1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.setup.for3_6_2;
35
36 import info.magnolia.cms.core.Content;
37 import info.magnolia.cms.core.ItemType;
38 import info.magnolia.cms.core.Path;
39 import info.magnolia.cms.security.Permission;
40 import info.magnolia.cms.util.NodeTypeFilter;
41 import info.magnolia.module.InstallContext;
42 import info.magnolia.module.delta.AllChildrenNodesOperation;
43 import info.magnolia.module.delta.TaskExecutionException;
44 import info.magnolia.repository.RepositoryConstants;
45
46 import java.util.Iterator;
47
48 import javax.jcr.RepositoryException;
49
50 import org.slf4j.Logger;
51 import org.slf4j.LoggerFactory;
52
53
54
55
56
57
58
59
60 public class UpdateRoles extends AllChildrenNodesOperation {
61
62 private static Logger log = LoggerFactory.getLogger(UpdateRoles.class);
63
64 public UpdateRoles() {
65 super("Roles definition update", "Adds right to read their own node to all existing roles.", RepositoryConstants.USER_ROLES, "/", new NodeTypeFilter(ItemType.ROLE));
66 }
67
68 @Override
69 public void operateOnChildNode(Content role, InstallContext installContext)
70 throws RepositoryException, TaskExecutionException {
71 try {
72 String handle = role.getHandle();
73 boolean hasAccess = false;
74 Content acls = role.getChildByName("acl_roles");
75 if (acls == null) {
76 acls = role.createContent("acl_roles", ItemType.CONTENTNODE);
77 role.save();
78 }
79 Iterator iter2 = acls.getChildren().iterator();
80 while (iter2.hasNext()) {
81 Content permission = (Content)iter2.next();
82 if (handle.equals(permission.getNodeData("path").getString()) && (permission.getNodeData("permissions").getLong() >= Permission.READ)) {
83 hasAccess = true;
84 break;
85 }
86 }
87 if (!hasAccess) {
88 Content acl = acls.createContent(Path.getUniqueLabel(installContext.getHierarchyManager(RepositoryConstants.USER_ROLES), acls.getHandle(), "0"), ItemType.CONTENTNODE);
89 acl.createNodeData("path", handle);
90 acl.createNodeData("permissions", new Long(Permission.READ));
91 acls.save();
92 }
93
94 if ("base".equals(role.getName())) {
95
96 Iterator iter = role.getChildren(ItemType.CONTENTNODE).iterator();
97 while (iter.hasNext()) {
98 Content acl = (Content) iter.next();
99 Iterator iter3 = acl.getChildren().iterator();
100 boolean found = false;
101 while (iter3.hasNext()) {
102 Content permission = (Content) iter3.next();
103 if ("/*".equals(permission.getNodeData("path").getString())) {
104 found = true;
105 break;
106 }
107 }
108 if (!found) {
109 Content permission = acl.createContent(Path.getUniqueLabel(installContext.getHierarchyManager(RepositoryConstants.USER_ROLES), acl.getHandle(), "0"), ItemType.CONTENTNODE);
110 permission.createNodeData("path", "/");
111 permission.createNodeData("permissions", new Long(Permission.READ));
112 acl.save();
113 permission = acl.createContent(Path.getUniqueLabel(installContext.getHierarchyManager(RepositoryConstants.USER_ROLES), acl.getHandle(), "0"), ItemType.CONTENTNODE);
114 permission.createNodeData("path", "/*");
115 permission.createNodeData("permissions", Long.valueOf(Permission.NONE));
116 acl.save();
117 }
118 }
119 }
120
121 } catch (RepositoryException e) {
122 log.error(e.getMessage(), e);
123 throw new TaskExecutionException("Failed to update user permissions. See log file for more details.");
124 }
125 }
126 }