Search in sources :

Example 11 with PentahoJcrConstants

use of org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants in project pentaho-platform by pentaho.

the class AbstractJcrBackedUserRoleDao method internalCreateFolder.

private RepositoryFile internalCreateFolder(final Session session, final Serializable parentFolderId, final RepositoryFile folder, final RepositoryFileAcl acl, final String versionMessage) throws RepositoryException {
    PentahoJcrConstants pentahoJcrConstants = new PentahoJcrConstants(session);
    JcrRepositoryFileUtils.checkoutNearestVersionableFileIfNecessary(session, pentahoJcrConstants, parentFolderId);
    Node folderNode = JcrRepositoryFileUtils.createFolderNode(session, pentahoJcrConstants, parentFolderId, folder);
    // we must create the acl during checkout
    JcrRepositoryFileAclUtils.createAcl(session, pentahoJcrConstants, folderNode.getIdentifier(), acl == null ? defaultAclHandler.createDefaultAcl(folder) : acl);
    session.save();
    if (folder.isVersioned()) {
        JcrRepositoryFileUtils.checkinNearestVersionableNodeIfNecessary(session, pentahoJcrConstants, folderNode, versionMessage);
    }
    JcrRepositoryFileUtils.checkinNearestVersionableFileIfNecessary(session, pentahoJcrConstants, parentFolderId, Messages.getInstance().getString("JcrRepositoryFileDao.USER_0001_VER_COMMENT_ADD_FOLDER", folder.getName(), // $NON-NLS-1$ //$NON-NLS-2$
    (parentFolderId == null ? "root" : parentFolderId.toString())));
    return JcrRepositoryFileUtils.nodeToFile(session, pentahoJcrConstants, pathConversionHelper, lockHelper, folderNode);
}
Also used : PentahoJcrConstants(org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants) Node(javax.jcr.Node)

Example 12 with PentahoJcrConstants

use of org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants in project pentaho-platform by pentaho.

the class AbstractBackingRepositoryLifecycleManager method addMetadataToRepository.

public void addMetadataToRepository(final String metadataProperty) {
    txnTemplate.execute(new TransactionCallbackWithoutResult() {

        public void doInTransactionWithoutResult(final TransactionStatus status) {
            adminJcrTemplate.execute(new JcrCallback() {

                @Override
                public Object doInJcr(Session session) throws IOException, RepositoryException {
                    new PentahoJcrConstants(session);
                    String absPath = ServerRepositoryPaths.getPentahoRootFolderPath();
                    RepositoryFile rootFolder = JcrRepositoryFileUtils.getFileByAbsolutePath(session, absPath, pathConversionHelper, null, false, null);
                    if (rootFolder != null) {
                        Map<String, Serializable> metadataMap = JcrRepositoryFileUtils.getFileMetadata(session, rootFolder.getId());
                        if (metadataMap == null) {
                            metadataMap = new HashMap<String, Serializable>();
                        }
                        metadataMap.put(metadataProperty, Boolean.TRUE);
                        JcrRepositoryFileUtils.setFileMetadata(session, rootFolder.getId(), metadataMap);
                    } else {
                        throw new IllegalStateException("Repository has not been initialized properly");
                    }
                    session.save();
                    return null;
                }
            });
        }
    });
}
Also used : Serializable(java.io.Serializable) PentahoJcrConstants(org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants) TransactionStatus(org.springframework.transaction.TransactionStatus) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) JcrCallback(org.springframework.extensions.jcr.JcrCallback) TransactionCallbackWithoutResult(org.springframework.transaction.support.TransactionCallbackWithoutResult) Session(javax.jcr.Session)

Example 13 with PentahoJcrConstants

use of org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants in project pentaho-platform by pentaho.

the class DefaultBackingRepositoryLifecycleManager method createCustomPrivilege.

private void createCustomPrivilege() {
    txnTemplate.execute(new TransactionCallbackWithoutResult() {

        public void doInTransactionWithoutResult(final TransactionStatus status) {
            adminJcrTemplate.execute(new JcrCallback() {

