Return-Path: Delivered-To: apmail-cocoon-cvs-archive@www.apache.org Received: (qmail 73060 invoked from network); 12 Jan 2004 17:10:36 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 12 Jan 2004 17:10:36 -0000 Received: (qmail 60282 invoked by uid 500); 12 Jan 2004 17:10:28 -0000 Delivered-To: apmail-cocoon-cvs-archive@cocoon.apache.org Received: (qmail 60238 invoked by uid 500); 12 Jan 2004 17:10:27 -0000 Mailing-List: contact cvs-help@cocoon.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@cocoon.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list cvs@cocoon.apache.org Received: (qmail 60219 invoked by uid 500); 12 Jan 2004 17:10:27 -0000 Delivered-To: apmail-cocoon-2.1-cvs@apache.org Received: (qmail 60208 invoked from network); 12 Jan 2004 17:10:27 -0000 Received: from unknown (HELO minotaur.apache.org) (209.237.227.194) by daedalus.apache.org with SMTP; 12 Jan 2004 17:10:27 -0000 Received: (qmail 73014 invoked by uid 1758); 12 Jan 2004 17:10:33 -0000 Date: 12 Jan 2004 17:10:33 -0000 Message-ID: <20040112171033.73013.qmail@minotaur.apache.org> From: unico@apache.org To: cocoon-2.1-cvs@apache.org Subject: cvs commit: cocoon-2.1/src/blocks/slide/java/org/apache/cocoon/samples/slide AdminHelper.java X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N unico 2004/01/12 09:10:33 Modified: src/blocks/slide/samples/styles permissions2html.xsl src/blocks/slide/samples/screens permissions.jx users.jx roles.jx groups.jx src/blocks/slide/samples sitemap.xmap flow.js src/blocks/slide/java/org/apache/cocoon/samples/slide AdminHelper.java Added: src/blocks/slide/samples/styles content2html.xsl properties2html.xsl layout.xsl locks2html.xsl users2html.xsl src/blocks/slide/samples/screens login.jx privileges.jx locks.jx Removed: src/blocks/slide/samples/styles description2html4content.xsl description2html4locks.xsl description2html4users.xsl description2html4properties.xsl src/blocks/slide/samples/screens login-failed.xml logout.xml authentication.jx login.xml actions.jx Log: reworking slide administration samples for Slide ACL using Cocoon flow Revision Changes Path 1.2 +31 -65 cocoon-2.1/src/blocks/slide/samples/styles/permissions2html.xsl Index: permissions2html.xsl =================================================================== RCS file: /home/cvs/cocoon-2.1/src/blocks/slide/samples/styles/permissions2html.xsl,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- permissions2html.xsl 14 Dec 2003 15:29:16 -0000 1.1 +++ permissions2html.xsl 12 Jan 2004 17:10:33 -0000 1.2 @@ -2,63 +2,21 @@ + - /samples/slide - - - -
- Jakarta Slide example - - - - - - -
- - - - - - - - - - - - - - - - - - - -
-
-
- - - - - - - - - - - - - - -
- + + + permissions + + + + + + @@ -83,7 +41,7 @@ - +
- + @@ -92,10 +50,10 @@ -
+ - + @@ -104,7 +62,7 @@
@@ -134,9 +98,11 @@ 1.1 cocoon-2.1/src/blocks/slide/samples/styles/content2html.xsl Index: content2html.xsl =================================================================== content
Filename Type Size Last Modified
  
File:

Could not display content.

