incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jvazq...@apache.org
Subject svn commit: r732981 - in /incubator/sling/trunk/jcr/base/src/main/java/org/apache/sling/jcr/base/util: AccessControlUtil.java RepositoryUtil.java
Date Fri, 09 Jan 2009 08:59:06 GMT
Author: jvazquez
Date: Fri Jan  9 00:59:05 2009
New Revision: 732981

URL: http://svn.apache.org/viewvc?rev=732981&view=rev
Log:
SLING-818: Create a utility class to simplify accessing JSR283 classes in Jackrabbit 1.5 
https://issues.apache.org/jira/browse/SLING-818

Added:
    incubator/sling/trunk/jcr/base/src/main/java/org/apache/sling/jcr/base/util/AccessControlUtil.java
Removed:
    incubator/sling/trunk/jcr/base/src/main/java/org/apache/sling/jcr/base/util/RepositoryUtil.java

Added: incubator/sling/trunk/jcr/base/src/main/java/org/apache/sling/jcr/base/util/AccessControlUtil.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/base/src/main/java/org/apache/sling/jcr/base/util/AccessControlUtil.java?rev=732981&view=auto
==============================================================================
--- incubator/sling/trunk/jcr/base/src/main/java/org/apache/sling/jcr/base/util/AccessControlUtil.java
(added)
+++ incubator/sling/trunk/jcr/base/src/main/java/org/apache/sling/jcr/base/util/AccessControlUtil.java
Fri Jan  9 00:59:05 2009
@@ -0,0 +1,228 @@
+package org.apache.sling.jcr.base.util;
+
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.security.Principal;
+import java.util.Map;
+
+import javax.jcr.AccessDeniedException;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.jcr.UnsupportedRepositoryOperationException;
+
+import org.apache.jackrabbit.api.JackrabbitSession;
+import org.apache.jackrabbit.api.jsr283.security.AccessControlException;
+import org.apache.jackrabbit.api.jsr283.security.AccessControlList;
+import org.apache.jackrabbit.api.jsr283.security.AccessControlManager;
+import org.apache.jackrabbit.api.jsr283.security.Privilege;
+import org.apache.jackrabbit.api.security.principal.PrincipalManager;
+import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.sling.jcr.base.internal.PooledSession;
+
+/**
+ * A simple utility class providing utilities with respect to 
+ * access control over repositories.
+ */
+public class AccessControlUtil {
+	
+	// the name of the accessor method for the AccessControlManager
+    private static final String METHOD_GET_ACCESS_CONTROL_MANAGER = "getAccessControlManager";
+    // the name of the accessor method for the UserManager
+    private static final String METHOD_GET_USER_MANAGER = "getUserManager";
+    // the name of the accessor method for the PrincipalManager
+    private static final String METHOD_GET_PRINCIPAL_MANAGER = "getPrincipalManager";
+    // the name of the JackrabbitAccessControlList method getPath
+    private static final String METHOD_JACKRABBIT_ACL_GET_PATH = "getPath";
+    // the name of the JackrabbitAccessControlList method 
+    private static final String METHOD_JACKRABBIT_ACL_IS_EMPTY = "isEmpty";
+    // the name of the JackrabbitAccessControlList method 
+    private static final String METHOD_JACKRABBIT_ACL_SIZE = "size";
+    // the name of the JackrabbitAccessControlList method 
+    private static final String METHOD_JACKRABBIT_ACL_ADD_ENTRY = "addEntry";
+    
+	
+    // ---------- SessionImpl methods -----------------------------------------------------
+    
+	/**
+     * Returns the <code>AccessControlManager</code> for the given
+     * <code>session</code>. If the session does not have a
+     * <code>getAccessControlManager</code> method, a
+     * <code>UnsupportedRepositoryOperationException</code> is thrown. Otherwise
+     * the <code>AccessControlManager</code> is returned or if the call fails,
+     * the respective exception is thrown.
