1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.setup.for3_6_2;
35
36 import info.magnolia.cms.beans.config.ContentRepository;
37 import info.magnolia.cms.core.Content;
38 import info.magnolia.cms.core.ItemType;
39 import info.magnolia.cms.core.Path;
40 import info.magnolia.cms.security.Permission;
41 import info.magnolia.cms.util.NodeTypeFilter;
42 import info.magnolia.module.InstallContext;
43 import info.magnolia.module.delta.AllChildrenNodesOperation;
44 import info.magnolia.module.delta.TaskExecutionException;
45
46 import java.util.Iterator;
47
48 import javax.jcr.RepositoryException;
49
50 import org.slf4j.Logger;
51 import org.slf4j.LoggerFactory;
52
53
54
55
56
57
58
59
60 public class UpdateRoles extends AllChildrenNodesOperation {
61
62 private static Logger log = LoggerFactory.getLogger(UpdateRoles.class);
63
64 public UpdateRoles() {
65 super("Roles definition update", "Adds right to read their own node to all existing roles.", ContentRepository.USER_ROLES, "/", new NodeTypeFilter(ItemType.ROLE));
66 }
67
68 public void operateOnChildNode(Content role, InstallContext installContext)
69 throws RepositoryException, TaskExecutionException {
70 try {
71 String handle = role.getHandle();
72 boolean hasAccess = false;
73 Content acls = role.getChildByName("acl_roles");
74 if (acls == null) {
75 acls = role.createContent("acl_roles", ItemType.CONTENTNODE);
76 role.save();
77 }
78 Iterator iter2 = acls.getChildren().iterator();
79 while (iter2.hasNext()) {
80 Content permission = (Content)iter2.next();
81 if (handle.equals(permission.getNodeData("path").getString()) && (permission.getNodeData("permissions").getLong() >= Permission.READ)) {
82 hasAccess = true;
83 break;
84 }
85 }
86 if (!hasAccess) {
87 Content acl = acls.createContent(Path.getUniqueLabel(installContext.getHierarchyManager(ContentRepository.USER_ROLES), acls.getHandle(), "0"), ItemType.CONTENTNODE);
88 acl.createNodeData("path", handle);
89 acl.createNodeData("permissions", new Long(Permission.READ));
90 acls.save();
91 }
92
93 if ("base".equals(role.getName())) {
94
95 Iterator iter = role.getChildren(ItemType.CONTENTNODE).iterator();
96 while (iter.hasNext()) {
97 Content acl = (Content) iter.next();
98 Iterator iter3 = acl.getChildren().iterator();
99 boolean found = false;
100 while (iter3.hasNext()) {
101 Content permission = (Content) iter3.next();
102 if ("/*".equals(permission.getNodeData("path").getString())) {
103 found = true;
104 break;
105 }
106 }
107 if (!found) {
108 Content permission = acl.createContent(Path.getUniqueLabel(installContext.getHierarchyManager(ContentRepository.USER_ROLES), acl.getHandle(), "0"), ItemType.CONTENTNODE);
109 permission.createNodeData("path", "/");
110 permission.createNodeData("permissions", new Long(Permission.READ));
111 acl.save();
112 permission = acl.createContent(Path.getUniqueLabel(installContext.getHierarchyManager(ContentRepository.USER_ROLES), acl.getHandle(), "0"), ItemType.CONTENTNODE);
113 permission.createNodeData("path", "/*");
114 permission.createNodeData("permissions", new Long(Permission.NONE));
115 acl.save();
116 }
117 }
118 }
119
120 } catch (RepositoryException e) {
121 log.error(e.getMessage(), e);
122 throw new TaskExecutionException("Failed to update user permissions. See log file for more details.");
123 }
124 }
125 }