use of javax.jcr.Value in project jackrabbit-oak by apache.
the class ItemNameRestrictionTest method before.
@Override
public void before() throws Exception {
super.before();
Tree rootTree = root.getTree("/");
NodeUtil f = new NodeUtil(rootTree).getOrAddTree("a/d/b/e/c/f", NodeTypeConstants.NT_OAK_UNSTRUCTURED);
NodeUtil c = f.getParent();
c.setString("prop", "value");
c.setString("a", "value");
testPrincipal = getTestUser().getPrincipal();
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/a");
vf = new ValueFactoryImpl(root, NamePathMapper.DEFAULT);
acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.REP_ADD_PROPERTIES, PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_REMOVE_NODE), true, Collections.<String, Value>emptyMap(), ImmutableMap.of(AccessControlConstants.REP_ITEM_NAMES, new Value[] { vf.createValue("a", PropertyType.NAME), vf.createValue("b", PropertyType.NAME), vf.createValue("c", PropertyType.NAME) }));
acMgr.setPolicy(acl.getPath(), acl);
UserManager uMgr = getUserManager(root);
testGroup = uMgr.createGroup("testGroup" + UUID.randomUUID());
root.commit();
testSession = createTestSession();
}
use of javax.jcr.Value in project jackrabbit by apache.
the class UserImpl method disable.
/**
* @see User#disable(String)
*/
public void disable(String reason) throws RepositoryException {
if (isAdmin()) {
throw new RepositoryException("The administrator user cannot be disabled.");
}
if (reason == null) {
if (isDisabled()) {
// enable the user again.
PropertyImpl disableProp = getNode().getProperty(P_DISABLED);
userManager.removeProtectedItem(disableProp, getNode());
}
// else: nothing to do.
} else {
Value v = getSession().getValueFactory().createValue(reason);
userManager.setProtectedProperty(getNode(), P_DISABLED, v);
}
}
use of javax.jcr.Value in project jackrabbit by apache.
the class UserImporter method handlePropInfo.
// -----------------------------------------< ProtectedPropertyImporter >---
/**
* @see ProtectedPropertyImporter#handlePropInfo(org.apache.jackrabbit.core.NodeImpl, org.apache.jackrabbit.core.xml.PropInfo, org.apache.jackrabbit.spi.QPropertyDefinition)
*/
public boolean handlePropInfo(NodeImpl parent, PropInfo protectedPropInfo, QPropertyDefinition def) throws RepositoryException {
if (!initialized) {
throw new IllegalStateException("Not initialized");
}
/* importer can only handle protected properties below user/group
nodes that are properly stored underneath the configured users/groups
hierarchies (see {@link UserManagerImpl#getAuthorizable(NodeImpl)}.
this prevents from importing user/group nodes somewhere in the
content hierarchy which isn't possible when creating user/groups
using the corresponding API calls {@link UserManager#createUser} or
{@link UserManager#createGroup} respectively. */
Authorizable a = userManager.getAuthorizable(parent);
if (a == null) {
log.warn("Cannot handle protected PropInfo " + protectedPropInfo + ". Node " + parent + " doesn't represent a valid Authorizable.");
return false;
}
// assert that user manager is isn't in auto-save mode
if (userManager.isAutoSave()) {
userManager.autoSave(false);
}
try {
Name propName = protectedPropInfo.getName();
if (UserConstants.P_PRINCIPAL_NAME.equals(propName)) {
// protected rep:principalName property defined by rep:Authorizable.
if (def.isMultiple() || !UserConstants.NT_REP_AUTHORIZABLE.equals(def.getDeclaringNodeType())) {
// some other unexpected property definition -> cannot handle
log.warn("Unexpected definition for property rep:principalName");
return false;
}
Value v = protectedPropInfo.getValues(PropertyType.STRING, resolver)[0];
String princName = v.getString();
userManager.setPrincipal(parent, new PrincipalImpl(princName));
/*
Execute authorizable actions for a NEW group as this is the
same place in the userManager#createGroup that the actions
are called.
In case of a NEW user the actions are executed if the password
has been imported before.
*/
if (parent.isNew()) {
if (a.isGroup()) {
userManager.onCreate((Group) a);
} else if (currentPw.containsKey(a.getID())) {
userManager.onCreate((User) a, currentPw.remove(a.getID()));
}
}
return true;
} else if (UserConstants.P_PASSWORD.equals(propName)) {
if (a.isGroup()) {
log.warn("Expected parent node of type rep:User.");
return false;
}
// minimal validation of the passed definition
if (def.isMultiple() || !UserConstants.NT_REP_USER.equals(def.getDeclaringNodeType())) {
// some other unexpected property definition -> cannot handle
log.warn("Unexpected definition for property rep:password");
return false;
}
Value v = protectedPropInfo.getValues(PropertyType.STRING, resolver)[0];
String pw = v.getString();
userManager.setPassword(parent, pw, false);
/*
Execute authorizable actions for a NEW user at this point after
having set the password if the principal name has already been
processed, otherwise postpone it.
*/
if (parent.isNew()) {
if (parent.hasProperty(UserConstants.P_PRINCIPAL_NAME)) {
userManager.onCreate((User) a, pw);
} else {
// principal name not yet available -> remember the pw
currentPw.clear();
currentPw.put(a.getID(), pw);
}
}
return true;
} else if (UserConstants.P_IMPERSONATORS.equals(propName)) {
if (a.isGroup()) {
// unexpected parent type -> cannot handle
log.warn("Expected parent node of type rep:User.");
return false;
}
// minimal validation of the passed definition
if (!def.isMultiple() || !UserConstants.MIX_REP_IMPERSONATABLE.equals(def.getDeclaringNodeType())) {
// some other unexpected property definition -> cannot handle
log.warn("Unexpected definition for property rep:impersonators");
return false;
}
// since impersonators may be imported later on, postpone processing
// to the end.
