Source code

001/*
002 * (C) Copyright 2006-2016 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Bogdan Stefanescu
018 *     Florent Guillaume
019 */
020package org.nuxeo.ecm.core.api;
021
022import java.security.Principal;
023import java.util.ArrayList;
024import java.util.function.Consumer;
025import java.util.function.Function;
026
027import org.apache.commons.lang3.mutable.MutableObject;
028import org.nuxeo.ecm.core.api.impl.UserPrincipal;
029import org.nuxeo.ecm.core.api.repository.RepositoryManager;
030import org.nuxeo.runtime.api.Framework;
031import org.nuxeo.runtime.api.login.LoginComponent;
032
033/**
034 * The CoreInstance is the main access point to a CoreSession.
035 */
036public class CoreInstance {
037
038    private CoreInstance() {
039    }
040
041    /**
042     * Gets a {@link CoreSession} for the currently logged-in user.
043     *
044     * @param repositoryName the repository name, or {@code null} for the default repository
045     * @return the session
046     * @since 11.1
047     */
048    public static CoreSession getCoreSession(String repositoryName) {
049        return getCoreSession(repositoryName, getPrincipal(null));
050    }
051
052    /**
053     * MUST ONLY BE USED IN UNIT TESTS to get a {@link CoreSession} for the given user.
054     *
055     * @param repositoryName the repository name, or {@code null} for the default repository
056     * @param username the user name
057     * @return the session
058     * @since 11.1
059     */
060    public static CoreSession getCoreSession(String repositoryName, String username) {
061        return getCoreSession(repositoryName, getPrincipal(username));
062    }
063
064    /**
065     * Gets a {@link CoreSession} for a system user.
066     *
067     * @param repositoryName the repository name, or {@code null} for the default repository
068     * @return the session
069     * @since 11.1
070     */
071    public static CoreSession getCoreSessionSystem(String repositoryName) {
072        return getCoreSession(repositoryName, new SystemPrincipal(null));
073    }
074
075    /**
076     * Gets a {@link CoreSession} for a system user with an optional originating username.
077     *
078     * @param repositoryName the repository name, or {@code null} for the default repository
079     * @param originatingUsername the originating username to set on the SystemPrincipal
080     * @return the session
081     * @since 11.1
082     */
083    public static CoreSession getCoreSessionSystem(String repositoryName, String originatingUsername) {
084        return getCoreSession(repositoryName, new SystemPrincipal(originatingUsername));
085    }
086
087    /**
088     * Gets a {@link CoreSession} for the given principal.
089     *
090     * @param repositoryName the repository name, or {@code null} for the default repository
091     * @param principal the principal
092     * @return the session
093     * @since 11.1
094     */
095    public static CoreSession getCoreSession(String repositoryName, NuxeoPrincipal principal) {
096        if (repositoryName == null) {
097            RepositoryManager repositoryManager = Framework.getService(RepositoryManager.class);
098            repositoryName = repositoryManager.getDefaultRepositoryName();
099        }
100        return Framework.getService(CoreSessionService.class).createCoreSession(repositoryName, principal);
101    }
102
103    /**
104     * Opens a {@link CoreSession} for the currently logged-in user.
105     *
106     * @param repositoryName the repository name, or {@code null} for the default repository
107     * @return the session
108     * @since 5.9.3
109     * @deprecated since 11.1, use {@link #getCoreSession(String)} instead
110     */
111    @Deprecated
112    public static CloseableCoreSession openCoreSession(String repositoryName) {
113        return (CloseableCoreSession) getCoreSession(repositoryName);
114    }
115
116    /**
117     * MUST ONLY BE USED IN UNIT TESTS to open a {@link CoreSession} for the given user.
118     *
119     * @param repositoryName the repository name, or {@code null} for the default repository
120     * @param username the user name
121     * @return the session
122     * @since 5.9.3
123     * @deprecated since 11.1, use {@link #getCoreSession(String, String)} instead
124     */
125    @Deprecated
126    public static CloseableCoreSession openCoreSession(String repositoryName, String username) {
127        return (CloseableCoreSession) getCoreSession(repositoryName, username);
128    }
129
130    /**
131     * Opens a {@link CoreSession} for a system user.
132     *
133     * @param repositoryName the repository name, or {@code null} for the default repository
134     * @return the session
135     * @since 5.9.3
136     * @deprecated since 11.1, use {@link #getCoreSessionSystem(String)} instead
137     */
138    @Deprecated
139    public static CloseableCoreSession openCoreSessionSystem(String repositoryName) {
140        return (CloseableCoreSession) getCoreSessionSystem(repositoryName);
141    }
142
143    /**
144     * Opens a {@link CoreSession} for a system user with an optional originating username.
