use of org.apache.jackrabbit.api.security.user.Authorizable in project jackrabbit-oak by apache.
the class XPathConditionVisitor method visit.
@Override
public void visit(Condition.Impersonation condition) {
String principalName = condition.getName();
boolean isAdmin = false;
try {
Authorizable authorizable = userMgr.getAuthorizable(new PrincipalImpl(principalName));
isAdmin = authorizable != null && !authorizable.isGroup() && ((User) authorizable).isAdmin();
} catch (RepositoryException e) {
// unable to retrieve authorizable
}
if (isAdmin) {
statement.append('@').append(QueryUtil.escapeForQuery(JcrConstants.JCR_PRIMARYTYPE, namePathMapper)).append("='").append(QueryUtil.escapeForQuery(UserConstants.NT_REP_USER, namePathMapper)).append('\'');
} else {
statement.append('@').append(QueryUtil.escapeForQuery(UserConstants.REP_IMPERSONATORS, namePathMapper)).append("='").append(condition.getName()).append('\'');
}
}
use of org.apache.jackrabbit.api.security.user.Authorizable in project jackrabbit-oak by apache.
the class UserManagerImpl method getAuthorizable.
//--------------------------------------------------------< UserManager >---
@Override
public Authorizable getAuthorizable(String id) throws RepositoryException {
Authorizable authorizable = null;
Tree tree = (Strings.isNullOrEmpty(id)) ? null : userProvider.getAuthorizable(id);
if (tree != null) {
authorizable = getAuthorizable(UserUtil.getAuthorizableId(tree), tree);
}
return authorizable;
}
use of org.apache.jackrabbit.api.security.user.Authorizable in project jackrabbit by apache.
the class DefaultSecurityManager method createSystemUsers.
/**
* Make sure the system users (admin and anonymous) exist.
*
* @param userManager Manager to create users/groups.
* @param session The editing session.
* @param adminId UserID of the administrator.
* @param anonymousId UserID of the anonymous user.
* @throws RepositoryException If an error occurs.
*/
static void createSystemUsers(UserManager userManager, SystemSession session, String adminId, String anonymousId) throws RepositoryException {
Authorizable admin;
if (adminId != null) {
admin = userManager.getAuthorizable(adminId);
if (admin == null) {
userManager.createUser(adminId, adminId);
if (!userManager.isAutoSave()) {
session.save();
}
log.info("... created admin-user with id \'" + adminId + "\' ...");
}
}
if (anonymousId != null) {
Authorizable anonymous = userManager.getAuthorizable(anonymousId);
if (anonymous == null) {
try {
userManager.createUser(anonymousId, "");
if (!userManager.isAutoSave()) {
session.save();
}
log.info("... created anonymous user with id \'" + anonymousId + "\' ...");
} catch (RepositoryException e) {
// exception while creating the anonymous user.
// log an error but don't abort the repository start-up
log.error("Failed to create anonymous user.", e);
}
}
}
}
use of org.apache.jackrabbit.api.security.user.Authorizable in project jackrabbit by apache.
the class UserImporterTest method testPlainTextPassword.
public void testPlainTextPassword() throws RepositoryException, IOException, SAXException, NotExecutableException {
String plainPw = "myPassword";
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + " <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>" + plainPw + "</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>t</sv:value></sv:property>" + "</sv:node>";
NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getUsersPath());
try {
doImport(target, xml);
assertTrue(target.isModified());
assertTrue(sImpl.hasPendingChanges());
Authorizable newUser = umgr.getAuthorizable("t");
NodeImpl n = ((UserImpl) newUser).getNode();
String pwValue = n.getProperty(UserConstants.P_PASSWORD).getString();
assertFalse(plainPw.equals(pwValue));
assertTrue(pwValue.startsWith("{sha1}"));
} finally {
sImpl.refresh(false);
}
}
use of org.apache.jackrabbit.api.security.user.Authorizable in project jackrabbit by apache.
the class UserImporterTest method testImportGroup.
public void testImportGroup() throws RepositoryException, IOException, SAXException, NotExecutableException {
String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"g\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + " <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:Group</sv:value></sv:property>" + " <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>b2f5ff47-4366-31b6-a533-d8dc3614845d</sv:value></sv:property>" + " <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>g</sv:value></sv:property>" + "</sv:node>";
NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getGroupsPath());
try {
doImport(target, xml);
assertTrue(target.isModified());
assertTrue(sImpl.hasPendingChanges());
Authorizable newGroup = umgr.getAuthorizable("g");
assertNotNull(newGroup);
assertTrue(newGroup.isGroup());
assertEquals("g", newGroup.getPrincipal().getName());
assertEquals("g", newGroup.getID());
NodeImpl n = ((GroupImpl) newGroup).getNode();
assertTrue(n.isNew());
assertTrue(n.getParent().isSame(target));
assertEquals("g", n.getName());
assertEquals("g", n.getProperty(UserConstants.P_PRINCIPAL_NAME).getString());
// saving changes of the import -> must succeed. add mandatory
// props should have been created.
sImpl.save();
} finally {
sImpl.refresh(false);
if (target.hasNode("g")) {
target.getNode("g").remove();
sImpl.save();
}
}
}
Aggregations