@NotNull ReadOnlyNodeTypeManager getNodeTypeManager() { if (ntMgr == null) { ntMgr = ReadOnlyNodeTypeManager.getInstance(root, NamePathMapper.DEFAULT); } return ntMgr; }
/** * Returns {@code true} if the given {@code tree} is of type * {@code mix:versionable}; {@code false} otherwise. * * @param tree the tree to check. * @return whether the {@code tree} is versionable. */ protected boolean isVersionable(@NotNull Tree tree) { return getNodeTypeManager().isNodeType( checkNotNull(tree), VersionConstants.MIX_VERSIONABLE); }
/** * Validates the given node type names. * * @param nodeTypeNames the node type names. * @return the node type names as oak names. * @throws javax.jcr.nodetype.NoSuchNodeTypeException if one of the node type names refers to * an non-existing node type. * @throws javax.jcr.RepositoryException if an error occurs while reading from the * node type manager. */ @Nullable private String[] validateNodeTypeNames(@Nullable String[] nodeTypeNames) throws NoSuchNodeTypeException, RepositoryException { if (nodeTypeNames == null) { return null; } String[] oakNames = new String[nodeTypeNames.length]; for (int i = 0; i < nodeTypeNames.length; i++) { ntMgr.getNodeType(nodeTypeNames[i]); oakNames[i] = namePathMapper.getOakName(nodeTypeNames[i]); } return oakNames; }
@Override public NodeTypeIterator getAllNodeTypes() throws RepositoryException { List<NodeType> list = Lists.newArrayList(); Tree types = getTypes(); if (types != null) { NamePathMapper mapper = getNamePathMapper(); for (Tree type : types.getChildren()) { list.add(new NodeTypeImpl(type, mapper)); } } return new NodeTypeIteratorAdapter(list); }
EffectiveNodeTypeImpl( NodeTypeImpl primary, NodeTypeImpl[] mixins, ReadOnlyNodeTypeManager ntMgr) { this.ntMgr = ntMgr; this.valueFactory = new PartialValueFactory(ntMgr.getNamePathMapper()); addNodeType(checkNotNull(primary)); for (NodeTypeImpl mixin : checkNotNull(mixins)) { addNodeType(mixin); } if (!nodeTypes.containsKey(NT_BASE)) { try { nodeTypes.put( NT_BASE, (NodeTypeImpl) ntMgr.getNodeType(NT_BASE)); // FIXME } catch (RepositoryException e) { // TODO: ignore/warning/error? } } }
@Test public void testRemovePolicyRemovesMixin() throws Exception { ReadOnlyNodeTypeManager ntMgr = ReadOnlyNodeTypeManager.getInstance(root, NamePathMapper.DEFAULT); CugPolicy cug = getApplicableCug(SUPPORTED_PATH); cugAccessControlManager.setPolicy(SUPPORTED_PATH, cug); root.commit(); assertTrue(ntMgr.isNodeType(root.getTree(SUPPORTED_PATH), MIX_REP_CUG_MIXIN)); cugAccessControlManager.removePolicy(SUPPORTED_PATH, cugAccessControlManager.getPolicies(SUPPORTED_PATH)[0]); root.commit(); assertFalse(ntMgr.isNodeType(root.getTree(SUPPORTED_PATH), MIX_REP_CUG_MIXIN)); }
PropertyDefinition mockPropertyDefinition(@NotNull String declaringNt, boolean mv) throws Exception { PropertyDefinition def = Mockito.mock(PropertyDefinition.class); when(def.isMultiple()).thenReturn(mv); when(def.getDeclaringNodeType()).thenReturn(ReadOnlyNodeTypeManager.getInstance(root, getNamePathMapper()).getNodeType(declaringNt)); return def; }
@Test public void testAccessControlItemsAreProtectedByNodeTypeDefinition() throws Exception { ReadOnlyNodeTypeManager ntMgr = ReadOnlyNodeTypeManager.getInstance(root, NamePathMapper.DEFAULT); Tree aTree = root.getTree("/test/a"); Tree policyTree = aTree.getChild(ThreeRolesConstants.REP_3_ROLES_POLICY); NodeDefinition policyDef = ntMgr.getDefinition(aTree, policyTree); assertTrue(policyDef.isProtected()); for (String propName : new String[] {ThreeRolesConstants.REP_READERS, ThreeRolesConstants.REP_EDITORS, ThreeRolesConstants.REP_OWNERS}) { PropertyDefinition propDef = ntMgr.getDefinition(policyTree, policyTree.getProperty(propName), true); assertTrue(propDef.isProtected()); } Repository jcrRepository = buildJcrRepository(); // EXERCISE: test protected status of items using JCR API calls // EXERCISE: verify that the protected status of the access control content is enforced // ... write your code here }
