use of org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants in project pentaho-platform by pentaho.
the class AbstractJcrBackedUserRoleDao method internalCreateFolder.
private RepositoryFile internalCreateFolder(final Session session, final Serializable parentFolderId, final RepositoryFile folder, final RepositoryFileAcl acl, final String versionMessage) throws RepositoryException {
PentahoJcrConstants pentahoJcrConstants = new PentahoJcrConstants(session);
JcrRepositoryFileUtils.checkoutNearestVersionableFileIfNecessary(session, pentahoJcrConstants, parentFolderId);
Node folderNode = JcrRepositoryFileUtils.createFolderNode(session, pentahoJcrConstants, parentFolderId, folder);
// we must create the acl during checkout
JcrRepositoryFileAclUtils.createAcl(session, pentahoJcrConstants, folderNode.getIdentifier(), acl == null ? defaultAclHandler.createDefaultAcl(folder) : acl);
session.save();
if (folder.isVersioned()) {
JcrRepositoryFileUtils.checkinNearestVersionableNodeIfNecessary(session, pentahoJcrConstants, folderNode, versionMessage);
}
JcrRepositoryFileUtils.checkinNearestVersionableFileIfNecessary(session, pentahoJcrConstants, parentFolderId, Messages.getInstance().getString("JcrRepositoryFileDao.USER_0001_VER_COMMENT_ADD_FOLDER", folder.getName(), // $NON-NLS-1$ //$NON-NLS-2$
(parentFolderId == null ? "root" : parentFolderId.toString())));
return JcrRepositoryFileUtils.nodeToFile(session, pentahoJcrConstants, pathConversionHelper, lockHelper, folderNode);
}
use of org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants in project pentaho-platform by pentaho.
the class AbstractBackingRepositoryLifecycleManager method addMetadataToRepository.
public void addMetadataToRepository(final String metadataProperty) {
txnTemplate.execute(new TransactionCallbackWithoutResult() {
public void doInTransactionWithoutResult(final TransactionStatus status) {
adminJcrTemplate.execute(new JcrCallback() {
@Override
public Object doInJcr(Session session) throws IOException, RepositoryException {
new PentahoJcrConstants(session);
String absPath = ServerRepositoryPaths.getPentahoRootFolderPath();
RepositoryFile rootFolder = JcrRepositoryFileUtils.getFileByAbsolutePath(session, absPath, pathConversionHelper, null, false, null);
if (rootFolder != null) {
Map<String, Serializable> metadataMap = JcrRepositoryFileUtils.getFileMetadata(session, rootFolder.getId());
if (metadataMap == null) {
metadataMap = new HashMap<String, Serializable>();
}
metadataMap.put(metadataProperty, Boolean.TRUE);
JcrRepositoryFileUtils.setFileMetadata(session, rootFolder.getId(), metadataMap);
} else {
throw new IllegalStateException("Repository has not been initialized properly");
}
session.save();
return null;
}
});
}
});
}
use of org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants in project pentaho-platform by pentaho.
the class DefaultBackingRepositoryLifecycleManager method createCustomPrivilege.
private void createCustomPrivilege() {
txnTemplate.execute(new TransactionCallbackWithoutResult() {
public void doInTransactionWithoutResult(final TransactionStatus status) {
adminJcrTemplate.execute(new JcrCallback() {
@Override
public Object doInJcr(Session session) throws IOException, RepositoryException {
PentahoJcrConstants pentahoJcrConstants = new PentahoJcrConstants(session);
Workspace workspace = session.getWorkspace();
PrivilegeManager privilegeManager = ((JackrabbitWorkspace) workspace).getPrivilegeManager();
try {
privilegeManager.getPrivilege(pentahoJcrConstants.getPHO_ACLMANAGEMENT_PRIVILEGE());
} catch (AccessControlException ace) {
privilegeManager.registerPrivilege(pentahoJcrConstants.getPHO_ACLMANAGEMENT_PRIVILEGE(), false, new String[0]);
}
session.save();
return null;
}
});
}
});
}
use of org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants in project pentaho-platform by pentaho.
the class AbstractJcrBackedRoleBindingDao method getBoundLogicalRoleNames.
