View Javadoc

1   /**
2    * This file Copyright (c) 2003-2013 Magnolia International
3    * Ltd.  (http://www.magnolia-cms.com). All rights reserved.
4    *
5    *
6    * This file is dual-licensed under both the Magnolia
7    * Network Agreement and the GNU General Public License.
8    * You may elect to use one or the other of these licenses.
9    *
10   * This file is distributed in the hope that it will be
11   * useful, but AS-IS and WITHOUT ANY WARRANTY; without even the
12   * implied warranty of MERCHANTABILITY or FITNESS FOR A
13   * PARTICULAR PURPOSE, TITLE, or NONINFRINGEMENT.
14   * Redistribution, except as permitted by whichever of the GPL
15   * or MNA you select, is prohibited.
16   *
17   * 1. For the GPL license (GPL), you can redistribute and/or
18   * modify this file under the terms of the GNU General
19   * Public License, Version 3, as published by the Free Software
20   * Foundation.  You should have received a copy of the GNU
21   * General Public License, Version 3 along with this program;
22   * if not, write to the Free Software Foundation, Inc., 51
23   * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
24   *
25   * 2. For the Magnolia Network Agreement (MNA), this file
26   * and the accompanying materials are made available under the
27   * terms of the MNA which accompanies this distribution, and
28   * is available at http://www.magnolia-cms.com/mna.html
29   *
30   * Any modifications to this file must keep this entire header
31   * intact.
32   *
33   */
34  package info.magnolia.setup;
35  
36  import info.magnolia.commands.impl.MarkNodeAsDeletedCommand;
37  import info.magnolia.jcr.util.NodeTypes;
38  import info.magnolia.module.AbstractModuleVersionHandler;
39  import info.magnolia.module.InstallContext;
40  import info.magnolia.module.delta.AddURIPermissionTask;
41  import info.magnolia.module.delta.ArrayDelegateTask;
42  import info.magnolia.module.delta.BootstrapConditionally;
43  import info.magnolia.module.delta.BootstrapSingleModuleResource;
44  import info.magnolia.module.delta.BootstrapSingleResource;
45  import info.magnolia.module.delta.CheckAndModifyPropertyValueTask;
46  import info.magnolia.module.delta.Condition;
47  import info.magnolia.module.delta.CreateNodeTask;
48  import info.magnolia.module.delta.DeltaBuilder;
49  import info.magnolia.module.delta.FindAndChangeTemplateIdTask;
50  import info.magnolia.module.delta.MoveAndRenamePropertyTask;
51  import info.magnolia.module.delta.NoSameNameSiblingsCondition;
52  import info.magnolia.module.delta.NodeExistsDelegateTask;
53  import info.magnolia.module.delta.OrderFilterBeforeTask;
54  import info.magnolia.module.delta.PartialBootstrapTask;
55  import info.magnolia.module.delta.PropertyExistsDelegateTask;
56  import info.magnolia.module.delta.RemoveNodeTask;
57  import info.magnolia.module.delta.RemovePermissionTask;
58  import info.magnolia.module.delta.Task;
59  import info.magnolia.module.delta.TextFileConditionsUtil;
60  import info.magnolia.module.delta.WarnTask;
61  import info.magnolia.module.delta.WebXmlConditionsUtil;
62  import info.magnolia.module.delta.WorkspaceXmlConditionsUtil;
63  import info.magnolia.repository.RepositoryConstants;
64  import info.magnolia.setup.for5_0.CheckOrCreateLastActivatedPropertyTask;
65  import info.magnolia.setup.for5_0.ConvertMetaDataUpdateTask;
66  import info.magnolia.setup.for5_0.Register50NodeTypeTask;
67  import info.magnolia.setup.for5_0.RemoveMetaDataInNodeTypeDefinitionTask;
68  import info.magnolia.setup.for5_2.GrantReadPermissionToRolesTask;
69  import info.magnolia.setup.for5_2.IsNotAProblematicEnvironmentCondition;
70  import info.magnolia.setup.for5_2.RemoveOpenWFEPermissionsTask;
71  import info.magnolia.setup.initial.GenericTasks;
72  
73  import java.util.ArrayList;
74  import java.util.List;
75  
76  import javax.jcr.ImportUUIDBehavior;
77  
78  /**
79   * Special VersionHandler for the core module. As it does not extend {@link info.magnolia.module.DefaultModuleVersionHandler} it has a special getBasicInstallTasks(InstallContext) that
80   * e.g. will not automatically bootstrap xml-files placed in mgnl-bootstrap/core.