 1.1 cocoon-2.1/src/blocks/slide/samples/styles/properties2html.xsl Index: properties2html.xsl =================================================================== properties
Namespace Name Value
1.1 cocoon-2.1/src/blocks/slide/samples/styles/layout.xsl Index: layout.xsl ===================================================================
Jakarta Slide example

1.1 cocoon-2.1/src/blocks/slide/samples/styles/locks2html.xsl Index: locks2html.xsl =================================================================== locks
Subject Type Expiration Inheritable Exclusive
1.1 cocoon-2.1/src/blocks/slide/samples/styles/users2html.xsl Index: users2html.xsl ===================================================================
User Roles Groups
Group
1.2 +1 -1 cocoon-2.1/src/blocks/slide/samples/screens/permissions.jx Index: permissions.jx =================================================================== RCS file: /home/cvs/cocoon-2.1/src/blocks/slide/samples/screens/permissions.jx,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- permissions.jx 14 Dec 2003 15:29:15 -0000 1.1 +++ permissions.jx 12 Jan 2004 17:10:33 -0000 1.2 @@ -2,7 +2,7 @@ - ${permission.actionUri} + ${permission.actionUri} ${permission.objectUri} ${permission.subjectUri} ${permission.inheritable} 1.2 +1 -1 cocoon-2.1/src/blocks/slide/samples/screens/users.jx Index: users.jx =================================================================== RCS file: /home/cvs/cocoon-2.1/src/blocks/slide/samples/screens/users.jx,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- users.jx 14 Dec 2003 15:29:15 -0000 1.1 +++ users.jx 12 Jan 2004 17:10:33 -0000 1.2 @@ -2,7 +2,7 @@ - ${user} + ${user} 1.2 +4 -1 cocoon-2.1/src/blocks/slide/samples/screens/roles.jx Index: roles.jx =================================================================== RCS file: /home/cvs/cocoon-2.1/src/blocks/slide/samples/screens/roles.jx,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- roles.jx 14 Dec 2003 15:29:15 -0000 1.1 +++ roles.jx 12 Jan 2004 17:10:33 -0000 1.2 @@ -2,7 +2,10 @@ - ${role} + ${role.uri} + + ${member} + 1.2 +4 -1 cocoon-2.1/src/blocks/slide/samples/screens/groups.jx Index: groups.jx =================================================================== RCS file: /home/cvs/cocoon-2.1/src/blocks/slide/samples/screens/groups.jx,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- groups.jx 14 Dec 2003 15:29:15 -0000 1.1 +++ groups.jx 12 Jan 2004 17:10:33 -0000 1.2 @@ -2,7 +2,10 @@ - ${group} + ${group.uri} + + ${member} + 1.1 cocoon-2.1/src/blocks/slide/samples/screens/login.jx Index: login.jx ===================================================================
Jakarta Slide example
Back - to Cocoon examples main page

These Slide examples require Java Transaction API library to be present. Get jta.jar and place it to the lib folder before trying these examples. You will also need enabled uploads in web.xml .

Username
Password
Try root,root or john,john
1.1 cocoon-2.1/src/blocks/slide/samples/screens/privileges.jx Index: privileges.jx =================================================================== ${privilege} 1.1 cocoon-2.1/src/blocks/slide/samples/screens/locks.jx Index: locks.jx =================================================================== ${lock.getLockId()} ${lock.getObjectUri()} ${lock.getTypeUri()} ${lock.getSubjectUri()} ${lock.getExpirationDate()} ${lock.isExclusive()} ${lock.isInheritable()} 1.16 +143 -184 cocoon-2.1/src/blocks/slide/samples/sitemap.xmap Index: sitemap.xmap =================================================================== RCS file: /home/cvs/cocoon-2.1/src/blocks/slide/samples/sitemap.xmap,v retrieving revision 1.15 retrieving revision 1.16 diff -u -r1.15 -r1.16 --- sitemap.xmap 14 Dec 2003 16:06:38 -0000 1.15 +++ sitemap.xmap 12 Jan 2004 17:10:33 -0000 1.16 @@ -4,31 +4,29 @@ - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + @@ -38,140 +36,71 @@ - - - - - - - - - - + + + + + + + + + - - - - - - - - cocoon - /samples/slide + /slide-samples - - - - + - - - - - - + + + + + + + + + + + + + + + + + + + + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + - - + + + + - + @@ -180,72 +109,102 @@ - - + + - - + + + + - - - - - + + + + + - - + + - - - - - - + + + + + + + + + + - - + + - - - - - - - - - + + + + + + + + + + + + - - - - - - - + + + + + + + - + + + + + + + + + + - - - - + + + + + + + + + + + + + + + + 1.5 +130 -117 cocoon-2.1/src/blocks/slide/samples/flow.js Index: flow.js =================================================================== RCS file: /home/cvs/cocoon-2.1/src/blocks/slide/samples/flow.js,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- flow.js 14 Dec 2003 15:55:33 -0000 1.4 +++ flow.js 12 Jan 2004 17:10:33 -0000 1.5 @@ -1,62 +1,109 @@ importPackage(Packages.org.apache.cocoon.components.slide); -importPackage(Packages.org.apache.cocoon.samples.slide); importPackage(Packages.org.apache.cocoon.components.source.helpers); +importPackage(Packages.org.apache.cocoon.samples.slide); importPackage(Packages.org.apache.excalibur.source); -importPackage(Packages.org.apache.excalibur.xml.dom); var repository = cocoon.getComponent("org.apache.cocoon.components.repository.SourceRepository"); var resolver = cocoon.getComponent(SourceResolver.ROLE); var slide = cocoon.getComponent(SlideRepository.ROLE); var nat = slide.getNamespaceToken("cocoon"); +// these variables need to be available in the sitemap as well +// is/should there be a simple way to share these? an input module? +var principal; +var namespace = "cocoon"; +var base = "/slide-samples/"; + // ---------------------------------------------- utility functions function getBaseURI() { - var namespace = cocoon.parameters["namespace"]; - var caller = cocoon.parameters["caller"]; - return "slide://" + caller + "@" + namespace + "/"; + return "slide://" + principal + "@" + namespace + "/"; +} + +// ---------------------------------------------- authentication + +function protect() { + var path = cocoon.parameters["path"]; + if (principal == undefined){ + login(path); + } + else { + invoke(path); + } +} + +function invoke(path) { + var func = this["protected_" + path]; + if (func != undefined) { + func.apply(this); + } + else { + cocoon.sendPage(path,null); + } +} + +function login(path) { + cocoon.session; + var userid = ""; + while (principal == undefined) { + cocoon.sendPageAndWait("screens/login.html",{userid:userid,prefix:"/slide-samples"}); + userid = cocoon.request.getParameter("userid"); + var password = cocoon.request.getParameter("password"); + if (AdminHelper.login(nat,userid,password)) { + principal = userid; + // also put it in the session so it can be accessed + // from the sitemap throuhg the session attribute module + cocoon.session.setAttribute("slide-principal",principal); + } + } + cocoon.redirectTo(base + path); +} + +function logout() { + cocoon.session.invalidate(); + cocoon.redirectTo(base + "content/"); } // ---------------------------------------------- file management // make a new collection -function public_mkcol() { +function protected_mkcol() { var baseUri = getBaseURI(); var parentPath = cocoon.request.getParameter("parentPath"); var collectionName = cocoon.request.getParameter("collectionName"); - var location = baseUri + parentPath + collectionName; + var location = baseUri + parentPath + "/" + collectionName; var status = repository.makeCollection(location); - cocoon.redirectTo("content/" + parentPath); + cocoon.redirectTo(base + "content/" + parentPath); } // upload a file -function public_upload() { +function protected_upload() { var baseUri = getBaseURI(); var parentPath = cocoon.request.getParameter("parentPath"); var resourceName = cocoon.request.getParameter("resourceName"); - var dest = baseUri + parentPath + resourceName; + var dest = baseUri + parentPath + "/" + resourceName; var src = "upload://uploadFile"; var status = repository.save(src,dest); - cocoon.redirectTo("content/" + parentPath); + cocoon.redirectTo(base + "content/" + parentPath); } // delete a resource -function public_delete() { +function protected_delete() { var baseUri = getBaseURI(); var parentPath = cocoon.request.getParameter("parentPath"); var resourceName = cocoon.request.getParameter("resourceName"); - var location = baseUri + parentPath + resourceName; + var location = baseUri + parentPath + "/" + resourceName; var status = repository.remove(location); - cocoon.redirectTo("content/" + parentPath); + cocoon.redirectTo(base + "content/" + parentPath); } // ---------------------------------------------- property management -function public_addproperty() { +function protected_addproperty() { var baseUri = getBaseURI(); var resourcePath = cocoon.request.getParameter("resourcePath"); var location = baseUri + resourcePath; @@ -67,7 +114,7 @@ var namespace = cocoon.request.getParameter("namespace"); var value = cocoon.request.getParameter("value"); var property = new SourceProperty(namespace,name,value); - cocoon.log.info("setting property " + property + " on source " + location); + source.setSourceProperty(property); } finally { @@ -75,10 +122,10 @@ resolver.release(source); } } - cocoon.redirectTo("properties/" + resourcePath); + cocoon.redirectTo(base + "properties/" + resourcePath); } -function public_removeproperty() { +function protected_removeproperty() { var baseUri = getBaseURI(); var resourcePath = cocoon.request.getParameter("resourcePath"); var location = baseUri + resourcePath; @@ -87,166 +134,132 @@ source = resolver.resolveURI(location); var name = cocoon.request.getParameter("name"); var namespace = cocoon.request.getParameter("namespace"); - cocoon.log.info("removing property " + namespace + "#" + name + " from source " + location); + source.removeSourceProperty(namespace,name); } finally { if (source != null) { resolver.release(source); } } - cocoon.redirectTo("properties/" + resourcePath); + cocoon.redirectTo(base + "properties/" + resourcePath); } -// ---------------------------------------------- lock management +// ---------------------------------------------- permission management -function public_removelock() { - var baseUri = getBaseURI(); +function protected_removePermission() { var resourcePath = cocoon.request.getParameter("resourcePath"); - var subject = cocoon.request.getParameter("subject"); - var location = baseUri + resourcePath; + var subject = cocoon.request.getParameter("subject"); + var privilege = cocoon.request.getParameter("privilege"); - cocoon.log.info("removing lock " + subject + " from source " + location); + AdminHelper.removePermission(nat,principal,resourcePath,subject,privilege); + cocoon.redirectTo(base + "permissions/" + resourcePath); +} + +function protected_addPermission() { + var resourcePath = cocoon.request.getParameter("resourcePath"); + var subject = cocoon.request.getParameter("subject"); + var action = cocoon.request.getParameter("action"); + var inheritable = cocoon.request.getParameter("inheritable"); + var negative = cocoon.request.getParameter("negative"); - // TODO: remove lock + AdminHelper.addPermission(nat,principal,resourcePath,subject,action,inheritable,negative); + cocoon.redirectTo(base + "permissions/" + resourcePath); +} + +// ---------------------------------------------- lock management + +function protected_removelock() { + var resourcePath = cocoon.request.getParameter("resourcePath"); + var objectUri = cocoon.request.getParameter("objectUri"); + var lockId = cocoon.request.getParameter("lockId"); - cocoon.redirectTo("locks/" + resourcePath); + AdminHelper.removeLock(nat,principal,objectUri,lockId); + cocoon.redirectTo(base + "locks/" + resourcePath); } -function public_addlock() { - var baseUri = getBaseURI(); +function protected_addlock() { var resourcePath = cocoon.request.getParameter("resourcePath"); var subject = cocoon.request.getParameter("subject"); var type = cocoon.request.getParameter("type"); - var inheritable = cocoon.request.getParameter("inheritable"); var exclusive = cocoon.request.getParameter("exclusive"); - var location = baseUri + resourcePath; - - cocoon.log.info("adding lock " + subject + " to source " + location); + var inheritable = cocoon.request.getParameter("inheritable"); - // TODO: add lock + AdminHelper.addLock(nat,principal,resourcePath,subject,type,exclusive,inheritable); - cocoon.redirectTo("locks/" + resourcePath); + cocoon.redirectTo(base + "locks/" + resourcePath); } // ---------------------------------------------- user management -function public_adduser() { +function protected_adduser() { var username = cocoon.request.getParameter("username"); var password = cocoon.request.getParameter("password"); - var role = cocoon.request.getParameter("role"); - var caller = cocoon.parameters["caller"]; - - AdminHelper.addUser(nat,caller,username,password,role); - cocoon.redirectTo("users/"); -} - -function public_removeuser() { - var username = cocoon.request.getParameter("username"); - var caller = cocoon.parameters["caller"]; - AdminHelper.removeUser(nat,caller,username); - cocoon.redirectTo("users/"); + AdminHelper.addUser(nat,principal,username,password); + cocoon.redirectTo(base + "users"); } -function public_addgroup() { +function protected_addgroup() { var groupname = cocoon.request.getParameter("groupname"); - var caller = cocoon.parameters["caller"]; - AdminHelper.addGroup(nat,caller,groupname); - cocoon.redirectTo("users/"); + AdminHelper.addGroup(nat,principal,groupname); + cocoon.redirectTo("users"); } -function public_removegroup() { - var groupname = cocoon.request.getParameter("groupname"); - var caller = cocoon.parameters["caller"]; +function protected_removeobject() { + var objecturi = cocoon.request.getParameter("objecturi"); - AdminHelper.removeGroup(nat,caller,groupname); - cocoon.redirectTo("users/"); + AdminHelper.removeObject(nat,principal,objecturi); + cocoon.redirectTo(base + "users"); } -function public_addmember() { - var username = cocoon.request.getParameter("username"); - var groupname = cocoon.request.getParameter("groupname"); - var caller = cocoon.parameters["caller"]; +function protected_addmember() { + var objecturi = cocoon.request.getParameter("objecturi"); + var subjecturi = cocoon.request.getParameter("subjecturi"); - AdminHelper.addGroupMember(nat,caller,groupname,username); - cocoon.redirectTo("users/"); + AdminHelper.addMember(nat,principal,objecturi,subjecturi); + cocoon.redirectTo(base + "users"); } -function public_removemember() { - var username = cocoon.request.getParameter("username"); - var groupname = cocoon.request.getParameter("groupname"); - var caller = cocoon.parameters["caller"]; +function protected_removemember() { + var objecturi = cocoon.request.getParameter("objecturi"); + var subjecturi = cocoon.request.getParameter("subjecturi"); - AdminHelper.removeGroupMember(nat,caller,groupname,username); - cocoon.redirectTo("users/"); + AdminHelper.removeMember(nat,principal,objecturi,subjecturi); + cocoon.redirectTo(base + "users"); } -// ---------------------------------------------- permission management - -function public_removePermission() { - var caller = cocoon.parameters["caller"]; - var resourcePath = cocoon.request.getParameter("resourcePath"); - var subject = cocoon.request.getParameter("subject"); - var action = cocoon.request.getParameter("action"); - - AdminHelper.removePermission(nat,caller,resourcePath,subject,action); - cocoon.redirectTo("permissions/" + resourcePath); -} - -function public_addPermission() { - var caller = cocoon.parameters["caller"]; - var resourcePath = cocoon.request.getParameter("resourcePath"); - var subject = cocoon.request.getParameter("subject"); - var action = cocoon.request.getParameter("action"); - var inheritable = cocoon.request.getParameter("inheritable"); - var negative = cocoon.request.getParameter("negative"); - - AdminHelper.addPermission(nat,caller,resourcePath,subject,action,inheritable,negative); - cocoon.redirectTo("permissions/" + resourcePath); -} // ---------------------------------------------- screens -function screen_authenticate() { - var userid = cocoon.request.getParameter("userid"); - var password = cocoon.request.getParameter("password"); - cocoon.sendPage("screens/authentication.jx",{id:userid,role:"root"}); -} - function screen_permissions() { - var caller = cocoon.parameters["caller"]; var path = cocoon.parameters["path"]; - - var permissions = AdminHelper.listPermissions(nat,caller,path); + var permissions = AdminHelper.listPermissions(nat,principal,path); cocoon.sendPage("screens/permissions.jx",{permissions:permissions}); } -function screen_actions() { - var caller = cocoon.parameters["caller"]; - - var actions = AdminHelper.listActions(nat,caller); - cocoon.sendPage("screens/actions.jx",{actions:actions}); +function screen_locks() { + var path = cocoon.parameters["path"]; + var locks = AdminHelper.listLocks(nat,principal,path); + cocoon.sendPage("screens/locks.jx",{locks:locks}); +} + +function screen_privileges() { + var privileges = AdminHelper.listPrivileges(nat,principal); + cocoon.sendPage("screens/privileges.jx",{privileges:privileges}); } function screen_groups() { - var caller = cocoon.parameters["caller"]; - - var groups = AdminHelper.listGroups(nat,caller); + var groups = AdminHelper.listGroups(nat,principal,"/groups"); cocoon.sendPage("screens/groups.jx",{groups:groups}); } function screen_roles() { - var caller = cocoon.parameters["caller"]; - - var roles = AdminHelper.listRoles(nat,caller); + var roles = AdminHelper.listGroups(nat,principal,"/roles"); cocoon.sendPage("screens/roles.jx",{roles:roles}); } function screen_users() { - var caller = cocoon.parameters["caller"]; - - var users = AdminHelper.listUsers(nat,caller); + var users = AdminHelper.listUsers(nat,principal); cocoon.sendPage("screens/users.jx",{users:users}); } - 1.3 +251 -146 cocoon-2.1/src/blocks/slide/java/org/apache/cocoon/samples/slide/AdminHelper.java Index: AdminHelper.java =================================================================== RCS file: /home/cvs/cocoon-2.1/src/blocks/slide/java/org/apache/cocoon/samples/slide/AdminHelper.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- AdminHelper.java 22 Dec 2003 13:35:06 -0000 1.2 +++ AdminHelper.java 12 Jan 2004 17:10:33 -0000 1.3 @@ -52,6 +52,7 @@ package org.apache.cocoon.samples.slide; import java.util.ArrayList; +import java.util.Collections; import java.util.Date; import java.util.Enumeration; import java.util.List; @@ -64,6 +65,8 @@ import org.apache.slide.content.NodeProperty; import org.apache.slide.content.NodeRevisionDescriptor; import org.apache.slide.content.NodeRevisionDescriptors; +import org.apache.slide.lock.Lock; +import org.apache.slide.lock.NodeLock; import org.apache.slide.macro.Macro; import org.apache.slide.macro.MacroParameters; import org.apache.slide.security.NodePermission; @@ -80,16 +83,38 @@ */ public class AdminHelper { + private static final SlideToken ROOT = new SlideTokenImpl(new CredentialsToken("root")); + + public static boolean login(NamespaceAccessToken nat, + String userId, + String password) throws Exception { + + String usersPath = nat.getNamespaceConfig().getUsersPath(); + String