private int getOPV(NodeBuilder node, PropertyState property) throws RepositoryException { if (property.getName().charAt(0) == ':') { // FIXME: handle child order properly return OnParentVersionAction.COPY; } else { return ntMgr.getDefinition(TreeFactory.createReadOnlyTree(node.getNodeState()), property, false).getOnParentVersion(); } }
@NotNull @Override public AccessControlPolicyIterator getApplicablePolicies(@Nullable String absPath) throws RepositoryException { String oakPath = getOakPath(absPath); Tree tree = getTree(oakPath, Permissions.READ_ACCESS_CONTROL, true); AccessControlPolicy policy = null; Tree aclTree = getAclTree(oakPath, tree); if (aclTree == null) { if (tree.hasChild(Util.getAclName(oakPath))) { // policy child node without tree being access controlled log.warn("Colliding policy child without node being access controllable ({}).", absPath); } else { // create an empty acl unless the node is protected or cannot have // mixin set (e.g. due to a lock) String mixinName = Util.getMixinName(oakPath); if (ntMgr.isNodeType(tree, mixinName) || ntMgr.getEffectiveNodeType(tree).supportsMixin(mixinName)) { policy = new NodeACL(oakPath); } else { log.warn("Node {} cannot be made access controllable.", absPath); } } } // else: acl already present -> getPolicies must be used. if (policy == null) { return AccessControlPolicyIteratorAdapter.EMPTY; } else { return new AccessControlPolicyIteratorAdapter(Collections.singleton(policy)); } }
private static List<String> getAllNodeTypes(ReadOnlyNodeTypeManager ntReg) { try { List<String> typeNames = newArrayList(); NodeTypeIterator ntItr = ntReg.getAllNodeTypes(); while (ntItr.hasNext()){ typeNames.add(ntItr.nextNodeType().getName()); } return typeNames; } catch (RepositoryException e) { throw new RuntimeException(e); } }
@NotNull @Override public NodeDefinition getDefinition(@NotNull Tree parent, @NotNull String nodeName) throws RepositoryException { checkNotNull(parent); checkNotNull(nodeName); EffectiveNodeType effective = getEffectiveNodeType(parent); return effective.getNodeDefinition(nodeName, null); }
/** * Returns the internal name for the specified JCR name. * * @param jcrName JCR node type name. * @return the internal representation of the given JCR name. * @throws javax.jcr.RepositoryException If there is no valid internal representation * of the specified JCR name. */ @NotNull protected final String getOakName(String jcrName) throws RepositoryException { return getNamePathMapper().getOakName(jcrName); }
private static void assertAutoCreatedItems(@NotNull Tree authorizableTree, @NotNull String ntName, @NotNull Root root) throws Exception { NodeType repUser = ReadOnlyNodeTypeManager.getInstance(root, NamePathMapper.DEFAULT).getNodeType(ntName); for (NodeDefinition cnd : repUser.getChildNodeDefinitions()) { if (cnd.isAutoCreated()) { assertTrue(authorizableTree.hasChild(cnd.getName())); } } for (PropertyDefinition pd : repUser.getPropertyDefinitions()) { if (pd.isAutoCreated()) { assertTrue(authorizableTree.hasProperty(pd.getName())); } } } }