81   */
82  public class CoreModuleVersionHandler extends AbstractModuleVersionHandler {
83      public static final String BOOTSTRAP_AUTHOR_INSTANCE_PROPERTY = "magnolia.bootstrap.authorInstance";
84  
85      // TODO : why is this a BootstrapConditionally and not a BootstrapSingleResource ?
86      private final BootstrapConditionally auditTrailManagerTask = new BootstrapConditionally("New auditory log configuration", "Install new configuration for auditory log manager.", "/mgnl-bootstrap/core/config.server.auditLogging.xml");
87      private final BootstrapSingleResource bootstrapFreemarker = new BootstrapSingleResource("Freemarker configuration", "Freemarker template loaders can now be configured in Magnolia. Adds default configuration", "/mgnl-bootstrap/core/config.server.rendering.freemarker.xml");
88      private final CreateNodeTask addFreemarkerSharedVariables = new CreateNodeTask("Freemarker configuration", "Adds sharedVariables node to the Freemarker configuration",
89              RepositoryConstants.CONFIG, "/server/rendering/freemarker", "sharedVariables", NodeTypes.ContentNode.NAME);
90      private final BootstrapSingleResource bootstrapWebContainerResources = new BootstrapSingleResource("Web container resources configuration", "Global configuration which resources are not meant to be handled by Magnolia. For instance JSP files.", "/mgnl-bootstrap/core/config.server.webContainerResources.xml");
91      private final BootstrapSingleModuleResource bootstrapChannelManagement = new BootstrapSingleModuleResource("ChannelManagement configuration", "", "config.server.rendering.channelManagement.xml");
92  
93      private final BootstrapSingleModuleResource bootstrapChannelFilter = new BootstrapSingleModuleResource("ChannelFilter configuration", "", "config.server.filters.channel.xml");
94      private final Task placeChannelBeforeLogout = new OrderFilterBeforeTask("channel", new String[] { "logout" });
95      private final Task updateSecurityBaseRole = updateSecurityBaseRole();
96  
97      private Task updateSecurityBaseRole() {
98          ArrayDelegateTask permissionsTask = new ArrayDelegateTask("Update security-base role", "Disallow access to view configuration/tools pages");
99          permissionsTask.addTask(new RemovePermissionTask("", "", "security-base", "uri", "/.magnolia/pages/installedModulesList.html", AddURIPermissionTask.DENY));
100         permissionsTask.addTask(new RemovePermissionTask("", "", "security-base", "uri", "/.magnolia/pages/jcrUtils.html", AddURIPermissionTask.DENY));
101         permissionsTask.addTask(new RemovePermissionTask("", "", "security-base", "uri", "/.magnolia/pages/configuration.html", AddURIPermissionTask.DENY));
102         permissionsTask.addTask(new RemovePermissionTask("", "", "security-base", "uri", "/.magnolia/pages/logViewer.html", AddURIPermissionTask.DENY));
103         permissionsTask.addTask(new RemovePermissionTask("", "", "security-base", "uri", "/.magnolia/pages/sendMail.html", AddURIPermissionTask.DENY));
104         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/installedModulesList*", AddURIPermissionTask.DENY));
105         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/jcrUtils*", AddURIPermissionTask.DENY));
106         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/configuration*", AddURIPermissionTask.DENY));
107         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/logViewer*", AddURIPermissionTask.DENY));
108         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/sendMail*", AddURIPermissionTask.DENY));
109 
110         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/users*", AddURIPermissionTask.DENY));
111         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/import*", AddURIPermissionTask.DENY));
112         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/export*", AddURIPermissionTask.DENY));
113         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/messages*", AddURIPermissionTask.DENY));
114         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/permission*", AddURIPermissionTask.DENY));
115         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/developmentUtils*", AddURIPermissionTask.DENY));
116         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/activationTools*", AddURIPermissionTask.DENY));
117         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/migrationReport*", AddURIPermissionTask.DENY));
118         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/backup*", AddURIPermissionTask.DENY));
