Author: angela
Date: Thu Nov 8 13:27:00 2012
New Revision: 1407071
URL: http://svn.apache.org/viewvc?rev=1407071&view=rev
Log:
OAK-50 : Implement User Management (WIP)
move initial user content from InitialContent to UserInitializer
Added:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/InitialContent.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2.txt
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/InitialContent.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/InitialContent.java?rev=1407071&r1=1407070&r2=1407071&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/InitialContent.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/nodetype/InitialContent.java
Thu Nov 8 13:27:00 2012
@@ -56,40 +56,6 @@ public class InitialContent implements R
.setProperty("jcr:primaryType", "rep:nodeTypes", Type.NAME);
system.child("jcr:activities")
.setProperty("jcr:primaryType", "rep:Activities", Type.NAME);
- system.child("rep:privileges")
- .setProperty("jcr:primaryType", "rep:Privileges", Type.NAME);
-
- NodeBuilder security = root.child("rep:security");
- security.setProperty(
- "jcr:primaryType", "rep:AuthorizableFolder", Type.NAME);
-
- NodeBuilder authorizables = security.child("rep:authorizables");
- authorizables.setProperty(
- "jcr:primaryType", "rep:AuthorizableFolder", Type.NAME);
-
- NodeBuilder users = authorizables.child("rep:users");
- users.setProperty(
- "jcr:primaryType", "rep:AuthorizableFolder", Type.NAME);
-
- NodeBuilder a = users.child("a");
- a.setProperty("jcr:primaryType", "rep:AuthorizableFolder", Type.NAME);
-
- a.child("ad")
- .setProperty("jcr:primaryType", "rep:AuthorizableFolder", Type.NAME)
- .child("admin")
- .setProperty("jcr:primaryType", "rep:User", Type.NAME)
- .setProperty("jcr:uuid", "21232f29-7a57-35a7-8389-4a0e4a801fc3")
- .setProperty("rep:principalName", "admin")
- .setProperty("rep:authorizableId", "admin")
- .setProperty("rep:password", "{SHA-256}9e515755e95513ce-1000-0696716f8baf8890a35eda1b9f2d5a4e727d1c7e1c062f03180dcc2a20f61f3b");
-
- a.child("an")
- .setProperty("jcr:primaryType", "rep:AuthorizableFolder", Type.NAME)
- .child("anonymous")
- .setProperty("jcr:primaryType", "rep:User", Type.NAME)
- .setProperty("jcr:uuid", "294de355-7d9d-30b3-92d8-a1e6aab028cf")
- .setProperty("rep:principalName", "anonymous")
- .setProperty("rep:authorizableId", "anonymous");
}
if (!root.hasChildNode("oak:index")) {
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java?rev=1407071&r1=1407070&r2=1407071&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
Thu Nov 8 13:27:00 2012
@@ -25,6 +25,7 @@ import org.apache.jackrabbit.api.securit
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
+import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
@@ -54,6 +55,12 @@ public class UserConfigurationImpl exten
return config;
}
+ @Nonnull
+ @Override
+ public RepositoryInitializer getRepositoryInitializer() {
+ return new UserInitializer(securityProvider);
+ }
+
@Override
public List<ValidatorProvider> getValidatorProviders() {
ValidatorProvider vp = new UserValidatorProvider(getConfigurationParameters());
Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java?rev=1407071&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
(added)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
Thu Nov 8 13:27:00 2012
@@ -0,0 +1,94 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.user;
+
+import javax.jcr.RepositoryException;
+
+import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.oak.api.CommitFailedException;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.core.RootImpl;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
+import org.apache.jackrabbit.oak.spi.state.NodeStore;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Creates initial set of users to be present in the repository. This
+ * implementation uses the {@code UserManager} such as defined by the
+ * user configuration.
+ *
+ * Currently the following users are created:
+ *
+ * <ul>
+ * <li>An administrator user using {@link UserConstants#PARAM_ADMIN_ID}
+ * or {@link UserConstants#DEFAULT_ADMIN_ID} if the config option is missing.</li>
+ * <li>An administrator user using {@link UserConstants#PARAM_ANONYMOUS_ID}
+ * or {@link UserConstants#DEFAULT_ANONYMOUS_ID} if the config option is
+ * missing.</li>
+ * </ul>
+ */
+public class UserInitializer implements RepositoryInitializer, UserConstants {
+
+ /**
+ * logger instance
+ */
+ private static final Logger log = LoggerFactory.getLogger(UserInitializer.class);
+
+ private final SecurityProvider securityProvider;
+
+ UserInitializer(SecurityProvider securityProvider) {
+ this.securityProvider = securityProvider;
+ }
+
+ //----------------------------------------------< RepositoryInitializer >---
+ @Override
+ public void initialize(NodeStore store) {
+ Root root = new RootImpl(store);
+
+ UserConfiguration userConfiguration = securityProvider.getUserConfiguration();
+ UserManager userManager = userConfiguration.getUserManager(root, NamePathMapper.DEFAULT);
+
+ try {
+ boolean modified = false;
+ String adminId = userConfiguration.getConfigurationParameters().getConfigValue(PARAM_ADMIN_ID,
DEFAULT_ADMIN_ID);
+ if (userManager.getAuthorizable(adminId) == null) {
+ // TODO: init admin with null password and force application to set it.
+ userManager.createUser(adminId, adminId);
+ modified = true;
+ }
+ String anonymousId = userConfiguration.getConfigurationParameters().getConfigValue(PARAM_ANONYMOUS_ID,
DEFAULT_ANONYMOUS_ID);
+ if (userManager.getAuthorizable(anonymousId) == null) {
+ userManager.createUser(anonymousId, null);
+ modified = true;
+ }
+ if (modified) {
+ root.commit();
+ }
+ } catch (RepositoryException e) {
+ log.error("Failed to initialize user content ", e);
+ throw new RuntimeException(e);
+ } catch (CommitFailedException e) {
+ log.error("Failed to initialize user content ", e);
+ throw new RuntimeException(e);
+ }
+ }
+}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2.txt
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2.txt?rev=1407071&r1=1407070&r2=1407071&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2.txt
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2.txt
Thu Nov 8 13:27:00 2012
@@ -142,7 +142,6 @@ select * from [nt:base] as p inner join
/, /jcr:system
/, /oak:index
/, /parents
-/, /rep:security
select * from [nt:base] as p inner join [nt:base] as p2 on isdescendantnode(p2, p) where
p.[jcr:path] = '/parents'
/parents, /parents/p0
|