Example 1 with AccessControlEntryImpl
use of org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl in project jackrabbit by apache.
the class ACLEditor method setPolicy.
/**
* @see AccessControlEditor#setPolicy(String,AccessControlPolicy)
*/
public void setPolicy(String nodePath, AccessControlPolicy policy) throws AccessControlException, PathNotFoundException, RepositoryException {
checkProtectsNode(nodePath);
checkValidPolicy(nodePath, policy);
ACLTemplate acl = (ACLTemplate) policy;
NodeImpl acNode = getAcNode(nodePath);
if (acNode == null) {
throw new PathNotFoundException("No such node " + nodePath);
}
// write the entries to the node
NodeImpl aclNode;
if (acNode.hasNode(N_POLICY)) {
aclNode = acNode.getNode(N_POLICY);
// remove all existing aces
for (NodeIterator aceNodes = aclNode.getNodes(); aceNodes.hasNext(); ) {
NodeImpl aceNode = (NodeImpl) aceNodes.nextNode();
removeItem(aceNode);
}
} else {
/* doesn't exist yet -> create */
aclNode = addNode(acNode, N_POLICY, NT_REP_ACL);
}
/* add all new entries defined on the template */
AccessControlEntry[] aces = acl.getAccessControlEntries();
for (AccessControlEntry ace1 : aces) {
AccessControlEntryImpl ace = (AccessControlEntryImpl) ace1;
// create the ACE node
Name nodeName = getUniqueNodeName(aclNode, "entry");
Name ntName = (ace.isAllow()) ? NT_REP_GRANT_ACE : NT_REP_DENY_ACE;
NodeImpl aceNode = addNode(aclNode, nodeName, ntName);
ValueFactory vf = session.getValueFactory();
// write the rep:principalName property
setProperty(aceNode, P_PRINCIPAL_NAME, vf.createValue(ace.getPrincipal().getName()));
// ... and the rep:privileges property
Privilege[] privs = ace.getPrivileges();
Value[] vs = new Value[privs.length];
for (int j = 0; j < privs.length; j++) {
vs[j] = vf.createValue(privs[j].getName(), PropertyType.NAME);
}
setProperty(aceNode, P_PRIVILEGES, vs);
// store the restrictions:
Set<Name> restrNames = ace.getRestrictions().keySet();
for (Name restrName : restrNames) {
Value value = ace.getRestriction(restrName);
setProperty(aceNode, restrName, value);
}
}
// mark the parent modified.
markModified((NodeImpl) aclNode.getParent());
}
Also used :
NodeIterator(javax.jcr.NodeIterator)
AccessControlEntryImpl(org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl)
NodeImpl(org.apache.jackrabbit.core.NodeImpl)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
ValueFactory(javax.jcr.ValueFactory)
Name(org.apache.jackrabbit.spi.Name)
Value(javax.jcr.Value)
PathNotFoundException(javax.jcr.PathNotFoundException)
Privilege(javax.jcr.security.Privilege)
Example 2 with AccessControlEntryImpl
use of org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl in project jackrabbit by apache.
the class ACLEditor method setPolicy.
/**
* @see AccessControlEditor#setPolicy(String,AccessControlPolicy)
*/
public void setPolicy(String nodePath, AccessControlPolicy policy) throws RepositoryException {
checkProtectsNode(nodePath);
checkValidPolicy(nodePath, policy);
NodeImpl aclNode = getAclNode(nodePath);
if (aclNode != null) {
// remove all existing aces
for (NodeIterator aceNodes = aclNode.getNodes(); aceNodes.hasNext(); ) {
NodeImpl aceNode = (NodeImpl) aceNodes.nextNode();
removeItem(aceNode);
}
} else {
// create the acl node
aclNode = (nodePath == null) ? createRepoAclNode() : createAclNode(nodePath);
}
AccessControlEntry[] entries = ((ACLTemplate) policy).getAccessControlEntries();
for (AccessControlEntry entry : entries) {
AccessControlEntryImpl ace = (AccessControlEntryImpl) entry;
Name nodeName = getUniqueNodeName(aclNode, ace.isAllow() ? "allow" : "deny");
Name ntName = (ace.isAllow()) ? NT_REP_GRANT_ACE : NT_REP_DENY_ACE;
ValueFactory vf = session.getValueFactory();
// create the ACE node
NodeImpl aceNode = addNode(aclNode, nodeName, ntName);
// write the rep:principalName property
String principalName = ace.getPrincipal().getName();
setProperty(aceNode, P_PRINCIPAL_NAME, vf.createValue(principalName));
// ... and the rep:privileges property
Privilege[] pvlgs = ace.getPrivileges();
Value[] names = getPrivilegeNames(pvlgs, vf);
setProperty(aceNode, P_PRIVILEGES, names);
// store the restrictions:
Set<Name> restrNames = ace.getRestrictions().keySet();
for (Name restrName : restrNames) {
Value value = ace.getRestriction(restrName);
setProperty(aceNode, restrName, value);
}
}
// mark the parent modified.
markModified(((NodeImpl) aclNode.getParent()));
}
Also used :
NodeIterator(javax.jcr.NodeIterator)
AccessControlEntryImpl(org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl)
NodeImpl(org.apache.jackrabbit.core.NodeImpl)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
ValueFactory(javax.jcr.ValueFactory)
Name(org.apache.jackrabbit.spi.Name)
Value(javax.jcr.Value)
Privilege(javax.jcr.security.Privilege)
Aggregations
NodeIterator (javax.jcr.NodeIterator)2
Value (javax.jcr.Value)2
ValueFactory (javax.jcr.ValueFactory)2
AccessControlEntry (javax.jcr.security.AccessControlEntry)2
Privilege (javax.jcr.security.Privilege)2
NodeImpl (org.apache.jackrabbit.core.NodeImpl)2
AccessControlEntryImpl (org.apache.jackrabbit.core.security.authorization.AccessControlEntryImpl)2
Name (org.apache.jackrabbit.spi.Name)2
PathNotFoundException (javax.jcr.PathNotFoundException)1
