org.apache.jackrabbit.api.JackrabbitSession Java Examples

@Test
public void testAdditionalAdminGroup() throws Exception {
    JackrabbitSession jackrabbitSession = (JackrabbitSession) admin;
    Authorizable admins = jackrabbitSession.getUserManager().getAuthorizable("myadmins");
    if (admins == null) {
        admins = jackrabbitSession.getUserManager().createGroup("myadmins");
    }
    Group adminsGroup = (Group) admins;
    User testUser = (User) jackrabbitSession.getUserManager().getAuthorizable(TEST_USER);
    if (testUser == null) {
        testUser = jackrabbitSession.getUserManager().createUser(TEST_USER, TEST_USER);
    }
    adminsGroup.addMember(testUser);
    admin.save();
    Session session = repository.login(new SimpleCredentials(TEST_USER, TEST_USER.toCharArray()));
    try {
        assertTrue(
                "user \"" + TEST_USER + "\" has been added to additional administrators group thus should have admin permissions",
                AdminPermissionChecker.hasAdministrativePermissions(session, "myadmins"));
    } finally {
        session.logout();
    }
}
 

@Test
public void installUserA_Profile_Picture_NonExistingUser() throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-user-a must not exist", mgr.getAuthorizable(ID_TEST_USER_A));

    // install updated profile
    JcrPackage pack = packMgr.upload(getStream("/test-packages/test_user_a_profile_picture.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());

    Authorizable user = mgr.getAuthorizable(ID_TEST_USER_A);
    assertNotNull("test-user-a must exist", user);

    // image profile must exist
    assertNodeExists(user.getPath() + "/" + NAME_PROFILE_PICTURE_NODE);
}
 

@Test
public void installUserA_Profile_NonExistingUser() throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-user-a must not exist", mgr.getAuthorizable(ID_TEST_USER_A));

    // install profile
    JcrPackage pack = packMgr.upload(getStream("/test-packages/test_user_a_profile.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());

    Authorizable user = mgr.getAuthorizable(ID_TEST_USER_A);
    assertNotNull("test-user-a must exist", user);

    // profile must exist
    assertProperty(user.getPath() + "/" + NAME_PROFILE_PROPERTY, "a");
}
 

@After
public void tearDown() throws Exception {
    // remove test authorizables
    admin.refresh(false);
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    for (String id: getAllAuthorizableIds()) {
        if (!preTestAuthorizables.remove(id)) {
            removeAuthorizable(mgr, id);
        }
    }
    admin.save();

    packMgr = null;
    if (admin != null) {
        admin.logout();
        admin = null;
    }
}
 

/**
 * Get the authorable status of the current user.
 * TODO: remove and use UserService
 *
 * @return true if the current user is an admin or author.
 */
public boolean isAuthorable() {
    boolean authorable = false;

    JackrabbitSession js = (JackrabbitSession)getSession();

    try {
        Group authors = (Group)js.getUserManager().getAuthorizable(PublickConstants.GROUP_ID_AUTHORS);
        User user = (User)js.getUserManager().getAuthorizable(js.getUserID());

        authorable = user.isAdmin() || authors.isMember(user);
    } catch (RepositoryException e) {
        LOGGER.error("Could not determine group membership", e);
    }

    return authorable;
}
 

/**
 * Installs a package that contains a "test-group" and a "test-user-a" as member of the group.
 */
@Test
public void installGroupA() throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-group must not exist", mgr.getAuthorizable("test-group"));
    assertNull("test-user-a must not exist", mgr.getAuthorizable("test-user-a"));

    JcrPackage pack = packMgr.upload(getStream("/test-packages/group_with_a.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());

    // check if group exists
    Group grp = (Group) mgr.getAuthorizable("test-group");
    assertNotNull("test-group must exist", grp);
    User userA = (User) mgr.getAuthorizable("test-user-a");
    assertNotNull("test-user-a must exist", userA);
    assertTrue("test-user-a is member of test-group", grp.isMember(userA));
}
 

/**
 * Get the authorable status of the current user.
 *
 * @param session The current session.
 * @return true if the current user is an admin or author.
 */
public boolean isAuthorable(Session session) {
    boolean authorable = false;

