1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.setup.initial;
35
36 import info.magnolia.cms.core.Content;
37 import info.magnolia.jcr.util.NodeTypes;
38 import info.magnolia.module.InstallContext;
39 import info.magnolia.module.delta.AllChildrenNodesOperation;
40 import info.magnolia.module.delta.TaskExecutionException;
41 import info.magnolia.repository.RepositoryConstants;
42
43 import javax.jcr.RepositoryException;
44
45 import org.slf4j.Logger;
46 import org.slf4j.LoggerFactory;
47
48
49
50
51
52
53 @Deprecated
54 public class AddURIPermissionsToAllRoles extends AllChildrenNodesOperation {
55 private static final int ALLOW_ALL = 63;
56 private static final int DENY = 0;
57
58 private final boolean isAuthorInstance;
59
60 private static Logger log = LoggerFactory.getLogger(AllChildrenNodesOperation.class);
61
62 public AddURIPermissionsToAllRoles(boolean isAuthorInstance) {
63 super("URI permissions", "Introduction of URI-based security. All existing roles will have GET/POST permissions on /*.", RepositoryConstants.USER_ROLES, "/", new Content.ContentFilter() {
64 @Override
65 public boolean accept(Content content) {
66 try {
67 final String itemType = content.getItemType().getSystemName();
68
69 return itemType.startsWith("mgnl:") && !itemType.equals(NodeTypes.MetaData.NAME);
70 } catch (RepositoryException e) {
71 log.error("Unable to read itemtype for node {}", content.getHandle());
72 return false;
73 }
74 }
75
76 });
77 this.isAuthorInstance = isAuthorInstance;
78 }
79
80 @Override
81 protected void operateOnChildNode(Content node, InstallContext ctx) throws RepositoryException, TaskExecutionException {
82 final Content uriPermissionsNode = node.createContent("acl_uri", NodeTypes.ContentNode.NAME);
83 if ("anonymous".equals(node.getName())) {
84 if (isAuthorInstance) {
85 addPermission(uriPermissionsNode, "0", "/*", DENY);
86 } else {
87 addPermission(uriPermissionsNode, "0", "/*", ALLOW_ALL);
88 addPermission(uriPermissionsNode, "00", "/.magnolia", DENY);
89 addPermission(uriPermissionsNode, "01", "/.magnolia/*", DENY);
90 }
91 } else {
92 addPermission(uriPermissionsNode, "0", "/*", ALLOW_ALL);
93 }
94 }
95
96 private void addPermission(Content uriRepoNode, String permNodeName, String path, long value) throws RepositoryException {
97 final Content permNode = uriRepoNode.createContent(permNodeName, NodeTypes.ContentNode.NAME);
98 permNode.createNodeData("path", path);
99 permNode.createNodeData("permissions", Long.valueOf(value));
100 }
101 }