Exemple #1
0
  /**
   * @see
   *     org.apache.jackrabbit.core.security.authorization.AccessControlProvider#getEffectivePolicies(java.util.Set,
   *     CompiledPermissions)
   */
  public AccessControlPolicy[] getEffectivePolicies(
      Set<Principal> principals, CompiledPermissions permissions) throws RepositoryException {
    String propName = ISO9075.encode(session.getJCRName(P_PRINCIPAL_NAME));

    StringBuilder stmt = new StringBuilder("/jcr:root");
    stmt.append("//element(*,");
    stmt.append(session.getJCRName(NT_REP_ACE));
    stmt.append(")[");
    int i = 0;
    for (Principal principal : principals) {
      if (i > 0) {
        stmt.append(" or ");
      }
      stmt.append("@");
      stmt.append(propName);
      stmt.append("='");
      stmt.append(principal.getName().replaceAll("'", "''"));
      stmt.append("'");
      i++;
    }
    stmt.append("]");

    QueryResult result;
    try {
      QueryManager qm = session.getWorkspace().getQueryManager();
      Query q = qm.createQuery(stmt.toString(), Query.XPATH);
      result = q.execute();
    } catch (RepositoryException e) {
      log.error("Unexpected error while searching effective policies.", e.getMessage());
      throw new UnsupportedOperationException(
          "Retrieve effective policies for set of principals not supported.", e);
    }

    Set<AccessControlPolicy> acls = new LinkedHashSet<AccessControlPolicy>();
    for (NodeIterator it = result.getNodes(); it.hasNext(); ) {
      NodeImpl aclNode = (NodeImpl) it.nextNode().getParent();
      Name aclName = aclNode.getQName();
      NodeImpl accessControlledNode = (NodeImpl) aclNode.getParent();

      if (N_POLICY.equals(aclName) && isAccessControlled(accessControlledNode)) {
        if (permissions.canRead(aclNode.getPrimaryPath(), aclNode.getNodeId())) {
          acls.add(getACL(accessControlledNode, N_POLICY, accessControlledNode.getPath()));
        } else {
          throw new AccessDeniedException(
              "Access denied at " + Text.getRelativeParent(aclNode.getPath(), 1));
        }
      } else if (N_REPO_POLICY.equals(aclName) && isRepoAccessControlled(accessControlledNode)) {
        if (permissions.canRead(aclNode.getPrimaryPath(), aclNode.getNodeId())) {
          acls.add(getACL(accessControlledNode, N_REPO_POLICY, null));
        } else {
          throw new AccessDeniedException(
              "Access denied at " + Text.getRelativeParent(aclNode.getPath(), 1));
        }
      } // else: not a regular policy node -> ignore.
    }

    return acls.toArray(new AccessControlPolicy[acls.size()]);
  }
 public Node getLibraryNode(SlingHttpServletRequest request, HtmlLibrary library) {
   Node node = null;
   try {
     // we want the non-minified version as the root path
     String cacheRoot =
         Text.getRelativeParent(
             (new StringBuilder(CACHE_PATH).append(library.getPath(false))).toString(), 1);
     String optPath =
         (new StringBuilder(cacheRoot).append("/").append(getLibraryName(library))).toString();
     node = JcrUtils.getNodeIfExists(optPath, getAdminSession());
     if (null == node) {
       // generate empty jcr:data to cache
       node = createEmptyCache(library, cacheRoot, getAdminSession());
     }
     // lib was modified after last cache write
     if (!node.hasNode(JcrConstants.JCR_CONTENT)
         || library.getLastModified(false)
             > JcrUtils.getLongProperty(
                 node.getNode(JcrConstants.JCR_CONTENT), JcrConstants.JCR_LASTMODIFIED, 0L)) {
       // generate new binary, if possible
       node = populateCache(library, node.getPath(), getAdminSession());
     }
     // reassign with user session
     node = request.getResourceResolver().resolve(node.getPath()).adaptTo(Node.class);
   } catch (RepositoryException re) {
     log.debug(re.getMessage());
   } finally {
     getResolver().close();
   }
   return node;
 }
 @Override
 protected void internalRemove(String key) throws MessagingException {
   try {
     Session session = login();
     try {
       String name = ISO9075.encode(Text.escapeIllegalJcrChars(key));
       QueryManager manager = session.getWorkspace().getQueryManager();
       @SuppressWarnings("deprecation")
       Query query =
           manager.createQuery(
               "/jcr:root/" + MAIL_PATH + "//element(" + name + ",james:mail)", Query.XPATH);
       NodeIterator nodes = query.execute().getNodes();
       if (nodes.hasNext()) {
         while (nodes.hasNext()) {
           nodes.nextNode().remove();
         }
         session.save();
         logger.info("Mail " + key + " removed from repository");
       } else {
         logger.warn("Mail " + key + " not found");
       }
     } finally {
       session.logout();
     }
   } catch (RepositoryException e) {
     throw new MessagingException("Unable to remove message: " + key, e);
   }
 }
  @Override
  protected void internalStore(Mail mail) throws MessagingException, IOException {
    try {
      Session session = login();
      try {
        String name = Text.escapeIllegalJcrChars(mail.getName());
        final String xpath = "/jcr:root/" + MAIL_PATH + "//element(" + name + ",james:mail)";