                @Override
                public Object doInJcr(Session session) throws IOException, RepositoryException {
                    PentahoJcrConstants pentahoJcrConstants = new PentahoJcrConstants(session);
                    Workspace workspace = session.getWorkspace();
                    PrivilegeManager privilegeManager = ((JackrabbitWorkspace) workspace).getPrivilegeManager();
                    try {
                        privilegeManager.getPrivilege(pentahoJcrConstants.getPHO_ACLMANAGEMENT_PRIVILEGE());
                    } catch (AccessControlException ace) {
                        privilegeManager.registerPrivilege(pentahoJcrConstants.getPHO_ACLMANAGEMENT_PRIVILEGE(), false, new String[0]);
                    }
                    session.save();
                    return null;
                }
            });
        }
    });
}
Also used : PentahoJcrConstants(org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants) PrivilegeManager(org.apache.jackrabbit.api.security.authorization.PrivilegeManager) TransactionStatus(org.springframework.transaction.TransactionStatus) AccessControlException(javax.jcr.security.AccessControlException) JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace) JcrCallback(org.springframework.extensions.jcr.JcrCallback) TransactionCallbackWithoutResult(org.springframework.transaction.support.TransactionCallbackWithoutResult) Session(javax.jcr.Session) StandaloneSession(org.pentaho.platform.engine.core.system.StandaloneSession) IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession) JackrabbitWorkspace(org.apache.jackrabbit.api.JackrabbitWorkspace) Workspace(javax.jcr.Workspace)

Example 14 with PentahoJcrConstants

use of org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants in project pentaho-platform by pentaho.

the class AbstractJcrBackedRoleBindingDao method getBoundLogicalRoleNames.

@Override
public List<String> getBoundLogicalRoleNames(Session session, ITenant tenant, List<String> runtimeRoleNames) throws NamespaceException, RepositoryException {
    if ((tenant == null) || (tenant.getId() == null)) {
        return getBoundLogicalRoleNames(session, runtimeRoleNames);
    }
    if (!TenantUtils.isAccessibleTenant(tenant)) {
        return new ArrayList<String>();
    }
    final List<String> uncachedRuntimeRoleNames = new ArrayList<String>();
    final Set<String> cachedBoundLogicalRoleNames = new HashSet<String>();
    for (String runtimeRoleName : runtimeRoleNames) {
        String roleName = tenantedRoleNameUtils.getPrincipleName(runtimeRoleName);
        String roleId = tenantedRoleNameUtils.getPrincipleId(tenant, runtimeRoleName);
        Object fromRegionCache = cacheManager.getFromRegionCache(LOGICAL_ROLE_BINDINGS_REGION, roleId);
        if (fromRegionCache != null) {
            cachedBoundLogicalRoleNames.addAll((Collection<String>) fromRegionCache);
        } else {
            uncachedRuntimeRoleNames.add(roleName);
        }
    }
    if (uncachedRuntimeRoleNames.isEmpty()) {
        // no need to hit the repo
        return new ArrayList<String>(cachedBoundLogicalRoleNames);
    }
    PentahoJcrConstants pentahoJcrConstants = new PentahoJcrConstants(session);
    // $NON-NLS-1$
    final String phoNsPrefix = session.getNamespacePrefix(PentahoJcrConstants.PHO_NS) + ":";
    // $NON-NLS-1$
    final String onlyPentahoPattern = phoNsPrefix + "*";
    HashMultimap<String, String> boundLogicalRoleNames = HashMultimap.create();
    Node runtimeRolesFolderNode = getRuntimeRolesFolderNode(session, tenant);
    NodeIterator runtimeRoleNodes = runtimeRolesFolderNode.getNodes(onlyPentahoPattern);
    if (!runtimeRoleNodes.hasNext()) {
        // no bindings setup yet; fall back on bootstrap bindings
        for (String runtimeRoleName : uncachedRuntimeRoleNames) {
            String roleId = tenantedRoleNameUtils.getPrincipleId(tenant, runtimeRoleName);
            if (bootstrapRoleBindings.containsKey(runtimeRoleName)) {
                boundLogicalRoleNames.putAll(roleId, bootstrapRoleBindings.get(runtimeRoleName));
            }
        }
    } else {
        for (String runtimeRoleName : uncachedRuntimeRoleNames) {
            if (NodeHelper.hasNode(runtimeRolesFolderNode, phoNsPrefix, runtimeRoleName)) {
                Node runtimeRoleFolderNode = NodeHelper.getNode(runtimeRolesFolderNode, phoNsPrefix, runtimeRoleName);
                if (runtimeRoleFolderNode.hasProperty(pentahoJcrConstants.getPHO_BOUNDROLES())) {
                    Value[] values = runtimeRoleFolderNode.getProperty(pentahoJcrConstants.getPHO_BOUNDROLES()).getValues();
                    String roleId = tenantedRoleNameUtils.getPrincipleId(tenant, runtimeRoleName);
                    for (Value value : values) {
                        boundLogicalRoleNames.put(roleId, value.getString());
                    }
                }
            }
        }
    }
    // now add in immutable bound logical role names
    for (String runtimeRoleName : uncachedRuntimeRoleNames) {
        if (immutableRoleBindings.containsKey(runtimeRoleName)) {
            String roleId = tenantedRoleNameUtils.getPrincipleId(tenant, runtimeRoleName);
            boundLogicalRoleNames.putAll(roleId, immutableRoleBindingNames.get(runtimeRoleName));
        }
    }
    // update cache
    Map<String, Collection<String>> stringCollectionMap = boundLogicalRoleNames.asMap();
    for (Entry<String, Collection<String>> stringCollectionEntry : stringCollectionMap.entrySet()) {
        cacheManager.putInRegionCache(LOGICAL_ROLE_BINDINGS_REGION, stringCollectionEntry.getKey(), stringCollectionEntry.getValue());
    }
    // now add in those runtime roles that have no bindings to the cache
    for (String runtimeRoleName : uncachedRuntimeRoleNames) {
        String roleId = tenantedRoleNameUtils.getPrincipleId(tenant, runtimeRoleName);
        if (cacheManager.getFromRegionCache(LOGICAL_ROLE_BINDINGS_REGION, roleId) == null) {
            cacheManager.putInRegionCache(LOGICAL_ROLE_BINDINGS_REGION, roleId, Collections.emptyList());
        }
    }
    // combine cached findings plus ones from repo
    Set<String> res = new HashSet<String>();
    res.addAll(cachedBoundLogicalRoleNames);
    res.addAll(boundLogicalRoleNames.values());
    return new ArrayList<String>(res);
}
Also used : NodeIterator(javax.jcr.NodeIterator) Node(javax.jcr.Node) ArrayList(java.util.ArrayList) PentahoJcrConstants(org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants) Value(javax.jcr.Value) Collection(java.util.Collection) HashSet(java.util.HashSet)

