Examples of Authorizable

• org.apache.jackrabbit.api.security.user.Authorizable
  The Authorizable is the common base interface for {@link User} and{@link Group}. It provides access to the Principals associated with an Authorizable (see below) and allow to access and modify additional properties such as e.g. full name, e-mail or address.

  Please note the difference between Authorizable and {@link java.security.Principal Principal}:
  An Authorizable is repository object that is neither associated with nor depending from a particular Session and thus independent of the login mechanisms creating Sessions.
  

  On the other hand Principals are representations of user identities. In other words: each Principal within the set associated with the Session's Subject upon login represents an identity for that user. An the set of Principals may differ between different login mechanisms.
  

  Consequently an one-to-many relationship exists between Authorizable and Principal (see also {@link #getPrincipal()}.

  The interfaces derived from Authorizable are defined as follows:

  • {@link User}: defined to be an Authorizable that can be authenticated (by using Credentials) and impersonated.
  • {@link Group}: defined to be a collection of other Authorizables.

  @see User @see Group
• org.apache.sentry.core.Authorizable
• org.springframework.richclient.core.Authorizable
  Interface to be implemented by objects whose operations can be authorized or not. @author Larry Streepy

Examples of org.apache.jackrabbit.api.security.user.Authorizable

     */
    public Authorizable getAuthorizable(String id) throws RepositoryException {
        if (id == null || id.length() == 0) {
            throw new IllegalArgumentException("Invalid authorizable name '" + id + "'");
        }
        Authorizable a = internalGetAuthorizable(id);
        /**
         * Extra check for the existence of the administrator user that must
         * always exist.
         * In case it got removed if must be recreated using a system session.
         * Since a regular session may lack read permission on the admin-user's

Examples of org.apache.jackrabbit.api.security.user.Authorizable

            // a) try short-cut that works in case of ID.equals(principalName) only.
            // b) execute query in case of pName mismatch or exception. however, query
            //    requires persisted user nodes (see known issue of UserImporter).
            String name = principal.getName();
            try {
                Authorizable a = internalGetAuthorizable(name);
                if (a != null && name.equals(a.getPrincipal().getName())) {
                    return a;
                }
            } catch (RepositoryException e) {
                // ignore and execute the query.
            }

Examples of org.apache.jackrabbit.api.security.user.Authorizable

         circumvent problems with re-importing existing authorizable in which
         case the original user/group node is being recreated but the search
         used to look for an colliding authorizable still finds the persisted
         node.
        */
        Authorizable existing = getAuthorizable(principal);
        if (existing != null && !((AuthorizableImpl) existing).getNode().isSame(node)) {
            throw new AuthorizableExistsException("Authorizable for '" + principal.getName() + "' already exists: ");
        }
        if (!node.isNew() || node.hasProperty(P_PRINCIPAL_NAME)) {
            throw new RepositoryException("rep:principalName can only be set once on a new node.");

Examples of org.apache.jackrabbit.api.security.user.Authorizable

     * @param n A user/group node.
     * @return An authorizable or <code>null</code>.
     * @throws RepositoryException If an error occurs.
     */
    Authorizable getAuthorizable(NodeImpl n) throws RepositoryException {
        Authorizable authorz = null;
        if (n != null) {
            String path = n.getPath();
            if (n.isNodeType(NT_REP_USER)) {
                if (Text.isDescendant(usersPath, path)) {
                    authorz = createUser(n);

Examples of org.apache.jackrabbit.api.security.user.Authorizable

        /**
         * @see Iterator#next()
         */
        public Authorizable next() {
            Authorizable authr = next;
            if (authr == null) {
                throw new NoSuchElementException();
            }
            next = seekNext();
            return authr;

Examples of org.apache.jackrabbit.api.security.user.Authorizable

        private Authorizable seekNext() {
            while (authNodeIter.hasNext()) {
                NodeImpl node = (NodeImpl) authNodeIter.nextNode();
                try {
                    if (!served.contains(node.getUUID())) {
                        Authorizable authr = getAuthorizable(node);
                        served.add(node.getUUID());
                        if (authr != null) {
                            return authr;
                        }
                    }

Examples of org.apache.jackrabbit.api.security.user.Authorizable

     */
    public boolean isAdmin() {
        // NOTE: don't replace by getUserManager()
        if (userManager != null) {
            try {
                Authorizable a = userManager.getAuthorizable(userId);
                if (a != null && !a.isGroup()) {
                    return ((User) a).isAdmin();
                }
            } catch (RepositoryException e) {
                // no user management -> use fallback
            }

Examples of org.apache.jackrabbit.api.security.user.Authorizable

            return false;
        }

        boolean success = false;
        try {
            Authorizable authorizable = userManager.getAuthorizable(userId);
            if (authorizable == null || authorizable.isGroup()) {
                throw new LoginException("Unknown user " + userId);
            }

            User user = (User) authorizable;
            if (user.isDisabled()) {

Examples of org.apache.jackrabbit.api.security.user.Authorizable

    @CheckForNull
    private String getUserId(Tree tokenTree) {
        if (tokenTree != null && tokenTree.exists()) {
            try {
                String userPath = Text.getRelativeParent(tokenTree.getPath(), 2);
                Authorizable authorizable = userManager.getAuthorizableByPath(userPath);
                if (authorizable != null && !authorizable.isGroup() && !((User) authorizable).isDisabled()) {
                    return authorizable.getID();
                }
            } catch (RepositoryException e) {
                log.debug("Cannot determine userID from token: ", e.getMessage());
            }
        }

Examples of org.apache.jackrabbit.api.security.user.Authorizable

    @CheckForNull
    private NodeUtil getTokenParent(String userId) {
        NodeUtil tokenParent = null;
        String parentPath = null;
        try {
            Authorizable user = userManager.getAuthorizable(userId);
            if (user != null && !user.isGroup()) {
                String userPath = user.getPath();
                NodeUtil userNode = new NodeUtil(root.getTree(userPath));
                tokenParent = userNode.getChild(TOKENS_NODE_NAME);
                if (tokenParent == null) {
                    tokenParent = userNode.addChild(TOKENS_NODE_NAME, TOKENS_NT_NAME);
                    parentPath = userPath + '/' + TOKENS_NODE_NAME;