View Javadoc
1   /**
2    * This file Copyright (c) 2016 Magnolia International
3    * Ltd.  (http://www.magnolia-cms.com). All rights reserved.
4    *
5    *
6    * This file is dual-licensed under both the Magnolia
7    * Network Agreement and the GNU General Public License.
8    * You may elect to use one or the other of these licenses.
9    *
10   * This file is distributed in the hope that it will be
11   * useful, but AS-IS and WITHOUT ANY WARRANTY; without even the
12   * implied warranty of MERCHANTABILITY or FITNESS FOR A
13   * PARTICULAR PURPOSE, TITLE, or NONINFRINGEMENT.
14   * Redistribution, except as permitted by whichever of the GPL
15   * or MNA you select, is prohibited.
16   *
17   * 1. For the GPL license (GPL), you can redistribute and/or
18   * modify this file under the terms of the GNU General
19   * Public License, Version 3, as published by the Free Software
20   * Foundation.  You should have received a copy of the GNU
21   * General Public License, Version 3 along with this program;
22   * if not, write to the Free Software Foundation, Inc., 51
23   * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
24   *
25   * 2. For the Magnolia Network Agreement (MNA), this file
26   * and the accompanying materials are made available under the
27   * terms of the MNA which accompanies this distribution, and
28   * is available at http://www.magnolia-cms.com/mna.html
29   *
30   * Any modifications to this file must keep this entire header
31   * intact.
32   *
33   */
34  package info.magnolia.module.delta;
35  
36  import info.magnolia.cms.core.Path;
37  import info.magnolia.jcr.util.NodeTypes;
38  import info.magnolia.jcr.util.NodeUtil;
39  import info.magnolia.module.InstallContext;
40  import info.magnolia.repository.RepositoryConstants;
41  
42  import java.util.ArrayList;
43  import java.util.Arrays;
44  import java.util.List;
45  
46  import javax.jcr.Node;
47  import javax.jcr.NodeIterator;
48  import javax.jcr.RepositoryException;
49  
50  import org.apache.commons.lang3.StringUtils;
51  import org.slf4j.Logger;
52  import org.slf4j.LoggerFactory;
53  
54  /**
55   * A task to add a permission to all users under provided path.
56   *
57   */
58  public class AddUsersPermissionTask extends NodeVisitorTask {
59  
60      public static final String USER_PATH_REPLACEMENT = "${USER_PATH}";
61  
62      private static final Logger log = LoggerFactory.getLogger(AddUsersPermissionTask.class);
63  
64      private final String workspaceName;
65      private final String path;
66      private final long permission;
67      private List<String> excludedUserNames = new ArrayList<>();
68  
69      /**
70       * @param pathToUsers path pointing to subtree (or a single user) in users workspace
71       * @param workspace workspace to add permission for
72       * @param workspacePath path in workspace to add permission for, string ${USER_PATH} will be replaced with path to user to whom is the permission added
73       * @param permission permission value, see {@link info.magnolia.cms.security.Permission}
74       */
75      public AddUsersPermissionTask(String taskName, String pathToUsers, String workspace, String workspacePath, long permission) {
76          super(taskName, String.format("Adds permission '%s:%s=%d' to users under the path '%s'", workspace, workspacePath, permission, pathToUsers), RepositoryConstants.USERS, pathToUsers);
77          this.workspaceName = workspace;
78          this.path = workspacePath;
79          this.permission = permission;
80      }
81  
82      public AddUsersPermissionTask exclude(String... excludedUserNames) {
83          this.excludedUserNames = Arrays.asList(excludedUserNames);
84          return this;
85      }
86  
87      @Override
88      protected boolean nodeMatches(Node node) {
89          try {
90              return NodeTypes.User.NAME.equals(node.getPrimaryNodeType().getName()) && !excludedUserNames.contains(node.getName());
91          } catch (RepositoryException e) {
92              log.error(e.getMessage(), e);
93              return false;
94          }
95      }
96  
97      @Override
98      protected void operateOnNode(InstallContext installContext, Node user) {
99          try {
100             final Node aclNode = NodeUtil.createPath(user, "acl_" + workspaceName, NodeTypes.ContentNode.NAME);
101             final String path = StringUtils.replace(this.path, USER_PATH_REPLACEMENT, user.getPath());
102 
103             if (permissionExists(aclNode, path)) {
104                 installContext.warn(String.format("User '%s' has already permission for '%s:%s'.", user.getPath(), workspaceName, path));
105             } else {
106                 final String nodeName = Path.getUniqueLabel(aclNode, "0");
107                 final Node permissionNode = aclNode.addNode(nodeName, NodeTypes.ContentNode.NAME);
108                 permissionNode.setProperty("path", path);
109                 permissionNode.setProperty("permissions", permission);
110             }
111         } catch (RepositoryException e) {
112             installContext.error(e.getMessage(), e);
113         }
114     }
115 
116     private boolean permissionExists(Node aclNode, String path) throws RepositoryException {
117         NodeIterator children = aclNode.getNodes();
118         while (children.hasNext()) {
119             Node child = children.nextNode();
120             if (child.hasProperty("path") && child.getProperty("path").getString().equals(path)) {
121                 return true;
122             }
123         }
124         return false;
125     }
126 }