* java.lang.String)
*/
@Override
public ITenant createTenant( final ITenant parentTenant, final String tenantName, final String tenantAdminRoleName,
final String authenticatedRoleName, final String anonymousRoleName ) {
Tenant newTenant;
String parentTenantFolder;
if ( parentTenant == null ) {
if ( repositoryFileDao.getFileByAbsolutePath( "/" + tenantName ) != null ) {
return null;
}
} else {
if ( repositoryFileDao.getFileByAbsolutePath( parentTenant.getRootFolderAbsolutePath() + "/" + tenantName )
!= null ) {
return null;
}
}
if ( parentTenant == null ) {
newTenant = new Tenant( RepositoryFile.SEPARATOR + tenantName, true );
parentTenantFolder = "/";
} else {
newTenant = new Tenant( parentTenant.getRootFolderAbsolutePath() + RepositoryFile.SEPARATOR + tenantName, true );
parentTenantFolder = parentTenant.getRootFolderAbsolutePath();
}
String tenantCreatorId = PentahoSessionHolder.getSession().getName();
RepositoryFile tenantRootFolder = createTenantFolder( parentTenant, tenantName, tenantCreatorId );
userRoleDao.createRole( newTenant, tenantAdminRoleName, "", new String[0] );
userRoleDao.createRole( newTenant, authenticatedRoleName, "", new String[0] );
userRoleDao.createRole( newTenant, anonymousRoleName, "", new String[0] );
roleBindingDao
.setRoleBindings( newTenant, authenticatedRoleName, singleTenantAuthenticatedAuthorityRoleBindingList );
String tenantAdminRoleId = tenantedRoleNameResolver.getPrincipleId( newTenant, tenantAdminRoleName );
RepositoryFileSid tenantAdminRoleSid = new RepositoryFileSid( tenantAdminRoleId, Type.ROLE );
this.jcrTemplate.save();
// If parent tenant is null then we assume we're creating the system tenant. In which case we'll give the
// system
// tenant admin permissions on the root folder.
if ( parentTenant == null ) {
repositoryFileAclDao.addAce( tenantRootFolder.getId(), tenantAdminRoleSid, EnumSet
.of( RepositoryFilePermission.ALL ) );
} else {
RepositoryFileAcl acl = repositoryFileAclDao.getAcl( tenantRootFolder.getId() );
Builder aclBuilder =
new RepositoryFileAcl.Builder( acl ).ace( tenantAdminRoleSid, EnumSet.of( RepositoryFilePermission.ALL ) );
IPentahoSession origPentahoSession = PentahoSessionHolder.getSession();
Authentication origAuthentication = SecurityContextHolder.getContext().getAuthentication();
login( repositoryAdminUsername, tenantAdminRoleId );
try {
// Give all to Tenant Admin of all ancestors
while ( !parentTenantFolder.equals( "/" ) ) {
ITenant tenant = new Tenant( parentTenantFolder, true );
String parentTenantAdminRoleId = tenantedRoleNameResolver.getPrincipleId( tenant, tenantAdminRoleName );
RepositoryFileSid parentTenantAdminSid = new RepositoryFileSid( parentTenantAdminRoleId, Type.ROLE );
aclBuilder.ace( parentTenantAdminSid, EnumSet.of( RepositoryFilePermission.ALL ) );
parentTenantFolder = FilenameUtils.getFullPathNoEndSeparator( parentTenantFolder );
}