Example 1 with RequestProperty
use of org.apache.sling.servlets.post.impl.helper.RequestProperty in project sling by apache.
the class UpdateGroupServlet method updateGroup.
/* (non-Javadoc)
* @see org.apache.sling.jackrabbit.usermanager.UpdateGroup#updateGroup(javax.jcr.Session, java.lang.String, java.util.Map, java.util.List)
*/
public Group updateGroup(Session jcrSession, String name, Map<String, ?> properties, List<Modification> changes) throws RepositoryException {
Group group = null;
UserManager userManager = AccessControlUtil.getUserManager(jcrSession);
Authorizable authorizable = userManager.getAuthorizable(name);
if (authorizable instanceof Group) {
group = (Group) authorizable;
} else {
throw new ResourceNotFoundException("Group to update could not be determined");
}
String groupPath = AuthorizableResourceProvider.SYSTEM_USER_MANAGER_GROUP_PREFIX + group.getID();
Collection<RequestProperty> reqProperties = collectContent(properties);
try {
// cleanup any old content (@Delete parameters)
processDeletes(group, reqProperties, changes);
// write content from form
writeContent(jcrSession, group, reqProperties, changes);
// update the group memberships
ResourceResolver resourceResolver = null;
try {
//create a resource resolver to resolve the relative paths used for group membership values
final Map<String, Object> authInfo = new HashMap<String, Object>();
authInfo.put(org.apache.sling.jcr.resource.api.JcrResourceConstants.AUTHENTICATION_INFO_SESSION, jcrSession);
resourceResolver = resourceResolverFactory.getResourceResolver(authInfo);
Resource baseResource = resourceResolver.getResource(groupPath);
updateGroupMembership(baseResource, properties, group, changes);
} catch (LoginException e) {
throw new RepositoryException(e);
} finally {
if (resourceResolver != null) {
resourceResolver.close();
}
}
} catch (RepositoryException re) {
throw new RepositoryException("Failed to update group.", re);
}
return group;
}
Also used :
Group(org.apache.jackrabbit.api.security.user.Group)
UpdateGroup(org.apache.sling.jackrabbit.usermanager.UpdateGroup)
HashMap(java.util.HashMap)
Resource(org.apache.sling.api.resource.Resource)
RepositoryException(javax.jcr.RepositoryException)
RequestProperty(org.apache.sling.servlets.post.impl.helper.RequestProperty)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
ResourceResolver(org.apache.sling.api.resource.ResourceResolver)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
LoginException(org.apache.sling.api.resource.LoginException)
ResourceNotFoundException(org.apache.sling.api.resource.ResourceNotFoundException)
Example 2 with RequestProperty
use of org.apache.sling.servlets.post.impl.helper.RequestProperty in project sling by apache.
the class UpdateUserServlet method updateUser.
/* (non-Javadoc)
* @see org.apache.sling.jackrabbit.usermanager.UpdateUser#updateUser(javax.jcr.Session, java.lang.String, java.util.Map, java.util.List)
*/
public User updateUser(Session jcrSession, String name, Map<String, ?> properties, List<Modification> changes) throws RepositoryException {
User user;
UserManager userManager = AccessControlUtil.getUserManager(jcrSession);
Authorizable authorizable = userManager.getAuthorizable(name);
if (authorizable instanceof User) {
user = (User) authorizable;
} else {
throw new ResourceNotFoundException("User to update could not be determined");
}
Collection<RequestProperty> reqProperties = collectContent(properties);
try {
// cleanup any old content (@Delete parameters)
processDeletes(user, reqProperties, changes);
// write content from form
writeContent(jcrSession, user, reqProperties, changes);
//SLING-2072 set the user as enabled or disabled if the request
// has supplied the relevant properties
String disabledParam = convertToString(properties.get(":disabled"));
if ("true".equalsIgnoreCase(disabledParam)) {
//set the user as disabled
String disabledReason = convertToString(properties.get(":disabledReason"));
if (disabledReason == null) {
disabledReason = "";
}
user.disable(disabledReason);
} else if ("false".equalsIgnoreCase(disabledParam)) {
//re-enable a disabled user
user.disable(null);
}
} catch (RepositoryException re) {
throw new RepositoryException("Failed to update user.", re);
}
return user;
}
Also used :
UpdateUser(org.apache.sling.jackrabbit.usermanager.UpdateUser)
User(org.apache.jackrabbit.api.security.user.User)
RequestProperty(org.apache.sling.servlets.post.impl.helper.RequestProperty)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
RepositoryException(javax.jcr.RepositoryException)
ResourceNotFoundException(org.apache.sling.api.resource.ResourceNotFoundException)
Example 3 with RequestProperty
use of org.apache.sling.servlets.post.impl.helper.RequestProperty in project sling by apache.
the class CreateGroupServlet method createGroup.