userUri = usersPath + "/" + userId; + + Content content = nat.getContentHelper(); + + try { + NodeRevisionDescriptors revisions = content.retrieve(ROOT,userUri); + NodeRevisionDescriptor revision = content.retrieve(ROOT,revisions); + NodeProperty property = revision.getProperty( + "password",NodeProperty.SLIDE_NAMESPACE); + + return property.getValue().equals(password); + } + catch (Exception e) { + e.printStackTrace(); + throw e; + } + } + public static void addUser(NamespaceAccessToken nat, String caller, String username, - String password, - String rolename) throws Exception { + String password) throws Exception { String usersPath = nat.getNamespaceConfig().getUsersPath(); String userUri = usersPath + "/" + username; - String rolesPath = nat.getNamespaceConfig().getRolesPath(); - String roleUri = rolesPath + "/" + rolename; SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); Structure structure = nat.getStructureHelper(); @@ -97,8 +122,6 @@ try { - // make sure the role exists - structure.retrieve(slideToken,roleUri); nat.begin(); ObjectNode user = new SubjectNode(); @@ -112,23 +135,6 @@ "password",password,NodeProperty.SLIDE_NAMESPACE)); content.create(slideToken,userUri,descriptor,null); - if (rolename != null && !rolename.equals("")) { - // modify the role descriptor - NodeRevisionDescriptors descriptors = content.retrieve(slideToken,roleUri); - descriptor = content.retrieve(slideToken,descriptors); - NodeProperty property = descriptor.getProperty("group-member-set","DAV:"); - String value; - if (property != null) { - value = (String) property.getValue(); - } - else { - value = ""; - } - value += "" + userUri + ""; - descriptor.setProperty("group-member-set","DAV:",value); - content.store(slideToken,roleUri,descriptor,null); - } - nat.commit(); } catch (Exception e) { @@ -143,44 +149,6 @@ } - public static void removeUser(NamespaceAccessToken nat, - String caller, - String username) throws Exception { - - String usersPath = nat.getNamespaceConfig().getUsersPath(); - String userUri = usersPath + "/" + username; - String callerUri = usersPath + "/" + caller; - - // user cannot delete itself - if (callerUri.equals(userUri)) { - return; - } - - SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); - Macro macro = nat.getMacroHelper(); - - try { - nat.begin(); - - boolean recursive = true; - boolean overwrite = false; - MacroParameters parameters = new MacroParameters(recursive,overwrite); - - macro.delete(slideToken,userUri,parameters); - - nat.commit(); - } - catch (Exception e) { - try { - nat.rollback(); - } - catch (Exception f) { - f.printStackTrace(); - } - throw e; - } - } - public static void addGroup(NamespaceAccessToken nat, String caller, String groupname) throws Exception { @@ -218,25 +186,30 @@ } - public static void removeGroup(NamespaceAccessToken nat, - String caller, - String groupname) throws Exception { - - String groupsPath = nat.getNamespaceConfig().getGroupsPath(); - String groupUri = groupsPath + "/" + groupname; + public static void removeObject(NamespaceAccessToken nat, + String caller, + String objectUri) throws Exception { + String usersPath = nat.getNamespaceConfig().getUsersPath(); + String callerUri = usersPath + "/" + caller; + + // user cannot delete itself + if (callerUri.equals(objectUri)) { + return; + } + SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); Macro macro = nat.getMacroHelper(); - + try { nat.begin(); - + boolean recursive = true; boolean overwrite = false; MacroParameters parameters = new MacroParameters(recursive,overwrite); - - macro.delete(slideToken,groupUri,parameters); - + + macro.delete(slideToken,objectUri,parameters); + nat.commit(); } catch (Exception e) { @@ -250,15 +223,10 @@ } } - public static void addGroupMember(NamespaceAccessToken nat, - String caller, - String groupname, - String username) throws Exception { - - String groupsPath = nat.getNamespaceConfig().getGroupsPath(); - String groupUri = groupsPath + "/" + groupname; - String usersPath = nat.getNamespaceConfig().getUsersPath(); - String userUri = usersPath + "/" + username; + public static void addMember(NamespaceAccessToken nat, + String caller, + String objectUri, + String subjectUri) throws Exception { SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); Structure structure = nat.getStructureHelper(); @@ -266,17 +234,17 @@ try { - // check if the user exists - structure.retrieve(slideToken,userUri); + // check if the subject exists + structure.retrieve(slideToken,subjectUri); - NodeRevisionDescriptors descriptors = content.retrieve(slideToken,groupUri); + NodeRevisionDescriptors descriptors = content.retrieve(slideToken,objectUri); NodeRevisionDescriptor descriptor = content.retrieve(slideToken,descriptors); NodeProperty property = descriptor.getProperty("group-member-set","DAV:"); String value = null; if (property != null) { value = (String) property.getValue(); - if (value.indexOf(userUri) != -1) { + if (value.indexOf(subjectUri) != -1) { // user already a member of this group return; } @@ -284,11 +252,11 @@ else { value = ""; } - value = value + "" + userUri + ""; + value = value + "" + subjectUri + ""; descriptor.setProperty("group-member-set","DAV:",value); nat.begin(); - content.store(slideToken,groupUri,descriptor,null); + content.store(slideToken,objectUri,descriptor,null); nat.commit(); } catch (ObjectNotFoundException e) { @@ -305,24 +273,19 @@ } } - public static void removeGroupMember(NamespaceAccessToken nat, - String caller, - String groupname, - String username) throws Exception { - - String groupsPath = nat.getNamespaceConfig().getGroupsPath(); - String groupUri = groupsPath + "/" + groupname; - String usersPath = nat.getNamespaceConfig().getUsersPath(); - String userUri = usersPath + "/" + username; + public static void removeMember(NamespaceAccessToken nat, + String caller, + String objectUri, + String subjectUri) throws Exception { SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); Content content = nat.getContentHelper(); try { - NodeRevisionDescriptors descriptors = content.retrieve(slideToken,groupUri); - NodeRevisionDescriptor descriptor = content.retrieve(slideToken,descriptors); - NodeProperty property = descriptor.getProperty("group-member-set","DAV:"); + NodeRevisionDescriptors revisions = content.retrieve(slideToken,objectUri); + NodeRevisionDescriptor revision = content.retrieve(slideToken,revisions); + NodeProperty property = revision.getProperty("group-member-set","DAV:"); if (property == null) { // group has no members @@ -330,20 +293,20 @@ } String value = (String) property.getValue(); - int index = value.indexOf(userUri); + int index = value.indexOf(subjectUri); if (index == -1) { - // user is not a member of this group + // subject is not a member of this group return; } - // looking for the end of after userUri - int end = index + userUri.length(); + // looking for the end of after subjectUri + int end = index + subjectUri.length(); do { end++; } while (value.charAt(end) != '>'); - // looking for the start of before userUri + // looking for the start of before subjectUri int from = index; do { from--; @@ -355,9 +318,9 @@ String after = value.substring(end+1); value = before + after; - descriptor.setProperty("group-member-set","DAV:",value); + revision.setProperty("group-member-set","DAV:",value); nat.begin(); - content.store(slideToken,groupUri,descriptor,null); + content.store(slideToken,objectUri,revision,null); nat.commit(); } catch (ObjectNotFoundException e) { @@ -373,40 +336,109 @@ throw e; } } - + public static List listPermissions(NamespaceAccessToken nat, String caller, String path) throws Exception { - String filesPath = nat.getNamespaceConfig().getFilesPath(); - String uri = filesPath + "/" + path; + + String uri = getUriFromPath(nat,path); SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); Security security = nat.getSecurityHelper(); List result = new ArrayList(); - Enumeration permissions = security.enumeratePermissions(slideToken,uri,false); - while (permissions.hasMoreElements()) { - result.add(permissions.nextElement()); + try { + nat.begin(); + Enumeration permissions = security.enumeratePermissions(slideToken,uri,false); + while (permissions.hasMoreElements()) { + result.add(permissions.nextElement()); + } + nat.commit(); + return result; + } + catch (Exception e) { + try { + nat.rollback(); + } + catch (Exception f) { + f.printStackTrace(); + } + throw e; } - return result; } - public static List listUsers(NamespaceAccessToken nat, - String caller) throws Exception { - return listObjects(nat,caller,nat.getNamespaceConfig().getUsersPath()); + public static List listLocks(NamespaceAccessToken nat, + String caller, + String path) throws Exception { + + String uri = getUriFromPath(nat,path); + + SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); + Lock lock = nat.getLockHelper(); + + List result = new ArrayList(); + try { + nat.begin(); + Enumeration locks = lock.enumerateLocks(slideToken,uri,false); + while(locks.hasMoreElements()) { + result.add(locks.nextElement()); + } + nat.commit(); + return result; + } catch (Exception e) { + try { + nat.rollback(); + } + catch (Exception f) { + f.printStackTrace(); + } + throw e; + } } - public static List listRoles(NamespaceAccessToken nat, - String caller) throws Exception { - return listObjects(nat,caller,nat.getNamespaceConfig().getRolesPath()); + public static List listGroups(NamespaceAccessToken nat, String caller, String path) throws Exception { + List result = new ArrayList(); + + SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); + Structure