Examples of org.apache.jackrabbit.oak.api.Tree

• org.apache.jackrabbit.oak.api.Tree
  A tree instance represents a snapshot of the {@link ContentRepository}tree at the time the instance was acquired from a {@link ContentSession}. Tree instances may become invalid over time due to garbage collection of old content, at which point an outdated snapshot will start throwing {@code IllegalStateException}s to indicate that the snapshot is no longer available.

  Order and orderability

  The children of a {@code Tree} are generally unordered. That is, thesequence of the children returned by {@link #getChildren()} may change overtime as this {@code Tree} is modified either directly or through some othersession. Calling {@link #orderBefore(String)} will persist the current orderand maintain the order as new children are added or removed. In this case a new child will be inserted after the last child as seen by {@link #getChildren()}.

  State and state transitions

  A tree instance belongs to the client and its state is only modified in response to method calls made by the client. The various accessors on this interface mirror these of the underlying {@code NodeState}interface. However, since instances of this class are mutable return values may change between invocations.

  All tree instances created in the context of a content session become invalid after the content session is closed. Any method called on an invalid tree instance will throw an {@code InvalidStateException}.

  {@link Tree} instances may become non existing after a call to{@link Root#refresh()}, {@link Root#rebase()} or {@link Root#commit()}. Any write access to non existing {@code Tree} instances will cause an{@code InvalidStateException}.

  Thread safety

  Tree instances are not thread-safe for write access, so writing clients need to ensure that they are not accessed concurrently from multiple threads. Instances are however thread-safe for read access, so implementations need to ensure that all reading clients see a coherent state.

  Visibility and access control

  The data returned by this class and intermediary objects such as are access controlled governed by the {@code ContentSession} instance from whichthe containing {@code Root} was obtained.

  Existence and iterability of trees

  The {@link #getChild(String)} method is special in that it neverreturns a {@code null} value, even if the named tree does not exist.Instead a client should use the {@link #exists()} method on the returnedtree to check whether that tree exists.

  The iterability of a tree is a related to existence. A node state is iterable if it is included in the return values of the {@link #getChildrenCount(long)} and {@link #getChildren()} methods. An iterablenode is guaranteed to exist, though not all existing nodes are necessarily iterable.

  Furthermore, a non-existing node is guaranteed to contain no properties or iterable child nodes. It can, however contain non-iterable children. Such scenarios are typically the result of access control restrictions.

        Util.checkValidPolicy(oakPath, policy);

        if (policy instanceof PrincipalACL) {
            setPrincipalBasedAcl((PrincipalACL) policy);
        } else {
            Tree tree = getTree(oakPath, Permissions.MODIFY_ACCESS_CONTROL, true);
            setNodeBasedAcl(oakPath, tree, (ACL) policy);
        }
    }

        }
    }

    @Nonnull
    private Tree getPrivilegesTree(Root root) throws CommitFailedException {
        Tree privilegesTree = root.getTree(PRIVILEGES_PATH);
        if (!privilegesTree.exists()) {
            throw new CommitFailedException(CONSTRAINT, 44, "Privilege store not initialized.");
        }
        return privilegesTree;
    }

        }

        // add new entries
        for (ACE ace : toAdd) {
            String path = getNodePath(ace);
            Tree tree = getTree(path, Permissions.MODIFY_ACCESS_CONTROL, true);

            ACL acl = (ACL) createACL(path, tree, false);
            if (acl == null) {
                acl = new NodeACL(path);
            }

            Map<String, Value> restrictions = new HashMap<String, Value>();
            for (String name : ace.getRestrictionNames()) {
                if (!REP_NODE_PATH.equals(name)) {
                    restrictions.put(name, ace.getRestriction(name));
                }
            }
            acl.addEntry(ace.getPrincipal(), ace.getPrivileges(), ace.isAllow(), restrictions);
            setNodeBasedAcl(path, tree, acl);
        }

        // remove entries that are not longer present in the acl to write
        for (ACE ace : toRemove) {
            String path = getNodePath(ace);
            Tree tree = getTree(path, Permissions.MODIFY_ACCESS_CONTROL, true);

            ACL acl = (ACL) createACL(path, tree, false);
            if (acl != null) {
                acl.removeAccessControlEntry(ace);
                setNodeBasedAcl(path, tree, acl);