        QueryManager manager = session.getWorkspace().getQueryManager();
        @SuppressWarnings("deprecation")
        Query query = manager.createQuery(xpath, Query.XPATH);
        NodeIterator iterator = query.execute().getNodes();

        if (iterator.hasNext()) {
          while (iterator.hasNext()) {
            setMail(iterator.nextNode(), mail);
          }
        } else {
          Node parent = session.getRootNode().getNode(MAIL_PATH);
          Node node = parent.addNode(name, "james:mail");
          Node resource = node.addNode("jcr:content", "nt:resource");
          resource.setProperty("jcr:mimeType", "message/rfc822");
          setMail(node, mail);
        }
        session.save();
        logger.info("Mail " + mail.getName() + " stored in repository");
      } finally {
        session.logout();
      }
    } catch (IOException e) {
      throw new MessagingException("Unable to store message: " + mail.getName(), e);
    } catch (RepositoryException e) {
      throw new MessagingException("Unable to store message: " + mail.getName(), e);
    }
  }
  public void testPasswordMatch() throws NoSuchAlgorithmException, UnsupportedEncodingException {
    // simple credentials containing the crypted pw must not match.
    SimpleCredentials sc = new SimpleCredentials(userID, cCreds.get(0).getPassword().toCharArray());
    for (CryptedSimpleCredentials cc : cCreds) {
      assertFalse(cc.matches(sc));
    }

    // simple credentials containing different pw must not match.
    SimpleCredentials sc2 = new SimpleCredentials(userID, "otherPw".toCharArray());
    for (CryptedSimpleCredentials cc : cCreds) {
      assertFalse(cc.matches(sc2));
    }

    // simple credentials with pw in digested form must not match.
    SimpleCredentials sc3 = new SimpleCredentials(userID, "{unknown}somePw".toCharArray());
    for (CryptedSimpleCredentials cc : cCreds) {
      assertFalse(cc.matches(sc3));
    }

