", "value");
    c.setString("a", "value");
    testPrincipal = getTestUser().getPrincipal();
    AccessControlManager acMgr = getAccessControlManager(root);
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/a");
    vf = new ValueFactoryImpl(root, NamePathMapper.DEFAULT);
    acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.REP_ADD_PROPERTIES, PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_REMOVE_NODE), true, Collections.<String, Value>emptyMap(), ImmutableMap.of(AccessControlConstants.REP_ITEM_NAMES, new Value[] { vf.createValue("a", PropertyType.NAME), vf.createValue("b", PropertyType.NAME), vf.createValue("c", PropertyType.NAME) }));
    acMgr.setPolicy(acl.getPath(), acl);
    UserManager uMgr = getUserManager(root);
    testGroup = uMgr.createGroup("testGroup" + UUID.randomUUID());
    root.commit();
    testSession = createTestSession();
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) UserManager(org.apache.jackrabbit.api.security.user.UserManager) ValueFactoryImpl(org.apache.jackrabbit.oak.plugins.value.jcr.ValueFactoryImpl) Value(javax.jcr.Value) Tree(org.apache.jackrabbit.oak.api.Tree) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil)

Example 47 with Value

use of javax.jcr.Value in project jackrabbit by apache.

the class UserImpl method disable.

/**
     * @see User#disable(String)
     */
public void disable(String reason) throws RepositoryException {
    if (isAdmin()) {
        throw new RepositoryException("The administrator user cannot be disabled.");
    }
    if (reason == null) {
        if (isDisabled()) {
            // enable the user again.
            PropertyImpl disableProp = getNode().getProperty(P_DISABLED);
            userManager.removeProtectedItem(disableProp, getNode());
        }
    // else: nothing to do.
    } else {
        Value v = getSession().getValueFactory().createValue(reason);
        userManager.setProtectedProperty(getNode(), P_DISABLED, v);
    }
}
Also used : Value(javax.jcr.Value) RepositoryException(javax.jcr.RepositoryException) PropertyImpl(org.apache.jackrabbit.core.PropertyImpl)

Example 48 with Value

use of javax.jcr.Value in project jackrabbit by apache.

the class UserImporter method handlePropInfo.