@Override
public List<String> getBoundLogicalRoleNames(Session session, ITenant tenant, List<String> runtimeRoleNames) throws NamespaceException, RepositoryException {
if ((tenant == null) || (tenant.getId() == null)) {
return getBoundLogicalRoleNames(session, runtimeRoleNames);
}
if (!TenantUtils.isAccessibleTenant(tenant)) {
return new ArrayList<String>();
}
final List<String> uncachedRuntimeRoleNames = new ArrayList<String>();
final Set<String> cachedBoundLogicalRoleNames = new HashSet<String>();
for (String runtimeRoleName : runtimeRoleNames) {
String roleName = tenantedRoleNameUtils.getPrincipleName(runtimeRoleName);
String roleId = tenantedRoleNameUtils.getPrincipleId(tenant, runtimeRoleName);
Object fromRegionCache = cacheManager.getFromRegionCache(LOGICAL_ROLE_BINDINGS_REGION, roleId);
if (fromRegionCache != null) {
cachedBoundLogicalRoleNames.addAll((Collection<String>) fromRegionCache);
} else {
uncachedRuntimeRoleNames.add(roleName);
}
}
if (uncachedRuntimeRoleNames.isEmpty()) {
// no need to hit the repo
return new ArrayList<String>(cachedBoundLogicalRoleNames);
}
PentahoJcrConstants pentahoJcrConstants = new PentahoJcrConstants(session);
// $NON-NLS-1$
final String phoNsPrefix = session.getNamespacePrefix(PentahoJcrConstants.PHO_NS) + ":";
// $NON-NLS-1$
final String onlyPentahoPattern = phoNsPrefix + "*";
HashMultimap<String, String> boundLogicalRoleNames = HashMultimap.create();
Node runtimeRolesFolderNode = getRuntimeRolesFolderNode(session, tenant);
NodeIterator runtimeRoleNodes = runtimeRolesFolderNode.getNodes(onlyPentahoPattern);
if (!runtimeRoleNodes.hasNext()) {
// no bindings setup yet; fall back on bootstrap bindings
for (String runtimeRoleName : uncachedRuntimeRoleNames) {
String roleId = tenantedRoleNameUtils.getPrincipleId(tenant, runtimeRoleName);
if (bootstrapRoleBindings.containsKey(runtimeRoleName)) {
boundLogicalRoleNames.putAll(roleId, bootstrapRoleBindings.get(runtimeRoleName));
}
}
} else {
for (String runtimeRoleName : uncachedRuntimeRoleNames) {
if (NodeHelper.hasNode(runtimeRolesFolderNode, phoNsPrefix, runtimeRoleName)) {
Node runtimeRoleFolderNode = NodeHelper.getNode(runtimeRolesFolderNode, phoNsPrefix, runtimeRoleName);
if (runtimeRoleFolderNode.hasProperty(pentahoJcrConstants.getPHO_BOUNDROLES())) {
Value[] values = runtimeRoleFolderNode.getProperty(pentahoJcrConstants.getPHO_BOUNDROLES()).getValues();
String roleId = tenantedRoleNameUtils.getPrincipleId(tenant, runtimeRoleName);
for (Value value : values) {
boundLogicalRoleNames.put(roleId, value.getString());
}
}
}
}
}
// now add in immutable bound logical role names
for (String runtimeRoleName : uncachedRuntimeRoleNames) {
if (immutableRoleBindings.containsKey(runtimeRoleName)) {
String roleId = tenantedRoleNameUtils.getPrincipleId(tenant, runtimeRoleName);
boundLogicalRoleNames.putAll(roleId, immutableRoleBindingNames.get(runtimeRoleName));
}
}
// update cache
Map<String, Collection<String>> stringCollectionMap = boundLogicalRoleNames.asMap();
for (Entry<String, Collection<String>> stringCollectionEntry : stringCollectionMap.entrySet()) {
cacheManager.putInRegionCache(LOGICAL_ROLE_BINDINGS_REGION, stringCollectionEntry.getKey(), stringCollectionEntry.getValue());
}
// now add in those runtime roles that have no bindings to the cache
for (String runtimeRoleName : uncachedRuntimeRoleNames) {
String roleId = tenantedRoleNameUtils.getPrincipleId(tenant, runtimeRoleName);
if (cacheManager.getFromRegionCache(LOGICAL_ROLE_BINDINGS_REGION, roleId) == null) {
cacheManager.putInRegionCache(LOGICAL_ROLE_BINDINGS_REGION, roleId, Collections.emptyList());
}
}
// combine cached findings plus ones from repo
Set<String> res = new HashSet<String>();
res.addAll(cachedBoundLogicalRoleNames);
res.addAll(boundLogicalRoleNames.values());
return new ArrayList<String>(res);
}
use of org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants in project pentaho-platform by pentaho.
the class JcrRepositoryFileAclDao method toAcl.
private RepositoryFileAcl toAcl(final Session session, final PentahoJcrConstants pentahoJcrConstants, final Serializable id) throws RepositoryException {
Node node = session.getNodeByIdentifier(id.toString());
if (node == null) {
throw new RepositoryException(Messages.getInstance().getString("JackrabbitRepositoryFileAclDao.ERROR_0001_NODE_NOT_FOUND", // $NON-NLS-1$
id.toString()));
}
String absPath = node.getPath();
AccessControlManager acMgr = session.getAccessControlManager();
AccessControlList acList = getAccessControlList(acMgr, absPath);
RepositoryFileSid owner = null;
String ownerString = getOwner(session, absPath, acList);
if (ownerString != null) {
// for now, just assume all owners are users; only has UI impact
owner = new RepositoryFileSid(JcrTenantUtils.getUserNameUtils().getPrincipleName(ownerString), RepositoryFileSid.Type.USER);
}
RepositoryFileAcl.Builder aclBuilder = new RepositoryFileAcl.Builder(id, owner);
aclBuilder.entriesInheriting(isEntriesInheriting(session, absPath, acList));
List<AccessControlEntry> cleanedAcEntries = JcrRepositoryFileAclUtils.removeAclMetadata(Arrays.asList(acList.getAccessControlEntries()));
for (AccessControlEntry acEntry : cleanedAcEntries) {
if (!acEntry.getPrincipal().equals(new SpringSecurityRolePrincipal(JcrTenantUtils.getTenantedRole(tenantAdminAuthorityName)))) {
aclBuilder.ace(toAce(session, acEntry));
}
}
return aclBuilder.build();
}
Aggregations