Examples of org.apache.jackrabbit.oak.api.Tree

• org.apache.jackrabbit.oak.api.Tree
  A tree instance represents a snapshot of the {@link ContentRepository}tree at the time the instance was acquired from a {@link ContentSession}. Tree instances may become invalid over time due to garbage collection of old content, at which point an outdated snapshot will start throwing {@code IllegalStateException}s to indicate that the snapshot is no longer available.

  Order and orderability

  The children of a {@code Tree} are generally unordered. That is, thesequence of the children returned by {@link #getChildren()} may change overtime as this {@code Tree} is modified either directly or through some othersession. Calling {@link #orderBefore(String)} will persist the current orderand maintain the order as new children are added or removed. In this case a new child will be inserted after the last child as seen by {@link #getChildren()}.

  State and state transitions

  A tree instance belongs to the client and its state is only modified in response to method calls made by the client. The various accessors on this interface mirror these of the underlying {@code NodeState}interface. However, since instances of this class are mutable return values may change between invocations.

  All tree instances created in the context of a content session become invalid after the content session is closed. Any method called on an invalid tree instance will throw an {@code InvalidStateException}.

  {@link Tree} instances may become non existing after a call to{@link Root#refresh()}, {@link Root#rebase()} or {@link Root#commit()}. Any write access to non existing {@code Tree} instances will cause an{@code InvalidStateException}.

  Thread safety

  Tree instances are not thread-safe for write access, so writing clients need to ensure that they are not accessed concurrently from multiple threads. Instances are however thread-safe for read access, so implementations need to ensure that all reading clients see a coherent state.

  Visibility and access control

  The data returned by this class and intermediary objects such as are access controlled governed by the {@code ContentSession} instance from whichthe containing {@code Root} was obtained.

  Existence and iterability of trees

  The {@link #getChild(String)} method is special in that it neverreturns a {@code null} value, even if the named tree does not exist.Instead a client should use the {@link #exists()} method on the returnedtree to check whether that tree exists.

  The iterability of a tree is a related to existence. A node state is iterable if it is included in the return values of the {@link #getChildrenCount(long)} and {@link #getChildren()} methods. An iterablenode is guaranteed to exist, though not all existing nodes are necessarily iterable.

  Furthermore, a non-existing node is guaranteed to contain no properties or iterable child nodes. It can, however contain non-iterable children. Such scenarios are typically the result of access control restrictions.

        }
    }

    private void setNodeBasedAcl(@Nullable String oakPath, @Nonnull Tree tree,
                                 @Nonnull ACL acl) throws RepositoryException {
        Tree aclTree = getAclTree(oakPath, tree);
        if (aclTree != null) {
            // remove all existing aces
            for (Tree aceTree : aclTree.getChildren()) {
                aceTree.remove();
            }
        } else {
            aclTree = createAclTree(oakPath, tree);
        }
        aclTree.setOrderableChildren(true);
        for (ACE ace : acl.getEntries()) {
            boolean isAllow = ace.isAllow();
            String nodeName = Util.generateAceName(aclTree, isAllow);
            String ntName = (isAllow) ? NT_REP_GRANT_ACE : NT_REP_DENY_ACE;

        if (policy instanceof PrincipalACL) {
            PrincipalACL principalAcl = (PrincipalACL) policy;
            for (ACE ace : principalAcl.getEntries()) {
                String path = getNodePath(ace);
                Tree tree = getTree(path, Permissions.MODIFY_ACCESS_CONTROL, true);
                Tree aclTree = getAclTree(path, tree);
                if (aclTree == null) {
                    throw new AccessControlException("Unable to retrieve policy node at " + path);
                }
                Iterator<Tree> children = aclTree.getChildren().iterator();
                while (children.hasNext()) {
                    Tree child = children.next();
                    if (ace.equals(createACE(path, child, principalAcl.rProvider))) {
                        child.remove();
                    }
                }
                if (!aclTree.getChildren().iterator().hasNext()) {
                    aclTree.remove();
                }
            }
        } else {
            Tree tree = getTree(oakPath, Permissions.MODIFY_ACCESS_CONTROL, true);
            Tree aclTree = getAclTree(oakPath, tree);
            if (aclTree != null) {
                aclTree.remove();
            } else {
                throw new AccessControlException("No policy to remove at " + absPath);
            }
        }
    }

        List<AccessControlPolicy> effective = new ArrayList<AccessControlPolicy>();
        for (ResultRow row : aceResult.getRows()) {
            String acePath = row.getPath();
            String aclName = Text.getName(Text.getRelativeParent(acePath, 1));