/* (non-Javadoc)
* @see org.apache.sling.jackrabbit.usermanager.CreateGroup#createGroup(javax.jcr.Session, java.lang.String, java.util.Map, java.util.List)
*/
public Group createGroup(Session jcrSession, final String name, Map<String, ?> properties, List<Modification> changes) throws RepositoryException {
// check that the parameter values have valid values.
if (jcrSession == null) {
throw new IllegalArgumentException("JCR Session not found");
}
if (name == null || name.length() == 0) {
throw new IllegalArgumentException("Group name was not supplied");
}
UserManager userManager = AccessControlUtil.getUserManager(jcrSession);
Authorizable authorizable = userManager.getAuthorizable(name);
Group group = null;
if (authorizable != null) {
// principal already exists!
throw new RepositoryException("A group already exists with the requested name: " + name);
} else {
group = userManager.createGroup(new Principal() {
public String getName() {
return name;
}
});
String groupPath = AuthorizableResourceProvider.SYSTEM_USER_MANAGER_GROUP_PREFIX + group.getID();
Collection<RequestProperty> reqProperties = collectContent(properties);
changes.add(Modification.onCreated(groupPath));
// write content from form
writeContent(jcrSession, group, reqProperties, changes);
// update the group memberships
ResourceResolver resourceResolver = null;
try {
//create a resource resolver to resolve the relative paths used for group membership values
final Map<String, Object> authInfo = new HashMap<String, Object>();
authInfo.put(org.apache.sling.jcr.resource.api.JcrResourceConstants.AUTHENTICATION_INFO_SESSION, jcrSession);
resourceResolver = resourceResolverFactory.getResourceResolver(authInfo);
Resource baseResource = resourceResolver.getResource(AuthorizableResourceProvider.SYSTEM_USER_MANAGER_GROUP_PATH);
updateGroupMembership(baseResource, properties, group, changes);
} catch (LoginException e) {
throw new RepositoryException(e);
} finally {
if (resourceResolver != null) {
resourceResolver.close();
}
}
}
return group;
}
Also used :
Group(org.apache.jackrabbit.api.security.user.Group)
CreateGroup(org.apache.sling.jackrabbit.usermanager.CreateGroup)
HashMap(java.util.HashMap)
Resource(org.apache.sling.api.resource.Resource)
RepositoryException(javax.jcr.RepositoryException)
RequestProperty(org.apache.sling.servlets.post.impl.helper.RequestProperty)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
ResourceResolver(org.apache.sling.api.resource.ResourceResolver)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
LoginException(org.apache.sling.api.resource.LoginException)
Principal(java.security.Principal)
Example 4 with RequestProperty
use of org.apache.sling.servlets.post.impl.helper.RequestProperty in project sling by apache.
the class CreateUserServlet method createUser.
/* (non-Javadoc)
* @see org.apache.sling.jackrabbit.usermanager.CreateUser#createUser(javax.jcr.Session, java.lang.String, java.lang.String, java.lang.String, java.util.Map, java.util.List)
*/
public User createUser(Session jcrSession, String name, String password, String passwordConfirm, Map<String, ?> properties, List<Modification> changes) throws RepositoryException {
if (jcrSession == null) {
throw new RepositoryException("JCR Session not found");
}
// check for an administrator
boolean administrator = false;
try {
UserManager um = AccessControlUtil.getUserManager(jcrSession);
User currentUser = (User) um.getAuthorizable(jcrSession.getUserID());
administrator = currentUser.isAdmin();
if (!administrator) {
//check if the user is a member of the 'User administrator' group
Authorizable userAdmin = um.getAuthorizable(this.userAdminGroupName);
if (userAdmin instanceof Group) {
boolean isMember = ((Group) userAdmin).isMember(currentUser);
if (isMember) {
administrator = true;
}
}
}
} catch (Exception ex) {
log.warn("Failed to determine if the user is an admin, assuming not. Cause: " + ex.getMessage());
administrator = false;
}
// make sure user self-registration is enabled
if (!administrator && !selfRegistrationEnabled) {
throw new RepositoryException("Sorry, registration of new users is not currently enabled. Please try again later.");
}
// check that the submitted parameter values have valid values.
