/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.cocoon.slide.util;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.List;
import org.apache.slide.authenticate.CredentialsToken;
import org.apache.slide.common.NamespaceAccessToken;
import org.apache.slide.common.SlideToken;
import org.apache.slide.common.SlideTokenImpl;
import org.apache.slide.content.Content;
import org.apache.slide.content.NodeProperty;
import org.apache.slide.content.NodeRevisionDescriptor;
import org.apache.slide.content.NodeRevisionDescriptors;
import org.apache.slide.lock.Lock;
import org.apache.slide.lock.NodeLock;
import org.apache.slide.macro.Macro;
import org.apache.slide.macro.MacroParameters;
import org.apache.slide.security.NodePermission;
import org.apache.slide.security.Security;
import org.apache.slide.structure.ObjectNode;
import org.apache.slide.structure.ObjectNotFoundException;
import org.apache.slide.structure.Structure;
import org.apache.slide.structure.SubjectNode;
/**
* Helper class for the slide samples administration application.
*/
public class AdminHelper {
private static final SlideToken ROOT = new SlideTokenImpl(new CredentialsToken("root"));
public static boolean login(NamespaceAccessToken nat,
String userId,
String password) throws Exception {
String usersPath = nat.getNamespaceConfig().getUsersPath();
String userUri = usersPath + "/" + userId;
Content content = nat.getContentHelper();
try {
NodeRevisionDescriptors revisions = content.retrieve(ROOT,userUri);
NodeRevisionDescriptor revision = content.retrieve(ROOT,revisions);
NodeProperty property = revision.getProperty(
"password",NodeProperty.SLIDE_NAMESPACE);
return property.getValue().equals(password);
}
catch (Exception e) {
e.printStackTrace();
throw e;
}
}
public static void addUser(NamespaceAccessToken nat,
String caller,
String username,
String password) throws Exception {
String usersPath = nat.getNamespaceConfig().getUsersPath();
String userUri = usersPath + "/" + username;
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Structure structure = nat.getStructureHelper();
Content content = nat.getContentHelper();
try {
nat.begin();
ObjectNode user = new SubjectNode();
structure.create(slideToken,user,userUri);
// create the user descriptor
NodeRevisionDescriptor descriptor = new NodeRevisionDescriptor();
descriptor.setCreationDate(new Date());
descriptor.setLastModified(new Date());
descriptor.setProperty(new NodeProperty(
"password",password,NodeProperty.SLIDE_NAMESPACE));
content.create(slideToken,userUri,descriptor,null);
nat.commit();
}
catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static void addGroup(NamespaceAccessToken nat,
String caller,
String groupname) throws Exception {
String groupsPath = nat.getNamespaceConfig().getGroupsPath();
String groupUri = groupsPath + "/" + groupname;
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Structure structure = nat.getStructureHelper();
Content content = nat.getContentHelper();
try {
nat.begin();
ObjectNode group = new SubjectNode();
structure.create(slideToken,group,groupUri);
NodeRevisionDescriptor descriptor = new NodeRevisionDescriptor();
descriptor.setCreationDate(new Date());
descriptor.setLastModified(new Date());
content.create(slideToken,groupUri,descriptor,null);
nat.commit();
}
catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static void addRole(NamespaceAccessToken nat,
String caller,
String rolename) throws Exception {
String rolesPath = nat.getNamespaceConfig().getRolesPath();
String roleUri = rolesPath + "/" + rolename;
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Structure structure = nat.getStructureHelper();
Content content = nat.getContentHelper();
try {
nat.begin();
ObjectNode role = new SubjectNode();
structure.create(slideToken,role,roleUri);
NodeRevisionDescriptor descriptor = new NodeRevisionDescriptor();
descriptor.setCreationDate(new Date());
descriptor.setLastModified(new Date());
content.create(slideToken,roleUri,descriptor,null);
nat.commit();
}
catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static void removeObject(NamespaceAccessToken nat,
String caller,
String objectUri) throws Exception {
String usersPath = nat.getNamespaceConfig().getUsersPath();
String callerUri = usersPath + "/" + caller;
// user cannot delete itself
if (callerUri.equals(objectUri)) {
return;
}
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Macro macro = nat.getMacroHelper();
try {
nat.begin();
boolean recursive = true;
boolean overwrite = false;
MacroParameters parameters = new MacroParameters(recursive,overwrite);