@Test public void testUserNode() throws Exception { Tree pwdTree = root.getTree(user.getPath()).getChild(UserConstants.REP_PWD); assertTrue(pwdTree.exists()); assertTrue(TreeUtil.isNodeType(pwdTree, UserConstants.NT_REP_PASSWORD, root.getTree(NodeTypeConstants.NODE_TYPES_PATH))); ReadOnlyNodeTypeManager ntMgr = ReadOnlyNodeTypeManager.getInstance(root, getNamePathMapper()); assertTrue(ntMgr.getDefinition(pwdTree.getParent(), pwdTree).isProtected()); PropertyState property = pwdTree.getProperty(UserConstants.REP_PASSWORD_LAST_MODIFIED); assertNotNull(property); assertEquals(Type.LONG, property.getType()); assertTrue(property.getValue(Type.LONG, 0) > 0); // protected properties must not be exposed by User#hasProperty assertFalse(user.hasProperty(UserConstants.REP_PWD + "/" + UserConstants.REP_PASSWORD_LAST_MODIFIED)); }
private void checkProtectedProperty(@NotNull Tree parent, @NotNull PropertyState property) throws RepositoryException { ReadOnlyNodeTypeManager nodeTypeManager = authorizable.getUserManager().getNodeTypeManager(); PropertyDefinition def = nodeTypeManager.getDefinition(parent, property, false); if (def.isProtected()) { throw new ConstraintViolationException( "Attempt to set an protected property " + property.getName()); } }
@NotNull @Override public AccessControlPolicyIterator getApplicablePolicies(@Nullable String absPath) throws RepositoryException { String oakPath = getOakPath(absPath); Tree tree = getTree(oakPath, Permissions.READ_ACCESS_CONTROL, true); AccessControlPolicy policy = null; Tree aclTree = getAclTree(oakPath, tree); if (aclTree == null) { if (tree.hasChild(Util.getAclName(oakPath))) { // policy child node without tree being access controlled log.warn("Colliding policy child without node being access controllable ({}).", absPath); } else { // create an empty acl unless the node is protected or cannot have // mixin set (e.g. due to a lock) String mixinName = Util.getMixinName(oakPath); if (ntMgr.isNodeType(tree, mixinName) || ntMgr.getEffectiveNodeType(tree).supportsMixin(mixinName)) { policy = new NodeACL(oakPath); } else { log.warn("Node {} cannot be made access controllable.", absPath); } } } // else: acl already present -> getPolicies must be used. if (policy == null) { return AccessControlPolicyIteratorAdapter.EMPTY; } else { return new AccessControlPolicyIteratorAdapter(Collections.singleton(policy)); } }
@Override public NodeTypeIterator getAllNodeTypes() throws RepositoryException { List<NodeType> list = Lists.newArrayList(); Tree types = getTypes(); if (types != null) { NamePathMapper mapper = getNamePathMapper(); for (Tree type : types.getChildren()) { list.add(new NodeTypeImpl(type, mapper)); } } return new NodeTypeIteratorAdapter(list); }
EffectiveNodeTypeImpl( NodeTypeImpl primary, NodeTypeImpl[] mixins, ReadOnlyNodeTypeManager ntMgr) { this.ntMgr = ntMgr; this.valueFactory = new PartialValueFactory(ntMgr.getNamePathMapper()); addNodeType(checkNotNull(primary)); for (NodeTypeImpl mixin : checkNotNull(mixins)) { addNodeType(mixin); } if (!nodeTypes.containsKey(NT_BASE)) { try { nodeTypes.put( NT_BASE, (NodeTypeImpl) ntMgr.getNodeType(NT_BASE)); // FIXME } catch (RepositoryException e) { // TODO: ignore/warning/error? } } }
@Override public NodeTypeIterator getPrimaryNodeTypes() throws RepositoryException { List<NodeType> list = Lists.newArrayList(); NodeTypeIterator iterator = getAllNodeTypes(); while (iterator.hasNext()) { NodeType type = iterator.nextNodeType(); if (!type.isMixin()) { list.add(type); } } return new NodeTypeIteratorAdapter(list); }