Examples of Authorizable

org.apache.jackrabbit.api.security.user.Authorizable
The Authorizable is the common base interface for {@link User} and{@link Group}. It provides access to the Principals associated with an Authorizable (see below) and allow to access and modify additional properties such as e.g. full name, e-mail or address.

Please note the difference between Authorizable and {@link java.security.Principal Principal}:
An Authorizable is repository object that is neither associated with nor depending from a particular Session and thus independent of the login mechanisms creating Sessions.

On the other hand Principals are representations of user identities. In other words: each Principal within the set associated with the Session's Subject upon login represents an identity for that user. An the set of Principals may differ between different login mechanisms.

Consequently an one-to-many relationship exists between Authorizable and Principal (see also {@link #getPrincipal()}.

The interfaces derived from Authorizable are defined as follows:
- {@link User}: defined to be an Authorizable that can be authenticated (by using Credentials) and impersonated.
- {@link Group}: defined to be a collection of other Authorizables.
@see User @see Group
org.apache.sentry.core.Authorizable
org.springframework.richclient.core.Authorizable
Interface to be implemented by objects whose operations can be authorized or not. @author Larry Streepy

Examples of org.apache.jackrabbit.api.security.user.Authorizable

            throws RepositoryException {


        ApplyToIterator iterator = new ApplyToIterator(baseResource, paths);
        while (iterator.hasNext()) {
            Resource resource = iterator.next();
            Authorizable item = resource.adaptTo(Authorizable.class);
            if (item != null) {
                item.remove();
                changes.add(Modification.onDeleted(resource.getPath()));
            }
        }
    }

View Full Code Here

Examples of org.apache.jackrabbit.api.security.user.Authorizable

        if (name == null || name.length() == 0) {
            throw new IllegalArgumentException("Group name was not supplied");
        }


        UserManager userManager = AccessControlUtil.getUserManager(jcrSession);
        Authorizable authorizable = userManager.getAuthorizable(name);


        Group group = null;
        if (authorizable != null) {
            // principal already exists!
            throw new RepositoryException(

View Full Code Here

Examples of org.apache.jackrabbit.api.security.user.Authorizable

            try {
                Session session = resourceResolver.adaptTo(Session.class);
                if (session != null) {
                    UserManager userManager = AccessControlUtil.getUserManager(session);
                    if (userManager != null) {
                        Authorizable authorizable = userManager.getAuthorizable(pid);
                        if (authorizable != null) {
                            // found the Authorizable, so return the resource
                            // that wraps it.
                            return new AuthorizableResource(authorizable,
                                resourceResolver, path);

View Full Code Here

Examples of org.apache.jackrabbit.api.security.user.Authorizable

                if (resourceResolver != null) {
                    Session session = resourceResolver.adaptTo(Session.class);
                    if (session != null) {
                        UserManager userManager = AccessControlUtil.getUserManager(session);
                        if (userManager != null) {
                            Authorizable authorizable = userManager.getAuthorizable(nextPrincipal.getName());
                            if (authorizable != null) {
                                String path;
                                if (authorizable.isGroup()) {
                                    path = SYSTEM_USER_MANAGER_GROUP_PREFIX
                                        + nextPrincipal.getName();
                                } else {
                                    path = SYSTEM_USER_MANAGER_USER_PREFIX
                                        + nextPrincipal.getName();

View Full Code Here

Examples of org.apache.jackrabbit.api.security.user.Authorizable

    }


    private void setupUsers(final ResourceResolver resolver) throws RepositoryException {
        final UserManager um = AccessControlUtil.getUserManager(resolver.adaptTo(Session.class));
        for(final String userName : USERS) {
            Authorizable user = um.getAuthorizable(userName);
            if ( user == null ) {
                logger.info("Creating user {}", userName);
                um.createUser(userName, userName);
            }
        }

View Full Code Here

Examples of org.apache.jackrabbit.api.security.user.Authorizable

            User currentUser = (User) um.getAuthorizable(jcrSession.getUserID());
            administrator = currentUser.isAdmin();


            if (!administrator) {
                //check if the user is a member of the 'User administrator' group
                Authorizable userAdmin = um.getAuthorizable(this.userAdminGroupName);
                if (userAdmin instanceof Group) {
                    boolean isMember = ((Group)userAdmin).isMember(currentUser);
                    if (isMember) {
                        administrator = true;
                    }
                }


            }
        } catch ( Exception ex ) {
            log.warn("Failed to determine if the user is an admin, assuming not. Cause: "+ex.getMessage());
            administrator = false;
        }




        // make sure user self-registration is enabled
        if (!administrator && !selfRegistrationEnabled) {
            throw new RepositoryException(
                "Sorry, registration of new users is not currently enabled.  Please try again later.");
        }




        // check that the submitted parameter values have valid values.
        if (name == null || name.length() == 0) {
            throw new RepositoryException("User name was not submitted");
        }
        if (password == null) {
            throw new RepositoryException("Password was not submitted");
        }
        if (!password.equals(passwordConfirm)) {
            throw new RepositoryException(
                "Password value does not match the confirmation password");
        }


        User user = null;
        Session selfRegSession = jcrSession;
        boolean useAdminSession = !administrator && selfRegistrationEnabled;
        try {
            if (useAdminSession) {
                //the current user doesn't have permission to create the user,
                // but self-registration is enabled, so use an admin session
                // to do the work.
                selfRegSession = getSession();
            }