structure = nat.getStructureHelper(); + Content content = nat.getContentHelper(); + + ObjectNode object = structure.retrieve(slideToken,path); + Enumeration enum = structure.getChildren(slideToken,object); + while (enum.hasMoreElements()) { + String uri = ((ObjectNode) enum.nextElement()).getUri(); + NodeRevisionDescriptors revisions = content.retrieve(slideToken, uri); + NodeRevisionDescriptor revision = content.retrieve(slideToken, revisions); + NodeProperty property = revision.getProperty("group-member-set","DAV:"); + List members; + if (property != null) { + String value = (String) property.getValue(); + members = new ArrayList(10); + int start = value.indexOf('>'), end = 0; + while (start != -1) { + end = value.indexOf('<',start); + if (end != -1) { + members.add(value.substring(start+1,end)); + } + end = value.indexOf('>',start+1); + start = value.indexOf('>',end+1); + } + } + else { + members = Collections.EMPTY_LIST; + } + result.add(new Group(uri,members)); + } + + return result; } - public static List listGroups(NamespaceAccessToken nat, - String caller) throws Exception { - return listObjects(nat,caller,nat.getNamespaceConfig().getGroupsPath()); + public static List listUsers(NamespaceAccessToken nat, + String caller) throws Exception { + return listObjects(nat,caller,nat.getNamespaceConfig().getUsersPath()); } - public static List listActions(NamespaceAccessToken nat, + public static List listPrivileges(NamespaceAccessToken nat, String caller) throws Exception { return listObjects(nat,caller,nat.getNamespaceConfig().getActionsPath()); } @@ -423,7 +455,7 @@ ObjectNode object = structure.retrieve(slideToken,path); Enumeration enum = structure.getChildren(slideToken,object); while (enum.hasMoreElements()) { - result.add(enum.nextElement()); + result.add(((ObjectNode) enum.nextElement()).getUri()); } return result; @@ -435,20 +467,7 @@ String subject, String action) throws Exception { - String filesPath = nat.getNamespaceConfig().getFilesPath(); - String uri; - if (path.equals("/")) { - uri = filesPath; - } - else { - uri = filesPath + "/" + path; - } - - - System.out.println("uri: " + uri); - System.out.println("subject: " + subject); - System.out.println("action: " + action); - System.out.println("caller: " + caller); + String uri = getUriFromPath(nat,path); SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); Security security = nat.getSecurityHelper(); @@ -478,14 +497,8 @@ String action, String inheritable, String negative) throws Exception { - String filesPath = nat.getNamespaceConfig().getFilesPath(); - String uri; - if (path.equals("/")) { - uri = filesPath; - } - else { - uri = filesPath + "/" + path; - } + + String uri = getUriFromPath(nat,path); SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); Security security = nat.getSecurityHelper(); @@ -512,6 +525,98 @@ f.printStackTrace(); } throw e; + } + } + + public static void removeLock(NamespaceAccessToken nat, + String caller, + String uri, + String lockId) throws Exception { + + SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); + Lock lock = nat.getLockHelper(); + + try { + nat.begin(); + lock.unlock(slideToken,uri,lockId); + nat.commit(); + } + catch (Exception e) { + try { + nat.rollback(); + } + catch (Exception f) { + f.printStackTrace(); + } + throw e; + } + } + + public static void addLock(NamespaceAccessToken nat, + String caller, + String path, + String subject, + String type, + String exclusive, + String inherit) throws Exception { + + String uri = getUriFromPath(nat,path); + boolean isExclusive = Boolean.valueOf(exclusive).booleanValue(); + boolean isInherit = Boolean.valueOf(inherit).booleanValue(); + // expires after one minute + Date expire = new Date(System.currentTimeMillis() + 1000*60); + + SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller)); + Lock lock = nat.getLockHelper(); + + try { + nat.begin(); + lock.lock(slideToken,new NodeLock(uri,subject,type,expire,isExclusive,isInherit)); + nat.commit(); + } + catch (Exception e) { + try { + nat.rollback(); + } + catch (Exception f) { + f.printStackTrace(); + } + throw e; + } + } + + private static String getUriFromPath(NamespaceAccessToken nat, + String path) { + String filesPath = nat.getNamespaceConfig().getFilesPath(); + String uri; + if (path.equals("/") || path.length() == 0) { + uri = filesPath; + } + else { + uri = filesPath + "/" + path; + } + return uri; + } + + public static class Group { + private final String m_uri; + private final List m_members; + + private Group(String uri, List members) { + m_uri = uri; + m_members = members; + } + + public String getUri() { + return m_uri; + } + + public List getMembers() { + return m_members; + } + + public String toString() { + return m_uri; } } }