    JackrabbitSession js = (JackrabbitSession)session;

    try {
        Group authors = (Group)js.getUserManager().getAuthorizable(PublickConstants.GROUP_ID_AUTHORS);
        User user = (User)js.getUserManager().getAuthorizable(js.getUserID());

        authorable = user.isAdmin() || authors.isMember(user);
    } catch (RepositoryException e) {
        LOGGER.error("Could not determine group membership", e);
    }

    return authorable;
}
 

@Override
public void setUp() throws Exception {
    super.setUp();
    uMgr = ((JackrabbitSession) admin).getUserManager();
    User testuser = uMgr.createUser(NAME_TEST_USER, null);
    admin.save();

    acMgr = admin.getAccessControlManager();

    Node tmp = admin.getRootNode().addNode("testroot").addNode("secured");
    JackrabbitAccessControlList list = AccessControlUtils.getAccessControlList(acMgr, tmp.getPath());
    Privilege[] writePrivilege = AccessControlUtils.privilegesFromNames(acMgr, Privilege.JCR_WRITE);
    ValueFactory vf = admin.getValueFactory();
    Principal everyone = ((JackrabbitSession) admin).getPrincipalManager().getEveryone();
    list.addEntry(everyone, writePrivilege, true, ImmutableMap.of("rep:glob", vf.createValue("/foo")));
    list.addEntry(testuser.getPrincipal(), writePrivilege, false, ImmutableMap.of("rep:glob", vf.createValue("/foo")));
    list.addEntry(everyone, writePrivilege, true, ImmutableMap.of("rep:glob", vf.createValue("/bar")));
    acMgr.setPolicy(tmp.getPath(), list);

    expectedEntries = ImmutableList.copyOf(list.getAccessControlEntries());

    admin.refresh(false);
}
 

@Test
public void testNotAdminUser() throws Exception {
    JackrabbitSession jackrabbitSession = (JackrabbitSession) admin;
    Authorizable vip = jackrabbitSession.getUserManager().getAuthorizable(TEST_USER);
    assertNull("test user must not exist", vip);

    jackrabbitSession.getUserManager().createUser(TEST_USER, TEST_USER);
    admin.save();

    Session session = repository.login(new SimpleCredentials(TEST_USER, TEST_USER.toCharArray()));
    try {
        assertFalse(
                "\"" + TEST_USER + "\" is not admin/system and doesn't belong to administrators thus shouldn't have admin permissions",
                AdminPermissionChecker.hasAdministrativePermissions(session));
    } finally {
        session.logout();
    }
}
 

@Test
public void testAdminGroup() throws Exception {
    JackrabbitSession jackrabbitSession = (JackrabbitSession) admin;
    Authorizable admins = jackrabbitSession.getUserManager().getAuthorizable("administrators");
    if (admins == null) {
        admins = jackrabbitSession.getUserManager().createGroup("administrators");
    }
    Group adminsGroup = (Group) admins;
    User testUser = (User) jackrabbitSession.getUserManager().getAuthorizable(TEST_USER);
    if (testUser == null) {
        testUser = jackrabbitSession.getUserManager().createUser(TEST_USER, TEST_USER);
    }
    adminsGroup.addMember(testUser);
    admin.save();
    Session session = repository.login(new SimpleCredentials(TEST_USER, TEST_USER.toCharArray()));
    try {
        assertTrue(
                "user \"" + TEST_USER + "\" has been added to administrators group thus should have admin permissions",
                AdminPermissionChecker.hasAdministrativePermissions(session));
    } finally {
        session.logout();
    }
}
 

@Test
public void testAdditionalAdminUser() throws AccessDeniedException, UnsupportedRepositoryOperationException, RepositoryException {
    JackrabbitSession jackrabbitSession = (JackrabbitSession) admin;
    Authorizable vip = jackrabbitSession.getUserManager().getAuthorizable(TEST_USER);
    assertNull("test user must not exist", vip);

    jackrabbitSession.getUserManager().createUser(TEST_USER, TEST_USER);
    admin.save();