            UserManager userManager = AccessControlUtil.getUserManager(selfRegSession);
            Authorizable authorizable = userManager.getAuthorizable(name);


            if (authorizable != null) {
                // user already exists!
                throw new RepositoryException(
                    "A principal already exists with the requested name: "
                        + name);
            } else {
                user = userManager.createUser(name, password);
                String userPath = AuthorizableResourceProvider.SYSTEM_USER_MANAGER_USER_PREFIX
                    + user.getID();


                Map<String, RequestProperty> reqProperties = collectContent(
                    properties, userPath);


                changes.add(Modification.onCreated(userPath));


                // write content from form
                writeContent(selfRegSession, user, reqProperties, changes);


                if (selfRegSession.hasPendingChanges()) {
                    selfRegSession.save();
                }


                if (useAdminSession) {
                    //lookup the user from the user session so we can return a live object
                    UserManager userManager2 = AccessControlUtil.getUserManager(jcrSession);
                    Authorizable authorizable2 = userManager2.getAuthorizable(user.getID());
                    if (authorizable2 instanceof User) {
                        user = (User)authorizable2;
                    } else {
                        user = null;
                    }

View Full Code Here

Examples of org.apache.jackrabbit.api.security.user.Authorizable

     * @see org.apache.sling.jackrabbit.usermanager.AuthorizablePrivilegesInfo#canAddGroup(javax.jcr.Session)
     */
    public boolean canAddGroup(Session jcrSession) {
        try {
            UserManager userManager = AccessControlUtil.getUserManager(jcrSession);
            Authorizable currentUser = userManager.getAuthorizable(jcrSession.getUserID());


            if (currentUser != null) {
                if (((User)currentUser).isAdmin()) {
                    return true; //admin user has full control
                }
                
                //check if the user is a member of the 'Group administrator' group
                Authorizable groupAdmin = userManager.getAuthorizable(this.groupAdminGroupName);
                if (groupAdmin instanceof Group) {
                    boolean isMember = ((Group)groupAdmin).isMember(currentUser);
                    if (isMember) {
                        return true;
                    }

View Full Code Here

Examples of org.apache.jackrabbit.api.security.user.Authorizable

                    }
                }
            }


            UserManager userManager = AccessControlUtil.getUserManager(jcrSession);
            Authorizable currentUser = userManager.getAuthorizable(jcrSession.getUserID());
            if (currentUser != null) {
                if (((User)currentUser).isAdmin()) {
                    return true; //admin user has full control
                }
                
                //check if the user is a member of the 'User administrator' group
                Authorizable userAdmin = userManager.getAuthorizable(this.userAdminGroupName);
                if (userAdmin instanceof Group) {
                    boolean isMember = ((Group)userAdmin).isMember(currentUser);
                    if (isMember) {
                        return true;
                    }

View Full Code Here

Examples of org.apache.jackrabbit.api.security.user.Authorizable

     * @see org.apache.sling.jackrabbit.usermanager.AuthorizablePrivilegesInfo#canRemove(javax.jcr.Session, java.lang.String)
     */
    public boolean canRemove(Session jcrSession, String principalId) {
        try {
            UserManager userManager = AccessControlUtil.getUserManager(jcrSession);
            Authorizable currentUser = userManager.getAuthorizable(jcrSession.getUserID());


            if (((User)currentUser).isAdmin()) {
                return true; //admin user has full control
            }


            Authorizable authorizable = userManager.getAuthorizable(principalId);
            if (authorizable instanceof User) {
                //check if the user is a member of the 'User administrator' group
                Authorizable userAdmin = userManager.getAuthorizable(this.userAdminGroupName);
                if (userAdmin instanceof Group) {
                    boolean isMember = ((Group)userAdmin).isMember(currentUser);
                    if (isMember) {
                        return true;
                    }
                }
            } else if (authorizable instanceof Group) {
                //check if the user is a member of the 'Group administrator' group
                Authorizable groupAdmin = userManager.getAuthorizable(this.groupAdminGroupName);
                if (groupAdmin instanceof Group) {
                    boolean isMember = ((Group)groupAdmin).isMember(currentUser);
                    if (isMember) {
                        return true;
                    }

View Full Code Here

Examples of org.apache.jackrabbit.api.security.user.Authorizable

     * @see org.apache.sling.jackrabbit.usermanager.AuthorizablePrivilegesInfo#canUpdateGroupMembers(javax.jcr.Session, java.lang.String)
     */
    public boolean canUpdateGroupMembers(Session jcrSession, String groupId) {
        try {
            UserManager userManager = AccessControlUtil.getUserManager(jcrSession);
            Authorizable currentUser = userManager.getAuthorizable(jcrSession.getUserID());


            if (((User)currentUser).isAdmin()) {
                return true; //admin user has full control
            }


            Authorizable authorizable = userManager.getAuthorizable(groupId);
            if (authorizable instanceof Group) {
                //check if the user is a member of the 'Group administrator' group
                Authorizable groupAdmin = userManager.getAuthorizable(this.groupAdminGroupName);
                if (groupAdmin instanceof Group) {
                    boolean isMember = ((Group)groupAdmin).isMember(currentUser);
                    if (isMember) {
                        return true;
                    }
                }
                
                //check if the user is a member of the 'User administrator' group
                Authorizable userAdmin = userManager.getAuthorizable(this.userAdminGroupName);
                if (userAdmin instanceof Group) {
                    boolean isMember = ((Group)userAdmin).isMember(currentUser);
                    if (isMember) {
                        return true;
                    }

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.