145     *
146     * @param repositoryName the repository name, or {@code null} for the default repository
147     * @param originatingUsername the originating username to set on the SystemPrincipal
148     * @return the session
149     * @since 8.1
150     * @deprecated since 11.1, use {@link #getCoreSessionSystem(String, String)} instead
151     */
152    @Deprecated
153    public static CloseableCoreSession openCoreSessionSystem(String repositoryName, String originatingUsername) {
154        return (CloseableCoreSession) getCoreSessionSystem(repositoryName, originatingUsername);
155    }
156
157    /**
158     * Opens a {@link CoreSession} for the given principal.
159     *
160     * @param repositoryName the repository name, or {@code null} for the default repository
161     * @param principal the principal
162     * @return the session
163     * @since 5.9.3
164     * @deprecated since 11.1, use {@link #getCoreSession(String, NuxeoPrincipal)} instead
165     */
166    @Deprecated
167    public static CloseableCoreSession openCoreSession(String repositoryName, NuxeoPrincipal principal) {
168        return (CloseableCoreSession) getCoreSession(repositoryName, principal);
169    }
170
171    /**
172     * Does nothing.
173     *
174     * @since 5.9.3
175     * @deprecated since 11.1, does nothing
176     */
177    @Deprecated
178    public static void closeCoreSession(CloseableCoreSession session) {
179        // nothing (the session holds no resources to close)
180    }
181
182    protected static NuxeoPrincipal getPrincipal(String username) {
183        if (username != null) {
184            return new UserPrincipal(username, new ArrayList<>(), false, false);
185        } else {
186            Principal p = LoginComponent.getCurrentPrincipal();
187            if (p != null) {
188                if (p instanceof NuxeoPrincipal) {
189                    return (NuxeoPrincipal) p;
190                } else if (LoginComponent.isSystemLogin(p)) {
191                    return new SystemPrincipal(p.getName());
192                } else {
193                    throw new RuntimeException("Unsupported principal: " + p.getClass());
194                }
195            } else {
196                if (Framework.isTestModeSet()) {
197                    return new SystemPrincipal(null);
198                } else {
199                    throw new NuxeoException(
200                            "Cannot create a CoreSession outside a security context, " + " login() missing.");
201                }
202            }
203        }
204    }
205
206    /**
207     * Gets the name of the currently logged-in principal.
208     *
209     * @return the principal name, or {@code null} if there was no login
210     * @since 8.4
211     */
212    protected static String getCurrentPrincipalName() {
213        NuxeoPrincipal p = NuxeoPrincipal.getCurrent();
214        return p == null ? null : p.getName();
215    }
216
217    /**
218     * Runs the given {@link Function} with a system {@link CoreSession} while logged in as a system user.
219     *
220     * @param repositoryName the repository name for the {@link CoreSession}
221     * @param function the function taking a system {@link CoreSession} and returning a result of type {@code <R>}
222     * @param <R> the function return type
223     * @return the result of the function
224     * @since 8.4
225     */
226    public static <R> R doPrivileged(String repositoryName, Function<CoreSession, R> function) {
227        MutableObject<R> result = new MutableObject<>();
228        new UnrestrictedSessionRunner(repositoryName, getCurrentPrincipalName()) {
229            @Override
230            public void run() {
231                result.setValue(function.apply(session));
232            }
233        }.runUnrestricted();
234        return result.getValue();
235    }
236
237    /**
238     * Runs the given {@link Function} with a system {@link CoreSession} while logged in as a system user.
239     *
240     * @param session an existing session
241     * @param function the function taking a system {@link CoreSession} and returning a result of type {@code <R>}
242     * @param <R> the function return type
243     * @return the result of the function
244     * @since 8.4
245     */
246    public static <R> R doPrivileged(CoreSession session, Function<CoreSession, R> function) {
247        MutableObject<R> result = new MutableObject<>();
248        new UnrestrictedSessionRunner(session) {
249            @Override
250            public void run() {
251                result.setValue(function.apply(session));
252            }
253        }.runUnrestricted();
254        return result.getValue();
255    }
256
257    /**
258     * Runs the given {@link Consumer} with a system {@link CoreSession} while logged in as a system user.
259     *
260     * @param repositoryName the repository name for the {@link CoreSession}
261     * @param consumer the consumer taking a system {@link CoreSession}
262     * @since 8.4
263     */
264    public static void doPrivileged(String repositoryName, Consumer<CoreSession> consumer) {
265        new UnrestrictedSessionRunner(repositoryName, getCurrentPrincipalName()) {
266            @Override
267            public void run() {
268                consumer.accept(session);
269            }
270        }.runUnrestricted();
271    }
272
273    /**
274     * Runs the given {@link Consumer} with a system {@link CoreSession} while logged in as a system user.
275     *
276     * @param session an existing session
277     * @param consumer the consumer taking a system {@link CoreSession}
278     * @since 8.4
279     */
280    public static void doPrivileged(CoreSession session, Consumer<CoreSession> consumer) {
281        new UnrestrictedSessionRunner(session) {
282            @Override
283            public void run() {
284                consumer.accept(session);
285            }
286        }.runUnrestricted();
287    }
288
289}