119         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/activationMonitor*", AddURIPermissionTask.DENY));
120         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/installedModulesList*", AddURIPermissionTask.DENY));
121         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/allModulesList*", AddURIPermissionTask.DENY));
122         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/cacheTools*", AddURIPermissionTask.DENY));
123         permissionsTask.addTask(new AddURIPermissionTask("", "", "security-base", "/.magnolia/pages/flows*", AddURIPermissionTask.DENY));
124         return permissionsTask;
125     }
126 
127     public CoreModuleVersionHandler() {
128         super();
129 
130         register(DeltaBuilder.checkPrecondition("4.5", "5.0"));
131 
132         register(DeltaBuilder.update("4.5.2", "")
133                 .addTask(new PropertyExistsDelegateTask("Fix property name", "", RepositoryConstants.CONFIG, "/server/security/userManagers/system", "realName", new MoveAndRenamePropertyTask("Fix propertyName", "/server/security/userManagers/system", "realName", "/server/security/userManagers/system", "realmName")))
134                 .addTask(new PropertyExistsDelegateTask("Fix property name", "", RepositoryConstants.CONFIG, "/server/security/userManagers/admin", "realName", new MoveAndRenamePropertyTask("Fix propertyName", "/server/security/userManagers/admin", "realName", "/server/security/userManagers/admin", "realmName"))));
135 
136         register((DeltaBuilder.update("4.5.9", ""))
137                 .addTask(new NodeExistsDelegateTask("AuditLogging configurations", "Add auditLogging configurations for delete action", "config", "/server/auditLogging/logConfigurations/delete", null, new PartialBootstrapTask("", "", "/mgnl-bootstrap/core/config.server.auditLogging.xml", "/auditLogging/logConfigurations/delete", ImportUUIDBehavior.IMPORT_UUID_CREATE_NEW)))
138                 .addTask(new CheckAndModifyPropertyValueTask("AuditLogging configurations", "Change auditLogging class", "config", "/server/auditLogging", "class", "info.magnolia.logging.AuditLoggingManager", "info.magnolia.audit.AuditLoggingManager"))
139                 .addTask(updateSecurityBaseRole));
140         register(DeltaBuilder.update("5.0", "")
141                 .addTask(new Register50NodeTypeTask("Register the new M5 node Type", "", RepositoryConstants.CONFIG))
142                 .addTask(new RemoveMetaDataInNodeTypeDefinitionTask("Un register the metaData child node", "", RepositoryConstants.CONFIG))
143                 .addTask(new ConvertMetaDataUpdateTask("Convert MetaData Task", "Remove the metaData sub node and replace them with mixIn when appropriate"))
144                 .addTask(new RemoveNodeTask("Remove PageEditorServlet", "Remove obsolete PageEditorServlet configuration.", RepositoryConstants.CONFIG, "/server/filters/servlets/PageEditorServlet"))
145                 .addTask(new RemoveNodeTask("Remove obsolete 'templating-editor' configuration", "", RepositoryConstants.CONFIG, "/modules/magnolia-templating-editor"))
146                 .addTask(new PartialBootstrapTask("Bootstrap link transformers", "Bootstrap 'server/rendering/linkManagement/transformers", "/mgnl-bootstrap/core/config.server.rendering.linkManagement.xml", "/linkManagement/transformers")));
147         register((DeltaBuilder.update("5.0.1", ""))
148                 .addTask(new CheckAndModifyPropertyValueTask("MIMEMapping", "Change xsl extension mime-type from text/xml to application/xml", RepositoryConstants.CONFIG, "/server/MIMEMapping/xsl", "mime-type", "text/xml", "application/xml"))
149                 .addTask(new CheckAndModifyPropertyValueTask("MIMEMapping", "Change xml extension mime-type from text/xml to application/xml", RepositoryConstants.CONFIG, "/server/MIMEMapping/xml", "mime-type", "text/xml", "application/xml")));
150         register((DeltaBuilder.update("5.0.3", ""))
151                 .addTask(new PartialBootstrapTask("JSON", "Add JSON mime-type", "/mgnl-bootstrap/core/config.server.MIMEMapping.xml", "/MIMEMapping/json")));
152         register((DeltaBuilder.update("5.1", ""))
153                 .addTask(new WarnTask("respectOrderDocument parameter", "As of Magnolia 5.1, the respectOrderDocument parameter has been reintroduced in repo config files and set to true by default. You will need to set it manually for each workspace in your installation. Please, refer to the release notes for more details."))