if (name == null || name.length() == 0) {
throw new RepositoryException("User name was not submitted");
}
if (password == null) {
throw new RepositoryException("Password was not submitted");
}
if (!password.equals(passwordConfirm)) {
throw new RepositoryException("Password value does not match the confirmation password");
}
User user = null;
Session selfRegSession = jcrSession;
boolean useAdminSession = !administrator && selfRegistrationEnabled;
try {
if (useAdminSession) {
//the current user doesn't have permission to create the user,
// but self-registration is enabled, so use an admin session
// to do the work.
selfRegSession = getSession();
}
UserManager userManager = AccessControlUtil.getUserManager(selfRegSession);
Authorizable authorizable = userManager.getAuthorizable(name);
if (authorizable != null) {
// user already exists!
throw new RepositoryException("A principal already exists with the requested name: " + name);
} else {
user = userManager.createUser(name, password);
String userPath = AuthorizableResourceProvider.SYSTEM_USER_MANAGER_USER_PREFIX + user.getID();
Collection<RequestProperty> reqProperties = collectContent(properties);
changes.add(Modification.onCreated(userPath));
// write content from form
writeContent(selfRegSession, user, reqProperties, changes);
if (selfRegSession.hasPendingChanges()) {
selfRegSession.save();
}
if (useAdminSession) {
//lookup the user from the user session so we can return a live object
UserManager userManager2 = AccessControlUtil.getUserManager(jcrSession);
Authorizable authorizable2 = userManager2.getAuthorizable(user.getID());
if (authorizable2 instanceof User) {
user = (User) authorizable2;
} else {
user = null;
}
}
}
} finally {
if (useAdminSession) {
//done with the self-reg admin session, so clean it up
ungetSession(selfRegSession);
}
}
return user;
}
Also used :
Group(org.apache.jackrabbit.api.security.user.Group)
User(org.apache.jackrabbit.api.security.user.User)
CreateUser(org.apache.sling.jackrabbit.usermanager.CreateUser)
RequestProperty(org.apache.sling.servlets.post.impl.helper.RequestProperty)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
RepositoryException(javax.jcr.RepositoryException)
RepositoryException(javax.jcr.RepositoryException)
Session(javax.jcr.Session)
Example 5 with RequestProperty
use of org.apache.sling.servlets.post.impl.helper.RequestProperty in project sling by apache.
the class AbstractAuthorizablePostServlet method processDeletes.
/**
* Removes all properties listed as {@link RequestProperty#isDelete()} from
* the authorizable.
*
* @param authorizable The
* <code>org.apache.jackrabbit.api.security.user.Authorizable</code>
* that should have properties deleted.
* @param reqProperties The collection of request properties to check for
* properties to be removed.
* @param changes The <code>List</code> to be updated with
* information on deleted properties.
* @throws RepositoryException Is thrown if an error occurrs checking or
* removing properties.
*/
protected void processDeletes(Authorizable authorizable, Collection<RequestProperty> reqProperties, List<Modification> changes) throws RepositoryException {
for (RequestProperty property : reqProperties) {
if (property.isDelete()) {
if (authorizable.hasProperty(property.getName())) {
authorizable.removeProperty(property.getName());
changes.add(Modification.onDeleted(property.getPath()));
}
}
}
}
Also used :
RequestProperty(org.apache.sling.servlets.post.impl.helper.RequestProperty)
Aggregations
RequestProperty (org.apache.sling.servlets.post.impl.helper.RequestProperty)26
Test (org.junit.Test)12
RepositoryException (javax.jcr.RepositoryException)5
Resource (org.apache.sling.api.resource.Resource)5
HashMap (java.util.HashMap)4
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)4
UserManager (org.apache.jackrabbit.api.security.user.UserManager)4
RequestParameter (org.apache.sling.api.request.RequestParameter)4
Map (java.util.Map)3
Group (org.apache.jackrabbit.api.security.user.Group)3
Session (javax.jcr.Session)2
User (org.apache.jackrabbit.api.security.user.User)2
RequestParameterMap (org.apache.sling.api.request.RequestParameterMap)2
LoginException (org.apache.sling.api.resource.LoginException)2
ModifiableValueMap (org.apache.sling.api.resource.ModifiableValueMap)2
PersistenceException (org.apache.sling.api.resource.PersistenceException)2
ResourceNotFoundException (org.apache.sling.api.resource.ResourceNotFoundException)2
ResourceResolver (org.apache.sling.api.resource.ResourceResolver)2
VersioningConfiguration (org.apache.sling.servlets.post.VersioningConfiguration)2
IOException (java.io.IOException)1
