final MutableCachedNode mutableNode( SessionCache cache, CachedNode node, Path path, String... actions ) throws PathNotFoundException, RepositoryException { return cache.mutable(cachedNode(cache, node, path, actions).getKey()); }
final MutableCachedNode mutableNode( SessionCache cache, CachedNode node, Path path, String... actions ) throws PathNotFoundException, RepositoryException { return cache.mutable(cachedNode(cache, node, path, actions).getKey()); }
final CachedNode cachedNode( Path absolutePath, boolean checkReadPermission ) throws PathNotFoundException, RepositoryException { return checkReadPermission ? cachedNode(cache, getRootNode().node(), absolutePath, ModeShapePermissions.READ) : cachedNode(cache, getRootNode().node(), absolutePath); }
final CachedNode cachedNode( Path absolutePath, boolean checkReadPermission ) throws PathNotFoundException, RepositoryException { return checkReadPermission ? cachedNode(cache, getRootNode().node(), absolutePath, ModeShapePermissions.READ) : cachedNode(cache, getRootNode().node(), absolutePath); }
final AbstractJcrNode node( CachedNode node, Path path ) throws PathNotFoundException, AccessDeniedException, RepositoryException { CachedNode child = cachedNode(cache, node, path, ModeShapePermissions.READ); AbstractJcrNode result = node(child, (Type)null, null); if (result.isShareable()) { // Find the shared node with the desired path ... AbstractJcrNode atOrBelow = result.sharedSet().getSharedNodeAtOrBelow(path); if (atOrBelow != null) result = atOrBelow; } return result; }
final AbstractJcrNode node( CachedNode node, Path path ) throws PathNotFoundException, AccessDeniedException, RepositoryException { CachedNode child = cachedNode(cache, node, path, ModeShapePermissions.READ); AbstractJcrNode result = node(child, (Type)null, null); if (result.isShareable()) { // Find the shared node with the desired path ... AbstractJcrNode atOrBelow = result.sharedSet().getSharedNodeAtOrBelow(path); if (atOrBelow != null) result = atOrBelow; } return result; }
boolean searchParents ) throws PathNotFoundException, RepositoryException { CachedNode startingNode = session.cachedNode(session.pathFactory().create(absPath), false); SessionCache sessionCache = session.cache(); Map<String, Set<String>> permissions = startingNode.getPermissions(sessionCache);
boolean searchParents ) throws PathNotFoundException, RepositoryException { CachedNode startingNode = session.cachedNode(session.pathFactory().create(absPath), false); SessionCache sessionCache = session.cache(); Map<String, Set<String>> permissions = startingNode.getPermissions(sessionCache);
@Override public void setPolicy( String absPath, AccessControlPolicy policy ) throws PathNotFoundException, AccessControlException, AccessDeniedException, LockException, VersionException, RepositoryException { if (session.isReadOnly()) { throw new AccessDeniedException(JcrI18n.permissionDenied.text(absPath, "read access control content")); } if (!hasPrivileges(absPath, new Privilege[] {privileges.forName(Privilege.JCR_MODIFY_ACCESS_CONTROL)})) { throw new AccessDeniedException(JcrI18n.permissionDenied.text(absPath, "modify access control content")); } // we support only access list then cast policy to access list if (!(policy instanceof JcrAccessControlList)) { throw new AccessControlException("Invalid policy class (expected JcrAccessControlList): " + policy.getClass().getSimpleName()); } JcrAccessControlList acl = (JcrAccessControlList)policy; Map<String, Set<String>> privilegesByPrincipalName = privilegesByPrincipalName(acl); try { CachedNode cacheNode = session.cachedNode(session.pathFactory().create(absPath), false); SessionCache cache = session.cache(); MutableCachedNode mutableNode = cache.mutable(cacheNode.getKey()); MutableCachedNode.PermissionChanges permissionChanges = mutableNode.setPermissions(cache, privilegesByPrincipalName); session.aclAdded(permissionChanges.addedPrincipalsCount()); session.aclRemoved(permissionChanges.removedPrincipalsCount()); } catch (UnsupportedOperationException e) { throw new RepositoryException(e); } }
@Override public void setPolicy( String absPath, AccessControlPolicy policy ) throws PathNotFoundException, AccessControlException, AccessDeniedException, LockException, VersionException, RepositoryException { if (session.isReadOnly()) { throw new AccessDeniedException(JcrI18n.permissionDenied.text(absPath, "read access control content")); } if (!hasPrivileges(absPath, new Privilege[] {privileges.forName(Privilege.JCR_MODIFY_ACCESS_CONTROL)})) { throw new AccessDeniedException(JcrI18n.permissionDenied.text(absPath, "modify access control content")); } // we support only access list then cast policy to access list if (!(policy instanceof JcrAccessControlList)) { throw new AccessControlException("Invalid policy class (expected JcrAccessControlList): " + policy.getClass().getSimpleName()); } JcrAccessControlList acl = (JcrAccessControlList)policy; Map<String, Set<String>> privilegesByPrincipalName = privilegesByPrincipalName(acl); try { CachedNode cacheNode = session.cachedNode(session.pathFactory().create(absPath), false); SessionCache cache = session.cache(); MutableCachedNode mutableNode = cache.mutable(cacheNode.getKey()); MutableCachedNode.PermissionChanges permissionChanges = mutableNode.setPermissions(cache, privilegesByPrincipalName); session.aclAdded(permissionChanges.addedPrincipalsCount()); session.aclRemoved(permissionChanges.removedPrincipalsCount()); } catch (UnsupportedOperationException e) { throw new RepositoryException(e); } }