// -----------------------------------------< ProtectedPropertyImporter >---
/**
     * @see ProtectedPropertyImporter#handlePropInfo(org.apache.jackrabbit.core.NodeImpl, org.apache.jackrabbit.core.xml.PropInfo, org.apache.jackrabbit.spi.QPropertyDefinition)
     */
public boolean handlePropInfo(NodeImpl parent, PropInfo protectedPropInfo, QPropertyDefinition def) throws RepositoryException {
    if (!initialized) {
        throw new IllegalStateException("Not initialized");
    }
    /* importer can only handle protected properties below user/group
           nodes that are properly stored underneath the configured users/groups
           hierarchies (see {@link UserManagerImpl#getAuthorizable(NodeImpl)}.
           this prevents from importing user/group nodes somewhere in the
           content hierarchy which isn't possible when creating user/groups
           using the corresponding API calls  {@link UserManager#createUser} or
           {@link UserManager#createGroup} respectively. */
    Authorizable a = userManager.getAuthorizable(parent);
    if (a == null) {
        log.warn("Cannot handle protected PropInfo " + protectedPropInfo + ". Node " + parent + " doesn't represent a valid Authorizable.");
        return false;
    }
    // assert that user manager is isn't in auto-save mode
    if (userManager.isAutoSave()) {
        userManager.autoSave(false);
    }
    try {
        Name propName = protectedPropInfo.getName();
        if (UserConstants.P_PRINCIPAL_NAME.equals(propName)) {
            // protected rep:principalName property defined by rep:Authorizable.
            if (def.isMultiple() || !UserConstants.NT_REP_AUTHORIZABLE.equals(def.getDeclaringNodeType())) {
                // some other unexpected property definition -> cannot handle
                log.warn("Unexpected definition for property rep:principalName");
                return false;
            }
            Value v = protectedPropInfo.getValues(PropertyType.STRING, resolver)[0];
            String princName = v.getString();
            userManager.setPrincipal(parent, new PrincipalImpl(princName));
            /*
                Execute authorizable actions for a NEW group as this is the
                same place in the userManager#createGroup that the actions
                are called.
                In case of a NEW user the actions are executed if the password
                has been imported before.
                */
            if (parent.isNew()) {
                if (a.isGroup()) {
                    userManager.onCreate((Group) a);
                } else if (currentPw.containsKey(a.getID())) {
                    userManager.onCreate((User) a, currentPw.remove(a.getID()));
                }
            }
            return true;
        } else if (UserConstants.P_PASSWORD.equals(propName)) {
            if (a.isGroup()) {
                log.warn("Expected parent node of type rep:User.");
                return false;
            }
            // minimal validation of the passed definition
            if (def.isMultiple() || !UserConstants.NT_REP_USER.equals(def.getDeclaringNodeType())) {
                // some other unexpected property definition -> cannot handle
                log.warn("Unexpected definition for property rep:password");
                return false;
            }
            Value v = protectedPropInfo.getValues(PropertyType.STRING, resolver)[0];
            String pw = v.getString();
            userManager.setPassword(parent, pw, false);
            /*
                 Execute authorizable actions for a NEW user at this point after
                 having set the password if the principal name has already been
                 processed, otherwise postpone it.
                 */
            if (parent.isNew()) {
                if (parent.hasProperty(UserConstants.P_PRINCIPAL_NAME)) {
                    userManager.onCreate((User) a, pw);
                } else {
                    // principal name not yet available -> remember the pw
                    currentPw.clear();
                    currentPw.put(a.getID(), pw);
                }
            }
            return true;
        } else if (UserConstants.P_IMPERSONATORS.equals(propName)) {
            if (a.isGroup()) {
                // unexpected parent type -> cannot handle
                log.warn("Expected parent node of type rep:User.");
                return false;
            }
            // minimal validation of the passed definition
            if (!def.isMultiple() || !UserConstants.MIX_REP_IMPERSONATABLE.equals(def.getDeclaringNodeType())) {
                // some other unexpected property definition -> cannot handle
                log.warn("Unexpected definition for property rep:impersonators");
                return false;
            }
            // since impersonators may be imported later on, postpone processing
            // to the end.
            // see -> process References
            Value[] vs = protectedPropInfo.getValues(PropertyType.STRING, resolver);
            referenceTracker.processedReference(new Impersonators(a.getID(), vs));
            return true;
        } else if (UserConstants.P_DISABLED.equals(propName)) {
            if (a.isGroup()) {
                log.warn("Expected parent node of type rep:User.");
                return false;
            }
            // minimal validation of the passed definition
            if (def.isMultiple() || !UserConstants.NT_REP_USER.equals(def.getDeclaringNodeType())) {
                // some other unexpected property definition -> cannot handle
                log.warn("Unexpected definition for property rep:disabled");
                return false;
            }
            Value v = protectedPropInfo.getValues(PropertyType.STRING, resolver)[0];
            ((User) a).disable(v.getString());
            return true;
        } else if (UserConstants.P_MEMBERS.equals(propName)) {
            if (!a.isGroup()) {
                // unexpected parent type -> cannot handle
                log.warn("Expected parent node of type rep:Group.");
                return false;
            }
            // minimal validation of the passed definition
            if (!def.isMultiple() || !UserConstants.NT_REP_GROUP.equals(def.getDeclaringNodeType())) {
                // some other unexpected property definition -> cannot handle
                log.warn("Unexpected definition for property rep:members");
                return false;
            }
            // since group-members are references to user/groups that potentially
            // are to be imported later on -> postpone processing to the end.
            // see -> process References
            Membership membership = new Membership(a.getID());
            for (Value v : protectedPropInfo.getValues(PropertyType.WEAKREFERENCE, resolver)) {
                membership.addMember(new NodeId(v.getString()));
            }
            referenceTracker.processedReference(membership);
            return true;
        }
        return false;
    } finally {
        // the original state.
        if (resetAutoSave) {
            userManager.autoSave(true);
        }
    }
}
Also used : User(org.apache.jackrabbit.api.security.user.User) Value(javax.jcr.Value) NodeId(org.apache.jackrabbit.core.id.NodeId) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) PrincipalImpl(org.apache.jackrabbit.core.security.principal.PrincipalImpl) Name(org.apache.jackrabbit.spi.Name)

Example 49 with Value

use of javax.jcr.Value in project jackrabbit by apache.

the class XPathQueryEvaluator method eval.

