Package com.composum.sling.core.service

Interface RepositorySetupService

All Known Implementing Classes:

CoreRepositorySetupService

public interface RepositorySetupService

Security configuration management service

Field Summary

Fields

Modifier and Type	Field	Description
static String	GROUP_PATH
static String	MEMBER_OF
static String	USER_PATH

Method Summary

Modifier and Type	Method	Description
void	addJsonAcl(@NotNull javax.jcr.Session session, @NotNull Reader reader, @Nullable Map<String,Object> values)
void	addJsonAcl(@NotNull javax.jcr.Session session, @NotNull String jsonFilePath, @Nullable Map<String,Object> values)	adds ACL accordiong to rules declared as JSON file; e.g.
void	removeJsonAcl(@NotNull javax.jcr.Session session, @NotNull Reader reader, @Nullable Map<String,Object> values)
void	removeJsonAcl(@NotNull javax.jcr.Session session, @NotNull String jsonFilePath, @Nullable Map<String,Object> values)	revert all changes made by 'addJsonAcl'...

Field Detail

USER_PATH

static final String USER_PATH

See Also:

Constant Field Values

GROUP_PATH

static final String GROUP_PATH

See Also:

Constant Field Values

MEMBER_OF

static final String MEMBER_OF

See Also:

Constant Field Values

Method Detail

addJsonAcl

void addJsonAcl(@NotNull
                @NotNull javax.jcr.Session session,
                @NotNull
                @NotNull String jsonFilePath,
                @Nullable
                @Nullable Map<String,Object> values)
         throws javax.jcr.RepositoryException,
                IOException

adds ACL accordiong to rules declared as JSON file; e.g.

• allow read for 'everyone' on root ('/') to walk trough (this node only)
• deny read for 'a-group' on '/apps' and all subnodes and ensure that this folder and the group exists
• make 'everyone' and 'someone' a member of 'a-group' (both principals must exist)
• remove each ACL for 'a-group' from '/conf' and ensure that this group exists

[{ "path": "/", "acl": [{ "principal": "everyone", "reset": true, "rules": [{ "grant": "jcr:read", "restrictions": { "rep:glob": "" } }] }] },{ "path": "/apps", "jcr:primaryType": "sling:Folder" "acl": [{ "principal": [ "a-group" "another-group" ], "groupPath": "example", "deny": [ "jcr:read" ] }] },{ "principal": [ "everyone", "someone" ], "memberOf": [ "a-group" ] }] },{ "path": "/conf", "acl": [{ "principal": "a-user", "userPath": "example", "memberOf": [ "a-group" ] }] }]

Parameters:

session - the session (not resolver to make it easy usable in install hooks)

jsonFilePath - a repository path to the ACL JSON file

Throws:

javax.jcr.RepositoryException

IOException

addJsonAcl

void addJsonAcl(@NotNull
                @NotNull javax.jcr.Session session,
                @NotNull
                @NotNull Reader reader,
                @Nullable
                @Nullable Map<String,Object> values)
         throws javax.jcr.RepositoryException,
                IOException

Throws:

javax.jcr.RepositoryException

IOException

removeJsonAcl

void removeJsonAcl(@NotNull
                   @NotNull javax.jcr.Session session,
                   @NotNull
                   @NotNull String jsonFilePath,
                   @Nullable
                   @Nullable Map<String,Object> values)
            throws javax.jcr.RepositoryException,
                   IOException

revert all changes made by 'addJsonAcl'... - use the same configuration file

Throws:

javax.jcr.RepositoryException

IOException

removeJsonAcl

void removeJsonAcl(@NotNull
                   @NotNull javax.jcr.Session session,
                   @NotNull
                   @NotNull Reader reader,
                   @Nullable
                   @Nullable Map<String,Object> values)
            throws javax.jcr.RepositoryException,
                   IOException

Throws:

javax.jcr.RepositoryException

IOException