    // simple credentials with pw with different digest must not match
    SimpleCredentials sc4 =
        new SimpleCredentials(
            userID, ("{md5}" + Text.digest("md5", pw.getBytes("UTF-8"))).toCharArray());
    for (CryptedSimpleCredentials cc : cCreds) {
      assertFalse(cc.matches(sc4));
    }
  }
 /**
  * Reads a mail message from the given mail node.
  *
  * @param node mail node
  * @return mail message
  * @throws MessagingException if a messaging error occurs
  * @throws RepositoryException if a repository error occurs
  * @throws IOException if an IO error occurs
  */
 private Mail getMail(Node node) throws MessagingException, RepositoryException, IOException {
   String name = Text.unescapeIllegalJcrChars(node.getName());
   MailImpl mail = new MailImpl(name, getSender(node), getRecipients(node), getMessage(node));
   mail.setState(getState(node));
   mail.setLastUpdated(getLastUpdated(node));
   mail.setErrorMessage(getError(node));
   mail.setRemoteHost(getRemoteHost(node));
   mail.setRemoteAddr(getRemoteAddr(node));
   getAttributes(node, mail);
   return mail;
 }
 /**
  * Writes the mail attributes to the <code>jamesattr:*</code> property.
  *
  * @param node mail node
  * @param mail mail message
  * @throws RepositoryException if a repository error occurs
  * @throws IOException if an IO error occurs
  */
 @SuppressWarnings("deprecation")
 private void setAttributes(Node node, Mail mail) throws RepositoryException, IOException {
   Iterator<String> iterator = mail.getAttributeNames();
   while (iterator.hasNext()) {
     String name = iterator.next();
     Object value = mail.getAttribute(name);
     name = "jamesattr:" + Text.escapeIllegalJcrChars(name);
     if (value instanceof String || value == null) {
       node.setProperty(name, (String) value);
     } else {
       ByteArrayOutputStream buffer = new ByteArrayOutputStream();
       ObjectOutputStream output = new ObjectOutputStream(buffer);
       output.writeObject(value);
       output.close();
       node.setProperty(name, new ByteArrayInputStream(buffer.toByteArray()));
     }
   }
 }
  public WorkspaceContentHandler(Workspace workspace, String parentAbsPath, int uuidBehavior)
      throws RepositoryException {
    this.workspace = workspace;
    this.parentAbsPath = parentAbsPath;
    this.uuidBehavior = uuidBehavior;

    try {
      String tmpName = Text.md5(parentAbsPath);
      this.tmpFile = File.createTempFile("___" + tmpName, ".xml");
      this.delegatee = SerializingContentHandler.getSerializer(new FileOutputStream(tmpFile));
    } catch (FileNotFoundException e) {
      throw new RepositoryException(e);
    } catch (IOException e) {
      throw new RepositoryException(e);
    } catch (SAXException e) {
      throw new RepositoryException(e);
    }
  }
 /**
  * Writes the mail attributes from the <code>jamesattr:*</code> property.
  *
  * @param node mail node
  * @param mail mail message
  * @throws RepositoryException if a repository error occurs
  * @throws IOException if an IO error occurs
  */
 private void getAttributes(Node node, Mail mail) throws RepositoryException, IOException {
   PropertyIterator iterator = node.getProperties("jamesattr:*");
   while (iterator.hasNext()) {
     Property property = iterator.nextProperty();
     String name =
         Text.unescapeIllegalJcrChars(property.getName().substring("jamesattr:".length()));
     if (property.getType() == PropertyType.BINARY) {
       @SuppressWarnings("deprecation")
       InputStream input = property.getStream();
       try {
         ObjectInputStream stream = new ObjectInputStream(input);
         mail.setAttribute(name, (Serializable) stream.readObject());
       } catch (ClassNotFoundException e) {
         throw new IOException(e.getMessage());
       } finally {
         input.close();
       }
     } else {
       mail.setAttribute(name, property.getString());
     }
   }
 }
 public Iterator<String> list() throws MessagingException {
   try {
     Session session = login();
     try {
       Collection<String> keys = new ArrayList<String>();
       QueryManager manager = session.getWorkspace().getQueryManager();
       @SuppressWarnings("deprecation")
       Query query =
           manager.createQuery("/jcr:root/" + MAIL_PATH + "//element(*,james:mail)", Query.XPATH);
       NodeIterator iterator = query.execute().getNodes();
       while (iterator.hasNext()) {
         String name = iterator.nextNode().getName();
         keys.add(Text.unescapeIllegalJcrChars(name));
       }
       return keys.iterator();
     } finally {
       session.logout();
     }
   } catch (RepositoryException e) {
     throw new MessagingException("Unable to list messages", e);
   }
 }
 protected String toSafeName(String key) {
   return ISO9075.encode(Text.escapeIllegalJcrChars(key));
 }