154                 .addTask(new RemoveNodeTask("Remove intercept filter", "Removes no longer used intercept filter.", RepositoryConstants.CONFIG, "/server/filters/cms/intercept")));
155         register((DeltaBuilder.update("5.1.1", ""))
156                 .addTask(new NodeExistsDelegateTask("Set mgnl:lastActivated date of the user superuser", "Set mgnl:lastActivated date of the user superuser (if not set yet)", RepositoryConstants.USERS, "/system/superuser",
157                         new CheckOrCreateLastActivatedPropertyTask("", "", RepositoryConstants.USERS, "/system/superuser")))
158                 .addTask(new NodeExistsDelegateTask("Set mgnl:lastActivated date of the user anonymous", "Set mgnl:lastActivated date of the user anonymous (if not set yet)", RepositoryConstants.USERS, "/system/anonymous",
159                         new CheckOrCreateLastActivatedPropertyTask("", "", RepositoryConstants.USERS, "/system/anonymous")))
160                 .addTask(new NodeExistsDelegateTask("Set mgnl:lastActivated date of the superuser role", "Set mgnl:lastActivated date of the superuser role (if not set yet)", RepositoryConstants.USER_ROLES, "/superuser",
161                         new CheckOrCreateLastActivatedPropertyTask("", "", RepositoryConstants.USER_ROLES, "/superuser")))
162                 .addTask(new NodeExistsDelegateTask("Set mgnl:lastActivated date of the anonymous role", "Set mgnl:lastActivated date of the anonymous role (if not set yet)", RepositoryConstants.USER_ROLES, "/anonymous",
163                         new CheckOrCreateLastActivatedPropertyTask("", "", RepositoryConstants.USER_ROLES, "/anonymous")))
164                 .addTask(new NodeExistsDelegateTask("Set mgnl:lastActivated date of the security-base role", "Set mgnl:lastActivated date of the security-base role (if not set yet)", RepositoryConstants.USER_ROLES, "/security-base",
165                         new CheckOrCreateLastActivatedPropertyTask("", "", RepositoryConstants.USER_ROLES, "/security-base")))
166                 .addTask(new FindAndChangeTemplateIdTask("Change template id mgnlDelete", "Change template id mgnlDeleted to ui-admincentral:deleted for all content marked as deleted in website repository", RepositoryConstants.WEBSITE, "mgnlDeleted", MarkNodeAsDeletedCommand.DELETED_NODE_TEMPLATE))
167                 .addTask(new FindAndChangeTemplateIdTask("Change template id adminInterface:mgnlDeleted", "Change template id adminInterface:mgnlDeleted to ui-admincentral:deleted for all content marked as deleted in website repository", RepositoryConstants.WEBSITE, "adminInterface:mgnlDeleted", MarkNodeAsDeletedCommand.DELETED_NODE_TEMPLATE)));
168         register((DeltaBuilder.update("5.1.2", ""))
169                 .addTask(new ChangeNodeTypeOfSubAppsTask("Change primary node type of subapps", "If primary node type of subapps node is set to " + NodeTypes.Content.NAME + " then change it to " + NodeTypes.ContentNode.NAME))
170                 .addTask(new PartialBootstrapTask("Anonymous user", "Change anonymous user permission. He can't have write access to himself.", "/mgnl-bootstrap/core/users.system.anonymous.xml", "/anonymous/acl_users")));
171         register((DeltaBuilder.update("5.2.1", ""))
172                 .addTask(new RemoveOpenWFEPermissionsTask("Find and remove all openWFE permissions from the userroles workspace", ""))
