/**
* Creates the specified permission if it does not exist yet. Also creates all intermediate
* permission nodes if not present yet. The {@link Session#save()} is not called by this method;
* it is the responsibility of the caller.
*
* @param path the path of the permission to get/create
* @param session current JCR session
* @return the permission node
* @throws RepositoryException in case of an error
*/
public static JCRNodeWrapper getOrCreatePermission(String path, JCRSessionWrapper session)
throws RepositoryException {
if (path == null || !path.startsWith("/permissions/")) {
throw new IllegalArgumentException("Illegal value for the permission path: " + path);
}
String basePath = StringUtils.substringBeforeLast(path, "/");
String name = StringUtils.substringAfterLast(path, "/");
JCRNodeWrapper permission = null;
JCRNodeWrapper base = null;
try {
base = session.getNode(basePath);
} catch (PathNotFoundException e) {
base = getOrCreatePermission(basePath, session);
}
if (!base.hasNode(name)) {
session.checkout(base);
permission = base.addNode(name, "jnt:permission");
logger.info("Added permission node {}", permission.getPath());
} else {
permission = base.getNode(name);
}
return permission;
}
@Before
public void setUp() throws RepositoryException {
JCRNodeWrapper shared = session.getNode("/sites/html-filtering/contents");
if (!shared.isCheckedOut()) {
session.checkout(shared);
}
if (shared.hasNode("html-filtering")) {
shared.getNode("html-filtering").remove();
}
node = shared.addNode("html-filtering", "jnt:mainContent");
session.save();
}
private Bindings getBindings(Execution execution, JCRSessionWrapper session)
throws RepositoryException {
EnvironmentImpl environment = EnvironmentImpl.getCurrent();
final Map<String, Object> vars = ((ExecutionImpl) execution).getVariables();
Locale locale = (Locale) vars.get("locale");
final Bindings bindings = new MyBindings(environment);
ResourceBundle resourceBundle =
JahiaResourceBundle.lookupBundle(
"org.jahia.services.workflow."
+ ((ExecutionImpl) execution).getProcessDefinition().getKey(),
locale);
bindings.put("bundle", resourceBundle);
JahiaUser jahiaUser =
ServicesRegistry.getInstance()
.getJahiaUserManagerService()
.lookupUserByKey((String) vars.get("user"));
bindings.put("user", jahiaUser);
bindings.put("date", new DateTool());
bindings.put("submissionDate", Calendar.getInstance());
bindings.put("locale", locale);
bindings.put("workspace", vars.get("workspace"));
List<JCRNodeWrapper> nodes = new LinkedList<JCRNodeWrapper>();
@SuppressWarnings("unchecked")
List<String> stringList = (List<String>) vars.get("nodeIds");
for (String s : stringList) {
JCRNodeWrapper nodeByUUID = session.getNodeByUUID(s);
if (!nodeByUUID.isNodeType("jnt:translation")) {
nodes.add(nodeByUUID);
}
}
bindings.put("nodes", nodes);
return bindings;
}
/**
* Grants the specified permission to the role. Both permission and role nodes have to exist. The
* {@link Session#save()} is not called by this method; it is the responsibility of the caller.
*
* @param permissionPath the path of the permission to be granted
* @param rolePath the path of the role the permission should be granted to
* @param session current JCR session
* @return <code>true</code> if any modification was done; if the role already has that permission
* assigned, <code>false</code> is returned.