macro.delete(slideToken,objectUri,parameters);
nat.commit();
}
catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static void addMember(NamespaceAccessToken nat,
String caller,
String objectUri,
String subjectUri) throws Exception {
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Structure structure = nat.getStructureHelper();
Content content = nat.getContentHelper();
try {
// check if the subject exists
structure.retrieve(slideToken,subjectUri);
NodeRevisionDescriptors descriptors = content.retrieve(slideToken,objectUri);
NodeRevisionDescriptor descriptor = content.retrieve(slideToken,descriptors);
NodeProperty property = descriptor.getProperty("group-member-set","DAV:");
String value = null;
if (property != null) {
value = (String) property.getValue();
if (value.indexOf(subjectUri) != -1) {
// user already a member of this group
return;
}
}
else {
value = "";
}
value = value + "<D:href xmlns:D='DAV:'>" + subjectUri + "</D:href>";
descriptor.setProperty("group-member-set","DAV:",value);
nat.begin();
content.store(slideToken,objectUri,descriptor,null);
nat.commit();
}
catch (ObjectNotFoundException e) {
// no such user or group
}
catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static void removeMember(NamespaceAccessToken nat,
String caller,
String objectUri,
String subjectUri) throws Exception {
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Content content = nat.getContentHelper();
try {
NodeRevisionDescriptors revisions = content.retrieve(slideToken,objectUri);
NodeRevisionDescriptor revision = content.retrieve(slideToken,revisions);
NodeProperty property = revision.getProperty("group-member-set","DAV:");
if (property == null) {
// group has no members
return;
}
String value = (String) property.getValue();
int index = value.indexOf(subjectUri);
if (index == -1) {
// subject is not a member of this group
return;
}
// looking for the end of </D:href> after subjectUri
int end = index + subjectUri.length();
do {
end++;
}
while (value.charAt(end) != '>');
// looking for the start of <D:href> before subjectUri
int from = index;
do {
from--;
}
while(value.charAt(from) != '<');
// snip out the user
String before = value.substring(0,from);
String after = value.substring(end+1);
value = before + after;
revision.setProperty("group-member-set","DAV:",value);
nat.begin();
content.store(slideToken,objectUri,revision,null);
nat.commit();
}
catch (ObjectNotFoundException e) {
// no such user or group
}
catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static void changePassword(NamespaceAccessToken nat,
String caller,
String userUri,
String password) throws Exception {
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Content content = nat.getContentHelper();
try {
nat.begin();
NodeRevisionDescriptors revisions = content.retrieve(slideToken, userUri);
NodeRevisionDescriptor revision = content.retrieve(slideToken, revisions);
revision.setLastModified(new Date());
revision.setProperty(new NodeProperty("password", password, NodeProperty.SLIDE_NAMESPACE));
content.store(slideToken, userUri, revision, null);
nat.commit();
}
catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static List listPermissions(NamespaceAccessToken nat,
String caller,
String path) throws Exception {
String uri = getUriFromPath(nat,path);
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Security security = nat.getSecurityHelper();
List result = new ArrayList();
try {
nat.begin();
Enumeration permissions = security.enumeratePermissions(slideToken,uri,false);
while (permissions.hasMoreElements()) {
result.add(permissions.nextElement());
}
nat.commit();
return result;
}
catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static List listLocks(NamespaceAccessToken nat,
String caller,
String path) throws Exception {
String uri = getUriFromPath(nat,path);
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Lock lock = nat.getLockHelper();
List result = new ArrayList();
try {
nat.begin();
Enumeration locks = lock.enumerateLocks(slideToken,uri,false);
while(locks.hasMoreElements()) {
result.add(locks.nextElement());
}
nat.commit();
return result;
} catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static List listGroups(NamespaceAccessToken nat, String caller, String path) throws Exception {
List result = new ArrayList();
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Structure structure = nat.getStructureHelper();
Content content = nat.getContentHelper();
ObjectNode object = structure.retrieve(slideToken,path);