173                 .addTask(new GrantReadPermissionToRolesTask("Set read-permission to role itself", "If a role do not have a read permission to itself, add it")));
174     }
175 
176     @Override
177     protected List<Task> getBasicInstallTasks(InstallContext ctx) {
178         final List<Task> tasks = new ArrayList<Task>();
179         tasks.addAll(GenericTasks.genericTasksForNewInstallation());
180         tasks.add(auditTrailManagerTask);
181         tasks.add(bootstrapFreemarker);
182         tasks.add(addFreemarkerSharedVariables);
183         tasks.add(bootstrapWebContainerResources);
184         tasks.add(new BootstrapConditionally("Security", "Bootstraps security-base role.", "/mgnl-bootstrap/core/userroles.security-base.xml"));
185         // always hash passwords. Task will not re-hash so it is safe to run this op at any time, multiple times.
186         tasks.add(new HashUsersPasswords());
187         tasks.add(bootstrapChannelManagement);
188         tasks.add(bootstrapChannelFilter);
189         tasks.add(placeChannelBeforeLogout);
190 
191         return tasks;
192     }
193 
194     @Override
195     protected List<Condition> getInstallConditions() {
196         final ArrayList<Condition> conditions = new ArrayList<Condition>();
197 
198         conditions.add(new IsNotAProblematicEnvironmentCondition());
199 
200         final WebXmlConditionsUtil u = new WebXmlConditionsUtil(conditions);
201         u.servletIsNowWrapped("ActivationHandler");
202         u.servletIsNowWrapped("AdminTreeServlet");
203         u.servletIsNowWrapped("classpathspool");
204         u.servletIsNowWrapped("DialogServlet");
205         u.servletIsNowWrapped("PageServlet");
206         u.servletIsNowWrapped("log4j");
207         u.servletIsNowWrapped("FCKEditorSimpleUploadServlet");
208         u.servletIsDeprecated("uuidRequestDispatcher");
209         u.filterIsDeprecated("info.magnolia.cms.filters.MagnoliaManagedFilter", "info.magnolia.cms.filters.MgnlMainFilter");
210         u.filterMustBeRegisteredWithCorrectDispatchers("info.magnolia.cms.filters.MgnlMainFilter");
211         u.listenerIsDeprecated("info.magnolia.cms.servlets.PropertyInitializer", "info.magnolia.cms.servlets.MgnlServletContextListener");
212         u.listenerIsDeprecated("info.magnolia.cms.beans.config.ShutdownManager", "info.magnolia.cms.servlets.MgnlServletContextListener");
213         final WorkspaceXmlConditionsUtil u2 = new WorkspaceXmlConditionsUtil(conditions);
214         u2.textFilterClassesAreNotSet();
215 
216         conditions.add(new SystemTmpDirCondition());
217         conditions.add(new NoSameNameSiblingsCondition());
218 
219         return conditions;
220     }
221 
222     private List<Condition> get45ConfigFileConditions() {
223         List<Condition> conditions = new ArrayList<Condition>();
224 
225         final TextFileConditionsUtil u = new TextFileConditionsUtil(conditions);
226         u.addFalseConditionIfExpressionIsContained(System.getProperty("java.security.auth.login.config"), "^Jackrabbit.*");
227 
228         final WorkspaceXmlConditionsUtil u2 = new WorkspaceXmlConditionsUtil(conditions);
229         u2.textFilterClassesAreNotSet();
230         u2.paramAnalyzerIsNotSet();
231         u2.accessControlProviderIsSet();
232 
233         return conditions;
234     }
235 
236 }