* @throws RepositoryException in case of an error
*/
public static boolean grantPermissionToRole(
String permissionPath, String rolePath, JCRSessionWrapper session)
throws RepositoryException {
if (permissionPath == null || !permissionPath.startsWith("/permissions/")) {
throw new IllegalArgumentException(
"Illegal value for the permission path: " + permissionPath);
}
if (rolePath == null || rolePath.length() == 0) {
throw new IllegalArgumentException("Illegal value for the role: " + rolePath);
}
boolean modified = true;
JCRNodeWrapper permission = session.getNode(permissionPath);
String permissionId = permission.getIdentifier();
JCRNodeWrapper role = session.getNode(rolePath.contains("/") ? rolePath : "/roles/" + rolePath);
if (role.hasProperty("j:permissions")) {
Value[] values = role.getProperty("j:permissions").getValues();
boolean alreadyPresent = false;
for (Value value : values) {
if (permissionId.equals(value.getString())) {
alreadyPresent = true;
break;
}
}
if (!alreadyPresent) {
Value[] newValues = new Value[values.length + 1];
System.arraycopy(values, 0, newValues, 0, values.length);
newValues[values.length] = session.getValueFactory().createValue(permission, true);
role.setProperty("j:permissions", newValues);
logger.info("Granted permission {} to role {}", permission.getPath(), role.getPath());
} else {
if (logger.isDebugEnabled()) {
logger.debug(
"Role {} already has permission {} granted", role.getPath(), permission.getPath());
}
modified = false;
}
} else {
role.setProperty(
"j:permissions", new Value[] {session.getValueFactory().createValue(permission, true)});
logger.info("Granted permission {} to role {}", permission.getPath(), role.getPath());
}
return modified;
}
/**
* Grants the specified permission to the role. Both permission and role nodes have to exist. The
* {@link Session#save()} is not called by this method; it is the responsibility of the caller.
*
* @param permissionPath the path of the permission to be granted
* @param rolePath the path of the role the permission should be granted to
* @param session current JCR session
* @return <code>true</code> if any modification was done; if the role already has that permission
* assigned, <code>false</code> is returned.
* @throws RepositoryException in case of an error
*/
public static boolean revokePermissionFromRole(
String permissionPath, String rolePath, JCRSessionWrapper session)
throws RepositoryException {
if (permissionPath == null || !permissionPath.startsWith("/permissions/")) {
throw new IllegalArgumentException(
"Illegal value for the permission path: " + permissionPath);
}
if (rolePath == null || rolePath.length() == 0) {
throw new IllegalArgumentException("Illegal value for the role: " + rolePath);
}
boolean modified = true;
JCRNodeWrapper permission = session.getNode(permissionPath);
String permissionId = permission.getIdentifier();
JCRNodeWrapper role = session.getNode(rolePath.contains("/") ? rolePath : "/roles/" + rolePath);
if (!role.hasProperty("j:permissions")) {
return false;
}
Value[] values = role.getProperty("j:permissions").getValues();
if (values == null || values.length == 0) {
return false;
}
List<Value> newValues = new LinkedList<Value>();
Collections.addAll(newValues, values);
boolean found = false;
for (Iterator<Value> valueIterator = newValues.iterator(); valueIterator.hasNext(); ) {
if (StringUtils.equals(permissionId, valueIterator.next().getString())) {
found = true;
valueIterator.remove();
}
}
if (found) {
modified = true;
if (newValues.isEmpty()) {
role.setProperty("j:permissions", (Value[]) null);
} else {
role.setProperty("j:permissions", newValues.toArray(new Value[] {}));
}
logger.info("Revoked permission {} from role {}", permission.getPath(), role.getPath());
}
return modified;
}
/**
* Creates the specified role if it does not exist yet. The {@link Session#save()} is not called
* by this method; it is the responsibility of the caller.
*
* @param path the path of the role to get/create
* @param session current JCR session
* @return the role node
* @throws RepositoryException in case of an error
*/
public static JCRNodeWrapper getOrCreateRole(String path, JCRSessionWrapper session)
throws RepositoryException {
if (path == null || !path.startsWith("/roles/")) {
throw new IllegalArgumentException("Illegal value for the role path: " + path);
}
String name = StringUtils.substringAfterLast(path, "/");
JCRNodeWrapper role = null;
JCRNodeWrapper base = session.getNode("/roles");
if (!base.hasNode(name)) {
session.checkout(base);
role = base.addNode(name, "jnt:role");
logger.info("Added role node {}", role.getPath());
} else {
role = base.getNode(name);
}
return role;
}
@After
public void tearDown() throws Exception {
node.remove();
session.save();
}
/**
* Gets all node's vanity URLs for the current locale in the session
*
* @param contentNode the content node for which to return the mappings
* @param session the JCR session holding the information about the workspace, locale and user
* @return the list of VanityUrl beans
* @throws RepositoryException if there was an unexpected exception accessing the repository
*/
public List<VanityUrl> getVanityUrlsForCurrentLocale(
JCRNodeWrapper contentNode, JCRSessionWrapper session) throws RepositoryException {
return getVanityUrls(contentNode, session.getLocale().toString(), session);
}