    Session session = repository.login(new SimpleCredentials(TEST_USER, TEST_USER.toCharArray()));
    try {
        assertTrue(
                "\"" + TEST_USER + "\" is additional admin/system thus should have admin permissions",
                AdminPermissionChecker.hasAdministrativePermissions(session, TEST_USER));
    } finally {
        session.logout();
    }
}
 

/**
 * Installs 2 packages with "test-group" that contain test-user-a and test-user-b,test-user-c respectively.
 * since the import mode is merge, the memberships should be merged. this variant uses a renamed authorizable node name
 */
@Test
public void installGroupABC_renamed() throws RepositoryException, IOException, PackageException {
    // ensure that test users don't exist yet (proper setup)
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-group must not exist", mgr.getAuthorizable("test-group"));
    assertNull("test-user-a must not exist", mgr.getAuthorizable("test-user-a"));
    assertNull("test-user-b must not exist", mgr.getAuthorizable("test-user-b"));
    assertNull("test-user-c must not exist", mgr.getAuthorizable("test-user-c"));

    JcrPackage pack = packMgr.upload(getStream("/test-packages/group_with_bc.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());

    pack = packMgr.upload(getStream("/test-packages/group_with_a_moved.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());
    assertABC(mgr);
}
 

/**
 * Installs 2 packages with "test-group" that contain test-user-a and test-user-b,test-user-c respectively.
 * since the import mode is merge, the memberships should be merged.
 */
@Test
public void installGroupABC() throws RepositoryException, IOException, PackageException {
    // ensure that test users don't exist yet (proper setup)
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-group must not exist", mgr.getAuthorizable("test-group"));
    assertNull("test-user-a must not exist", mgr.getAuthorizable("test-user-a"));
    assertNull("test-user-b must not exist", mgr.getAuthorizable("test-user-b"));
    assertNull("test-user-c must not exist", mgr.getAuthorizable("test-user-c"));

    JcrPackage pack = packMgr.upload(getStream("/test-packages/group_with_a.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());

    pack = packMgr.upload(getStream("/test-packages/group_with_bc.zip"), false);
    assertNotNull(pack);
    pack.install(getDefaultOptions());
    assertABC(mgr);
}
 

@After
public void after() throws RepositoryException {
    JackrabbitSession jackrabbitSession = (JackrabbitSession) admin;
    jackrabbitSession.refresh(false);
    Authorizable vip = jackrabbitSession.getUserManager().getAuthorizable(TEST_USER);
    if (vip != null) {
        vip.remove();
    }
    jackrabbitSession.save();
}
 

@Override
public void tearDown() throws Exception {
    // remove test authorizables
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    removeAuthorizable(mgr, "test-group");
    removeAuthorizable(mgr, "test-user-a");
    removeAuthorizable(mgr, "test-user-b");
    removeAuthorizable(mgr, "test-user-c");
    admin.save();
    super.tearDown();
}
 

/**
 * Test if package extraction works w/o RW access to / and /tmp.
 */
@Test
public void testExtractWithoutRootAndTmpAccess() throws IOException, RepositoryException, ConfigurationException, PackageException {
    Assume.assumeTrue(!isOak());

    JcrPackage pack = packMgr.upload(getStream("/test-packages/tmp_foo.zip"), true, true);
    assertNotNull(pack);
    assertTrue(pack.isValid());
    PackageId id = pack.getPackage().getId();
    pack.close();

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp").addNode("foo");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, ((JcrPackageRegistry)packMgr.getRegistry()).getPackRootPaths()[0], principal1, new String[]{"jcr:all"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp/foo", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    JcrPackageManagerImpl userPackMgr = new JcrPackageManagerImpl(session, new String[0], null, null);
    pack = userPackMgr.open(id);
    ImportOptions opts = getDefaultOptions();
    pack.extract(opts);
    pack.close();
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