        }
    }

    private void setNodeBasedAcl(@Nullable String oakPath, @Nonnull Tree tree,
                                 @Nonnull ACL acl) throws RepositoryException {
        Tree aclTree = getAclTree(oakPath, tree);
        if (aclTree != null) {
            // remove all existing aces
            for (Tree aceTree : aclTree.getChildren()) {
                aceTree.remove();
            }
        } else {
            aclTree = createAclTree(oakPath, tree);
        }
        aclTree.setOrderableChildren(true);
        for (ACE ace : acl.getEntries()) {
            boolean isAllow = ace.isAllow();
            String nodeName = Util.generateAceName(aclTree, isAllow);
            String ntName = (isAllow) ? NT_REP_GRANT_ACE : NT_REP_DENY_ACE;

        if (policy instanceof PrincipalACL) {
            PrincipalACL principalAcl = (PrincipalACL) policy;
            for (ACE ace : principalAcl.getEntries()) {
                String path = getNodePath(ace);
                Tree tree = getTree(path, Permissions.MODIFY_ACCESS_CONTROL, true);
                Tree aclTree = getAclTree(path, tree);
                if (aclTree == null) {
                    throw new AccessControlException("Unable to retrieve policy node at " + path);
                }
                Iterator<Tree> children = aclTree.getChildren().iterator();
                while (children.hasNext()) {
                    Tree child = children.next();
                    if (ace.equals(createACE(path, child, principalAcl.rProvider))) {
                        child.remove();
                    }
                }
                if (!aclTree.getChildren().iterator().hasNext()) {
                    aclTree.remove();
                }
            }
        } else {
            Tree tree = getTree(oakPath, Permissions.MODIFY_ACCESS_CONTROL, true);
            Tree aclTree = getAclTree(oakPath, tree);
            if (aclTree != null) {
                aclTree.remove();
            } else {
                throw new AccessControlException("No policy to remove at " + absPath);
            }
        }
    }

        List<AccessControlPolicy> effective = new ArrayList<AccessControlPolicy>();
        for (ResultRow row : aceResult.getRows()) {
            String acePath = row.getPath();
            String aclName = Text.getName(Text.getRelativeParent(acePath, 1));

            Tree accessControlledTree = r.getTree(Text.getRelativeParent(acePath, 2));
            if (aclName.isEmpty() || !accessControlledTree.exists()) {
                log.debug("Isolated access control entry -> ignore query result at " + acePath);
                continue;
            }

            String path = (REP_REPO_POLICY.equals(aclName)) ? null : accessControlledTree.getPath();
            AccessControlPolicy policy = createACL(path, accessControlledTree, true);
            if (policy != null) {
                effective.add(policy);
            }
        }

    //------------------------------------------------------------< private >---
    @CheckForNull
    private Tree getAclTree(@Nullable String oakPath, @Nonnull Tree accessControlledTree) {
        if (Util.isAccessControlled(oakPath, accessControlledTree, ntMgr)) {
            String aclName = Util.getAclName(oakPath);
            Tree policyTree = accessControlledTree.getChild(aclName);
            if (policyTree.exists()) {
                return policyTree;
            }
        }
        return null;
    }

                                                  @Nonnull Tree accessControlledTree,
                                                  boolean isEffectivePolicy) throws RepositoryException {
        JackrabbitAccessControlList acl = null;
        String aclName = Util.getAclName(oakPath);
        if (accessControlledTree.exists() && Util.isAccessControlled(oakPath, accessControlledTree, ntMgr)) {
            Tree aclTree = accessControlledTree.getChild(aclName);
            if (aclTree.exists()) {
                List<ACE> entries = new ArrayList<ACE>();
                for (Tree child : aclTree.getChildren()) {
                    if (Util.isACE(child, ntMgr)) {
                        entries.add(createACE(oakPath, child, restrictionProvider));
                    }
                }
                if (isEffectivePolicy) {

        Root root = getRoot();
        Result aceResult = searchAces(Collections.<Principal>singleton(principal), root);
        RestrictionProvider restrProvider = new PrincipalRestrictionProvider(restrictionProvider);
        List<ACE> entries = new ArrayList<ACE>();
        for (ResultRow row : aceResult.getRows()) {
            Tree aceTree = root.getTree(row.getPath());
            if (Util.isACE(aceTree, ntMgr)) {
                String aclPath = Text.getRelativeParent(aceTree.getPath(), 1);
                String path;
                if (aclPath.endsWith(REP_REPO_POLICY)) {
                    path = null;
                } else {
                    path = Text.getRelativeParent(aclPath, 1);

     */
    @Override
    public TokenInfo getTokenInfo(String token) {
        int pos = token.indexOf(DELIM);
        String nodeId = (pos == -1) ? token : token.substring(0, pos);
        Tree tokenTree = identifierManager.getTree(nodeId);
        String userId = getUserId(tokenTree);
        if (userId == null || !isValidTokenTree(tokenTree)) {
            return null;
        } else {
            return new TokenInfoImpl(new NodeUtil(tokenTree), token, userId);