Example 15 with PentahoJcrConstants

use of org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants in project pentaho-platform by pentaho.

the class JcrRepositoryFileAclDao method toAcl.

private RepositoryFileAcl toAcl(final Session session, final PentahoJcrConstants pentahoJcrConstants, final Serializable id) throws RepositoryException {
    Node node = session.getNodeByIdentifier(id.toString());
    if (node == null) {
        throw new RepositoryException(Messages.getInstance().getString("JackrabbitRepositoryFileAclDao.ERROR_0001_NODE_NOT_FOUND", // $NON-NLS-1$
        id.toString()));
    }
    String absPath = node.getPath();
    AccessControlManager acMgr = session.getAccessControlManager();
    AccessControlList acList = getAccessControlList(acMgr, absPath);
    RepositoryFileSid owner = null;
    String ownerString = getOwner(session, absPath, acList);
    if (ownerString != null) {
        // for now, just assume all owners are users; only has UI impact
        owner = new RepositoryFileSid(JcrTenantUtils.getUserNameUtils().getPrincipleName(ownerString), RepositoryFileSid.Type.USER);
    }
    RepositoryFileAcl.Builder aclBuilder = new RepositoryFileAcl.Builder(id, owner);
    aclBuilder.entriesInheriting(isEntriesInheriting(session, absPath, acList));
    List<AccessControlEntry> cleanedAcEntries = JcrRepositoryFileAclUtils.removeAclMetadata(Arrays.asList(acList.getAccessControlEntries()));
    for (AccessControlEntry acEntry : cleanedAcEntries) {
        if (!acEntry.getPrincipal().equals(new SpringSecurityRolePrincipal(JcrTenantUtils.getTenantedRole(tenantAdminAuthorityName)))) {
            aclBuilder.ace(toAce(session, acEntry));
        }
    }
    return aclBuilder.build();
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) SpringSecurityRolePrincipal(org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityRolePrincipal) Node(javax.jcr.Node) AccessControlEntry(javax.jcr.security.AccessControlEntry) RepositoryException(javax.jcr.RepositoryException) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)

Aggregations

Node (javax.jcr.Node)15 RepositoryException (javax.jcr.RepositoryException)9 PentahoJcrConstants (org.pentaho.platform.repository2.unified.jcr.PentahoJcrConstants)9 RepositoryFileDaoFileExistsException (org.pentaho.platform.repository2.unified.exception.RepositoryFileDaoFileExistsException)7 RepositoryFileDaoReferentialIntegrityException (org.pentaho.platform.repository2.unified.exception.RepositoryFileDaoReferentialIntegrityException)7 ArrayList (java.util.ArrayList)6 Test (org.junit.Test)6 Matchers.anyString (org.mockito.Matchers.anyString)6 RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)6 Property (javax.jcr.Property)5 Workspace (javax.jcr.Workspace)5 Serializable (java.io.Serializable)4 NodeIterator (javax.jcr.NodeIterator)4 PropertyIterator (javax.jcr.PropertyIterator)4 Session (javax.jcr.Session)4 IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)4 ITenant (org.pentaho.platform.api.mt.ITenant)4 Tenant (org.pentaho.platform.core.mt.Tenant)4 JcrCallback (org.springframework.extensions.jcr.JcrCallback)4 Lock (javax.jcr.lock.Lock)3