/**
 * Tests if package installation works w/o RW access to / and /tmp.
 * this currently fails, due to the creation of the snapshot.
 * also see {@link TestNoRootAccessExport#exportNoRootAccess()}
 */
@Test
@Ignore("JCRVLT-100")
public void testInstallWithoutRootAndTmpAccess() throws IOException, RepositoryException, ConfigurationException, PackageException {
    JcrPackage pack = packMgr.upload(getStream("/test-packages/tmp_foo.zip"), true, true);
    assertNotNull(pack);
    assertTrue(pack.isValid());
    PackageId id = pack.getPackage().getId();
    pack.close();

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp").addNode("foo");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, ((JcrPackageRegistry)packMgr.getRegistry()).getPackRootPaths()[0], principal1, new String[]{"jcr:all"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp/foo", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    JcrPackageManagerImpl userPackMgr = new JcrPackageManagerImpl(session, new String[0], null, null);
    pack = userPackMgr.open(id);
    ImportOptions opts = getDefaultOptions();
    pack.install(opts);
    pack.close();
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

/**
 * Installs a package with an install hook and an explicitly allowed user
 */
@Test
public void testHookWithAllowedNonAdminUser() throws RepositoryException, IOException, PackageException {
    if (admin.nodeExists("/testroot")) {
        admin.getNode("/testroot").remove();
    }
    admin.getRootNode().addNode("testroot", "nt:unstructured").addNode("testnode", "nt:unstructured");
    admin.save();
    
    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();
    
    // Setup test user ACLs that there are no restrictions
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, true);
    admin.save();
    
    Session userSession = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    try {
        packMgr = new JcrPackageManagerImpl(userSession, new String[0], new String[] {"user1"}, null);

        PackageEventDispatcherImpl dispatcher = new PackageEventDispatcherImpl();
        dispatcher.bindPackageEventListener(new ActivityLog(), Collections.singletonMap("component.id", (Object) "1234"));
        packMgr.setDispatcher(dispatcher);
        
        JcrPackage pack = packMgr.upload(getStream("/test-packages/test_hook.zip"), false);
        assertNotNull(pack);
        packMgr.getInternalRegistry().installPackage(userSession, new JcrRegisteredPackage(pack), getDefaultOptions(), true);
        assertTrue(admin.propertyExists("/testroot/hook-example"));
        
    } finally {
        userSession.logout();
    }
}
 

private void install_user_with_rep_cache(ImportMode mode) throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    assertNull("test-user-a must not exist", mgr.getAuthorizable(ID_TEST_USER_A));

    // install user package
    JcrPackage pack = packMgr.upload(getStream("/test-packages/test_user_with_rep_cache.zip"), false);
    assertNotNull(pack);
    ImportOptions opts = getDefaultOptions();
    opts.setImportMode(mode);
    pack.install(opts);

    // check if user exists
    User userA = (User) mgr.getAuthorizable(ID_TEST_USER_A);
    assertNotNull("test-user-a must exist", userA);
}
 

/**
 * Installs a package with an install hook and a not allowed user
 */
@Test
public void testHookWithNotAllowedNonAdminUser() throws RepositoryException, IOException, PackageException {
    if (admin.nodeExists("/testroot")) {
        admin.getNode("/testroot").remove();
    }
    admin.getRootNode().addNode("testroot", "nt:unstructured").addNode("testnode", "nt:unstructured");
    admin.save();
    
    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();
    
    // Setup test user ACLs that there are no restrictions
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, true);
    admin.save();
    
    Session userSession = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    try {
        packMgr = new JcrPackageManagerImpl(userSession, new String[0], null, null);

        PackageEventDispatcherImpl dispatcher = new PackageEventDispatcherImpl();
        dispatcher.bindPackageEventListener(new ActivityLog(), Collections.singletonMap("component.id", (Object) "1234"));
        packMgr.setDispatcher(dispatcher);
        
        JcrPackage pack = packMgr.upload(getStream("/test-packages/test_hook.zip"), false);
        assertNotNull(pack);
        thrown.expect(PackageException.class);
        thrown.expectMessage("Package extraction requires admin session as it has a hook");
        packMgr.getInternalRegistry().installPackage(userSession, new JcrRegisteredPackage(pack), getDefaultOptions(), true);
        
