Search in sources :

Example 11 with ItemBasedPrincipal

use of org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal in project jackrabbit by apache.

the class ACLEditor method getPrincipal.

/**
     * Returns the principal for the given path or null.
     *
     * @param pathToACNode
     * @return
     * @throws RepositoryException
     */
private Principal getPrincipal(final String pathToACNode) throws RepositoryException {
    final String id = getPathName(pathToACNode);
    UserManager uMgr = session.getUserManager();
    Authorizable authorizable = uMgr.getAuthorizable(id);
    if (authorizable == null) {
        // use workaround to retrieve the principal
        if (pathToACNode.startsWith(acRootPath)) {
            final String principalPath = pathToACNode.substring(acRootPath.length());
            if (principalPath.indexOf('/', 1) > 0) {
                // safe to build an item based principal
                authorizable = uMgr.getAuthorizable(new ItemBasedPrincipal() {

                    public String getPath() throws RepositoryException {
                        return principalPath;
                    }

                    public String getName() {
                        return Text.getName(principalPath);
                    }
                });
            } else {
                // see getPathToAcNode above -> try to retrieve principal by name.
                return session.getPrincipalManager().getPrincipal(Text.getName(principalPath));
            }
        }
    // else: path doesn't start with acRootPath -> return null.
    }
    return (authorizable == null) ? null : authorizable.getPrincipal();
}
Also used : UserManager(org.apache.jackrabbit.api.security.user.UserManager) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)

Example 12 with ItemBasedPrincipal

use of org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal in project jackrabbit by apache.

the class TokenProvider method getUserId.

static String getUserId(NodeImpl tokenNode, UserManager userManager) throws RepositoryException {
    if (tokenNode != null) {
        final NodeImpl userNode = (NodeImpl) tokenNode.getParent().getParent();
        final String principalName = userNode.getProperty(UserImpl.P_PRINCIPAL_NAME).getString();
        if (userNode.isNodeType(UserImpl.NT_REP_USER)) {
            Authorizable a = userManager.getAuthorizable(new ItemBasedPrincipal() {

                public String getPath() throws RepositoryException {
                    return userNode.getPath();
                }

                public String getName() {
                    return principalName;
                }
            });
            if (a != null && !a.isGroup() && !((User) a).isDisabled()) {
                return a.getID();
            }
        } else {
            throw new RepositoryException("Failed to calculate userId from token credentials");
        }
    }
    return null;
}
Also used : User(org.apache.jackrabbit.api.security.user.User) NodeImpl(org.apache.jackrabbit.core.NodeImpl) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) RepositoryException(javax.jcr.RepositoryException)

Example 13 with ItemBasedPrincipal

use of org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal in project jackrabbit by apache.

the class TokenProvider method getTokenParent.

private NodeImpl getTokenParent(User user) throws RepositoryException {
    NodeImpl tokenParent = null;
    String parentPath = null;
    try {
        if (user != null) {
            Principal pr = user.getPrincipal();
            if (pr instanceof ItemBasedPrincipal) {
                String userPath = ((ItemBasedPrincipal) pr).getPath();
                NodeImpl userNode = (NodeImpl) session.getNode(userPath);
                if (userNode.hasNode(TOKENS_NODE_NAME)) {
                    tokenParent = (NodeImpl) userNode.getNode(TOKENS_NODE_NAME);
                } else {
                    tokenParent = userNode.addNode(session.getQName(TOKENS_NODE_NAME), TOKENS_NT_NAME, NodeId.randomId());
                    parentPath = userPath + '/' + TOKENS_NODE_NAME;
                    session.save();
                }
            }
        } else {
            log.debug("Cannot create login token: No user specified. (null)");
        }
    } catch (RepositoryException e) {
        // conflict while creating token store for this user -> refresh and
        // try to get the tree from the updated root.
        log.debug("Conflict while creating token store -> retrying", e);
        session.refresh(false);
        if (parentPath != null && session.nodeExists(parentPath)) {
            tokenParent = (NodeImpl) session.getNode(parentPath);
        }
    }
    return tokenParent;
}
Also used : NodeImpl(org.apache.jackrabbit.core.NodeImpl) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal) RepositoryException(javax.jcr.RepositoryException) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal) Principal(java.security.Principal)

Example 14 with ItemBasedPrincipal

use of org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal in project jackrabbit by apache.

the class TokenBasedLoginTest method setUp.