+     * 
+     * @param session The JCR Session whose <code>AccessControlManager</code>
is
+     *            to be returned. If the session is a pooled session, the
+     *            session underlying the pooled session is actually used.
+     * @return The <code>AccessControlManager</code> of the session
+     * @throws UnsupportedRepositoryOperationException If the session has no
+     *             <code>getAccessControlManager</code> method or the exception
+     *             thrown by the method.
+     * @throws RepositoryException Forwarded from the
+     *             <code>getAccessControlManager</code> method call.
+     */
+	public static AccessControlManager getAccessControlManager(Session session)
+											throws UnsupportedRepositoryOperationException, RepositoryException {
+		 // unwrap a pooled session
+        if (session instanceof PooledSession) {
+            session = ((PooledSession) session).getSession();
+        }
+        
+        return safeInvokeRepoMethod(session, METHOD_GET_ACCESS_CONTROL_MANAGER, AccessControlManager.class);
+	}
+	
+	// ---------- JackrabbitSession methods -----------------------------------------------
+	
+	/**
+	 * Returns the <code>UserManager</code> for the given
+     * <code>session</code>. If the session does not have a
+     * <code>getUserManager</code> method, a
+     * <code>UnsupportedRepositoryOperationException</code> is thrown. Otherwise
+     * the <code>UserManager</code> is returned or if the call fails,
+     * the respective exception is thrown.
+	 * 
+	 * @param session  The JCR Session whose <code>UserManager</code> is
+     *            to be returned. If the session is not a <code>JackrabbitSession</code>
+     *            uses reflection to retrive the manager from the repository.
+	 * @return The <code>UserManager</code> of the session.
+	 * @throws AccessDeniedException If this session is not allowed 
+	 * 			  to access user data.
+	 * @throws UnsupportedRepositoryOperationException If the session has no
+     *            <code>getUserManager</code> method or the exception
+     *            thrown by the method.
+	 * @throws RepositoryException Forwarded from the
+     *             <code>getUserManager</code> method call.
+	 */
+	public static UserManager getUserManager(Session session) 
+										throws AccessDeniedException, UnsupportedRepositoryOperationException, RepositoryException
{
+		JackrabbitSession jackrabbitSession = getJackrabbitSession(session);
+		if(jackrabbitSession != null) {
+			return jackrabbitSession.getUserManager();
+		} else {
+			return safeInvokeRepoMethod(session, METHOD_GET_USER_MANAGER, UserManager.class);
+		}
+	}
+	
+	/**
+	 * Returns the <code>PrincipalManager</code> for the given
+     * <code>session</code>. If the session does not have a
+     * <code>PrincipalManager</code> method, a
+     * <code>UnsupportedRepositoryOperationException</code> is thrown. Otherwise
+     * the <code>PrincipalManager</code> is returned or if the call fails,
+     * the respective exception is thrown.
+	 * 
+	 * @param session  The JCR Session whose <code>PrincipalManager</code> is
+     *            to be returned. If the session is not a <code>JackrabbitSession</code>
+     *            uses reflection to retrive the manager from the repository.
+	 * @return The <code>PrincipalManager</code> of the session.
+	 * @throws AccessDeniedException
+	 * @throws UnsupportedRepositoryOperationException If the session has no 
+	 * 				<code>PrincipalManager</code> method or the exception
+     *             	thrown by the method.
+	 * @throws RepositoryException Forwarded from the
+     *             <code>PrincipalManager</code> method call.
+	 */
+	public static PrincipalManager getPrincipalManager(Session session)
+										throws AccessDeniedException, UnsupportedRepositoryOperationException, RepositoryException
{
+		JackrabbitSession jackrabbitSession = getJackrabbitSession(session);
+		if(jackrabbitSession != null) {
+			return jackrabbitSession.getPrincipalManager();
+		} else {
+			return safeInvokeRepoMethod(session, METHOD_GET_PRINCIPAL_MANAGER, PrincipalManager.class);
+		}
+	}
+	
+	// ---------- AccessControlList methods -----------------------------------------------
+	
+	/**
+	 * Returns the path of the node <code>AccessControlList</code> acl
+	 * has been created for.