// see -> process References
Value[] vs = protectedPropInfo.getValues(PropertyType.STRING, resolver);
referenceTracker.processedReference(new Impersonators(a.getID(), vs));
return true;
} else if (UserConstants.P_DISABLED.equals(propName)) {
if (a.isGroup()) {
log.warn("Expected parent node of type rep:User.");
return false;
}
// minimal validation of the passed definition
if (def.isMultiple() || !UserConstants.NT_REP_USER.equals(def.getDeclaringNodeType())) {
// some other unexpected property definition -> cannot handle
log.warn("Unexpected definition for property rep:disabled");
return false;
}
Value v = protectedPropInfo.getValues(PropertyType.STRING, resolver)[0];
((User) a).disable(v.getString());
return true;
} else if (UserConstants.P_MEMBERS.equals(propName)) {
if (!a.isGroup()) {
// unexpected parent type -> cannot handle
log.warn("Expected parent node of type rep:Group.");
return false;
}
// minimal validation of the passed definition
if (!def.isMultiple() || !UserConstants.NT_REP_GROUP.equals(def.getDeclaringNodeType())) {
// some other unexpected property definition -> cannot handle
log.warn("Unexpected definition for property rep:members");
return false;
}
// since group-members are references to user/groups that potentially
// are to be imported later on -> postpone processing to the end.
// see -> process References
Membership membership = new Membership(a.getID());
for (Value v : protectedPropInfo.getValues(PropertyType.WEAKREFERENCE, resolver)) {
membership.addMember(new NodeId(v.getString()));
}
referenceTracker.processedReference(membership);
return true;
}
return false;
} finally {
// the original state.
if (resetAutoSave) {
userManager.autoSave(true);
}
}
}
use of javax.jcr.Value in project jackrabbit by apache.
the class XPathQueryEvaluator method eval.
public Iterator<Authorizable> eval() throws RepositoryException {
xPath.append("//element(*,").append(getNtName(builder.getSelector())).append(')');
Value bound = builder.getBound();
long offset = builder.getOffset();
if (bound != null && offset > 0) {
log.warn("Found bound {} and offset {} in limit. Discarding offset.", bound, offset);
offset = 0;
}
Condition condition = builder.getCondition();
String sortCol = builder.getSortProperty();
Direction sortDir = builder.getSortDirection();
if (bound != null) {
if (sortCol == null) {
log.warn("Ignoring bound {} since no sort order is specified");
} else {
Condition boundCondition = builder.property(sortCol, getCollation(sortDir), bound);
condition = condition == null ? boundCondition : builder.and(condition, boundCondition);
}
}
if (condition != null) {
xPath.append('[');
condition.accept(this);
xPath.append(']');
}
if (sortCol != null) {
boolean ignoreCase = builder.getSortIgnoreCase();
xPath.append(" order by ").append(ignoreCase ? "" : "fn:lower-case(").append(sortCol).append(ignoreCase ? " " : ") ").append(sortDir.getDirection());
}
QueryManager queryManager = session.getWorkspace().getQueryManager();
Query query = queryManager.createQuery(xPath.toString(), Query.XPATH);
long maxCount = builder.getMaxCount();
if (maxCount == 0) {
return Iterators.empty();
}
// here (inefficient!) otherwise we can apply the limit in the query
if (builder.getGroupName() == null) {
if (offset > 0) {
query.setOffset(offset);
}
if (maxCount > 0) {
query.setLimit(maxCount);
}
return toAuthorizables(execute(query));
} else {
Iterator<Authorizable> result = toAuthorizables(execute(query));
Iterator<Authorizable> filtered = filter(result, builder.getGroupName(), builder.isDeclaredMembersOnly());
return BoundedIterator.create(offset, maxCount, filtered);
}
}
use of javax.jcr.Value in project jackrabbit by apache.
the class TestTwoGetStreams method testContentIdentity.
/**
* Test the JackrabbitValue.getContentIdentity feature.
*/
public void testContentIdentity() throws Exception {
Node root = superuser.getRootNode();
ValueFactory vf = superuser.getValueFactory();
long time = System.currentTimeMillis();
root.setProperty("p1", vf.createBinary(new RandomInputStream(1, STREAM_LENGTH)));
superuser.save();
long saveOne = System.currentTimeMillis() - time;
root.setProperty("p2", vf.createBinary(new RandomInputStream(1, STREAM_LENGTH)));
superuser.save();
Value v1 = root.getProperty("p1").getValue();
Value v2 = root.getProperty("p2").getValue();
if (v1 instanceof JackrabbitValue && v2 instanceof JackrabbitValue) {
JackrabbitValue j1 = (JackrabbitValue) v1;
JackrabbitValue j2 = (JackrabbitValue) v2;
String id1 = j1.getContentIdentity();
String id2 = j2.getContentIdentity();
assertNotNull(id1);
assertEquals(id1, id2);
}
// copying a value should not stream the content
time = System.currentTimeMillis();
for (int i = 0; i < 100; i++) {
Value v = root.getProperty("p1").getValue();
root.setProperty("p3", v);
}
superuser.save();
time = System.currentTimeMillis() - time;
// streaming 1 MB again and again takes about 4.3 seconds
// on my computer; copying the data identifier takes about 16 ms
// here we test if copying 100 objects took less than saving 50 new objects
assertTrue("time: " + time, time < saveOne * 50);
}
Aggregations