/*
* (non-Javadoc)
*
* @see org.exist.xquery.Expression#eval(org.exist.dom.DocumentSet,
* org.exist.xquery.value.Sequence, org.exist.xquery.value.Item)
*/
@Override
public Sequence eval(Sequence args[], Sequence contextSequence) throws XPathException {
final String groupName = args[0].getStringValue();
if ("guest".equals(context.getSubject().getName()) || "dba".equals(groupName)) {
final XPathException xPathException =
new XPathException(
this,
"Permission denied, calling account '"
+ context.getSubject().getName()
+ "' must be an authenticated account to call this function.");
logger.error("Invalid user", xPathException);
throw xPathException;
}
logger.info("Attempting to create group " + groupName);
Group group = new GroupAider(groupName);
final DBBroker broker = context.getBroker();
final Subject currentUser = broker.getSubject();
try {
final SecurityManager sm = broker.getBrokerPool().getSecurityManager();
// add the current user as a group manager
group.addManager(currentUser);
if (args.length == 2) {
// add the additional group managers, this also makes sure they
// all exist first!
for (final SequenceIterator i = args[1].iterate(); i.hasNext(); ) {
final String groupManager = i.nextItem().getStringValue();
final Account groupManagerAccount = sm.getAccount(groupManager);
if (groupManagerAccount == null) {
logger.error("Could not find the user: "******"Permission denied, calling account '"
+ context.getSubject().getName()
+ "' do not authorize to call this function.");
} catch (final EXistException exe) {
logger.error("Failed to create group: " + group, exe);
}
return BooleanValue.FALSE;
}