    
    } finally {
        userSession.logout();
    }
}
 

@Test
public void testImportWithoutRootAndTmpAccess() throws IOException, RepositoryException, ConfigurationException {
    Assume.assumeTrue(!isOak());

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp").addNode("foo");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp/foo", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    // Import with a session associated to the test user
    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    ZipArchive archive = new ZipArchive(getTempFile("/test-packages/tmp_foo.zip"));
    archive.open(true);
    ImportOptions opts = getDefaultOptions();
    Importer importer = new Importer(opts);
    importer.run(archive, session, "/");
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

@Test
public void testImportWithoutRootAccess() throws IOException, RepositoryException, ConfigurationException {
    Assume.assumeTrue(!isOak());

    // Create test user
    UserManager userManager = ((JackrabbitSession)admin).getUserManager();
    String userId = "user1";
    String userPwd = "pwd1";
    User user1 = userManager.createUser(userId, userPwd);
    Principal principal1 = user1.getPrincipal();

    // Create /tmp folder
    admin.getRootNode().addNode("tmp");
    admin.save();

    // Setup test user ACLs such that the
    // root node is not accessible
    AccessControlUtils.addAccessControlEntry(admin, null, principal1, new String[]{"jcr:namespaceManagement","jcr:nodeTypeDefinitionManagement"}, true);
    AccessControlUtils.addAccessControlEntry(admin, "/", principal1, new String[]{"jcr:all"}, false);
    AccessControlUtils.addAccessControlEntry(admin, "/tmp", principal1, new String[]{"jcr:all"}, true);
    admin.save();

    // Import with a session associated to the test user
    Session session = repository.login(new SimpleCredentials(userId, userPwd.toCharArray()));
    ZipArchive archive = new ZipArchive(getTempFile("/test-packages/tmp.zip"));
    archive.open(true);
    ImportOptions opts = getDefaultOptions();
    Importer importer = new Importer(opts);
    importer.run(archive, session, "/");
    session.logout();

    assertNodeExists("/tmp/foo/bar/tobi");
}
 

@Override
public void setUp() throws Exception {
    super.setUp();
    uMgr = ((JackrabbitSession) admin).getUserManager();
    uMgr.createUser(NAME_TEST_USER, "test");
    admin.save();
}
 

private void install_moved_user_with_rep_cache(ImportMode mode) throws RepositoryException, IOException, PackageException {
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    User u = mgr.createUser(ID_TEST_USER_A, ID_TEST_PASSWORD);
    String newPath = u.getPath() + "_moved";
    admin.move(u.getPath(), newPath);
    admin.save();

    Group g = mgr.createGroup(ID_TEST_GROUP_A);
    g.addMember(u);
    admin.save();

    // login to the repository to generate some rep:cache nodes
    repository.login(new SimpleCredentials(ID_TEST_USER_A, ID_TEST_PASSWORD.toCharArray())).logout();
    admin.refresh(false);

    // ensure that there is a rep:cache node
    assertNodeExists(newPath + "/rep:cache");

    // install user package
    JcrPackage pack = packMgr.upload(getStream("/test-packages/test_user_a.zip"), false);
    assertNotNull(pack);
    ImportOptions opts = getDefaultOptions();
    opts.setImportMode(mode);
    pack.install(opts);

    // check if user exists
    User userA = (User) mgr.getAuthorizable(ID_TEST_USER_A);
    assertNotNull("test-user-a must exist", userA);
}
 

public Session wrap(Session session) throws RepositoryException {
    if (session instanceof SessionWrapper) {
        return session;
    }
    return session instanceof JackrabbitSession ?
            new JackrabbitSessionWrapper(this, (JackrabbitSession) session) :
            new SessionWrapper<>(this, session);
}
 

private NodeIterator getPermissions(Context context)
    throws ActionExecutionException, RepositoryException {
  JackrabbitSession session = context.getSession();
  String path = PERMISSION_STORE_PATH + context.getCurrentAuthorizable().getID();
  NodeIterator result = null;
  if (session.nodeExists(path)) {
    Node node = session.getNode(path);
    result = node.getNodes();
  }
  return result;
}
 

