Examples of org.apache.jackrabbit.core.NodeImpl

• org.apache.jackrabbit.core.NodeImpl
  NodeImpl implements the Node interface.

                        NodeId remapped = referenceTracker.getMappedId(originalId);
                        NodeId id = (remapped == null) ? originalId : remapped;

                        Authorizable authorz = null;
                        try {
                            NodeImpl n = ((SessionImpl) session).getNodeById(id);
                            authorz = userManager.getAuthorizable(n);
                        } catch (RepositoryException e) {
                            // no such node or failed to retrieve authorizable
                            // warning is logged below.
                        }
                        if (authorz != null) {
                            if (toRemove.remove(authorz.getID()) == null) {
                                toAdd.add(authorz);
                            } // else: no need to remove from rep:members
                        } else {
                            handleFailure("Ignoring new member of " + gr + ". No such authorizable (NodeID = " + id + ")");
                            if (importBehavior == ImportBehavior.BESTEFFORT) {
                                nonExisting.add(session.getValueFactory().createValue(id.toString(), PropertyType.WEAKREFERENCE));
                            }
                        }
                    }

                    // 2. adjust members of the group
                    for (Authorizable m : toRemove.values()) {
                        if (!gr.removeMember(m)) {
                            handleFailure("Failed remove existing member (" + m + ") from " + gr);
                        }
                    }
                    for (Authorizable m : toAdd) {
                        if (!gr.addMember(m)) {
                            handleFailure("Failed add member (" + m + ") to " + gr);
                        }
                    }

                    // handling non-existing members in case of best-effort
                    if (!nonExisting.isEmpty()) {
                        log.warn("Found " + nonExisting.size() + " entries of rep:members pointing to non-existing authorizables. Best-effort approach configured -> add to rep:members.");

                        NodeImpl groupNode = ((AuthorizableImpl) gr).getNode();
                        // build list of valid members set before ....
                        List<Value> memberValues = new ArrayList();
                        if (groupNode.hasProperty(UserConstants.P_MEMBERS)) {
                            Value[] vls = groupNode.getProperty(UserConstants.P_MEMBERS).getValues();
                            memberValues.addAll(Arrays.asList(vls));
                        }
                        // ... and the non-Existing onces.
                        memberValues.addAll(nonExisting);
                        // and use implementation specific method to set the

    /**
     * Test if the given node is itself a rep:ACL or a rep:ACE node.
     * @see org.apache.jackrabbit.core.security.authorization.AccessControlUtils#isAcItem(ItemImpl)
     */
    public boolean isAcItem(ItemImpl item) throws RepositoryException {
        NodeImpl n = ((item.isNode()) ? (NodeImpl) item : (NodeImpl) item.getParent());
        return n.isNodeType(NT_REP_ACL) || n.isNodeType(NT_REP_ACE);
    }

    public void init(Session systemSession, Map configuration) throws RepositoryException {
        super.init(systemSession, configuration);

        // make sure the workspace of the given systemSession has a
        // minimal protection on the root node.
        NodeImpl root = (NodeImpl) session.getRootNode();
        rootNodeId = root.getNodeId();
        systemEditor = new ACLEditor(systemSession, this);
        // TODO: replace by configurable default policy (see JCR-2331)
        boolean initializedWithDefaults = !configuration.containsKey(PARAM_OMIT_DEFAULT_PERMISSIONS);
        if (initializedWithDefaults && !isAccessControlled(root)) {
            initRootACL(session, systemEditor);

     * @param absPath absolute path
     */
    public AccessControlPolicy[] getEffectivePolicies(Path absPath) throws ItemNotFoundException, RepositoryException {
        checkInitialized();

        NodeImpl targetNode = (NodeImpl) session.getNode(session.getJCRPath(absPath));
        NodeImpl node = getNode(targetNode);
        List<AccessControlList> acls = new ArrayList<AccessControlList>();

        // collect all ACLs effective at node
        collectAcls(node, acls);
        // if no effective ACLs are present -> add a default, empty acl.

     * @param targetNode The node for which AC information needs to be retrieved.
     * @return the node
     * @throws RepositoryException if an error occurs
     */
    private NodeImpl getNode(NodeImpl targetNode) throws RepositoryException {
        NodeImpl node;
        if (isAcItem(targetNode)) {
            if (targetNode.isNodeType(NT_REP_ACL)) {
                node = (NodeImpl) targetNode.getParent();
            } else {
                node = (NodeImpl) targetNode.getParent().getParent();

    private void collectAcls(NodeImpl node, List<AccessControlList> acls) throws RepositoryException {
        // if the given node is access-controlled, construct a new ACL and add
        // it to the list
        if (isAccessControlled(node)) {
            // build acl for the access controlled node
            NodeImpl aclNode = node.getNode(N_POLICY);
            AccessControlList acl = systemEditor.getACL(aclNode);
            acls.add(new UnmodifiableAccessControlList(acl));
        }
        // then, recursively look for access controlled parents up the hierarchy.
        if (!rootNodeId.equals(node.getId())) {
            NodeImpl parentNode = (NodeImpl) node.getParent();
            collectAcls(parentNode, acls);
        }
    }