@Override public boolean propertyExists( String absPath ) throws RepositoryException { checkLive(); CheckArg.isNotEmpty(absPath, "absPath"); Path path = absolutePathFor(absPath); // Check the kind of path ... if (path.isRoot() || path.isIdentifier()) { // These are not properties ... return false; } // There is at least one segment ... Segment lastSegment = path.getLastSegment(); if (lastSegment.hasIndex()) { throw new RepositoryException(JcrI18n.pathCannotHaveSameNameSiblingIndex.text(absPath)); } try { // This will throw a PNFE if the parent path does not exist CachedNode parentNode = cachedNode(path.getParent(), true); return parentNode != null && parentNode.hasProperty(lastSegment.getName(), cache()); } catch (PathNotFoundException e) { return false; } }
@Override public boolean propertyExists( String absPath ) throws RepositoryException { checkLive(); CheckArg.isNotEmpty(absPath, "absPath"); Path path = absolutePathFor(absPath); // Check the kind of path ... if (path.isRoot() || path.isIdentifier()) { // These are not properties ... return false; } // There is at least one segment ... Segment lastSegment = path.getLastSegment(); if (lastSegment.hasIndex()) { throw new RepositoryException(JcrI18n.pathCannotHaveSameNameSiblingIndex.text(absPath)); } try { // This will throw a PNFE if the parent path does not exist CachedNode parentNode = cachedNode(path.getParent(), true); return parentNode != null && parentNode.hasProperty(lastSegment.getName(), cache()); } catch (PathNotFoundException e) { return false; } }
@Override public AccessControlPolicyIterator getApplicablePolicies( String absPath ) throws PathNotFoundException, AccessDeniedException, RepositoryException { if (session.isReadOnly()) { throw new AccessDeniedException(JcrI18n.permissionDenied.text(absPath, "read access control content")); } JcrAccessControlList acl = getApplicableACL(absPath); if (!acl.isEmpty() && !acl.hasPrivileges(securityContext(), new Privilege[] {privileges.forName(Privilege.JCR_READ_ACCESS_CONTROL)})) { throw new AccessDeniedException(); } CachedNode node = session.cachedNode(session.pathFactory().create(absPath), false); if (node.hasACL(session.cache())) { // we only support 1 ACL per node; therefore if the node already has an ACL, we don't want to allow any additional // ones return AccessControlPolicyIteratorImpl.EMPTY; } // the node doesn't have an ACL yet, so return a new, empty ACL which can be used by clients to set privileges return new AccessControlPolicyIteratorImpl(new JcrAccessControlList(absPath)); }
@Override public void removePolicy( String absPath, AccessControlPolicy policy ) throws PathNotFoundException, AccessControlException, AccessDeniedException, LockException, VersionException, RepositoryException { if (session.isReadOnly()) { throw new AccessDeniedException(JcrI18n.permissionDenied.text(absPath, "read access control content")); } if (!hasPrivileges(absPath, new Privilege[] {privileges.forName(Privilege.JCR_MODIFY_ACCESS_CONTROL)})) { throw new AccessDeniedException(JcrI18n.permissionDenied.text(absPath, "modify access control content")); } try { CachedNode cacheNode = session.cachedNode(session.pathFactory().create(absPath), false); SessionCache cache = session.cache(); MutableCachedNode mutableNode = cache.mutable(cacheNode.getKey()); MutableCachedNode.PermissionChanges permissionChanges = mutableNode.removeACL(cache); session.aclRemoved(permissionChanges.removedPrincipalsCount()); } catch (UnsupportedOperationException e) { throw new RepositoryException(e); } }
@Override public AccessControlPolicyIterator getApplicablePolicies( String absPath ) throws PathNotFoundException, AccessDeniedException, RepositoryException { if (session.isReadOnly()) { throw new AccessDeniedException(JcrI18n.permissionDenied.text(absPath, "read access control content")); } JcrAccessControlList acl = getApplicableACL(absPath); if (!acl.isEmpty() && !acl.hasPrivileges(securityContext(), new Privilege[] {privileges.forName(Privilege.JCR_READ_ACCESS_CONTROL)})) { throw new AccessDeniedException(); } CachedNode node = session.cachedNode(session.pathFactory().create(absPath), false); if (node.hasACL(session.cache())) { // we only support 1 ACL per node; therefore if the node already has an ACL, we don't want to allow any additional // ones return AccessControlPolicyIteratorImpl.EMPTY; } // the node doesn't have an ACL yet, so return a new, empty ACL which can be used by clients to set privileges return new AccessControlPolicyIteratorImpl(new JcrAccessControlList(absPath)); }
@Override public void removePolicy( String absPath, AccessControlPolicy policy ) throws PathNotFoundException, AccessControlException, AccessDeniedException, LockException, VersionException, RepositoryException { if (session.isReadOnly()) { throw new AccessDeniedException(JcrI18n.permissionDenied.text(absPath, "read access control content")); } if (!hasPrivileges(absPath, new Privilege[] {privileges.forName(Privilege.JCR_MODIFY_ACCESS_CONTROL)})) { throw new AccessDeniedException(JcrI18n.permissionDenied.text(absPath, "modify access control content")); } try { CachedNode cacheNode = session.cachedNode(session.pathFactory().create(absPath), false); SessionCache cache = session.cache(); MutableCachedNode mutableNode = cache.mutable(cacheNode.getKey()); MutableCachedNode.PermissionChanges permissionChanges = mutableNode.removeACL(cache); session.aclRemoved(permissionChanges.removedPrincipalsCount()); } catch (UnsupportedOperationException e) { throw new RepositoryException(e); } }