+	 */
+	public static String getPath(AccessControlList acl) throws RepositoryException {
+			return safeInvokeRepoMethod(acl, METHOD_JACKRABBIT_ACL_GET_PATH, String.class);
+	}
+	
+	/**
+	 * Returns <code>true</code> if <code>AccessControlList</code> acl
+	 * does not yet define any entries.
+	 */
+    public static boolean isEmpty(AccessControlList acl) throws RepositoryException {
+		return safeInvokeRepoMethod(acl, METHOD_JACKRABBIT_ACL_IS_EMPTY, Boolean.class);
+    }
+    
+    /**
+     * Returns the number of acl entries or 0 if the acl is empty.
+     */
+    public static int size(AccessControlList acl) throws RepositoryException {
+		return safeInvokeRepoMethod(acl, METHOD_JACKRABBIT_ACL_SIZE, Integer.class);
+    }
+    
+    /**
+     * Same as {@link #addEntry(AccessControlList, Principal, Privilege[], boolean, Map)}
using
+     * some implementation specific restrictions.
+     */
+    public static boolean addEntry(AccessControlList acl, Principal principal, Privilege
privileges[], boolean isAllow)
+        							throws AccessControlException, RepositoryException {
+		return safeInvokeRepoMethod(acl, METHOD_JACKRABBIT_ACL_ADD_ENTRY, Boolean.class, principal,
privileges, isAllow);
+    }
+    
+    /**
+     * Adds an access control entry to the acl consisting of the specified
+     * <code>principal</code>, the specified <code>privileges</code>,
the
+     * <code>isAllow</code> flag and an optional map containing additional
+     * restrictions.
+     * <p/>
+     * This method returns <code>true</code> if this policy was modified,
+     * <code>false</code> otherwise.
+     */
+    @SuppressWarnings("unchecked")
+	public static boolean addEntry(AccessControlList acl, Principal principal, Privilege privileges[],
boolean isAllow, Map restrictions)
+    															throws UnsupportedRepositoryOperationException, RepositoryException {
+		return safeInvokeRepoMethod(acl, METHOD_JACKRABBIT_ACL_ADD_ENTRY, Boolean.class, principal,
privileges, isAllow, restrictions);
+    }
+
+    // ---------- internal -----------------------------------------------------
+    
+    /**
+     * Use reflection to invoke a repository method.
+     */
+    @SuppressWarnings("unchecked")
+	private static <T> T safeInvokeRepoMethod(Object target, String methodName, Class<T>
returnType, Object... args) 
+    													throws UnsupportedRepositoryOperationException, RepositoryException {
+    	try {
+			Method m = target.getClass().getMethod(methodName);
+			return (T) m.invoke(target, args);
+    	} catch (InvocationTargetException ite) {
+            // wraps the exception thrown by the method
+            Throwable t = ite.getCause();
+            if (t instanceof UnsupportedRepositoryOperationException) {
+                throw (UnsupportedRepositoryOperationException) t;
+            } else if (t instanceof AccessDeniedException) {
+                throw (AccessDeniedException) t;
+            } else if (t instanceof AccessControlException) {
+                throw (AccessControlException) t;
+            } else if (t instanceof RepositoryException) {
+                throw (RepositoryException) t;
+            } else if (t instanceof RuntimeException) {
+                throw (RuntimeException) t;
+            } else if (t instanceof Error) {
+                throw (Error) t;
+            } else {
+                throw new RepositoryException(methodName, t);
+            }
+        } catch (Throwable t) {
+            // any other problem is just encapsulated
+            throw new RepositoryException(methodName, t);
+        }
+	}
+	
+    /**
+     * Unwrap the jackrabbit session.
+     */
+	private static JackrabbitSession getJackrabbitSession(Session session) {
+		if (session instanceof JackrabbitSession)
+			return (JackrabbitSession) session;
+		else 
+			return null;
+	}
+}



Mime
View raw message