         * @see AbstractCompiledPermissions#buildResult(Path)
         */
        @Override
        protected Result buildResult(Path absPath) throws RepositoryException {
            boolean existingNode = false;
            NodeImpl node = null;
            String jcrPath = resolver.getJCRPath(absPath);

            if (session.nodeExists(jcrPath)) {
                node = (NodeImpl) session.getNode(jcrPath);
                existingNode = true;
            } else {
                // path points to existing prop or non-existing item (node or prop).
                // -> find the nearest persisted node
                String parentPath = Text.getRelativeParent(jcrPath, 1);
                while (parentPath.length() > 0) {
                    if (session.nodeExists(parentPath)) {
                        node = (NodeImpl) session.getNode(parentPath);
                        break;
                    }
                    parentPath = Text.getRelativeParent(parentPath, 1);
                }
            }

            if (node == null) {
                // should never get here
                throw new ItemNotFoundException("Item out of hierarchy.");
            }

            boolean isAcItem = isAcItem(absPath);

            // retrieve all ACEs at path or at the direct ancestor of path that
            // apply for the principal names.
            Iterator<AccessControlEntry> entries = retrieveResultEntries(getNode(node), principalNames);
            // build a list of ACEs that are defined locally at the node
            List<AccessControlEntry> localACEs;
            if (existingNode && isAccessControlled(node)) {
                NodeImpl aclNode = node.getNode(N_POLICY);
                localACEs = Arrays.asList(systemEditor.getACL(aclNode).getAccessControlEntries());
            } else {
                localACEs = Collections.emptyList();
            }
            /*

                    switch (ev.getType()) {
                        case Event.NODE_ADDED:
                            // test if the new node is an ACE node that affects
                            // the permission of any of the principals listed in
                            // principalNames.
                            NodeImpl n = (NodeImpl) session.getNode(path);
                            if (n.isNodeType(NT_REP_ACE) &&
                                    principalNames.contains(n.getProperty(P_PRINCIPAL_NAME).getString())) {
                                clearCache = true;
                            }
                            break;
                        case Event.PROPERTY_REMOVED:
                        case Event.NODE_REMOVED:
                            // can't find out if the removed ACL/ACE node was
                            // relevant for the principals
                            clearCache = true;
                            break;
                        case Event.PROPERTY_ADDED:
                        case Event.PROPERTY_CHANGED:
                            // test if the added/changed prop belongs to an ACe
                            // node and affects the permission of any of the
                            // principals listed in principalNames.
                            PropertyImpl p = (PropertyImpl) session.getProperty(path);
                            NodeImpl parent = (NodeImpl) p.getParent();
                            if (parent.isNodeType(NT_REP_ACE)) {
                                String principalName = null;
                                if (P_PRIVILEGES.equals(p.getQName())) {
                                    // test if principal-name sibling-prop matches
                                    principalName = parent.getProperty(P_PRINCIPAL_NAME).getString();
                                } else if (P_PRINCIPAL_NAME.equals(p.getQName())) {
                                    // a new ace or an ace change its principal-name.
                                    principalName = p.getString();
                                }
                                if (principalName != null &&

        private void collectEntries(NodeImpl node) throws RepositoryException {
            // if the given node is access-controlled, construct a new ACL and add
            // it to the list
            if (isAccessControlled(node)) {
                // build acl for the access controlled node
                NodeImpl aclNode = node.getNode(N_POLICY);
                //collectEntries(aclNode, principalNamesToEntries);
                collectEntriesFromAcl(aclNode);
            }
            // recursively look for access controlled parents up the hierarchy.
            if (!rootNodeId.equals(node.getId())) {
                NodeImpl parentNode = (NodeImpl) node.getParent();
                collectEntries(parentNode);
            }
        }

            PrincipalManager principalMgr = sImpl.getPrincipalManager();
            AccessControlManager acMgr = sImpl.getAccessControlManager();

            NodeIterator itr = aclNode.getNodes();
            while (itr.hasNext()) {
                NodeImpl aceNode = (NodeImpl) itr.nextNode();
                String principalName = aceNode.getProperty(AccessControlConstants.P_PRINCIPAL_NAME).getString();
                // only process aceNode if 'principalName' is contained in the given set
                if (principalNames.contains(principalName)) {
                    Principal princ = principalMgr.getPrincipal(principalName);
                    if (princ == null) {
                        log.warn("Principal with name " + principalName + " unknown to PrincipalManager -> Ignored from AC evaluation.");
                        continue;
                    }

                    Value[] privValues = aceNode.getProperty(AccessControlConstants.P_PRIVILEGES).getValues();
                    Privilege[] privs = new Privilege[privValues.length];
                    for (int i = 0; i < privValues.length; i++) {
                        privs[i] = acMgr.privilegeFromName(privValues[i].getString());
                    }
                    // create a new ACEImpl (omitting validation check)
                    AccessControlEntry ace = new ACLTemplate.Entry(
                            princ,
                            privs,
                            aceNode.isNodeType(AccessControlConstants.NT_REP_GRANT_ACE),
                            sImpl.getValueFactory());
                    // add it to the proper list (e.g. separated by principals)
                    if (princ instanceof Group) {
                        groupAces.add(ace);
                    } else {