public Iterator<Authorizable> eval() throws RepositoryException {
    xPath.append("//element(*,").append(getNtName(builder.getSelector())).append(')');
    Value bound = builder.getBound();
    long offset = builder.getOffset();
    if (bound != null && offset > 0) {
        log.warn("Found bound {} and offset {} in limit. Discarding offset.", bound, offset);
        offset = 0;
    }
    Condition condition = builder.getCondition();
    String sortCol = builder.getSortProperty();
    Direction sortDir = builder.getSortDirection();
    if (bound != null) {
        if (sortCol == null) {
            log.warn("Ignoring bound {} since no sort order is specified");
        } else {
            Condition boundCondition = builder.property(sortCol, getCollation(sortDir), bound);
            condition = condition == null ? boundCondition : builder.and(condition, boundCondition);
        }
    }
    if (condition != null) {
        xPath.append('[');
        condition.accept(this);
        xPath.append(']');
    }
    if (sortCol != null) {
        boolean ignoreCase = builder.getSortIgnoreCase();
        xPath.append(" order by ").append(ignoreCase ? "" : "fn:lower-case(").append(sortCol).append(ignoreCase ? " " : ") ").append(sortDir.getDirection());
    }
    QueryManager queryManager = session.getWorkspace().getQueryManager();
    Query query = queryManager.createQuery(xPath.toString(), Query.XPATH);
    long maxCount = builder.getMaxCount();
    if (maxCount == 0) {
        return Iterators.empty();
    }
    // here (inefficient!) otherwise we can apply the limit in the query
    if (builder.getGroupName() == null) {
        if (offset > 0) {
            query.setOffset(offset);
        }
        if (maxCount > 0) {
            query.setLimit(maxCount);
        }
        return toAuthorizables(execute(query));
    } else {
        Iterator<Authorizable> result = toAuthorizables(execute(query));
        Iterator<Authorizable> filtered = filter(result, builder.getGroupName(), builder.isDeclaredMembersOnly());
        return BoundedIterator.create(offset, maxCount, filtered);
    }
}
Also used : Condition(org.apache.jackrabbit.core.security.user.XPathQueryBuilder.Condition) Query(javax.jcr.query.Query) Value(javax.jcr.Value) QueryManager(javax.jcr.query.QueryManager) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) Direction(org.apache.jackrabbit.api.security.user.QueryBuilder.Direction)

Example 50 with Value

use of javax.jcr.Value in project jackrabbit by apache.

the class TestTwoGetStreams method testContentIdentity.

/**
     * Test the JackrabbitValue.getContentIdentity feature.
     */
public void testContentIdentity() throws Exception {
    Node root = superuser.getRootNode();
    ValueFactory vf = superuser.getValueFactory();
    long time = System.currentTimeMillis();
    root.setProperty("p1", vf.createBinary(new RandomInputStream(1, STREAM_LENGTH)));
    superuser.save();
    long saveOne = System.currentTimeMillis() - time;
    root.setProperty("p2", vf.createBinary(new RandomInputStream(1, STREAM_LENGTH)));
    superuser.save();
    Value v1 = root.getProperty("p1").getValue();
    Value v2 = root.getProperty("p2").getValue();
    if (v1 instanceof JackrabbitValue && v2 instanceof JackrabbitValue) {
        JackrabbitValue j1 = (JackrabbitValue) v1;
        JackrabbitValue j2 = (JackrabbitValue) v2;
        String id1 = j1.getContentIdentity();
        String id2 = j2.getContentIdentity();
        assertNotNull(id1);
        assertEquals(id1, id2);
    }
    // copying a value should not stream the content
    time = System.currentTimeMillis();
    for (int i = 0; i < 100; i++) {
        Value v = root.getProperty("p1").getValue();
        root.setProperty("p3", v);
    }
    superuser.save();
    time = System.currentTimeMillis() - time;
    // streaming 1 MB again and again takes about 4.3 seconds
    // on my computer; copying the data identifier takes about 16 ms
    // here we test if copying 100 objects took less than saving 50 new objects
    assertTrue("time: " + time, time < saveOne * 50);
}
Also used : JackrabbitValue(org.apache.jackrabbit.api.JackrabbitValue) Node(javax.jcr.Node) Value(javax.jcr.Value) JackrabbitValue(org.apache.jackrabbit.api.JackrabbitValue) ValueFactory(javax.jcr.ValueFactory)

Aggregations

Value (javax.jcr.Value)602 Node (javax.jcr.Node)158 Test (org.junit.Test)120 Property (javax.jcr.Property)99 RepositoryException (javax.jcr.RepositoryException)82 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)82 PropertyDefinition (javax.jcr.nodetype.PropertyDefinition)70 Session (javax.jcr.Session)63 NodeType (javax.jcr.nodetype.NodeType)57 ValueFormatException (javax.jcr.ValueFormatException)53 ValueFactory (javax.jcr.ValueFactory)51 QValue (org.apache.jackrabbit.spi.QValue)51 HashMap (java.util.HashMap)46 ArrayList (java.util.ArrayList)31 ConstraintViolationException (javax.jcr.nodetype.ConstraintViolationException)30 Privilege (javax.jcr.security.Privilege)30 InputStream (java.io.InputStream)29 JackrabbitNode (org.apache.jackrabbit.api.JackrabbitNode)29 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)29 QValueValue (org.apache.jackrabbit.spi.commons.value.QValueValue)27