            Tree accessControlledTree = r.getTree(Text.getRelativeParent(acePath, 2));
            if (aclName.isEmpty() || !accessControlledTree.exists()) {
                log.debug("Isolated access control entry -> ignore query result at " + acePath);
                continue;
            }

            String path = (REP_REPO_POLICY.equals(aclName)) ? null : accessControlledTree.getPath();
            AccessControlPolicy policy = createACL(path, accessControlledTree, true);
            if (policy != null) {
                effective.add(policy);
            }
        }

    //------------------------------------------------------------< private >---
    @CheckForNull
    private Tree getAclTree(@Nullable String oakPath, @Nonnull Tree accessControlledTree) {
        if (Util.isAccessControlled(oakPath, accessControlledTree, ntMgr)) {
            String aclName = Util.getAclName(oakPath);
            Tree policyTree = accessControlledTree.getChild(aclName);
            if (policyTree.exists()) {
                return policyTree;
            }
        }
        return null;
    }

                                                  @Nonnull Tree accessControlledTree,
                                                  boolean isEffectivePolicy) throws RepositoryException {
        JackrabbitAccessControlList acl = null;
        String aclName = Util.getAclName(oakPath);
        if (accessControlledTree.exists() && Util.isAccessControlled(oakPath, accessControlledTree, ntMgr)) {
            Tree aclTree = accessControlledTree.getChild(aclName);
            if (aclTree.exists()) {
                List<ACE> entries = new ArrayList<ACE>();
                for (Tree child : aclTree.getChildren()) {
                    if (Util.isACE(child, ntMgr)) {
                        entries.add(createACE(oakPath, child, restrictionProvider));
                    }
                }
                if (isEffectivePolicy) {

        Root root = getRoot();
        Result aceResult = searchAces(Collections.<Principal>singleton(principal), root);
        RestrictionProvider restrProvider = new PrincipalRestrictionProvider(restrictionProvider);
        List<ACE> entries = new ArrayList<ACE>();
        for (ResultRow row : aceResult.getRows()) {
            Tree aceTree = root.getTree(row.getPath());
            if (Util.isACE(aceTree, ntMgr)) {
                String aclPath = Text.getRelativeParent(aceTree.getPath(), 1);
                String path;
                if (aclPath.endsWith(REP_REPO_POLICY)) {
                    path = null;
                } else {
                    path = Text.getRelativeParent(aclPath, 1);

    private static boolean hasRestrictionProperty(Tree aceTree, String name) {
        if (aceTree.hasProperty(name)) {
            return true;
        }
        Tree restrictionTree = aceTree.getChild(AccessControlConstants.REP_RESTRICTIONS);
        return restrictionTree.exists() && restrictionTree.hasProperty(name);
    }

        return new RestrictionImpl(propertyState, definition);
    }

    @Nonnull
    private Tree getRestrictionsTree(Tree aceTree) {
        Tree restrictions = aceTree.getChild(REP_RESTRICTIONS);
        if (!restrictions.exists()) {
            // no rep:restrictions tree -> read from aceTree for backwards compatibility
            restrictions = aceTree;
        }
        return restrictions;
    }

        return restrictions;
    }

    @Nonnull
    private Map<String, PropertyState> getRestrictionProperties(Tree aceTree) {
        Tree rTree = getRestrictionsTree(aceTree);
        Map<String, PropertyState> restrictionProperties = new HashMap<String, PropertyState>();
        for (PropertyState property : rTree.getProperties()) {
            String name = property.getName();
            if (isRestrictionProperty(name)) {
                restrictionProperties.put(name, property);
            }
        }

        boolean asterisk = PathUtils.getName(propertyName).equals("*");
        if (!asterisk) {
            PropertyValue p = selector.currentProperty(propertyName);
            return matchesPropertyType(p) ? p : null;
        }
        Tree tree = selector.currentTree();
        if (tree == null || !tree.exists()) {
            return null;
        }
        if (!asterisk) {
            String name = PathUtils.getName(propertyName);
            name = normalizePropertyName(name);
            PropertyState p = tree.getProperty(name);
            if (p == null) {
                return null;
            }
            return matchesPropertyType(p) ? PropertyValues.create(p) : null;
        }
        // asterisk - create a multi-value property
        // warning: the returned property state may have a mixed type
        // (not all values may have the same type)

        // TODO currently all property values are converted to strings -
        // this doesn't play well with the idea that the types may be different
        List<String> values = new ArrayList<String>();
        for (PropertyState p : tree.getProperties()) {
            if (matchesPropertyType(p)) {
                Iterables.addAll(values, p.getValue(Type.STRINGS));
            }
        }
        // "*"