Examples of org.apache.jackrabbit.api.security.user.UserManager

• org.apache.jackrabbit.api.security.user.UserManager
  The UserManager provides access to and means to maintain {@link Authorizable authoriable objects} i.e. {@link User users} and{@link Group groups}. The UserManager is bound to a particular Session.

    public void testMultipleGroupPermissionsOnNode() throws NotExecutableException, RepositoryException {
        Group testGroup = getTestGroup();

        /* create a second group the test user is member of */
        Principal principal = new TestPrincipal("testGroup" + UUID.randomUUID());
        UserManager umgr = getUserManager(superuser);
        Group group2 = umgr.createGroup(principal);
        try {
            group2.addMember(testUser);
            if (!umgr.isAutoSave() && superuser.hasPendingChanges()) {
                superuser.save();
            }

            /* add privileges for the Group the test-user is member of */
            Privilege[] privileges = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);

    public void testMultipleGroupPermissionsOnNode2() throws NotExecutableException, RepositoryException {
        Group testGroup = getTestGroup();

        /* create a second group the test user is member of */
        Principal principal = new TestPrincipal("testGroup" + UUID.randomUUID());
        UserManager umgr = getUserManager(superuser);
        Group group2 = umgr.createGroup(principal);

        try {
            group2.addMember(testUser);
            if (!umgr.isAutoSave() && superuser.hasPendingChanges()) {
                superuser.save();
            }

            /* add privileges for the Group the test-user is member of */
            Privilege[] privileges = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);

    public void testReorderGroupPermissions() throws NotExecutableException, RepositoryException {
        Group testGroup = getTestGroup();

        /* create a second group the test user is member of */
        Principal principal = new TestPrincipal("testGroup" + UUID.randomUUID());
        UserManager umgr = getUserManager(superuser);
        Group group2 = umgr.createGroup(principal);

        try {
            group2.addMember(testUser);
            if (!umgr.isAutoSave() && superuser.hasPendingChanges()) {
                superuser.save();
            }

            /* add privileges for the Group the test-user is member of */
            Privilege[] privileges = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);

            return (String) nickname;
        }

        final String identity = user.getIdentity();
        String userId = null;
        UserManager userManager = getUserManager();
        if (userManager != null) {
            userId = getUserIdByProperty(userManager, identityProperty,
                identity);
        }

            (password == null) ? new char[0] : password.toCharArray());
        Session session = null;
        try {
            session = repository.login(creds);
            if (session instanceof JackrabbitSession) {
                UserManager umgr = ((JackrabbitSession) session).getUserManager();
                String userId = session.getUserID();
                Authorizable a = umgr.getAuthorizable(userId);
                if (a instanceof User) {

                    // check users
                    if (users.contains(userId)) {
                        return true;

        try {
            final String userId = xingUser.getId(); // TODO make configurable

            final Session session = getSession();
            final UserManager userManager = getUserManager(session);
            final User user = userManager.createUser(userId, null);

            // TODO disable user on create?
            final ValueFactory valueFactory = session.getValueFactory();
            final Value firstnameValue = valueFactory.createValue(xingUser.getFirstName());
            final Value lastnameValue = valueFactory.createValue(xingUser.getLastName());

    }

    private User authenticate(final Session session) throws RepositoryException {
        String userId = session.getUserID();
        if (session instanceof JackrabbitSession) {
            UserManager umgr = ((JackrabbitSession) session).getUserManager();
            Authorizable a = umgr.getAuthorizable(userId);
            if (a instanceof User) {

                // check users
                if (users.contains(userId)) {
                    return (User)a;

            User user = getUser(userId);
            if (user == null) {
                logger.debug("creating a new user with id '{}'", userId);
                final Session session = getSession();
                final UserManager userManager = getUserManager(session);
                user = userManager.createUser(userId, null);
            } else {
                logger.debug("updating an existing user with id '{}'", userId);
            }

            // TODO disable user on create?

                + group.getID();

            ResourceResolver resolver = baseResource.getResourceResolver();
            boolean changed = false;

            UserManager userManager = AccessControlUtil.getUserManager(resolver.adaptTo(Session.class));

            // first remove any members posted as ":member@Delete"
            String[] membersToDelete = convertToStringArray(properties.get(SlingPostConstants.RP_PREFIX
                + "member" + SlingPostConstants.SUFFIX_DELETE));
            if (membersToDelete != null) {

            throw new RepositoryException(
                "Can not change the password of the anonymous user.");
        }

        User user;
        UserManager userManager = AccessControlUtil.getUserManager(jcrSession);
        Authorizable authorizable = userManager.getAuthorizable(name);
        if (authorizable instanceof User) {
            user = (User)authorizable;
        } else {
            throw new ResourceNotFoundException(
                "User to update could not be determined");
        }

        //SLING-2069: if the current user is an administrator, then a missing oldPwd is ok,
        // otherwise the oldPwd must be supplied.
        boolean administrator = false;

        // check that the submitted parameter values have valid values.
        if (oldPassword == null || oldPassword.length() == 0) {
            try {
                UserManager um = AccessControlUtil.getUserManager(jcrSession);
                User currentUser = (User) um.getAuthorizable(jcrSession.getUserID());
                administrator = currentUser.isAdmin();

                if (!administrator) {
                    //check if the user is a member of the 'User administrator' group
                    Authorizable userAdmin = um.getAuthorizable(this.userAdminGroupName);
                    if (userAdmin instanceof Group) {
                        boolean isMember = ((Group)userAdmin).isMember(currentUser);
                        if (isMember) {
                            administrator = true;
                        }