use of javax.jcr.security.AccessControlException in project jackrabbit by apache.
the class CombinedEditor method removePolicy.
/**
* @see AccessControlEditor#removePolicy(String,AccessControlPolicy)
*/
public void removePolicy(String nodePath, AccessControlPolicy policy) throws AccessControlException, PathNotFoundException, RepositoryException {
for (AccessControlEditor editor : editors) {
try {
// return as soon as the first editor successfully handled the
// specified template
editor.removePolicy(nodePath, policy);
log.debug("Removed template " + policy + " using " + editor);
return;
} catch (AccessControlException e) {
log.debug(e.getMessage());
// ignore and try next
}
}
// neither of the editors was able to remove a policy at nodePath
throw new AccessControlException("Unable to remove template " + policy);
}
use of javax.jcr.security.AccessControlException in project jackrabbit by apache.
the class ACLEditor method removePolicy.
/**
* @see AccessControlEditor#removePolicy(String,AccessControlPolicy)
*/
public void removePolicy(String nodePath, AccessControlPolicy policy) throws AccessControlException, PathNotFoundException, RepositoryException {
checkProtectsNode(nodePath);
checkValidPolicy(nodePath, policy);
NodeImpl acNode = getAcNode(nodePath);
if (isAccessControlled(acNode)) {
// build the template in order to have a return value
AccessControlPolicy tmpl = createTemplate(acNode);
if (tmpl.equals(policy)) {
removeItem(acNode.getNode(N_POLICY));
return;
}
}
// to the node at 'nodePath' -> throw exception. no policy was removed
throw new AccessControlException("Policy " + policy + " does not apply to " + nodePath);
}
use of javax.jcr.security.AccessControlException in project jackrabbit by apache.
the class ACLEditor method editAccessControlPolicies.
/**
* @see AccessControlEditor#editAccessControlPolicies(Principal)
*/
public JackrabbitAccessControlPolicy[] editAccessControlPolicies(Principal principal) throws RepositoryException {
if (!session.getPrincipalManager().hasPrincipal(principal.getName())) {
throw new AccessControlException("Cannot edit access control: " + principal.getName() + " isn't a known principal.");
}
String nPath = getPathToAcNode(principal);
NodeImpl acNode;
if (!session.nodeExists(nPath)) {
acNode = createAcNode(nPath);
} else {
acNode = (NodeImpl) session.getNode(nPath);
}
if (!isAccessControlled(acNode)) {
return new JackrabbitAccessControlPolicy[] { createTemplate(acNode) };
} else {
// no additional applicable policies present.
return new JackrabbitAccessControlPolicy[0];
}
}
use of javax.jcr.security.AccessControlException in project jackrabbit by apache.
the class ACLEditor method removePolicy.
/**
* @see AccessControlEditor#removePolicy(String,AccessControlPolicy)
*/
public synchronized void removePolicy(String nodePath, AccessControlPolicy policy) throws AccessControlException, RepositoryException {
checkProtectsNode(nodePath);
checkValidPolicy(nodePath, policy);
NodeImpl aclNode = getAclNode(nodePath);
if (aclNode != null) {
removeItem(aclNode);
} else {
throw new AccessControlException("No policy to remove at " + nodePath);
}
}
use of javax.jcr.security.AccessControlException in project jackrabbit by apache.
the class PrivilegeRegistry method getBits.
/**
* Best effort approach to calculate bits for built-in privileges. Throws
* <code>UnsupportedOperationException</code> if the workaround fails.
*
* @param privileges An array of privileges.
* @return The privilege bits.
* @throws AccessControlException If the specified array is null
* or if it contains an unregistered privilege.
* @see #getPrivileges(int)
* @deprecated Use {@link PrivilegeManagerImpl#getBits(javax.jcr.security.Privilege...)} instead.
*/
public static int getBits(Privilege[] privileges) throws AccessControlException {
if (privileges == null || privileges.length == 0) {
throw new AccessControlException("Privilege array is empty or null.");
}
Map<String, String> lookup = new HashMap<String, String>(2);
lookup.put(Name.NS_REP_PREFIX, Name.NS_REP_URI);
lookup.put(Name.NS_JCR_PREFIX, Name.NS_JCR_URI);
int bits = NO_PRIVILEGE;
for (Privilege priv : privileges) {
String prefix = Text.getNamespacePrefix(priv.getName());
if (lookup.containsKey(prefix)) {
Name n = NAME_FACTORY.create(lookup.get(prefix), Text.getLocalName(priv.getName()));
if (PRIVILEGE_NAMES.containsKey(n)) {
bits |= PRIVILEGE_NAMES.get(n);
} else if (NameConstants.JCR_WRITE.equals(n)) {
bits |= createJcrWriteDefinition().bits.longValue();
} else if (REP_WRITE_NAME.equals(n)) {
Definition jcrWrite = createJcrWriteDefinition();
bits |= createRepWriteDefinition(jcrWrite).bits.longValue();
} else if (NameConstants.JCR_ALL.equals(n)) {
for (Name pn : PRIVILEGE_NAMES.keySet()) {
bits |= PRIVILEGE_NAMES.get(pn);
}
} else {
throw new AccessControlException("Unknown privilege '" + priv.getName() + "'.");
}
} else {
throw new AccessControlException("Unknown privilege '" + priv.getName() + "'.");
}
}
return bits;
}
Aggregations