@Override
protected void setUp() throws Exception {
    super.setUp();
    if (superuser instanceof JackrabbitSession) {
        UserManager umgr = ((JackrabbitSession) superuser).getUserManager();
        String uid = "test";
        while (umgr.getAuthorizable(uid) != null) {
            uid += "_";
        }
        testuser = umgr.createUser(uid, uid);
        Principal p = testuser.getPrincipal();
        if (p instanceof ItemBasedPrincipal) {
            testuserPath = ((ItemBasedPrincipal) p).getPath();
        } else {
            throw new NotExecutableException();
        }
        creds = new SimpleCredentials(uid, uid.toCharArray());
        if (!umgr.isAutoSave()) {
            doSave = true;
            superuser.save();
        }
    } else {
        throw new NotExecutableException();
    }
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) UserManager(org.apache.jackrabbit.api.security.user.UserManager) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) Principal(java.security.Principal) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)

Example 15 with ItemBasedPrincipal

use of org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal in project jackrabbit by apache.

the class GroupImplTest method testEveryoneGroup.

public void testEveryoneGroup() throws RepositoryException, NotExecutableException {
    Group g = null;
    try {
        g = userMgr.createGroup(EveryonePrincipal.NAME);
        save(superuser);
        assertEquals(EveryonePrincipal.NAME, g.getPrincipal().getName());
        assertEquals(EveryonePrincipal.getInstance(), g.getPrincipal());
        assertTrue(g.isDeclaredMember(getTestUser(superuser)));
        assertTrue(g.isMember(getTestUser(superuser)));
        Iterator<Authorizable> it = g.getDeclaredMembers();
        assertTrue(it.hasNext());
        Set<Authorizable> members = new HashSet<Authorizable>();
        while (it.hasNext()) {
            members.add(it.next());
        }
        it = g.getMembers();
        assertTrue(it.hasNext());
        while (it.hasNext()) {
            assertTrue(members.contains(it.next()));
        }
        assertFalse(g.addMember(getTestUser(superuser)));
        assertFalse(g.removeMember(getTestUser(superuser)));
        PrincipalManager pMgr = ((JackrabbitSession) superuser).getPrincipalManager();
        Principal everyone = pMgr.getEveryone();
        assertTrue(everyone instanceof ItemBasedPrincipal);
        assertEquals(everyone, EveryonePrincipal.getInstance());
    } finally {
        if (g != null) {
            g.remove();
            save(superuser);
        }
    }
}
Also used : PrincipalManager(org.apache.jackrabbit.api.security.principal.PrincipalManager) Group(org.apache.jackrabbit.api.security.user.Group) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession) EveryonePrincipal(org.apache.jackrabbit.core.security.principal.EveryonePrincipal) Principal(java.security.Principal) ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal) HashSet(java.util.HashSet)

Aggregations

ItemBasedPrincipal (org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)17 Principal (java.security.Principal)9 UserManager (org.apache.jackrabbit.api.security.user.UserManager)7 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)6 RepositoryException (javax.jcr.RepositoryException)5 JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)5 User (org.apache.jackrabbit.api.security.user.User)5 NodeImpl (org.apache.jackrabbit.core.NodeImpl)4 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)4 HashSet (java.util.HashSet)3 Node (javax.jcr.Node)3 JackrabbitAccessControlPolicy (org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)3 Nonnull (javax.annotation.Nonnull)2 Session (javax.jcr.Session)2 SimpleCredentials (javax.jcr.SimpleCredentials)2 SessionImpl (org.apache.jackrabbit.core.SessionImpl)2 ArrayList (java.util.ArrayList)1 Calendar (java.util.Calendar)1 Date (java.util.Date)1 GregorianCalendar (java.util.GregorianCalendar)1