Enumeration enumeration = structure.getChildren(slideToken,object);
while (enumeration.hasMoreElements()) {
String uri = ((ObjectNode) enumeration.nextElement()).getUri();
NodeRevisionDescriptors revisions = content.retrieve(slideToken, uri);
NodeRevisionDescriptor revision = content.retrieve(slideToken, revisions);
NodeProperty property = revision.getProperty("group-member-set","DAV:");
List members;
if (property != null) {
String value = (String) property.getValue();
members = new ArrayList(10);
int start = value.indexOf('>'), end = 0;
while (start != -1) {
end = value.indexOf('<',start);
if (end != -1) {
members.add(value.substring(start+1,end));
}
end = value.indexOf('>',start+1);
start = value.indexOf('>',end+1);
}
}
else {
members = Collections.EMPTY_LIST;
}
result.add(new Group(uri,members));
}
return result;
}
public static List listUsers(NamespaceAccessToken nat,
String caller) throws Exception {
return listObjects(nat,caller,nat.getNamespaceConfig().getUsersPath());
}
public static List listPrivileges(NamespaceAccessToken nat,
String caller) throws Exception {
return listObjects(nat,caller,nat.getNamespaceConfig().getActionsPath());
}
private static List listObjects(NamespaceAccessToken nat,
String caller,
String path) throws Exception {
List result = new ArrayList();
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Structure structure = nat.getStructureHelper();
ObjectNode object = structure.retrieve(slideToken,path);
Enumeration enumeration = structure.getChildren(slideToken,object);
while (enumeration.hasMoreElements()) {
result.add(((ObjectNode) enumeration.nextElement()).getUri());
}
return result;
}
public static void removePermission(NamespaceAccessToken nat,
String caller,
String path,
String subject,
String action) throws Exception {
String uri = getUriFromPath(nat,path);
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Security security = nat.getSecurityHelper();
try {
NodePermission permission = new NodePermission(uri, subject, action);
nat.begin();
security.revokePermission(slideToken, permission);
nat.commit();
}
catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static void addPermission(NamespaceAccessToken nat,
String caller,
String path,
String subject,
String action,
String inheritable,
String negative) throws Exception {
String uri = getUriFromPath(nat,path);
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Security security = nat.getSecurityHelper();
boolean isInheritable = Boolean.valueOf(inheritable).booleanValue();
boolean isNegative = Boolean.valueOf(negative).booleanValue();
try {
NodePermission permission = new NodePermission(uri,subject,action,isInheritable,isNegative);
nat.begin();
if (isNegative) {
security.denyPermission(slideToken,permission);
}
else {
security.grantPermission(slideToken,permission);
}
nat.commit();
} catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static void removeLock(NamespaceAccessToken nat,
String caller,
String uri,
String lockId) throws Exception {
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Lock lock = nat.getLockHelper();
try {
nat.begin();
lock.unlock(slideToken,uri,lockId);
nat.commit();
}
catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
public static void addLock(NamespaceAccessToken nat,
String caller,
String path,
String subject,
String type,
String expiration,
String exclusive,
String inherit) throws Exception {
String uri = getUriFromPath(nat,path);
boolean isExclusive = Boolean.valueOf(exclusive).booleanValue();
boolean isInherit = Boolean.valueOf(inherit).booleanValue();
// expiration in minutes
int intExpiration = Integer.valueOf(expiration).intValue();
Date expire = new Date(System.currentTimeMillis() + intExpiration*1000*60);
SlideToken slideToken = new SlideTokenImpl(new CredentialsToken(caller));
Lock lock = nat.getLockHelper();
try {
nat.begin();
lock.lock(slideToken, new NodeLock(uri, subject, type, expire, isInherit, isExclusive, uri));
nat.commit();
}
catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
private static String getUriFromPath(NamespaceAccessToken nat,
String path) {
String filesPath = nat.getNamespaceConfig().getFilesPath();
String uri;
if (path.equals("/") || path.length() == 0) {
uri = filesPath;
}
else {
uri = filesPath + "/" + path;
}
return uri;
}
public static class Group {
private final String m_uri;
private final List m_members;
private Group(String uri, List members) {
m_uri = uri;
m_members = members;
}
public String getUri() {
return m_uri;
}
public List getMembers() {
return m_members;
}
public String toString() {
return m_uri;
}
}
}