/**
 * Create user groups for authors and testers.
 *
 * @param bundleContext The bundle context provided by the component.
 */
private void createGroups(BundleContext bundleContext){
    ServiceReference SlingRepositoryFactoryReference = bundleContext.getServiceReference(SlingRepository.class.getName());
    SlingRepository repository = (SlingRepository)bundleContext.getService(SlingRepositoryFactoryReference);

    Session session = null;

    if (repository != null) {
        try {
            session = repository.loginAdministrative(null);

            if (session != null && session instanceof JackrabbitSession) {
                UserManager userManager = ((JackrabbitSession)session).getUserManager();
                ValueFactory valueFactory = session.getValueFactory();

                Authorizable authors = userManager.getAuthorizable(PublickConstants.GROUP_ID_AUTHORS);

                if (authors == null) {
                    authors = userManager.createGroup(PublickConstants.GROUP_ID_AUTHORS);
                    authors.setProperty(GROUP_DISPLAY_NAME, valueFactory.createValue(PublickConstants.GROUP_DISPLAY_AUTHORS));
                }

                Authorizable testers = userManager.getAuthorizable(PublickConstants.GROUP_ID_TESTERS);

                if (testers == null) {
                    testers = userManager.createGroup(PublickConstants.GROUP_ID_TESTERS);
                    testers.setProperty(GROUP_DISPLAY_NAME, valueFactory.createValue(PublickConstants.GROUP_DISPLAY_TESTERS));
                }
            }
        } catch (RepositoryException e) {
            LOGGER.error("Could not get session", e);
        } finally {
            if (session != null && session.isLive()) {
                session.logout();
                session = null;
            }
        }
    }
}
 

private JackrabbitACLImporter(Session session, String path, AccessControlHandling aclHandling)
        throws RepositoryException {
    if (aclHandling == AccessControlHandling.CLEAR || aclHandling == AccessControlHandling.IGNORE) {
        throw new RepositoryException("Error while reading access control content: unsupported AccessControlHandling: " + aclHandling);
    }
    this.accessControlledPath = path;
    this.session = (JackrabbitSession) session;
    this.acMgr = this.session.getAccessControlManager();
    this.pMgr = this.session.getPrincipalManager();
    this.aclHandling = aclHandling;
    this.states.push(State.INITIAL);
}
 

/**
 * Checks if the user who opened the session has administrative permissions
 *
 * @param session a JCR session
 * @return whether the passed session is an admin session
 * @throws RepositoryException If an error occurrs.
 */
public static boolean hasAdministrativePermissions(@NotNull Session session, String... additionalAdminAuthorizableIds) throws RepositoryException {
    String userId = session.getUserID();
    if (ADMIN_USER.equals(userId) || SYSTEM_USER.equals(userId)) {
        return true;
    }
    List<String> additionalAdminIds = Arrays.asList(Optional.ofNullable(additionalAdminAuthorizableIds).orElse(new String[0]));
    if (additionalAdminIds.contains(userId)) {
        return true;
    }
    if (!(session instanceof JackrabbitSession)) {
        log.warn("could not evaluate group permissions but just user name");
        return false;
    }

    JackrabbitSession jackrabbitSession = (JackrabbitSession) session;
    Authorizable authorizable = jackrabbitSession.getUserManager().getAuthorizable(userId);
    if (authorizable == null) {
        return false;
    }

    Iterator<Group> groupIterator = authorizable.memberOf();
    while (groupIterator.hasNext()) {
        String groupId = groupIterator.next().getID();
        if (ADMINISTRATORS_GROUP.equals(groupId)) {
            return true;
        }
        if (additionalAdminIds.contains(groupId)) {
            return true;
        }
    }

    return false;
}
 

public final Set<String> getAllAuthorizableIds() throws RepositoryException {
    Set<String> ret = new HashSet<String>();
    UserManager mgr = ((JackrabbitSession) admin).getUserManager();
    Iterator<Authorizable> auths = mgr.findAuthorizables("rep:principalName", null);
    while (auths.hasNext()) {
        ret.add(auths.next().getID());
    }
    return ret;
}