Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Added Membership and Members for Dynamic resolution.

  • Loading branch information...
commit 2ef9b0414dec7c2669501c3f5948840abe4a7e06 1 parent 33157f2
@ieb ieb authored
View
66 ...ava/org/apache/sling/jcr/jackrabbit/server/impl/security/dynamic/DynamicPrincipalManagerFactoryImpl.java
@@ -21,27 +21,34 @@
import org.osgi.framework.BundleContext;
import org.osgi.util.tracker.ServiceTracker;
+import java.util.ArrayList;
+import java.util.List;
+
import javax.jcr.Node;
/**
* A Singleton implementation of the DynamicPrincipalManagerFactory.
*/
-public class DynamicPrincipalManagerFactoryImpl extends ServiceTracker implements DynamicPrincipalManagerFactory {
+public class DynamicPrincipalManagerFactoryImpl extends ServiceTracker implements
+ DynamicPrincipalManagerFactory {
private DynamicPrincipalManager dynamicPrincipalManager;
/**
* Construct the Factory.
- * @param bundleContext the current bundle context.
+ *
+ * @param bundleContext
+ * the current bundle context.
*
*/
public DynamicPrincipalManagerFactoryImpl(BundleContext bundleContext) {
super(bundleContext, DynamicPrincipalManager.class.getName(), null);
dynamicPrincipalManager = new DynamicPrincipalManager() {
- public boolean hasPrincipalInContext(String principalName, Node aclNode, String userId) {
+ public boolean hasPrincipalInContext(String principalName, Node aclNode,
+ String userId) {
Object[] services = getServices();
- if ( services == null || services.length == 0 ) {
+ if (services == null || services.length == 0) {
// no managers configured, pass through, the user does not have the principal.
return false;
}
@@ -52,17 +59,62 @@ public boolean hasPrincipalInContext(String principalName, Node aclNode, String
}
}
return false;
- }
-
+ }
+
+ public List<String> getMembersOf(String principalName) {
+ Object[] services = getServices();
+ if (services == null || services.length == 0) {
+ // no managers configured, pass through, the user does not have the principal.
+ return null;
+ }
+ boolean added = false;
+ List<String> list = new ArrayList<String>();
+ for (Object serviceObject : services) {
+ DynamicPrincipalManager principalManager = (DynamicPrincipalManager) serviceObject;
+ List<String> members = principalManager.getMembersOf(principalName);
+ if (members != null) {
+ list.addAll(members);
+ added = true;
+ }
+ }
+ if (!added) {
+ return null;
+ }
+ return list;
+ }
+
+ public List<String> getMembershipFor(String principalName) {
+ Object[] services = getServices();
+ if (services == null || services.length == 0) {
+ // no managers configured, pass through, the user does not have the principal.
+ return null;
+ }
+ boolean added = false;
+ List<String> list = new ArrayList<String>();
+ for (Object serviceObject : services) {
+ DynamicPrincipalManager principalManager = (DynamicPrincipalManager) serviceObject;
+ List<String> groups = principalManager.getMembershipFor(principalName);
+ if (groups != null) {
+ list.addAll(groups);
+ added = true;
+ }
+ }
+ if (!added) {
+ return null;
+ }
+ return list;
+ }
+
};
}
+
/**
* {@inheritDoc}
+ *
* @see org.apache.sling.jcr.jackrabbit.server.impl.security.dynamic.DynamicPrincipalManagerFactory#getDynamicPrincipalManager()
*/
public DynamicPrincipalManager getDynamicPrincipalManager() {
return dynamicPrincipalManager;
}
-
}
View
32 ...erver/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/dynamic/DynamicPrincipalManager.java
@@ -16,6 +16,8 @@
*/
package org.apache.sling.jcr.jackrabbit.server.security.dynamic;
+import java.util.List;
+
import javax.jcr.Node;
/**
@@ -29,10 +31,36 @@
*
* @param principalName
* the name of the principal
- * @param aclNode the ACL node associated with the node under test
- * @param userId the user id making the request (note this is *not* the same as the user id bound to the session), may be null
+ * @param aclNode
+ * the ACL node associated with the node under test
+ * @param userId
+ * the user id making the request (note this is *not* the same as the user id
+ * bound to the session), may be null
* @return true if the user has the principal.
*/
boolean hasPrincipalInContext(String principalName, Node aclNode, String userId);
+ /**
+ * Get the members of the supplied principal, if that is a user, it may have no members,
+ * if it is a group it will may have dynamic members. If the principal is not managed by
+ * the DynamicPrincipalManager implementation they should return null.
+ *
+ * @param principalName
+ * the principal name identifying the Authorizable for which the caller wants a
+ * list of Members.
+ * @return A list of principalNames.
+ */
+ List<String> getMembersOf(String principalName);
+
+ /**
+ * Get a list of principal names that this supplied principalName has membership of. (ie
+ * if the principalName is "ieb", then this will return the membership of ieb)
+ *
+ * @param principalName
+ * the principalName for which membership is required.
+ * @return a list of groups the user is a member of, null if the question is not
+ * relevant to the implementation.
+ */
+ List<String> getMembershipFor(String principalName);
+
}
View
18 .../osgikernel/bundles/user/src/main/java/org/sakaiproject/kernel/user/owner/OwnerPrincipalManagerImpl.java
@@ -23,6 +23,8 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import java.util.List;
+
import javax.jcr.Node;
import javax.jcr.Property;
import javax.jcr.RepositoryException;
@@ -74,4 +76,20 @@ public boolean hasPrincipalInContext(String principalName, Node aclNode, String
return false;
}
+ /**
+ * {@inheritDoc}
+ * @see org.apache.sling.jcr.jackrabbit.server.security.dynamic.DynamicPrincipalManager#getMembersOf(java.lang.String)
+ */
+ public List<String> getMembersOf(String principalName) {
+ return null;
+ }
+
+ /**
+ * {@inheritDoc}
+ * @see org.apache.sling.jcr.jackrabbit.server.security.dynamic.DynamicPrincipalManager#getMembershipFor(java.lang.String)
+ */
+ public List<String> getMembershipFor(String principalName) {
+ return null;
+ }
+
}
Please sign in to comment.
Something went wrong with that request. Please try again.