/** @see AbstractAccessControlManager#checkValidNodePath(String) */
 @Override
 protected void checkValidNodePath(String absPath)
     throws PathNotFoundException, RepositoryException {
   Path p = getPath(absPath);
   if (p != null) {
     if (!p.isAbsolute()) {
       throw new RepositoryException("Absolute path expected.");
     }
     if (hierMgr.resolveNodePath(p) == null) {
       throw new PathNotFoundException("No such node " + absPath);
     }
   }
 }
 /** @see AccessManager#isGranted(Path, int) */
 public boolean isGranted(Path absPath, int permissions) throws RepositoryException {
   checkInitialized();
   if (!absPath.isAbsolute()) {
     throw new RepositoryException("Absolute path expected");
   }
   return compiledPermissions.grants(absPath, permissions);
 }
  @Override
  public boolean canRead(Path itemPath, ItemId itemId) throws RepositoryException {

    if ((itemId != null && "cafebabe-cafe-babe-cafe-babecafebabe".equals(itemId.toString()))
        || (itemPath != null && "/".equals(itemPath.toString()))) {
      // quick check - allow access to root to all like in old mgnl security
      return true;
    }

    if (itemPath == null) {

      // we deal only with permissions on nodes
      if (!itemId.denotesNode()) {
        itemId = ((PropertyId) itemId).getParentId();
      }

      synchronized (monitor) {
        if (readCache.containsKey(itemId)) {
          return readCache.get(itemId);
        }

        itemPath = session.getHierarchyManager().getPath(itemId);
        boolean canRead = canRead(itemPath, itemId);
        readCache.put(itemId, canRead);
        return canRead;
      }
    }

    String path = pathResolver.getJCRPath(itemPath);
    log.debug("Read request for " + path + " :: " + itemId);
    return ami.isGranted(path, Permission.READ);
  }
 /**
  * {@inheritDoc}
  *
  * <p>The outer query hits loop contains the ancestor nodes.
  */
 public ScoreNode[][] getMatchingScoreNodes(ScoreNode ancestor) throws IOException {
   try {
     Path ancestorPath = hmgr.getPath(ancestor.getNodeId());
     PathBuilder builder = new PathBuilder(ancestorPath);
     builder.addAll(relPath.getElements());
     return contextIndex.getScoreNodes(builder.getPath().getNormalizedPath());
   } catch (RepositoryException e) {
     // ignore, probably does not exist anymore
     return null;
   }
 }
Esempio n. 5
0
 public static final ParsedFacet getInstance(
     String facetNameConfig, String facetNodeName, HippoVirtualProvider provider)
     throws Exception {
   String cacheKey = facetNameConfig + '\uFFFF' + facetNodeName;
   ParsedFacet pf = sharedCache.get(cacheKey);
   if (pf == null) {
     pf = new ParsedFacet(facetNameConfig, facetNodeName, provider);
     sharedCache.put(cacheKey, pf);
   } else {
     // we need to check if the namespace did not bump or change. IF so, we evict this item from
     // cache.
     Path currentQName = provider.resolvePath(pf.jcrPropertyName);
     // if the currentQName is equal to pf.namespacedProperty , there was no namespace bumb and we
     // can return pf
     if (!currentQName.toString().equals(pf.namespacedProperty)) {
       pf = new ParsedFacet(facetNameConfig, facetNodeName, provider);
       sharedCache.put(cacheKey, pf);
     }
   }
   return pf;
 }
Esempio n. 6
0
 public ParsedFacet(String facetNameConfig, String facetNodeName, HippoVirtualProvider provider)
     throws Exception {
   displayFacetName = facetNameConfig;
   boolean mapped = false;
   // jcrPropertyName is format: prefix:localname
   jcrPropertyName = facetNameConfig;
   if (facetNodeName != null && !"".equals(facetNodeName)) {
     displayFacetName = facetNodeName;
     mapped = true;
   }
   if (facetNameConfig.indexOf("$[") > -1) {
     try {
       rangeConfig = facetNameConfig.substring(facetNameConfig.indexOf("$[") + 1);
       JSONArray jsonArray = JSONArray.fromObject(rangeConfig);
       facetRanges = (List<FacetRange>) JSONArray.toCollection(jsonArray, FacetRange.class);
       jcrPropertyName = facetNameConfig.substring(0, facetNameConfig.indexOf("$["));
       if (!mapped) {
         displayFacetName = jcrPropertyName;
       }
       validate(facetRanges);
     } catch (IllegalArgumentException e) {
       throw (e);
     } catch (Exception e) {
       throw new Exception(
           "Malformed facet range configuration '"
               + facetNameConfig
               + "'. Valid format is for example '"
               + VALID_RANGE_EXAMPLE
               + "'",
           e);
     }
   }
   Path qName = provider.resolvePath(jcrPropertyName);
   this.namespacedProperty = qName.toString();
   if (facetRanges != null) {
     for (FacetRange range : facetRanges) {
       range.setNamespacedProperty(namespacedProperty);
     }
   }
 }
 /** @see org.apache.jackrabbit.core.security.authorization.AccessControlUtils#isAcItem(Path) */
 public boolean isAcItem(Path absPath) throws RepositoryException {
   Path.Element[] elems = absPath.getElements();
   // start looking for a rep:policy name starting from the last element.
   // NOTE: with the current content structure max. 3 levels must be looked
   // at as the rep:policy node may only have ACE nodes with properties.
   if (elems.length > 1) {
     for (int index = elems.length - 1, j = 1; index >= 0 && j <= 3; index--, j++) {
       if (N_POLICY.equals(elems[index].getName())) {
         return true;
       }
     }
   }
   return false;
 }