- All Implemented Interfaces:
public class AuthorizableJSONWriter extends java.lang.Object implements PropConstantsAuthorizableJSONWriter is a utility to write a JSON serialization of users and groups.
Default SerializationThe default serialization of a given authorizable includes the following information:
PropConstants.TYPE: with value "group" or "user" depending on the type of authorizable.
PropConstants.AUTHORIZABLE_ID: the authorizable ID.
PropConstants.DISPLAY_NAME: the default display name.
PropConstants.HOME: The path to the home directory.
PropConstants.IS_IMPERSONATED: this property is only included if the serialized authorizable is the same as the one associated with the editing session. The flag is 'true' if the session has been obtained through impersonation.
Output PropertiesIn order to include additional information into the serialization a set of output properties can be specified. Currently the following additional properties are supported:
PropConstants.PRINCIPAL: The principal name.
PropConstants.MEMBER_OF: Includes the serialization of the groups this authorizable is member of (as visible to the editing session).
- memberOfTotal: The total number of groups this authorizable is member of. Note, that -1 may be returned if a limit has been specified and the total amount of members exceeds the specified limit
PropConstants.DECLARED_MEMBER_OF: Includes the serialization of those groups this authorizable is declared member of (as visible to the editing session).
- declaredMemberOfTotal: The number of those groups. Note, that -1 may be returned if a limit has been specified and the total amount of declared membership entries exceeds the specified limit.
PropConstants.IMAGE: The image information.
PropConstants.MODIFICATION: Modification information.
PropConstants.REPLICATION: Replication data.
PropConstants.WILDCARD: Includes all of the above properties plus the user and group specific properties listed below (except the *Total properties).
- Any other property stored with an authorizable. The property to be included must be referred with a relative path. E.g. 'profile/givenName' would be used to retrieve a property 'givenName' that was stored in the profile subnode. The wildcard '*' is used to include all user specific properties of a subnode e.g. 'profile/*'. Note however, that this will not include protected JCR specific properties. The serialization of the these properties is hierarchical exposing intermediate nodes as JSON objects.
PropConstants.IMPERSONATORS: The serialization of those users that can impersonate the target user (as visible to the editing session).
- impersonatorsTotal: The total amount of impersonators. Note, that -1 may be returned if a limit has been specified and the total amount of impersonators exceeds the specified limit.
PropConstants.DISABLED: The disabled text in case this user is disabled.
PropConstants.MEMBERS: The serialization of the members of this group (as visible to the editing session).
- membersTotal: The total number of members. Note, that -1 may be returned if a limit has been specified and the total number exceeds the limit.
PropConstants.DECLARED_MEMBERS: The serialization of the declared members of this group (as visible to the editing session).
- declaredMembersTotal: The total number of declared members. Note, that -1 is returned if a limit has been specified and the total number exceeds the limit.
Limit the number of serialized authorizablesFor those properties that include serialization of additional authorizables it is possible to set a limit, which is the maximum amount of authorizables that should be serialized with the specified output property. This can be achieved by calling
setLimit(String, long)where the 'key' is the name of the output property.
Compatibility NotesThis class replaces CQ
Please note the following differences in usage:
- outputprop-keys should be relative paths - removed old backwards compatibility lookup from user-prop to profile - jcr:created and jcr:createdBy must be listed explicitly - rep:userId omitted as this properties no longer exists and is identical to "authorizableId" - the "id" key has been renamed to "authorizableId" - the "groupName" key has been omitted as it seems wrong to have "name" and "id" and in addition a "groupName" which essential was the "id". - basic option removed as this is covered by outputprops being empty. - the cq specific 'table' view has been removed
Fields inherited from interface com.adobe.granite.security.user.util.PropConstants
AUTHORIZABLE_ID, AUTHORIZABLES, CNT, DECLARED_MEMBER_OF, DECLARED_MEMBERS, DISABLED, DISPLAY_NAME, HOME, IMAGE, IMPERSONATORS, IS_IMPERSONATED, MEMBER_OF, MEMBERS, MODIFICATION, OFFSET, PRINCIPAL, REPLICATION, TYPE, TYPE_GROUP, TYPE_USER, WILDCARD
All Methods Instance Methods Concrete Methods Modifier and Type Method Description
setFilterPredicates(java.lang.String filters)Creates a predicate list based of the given filters array containing only the non blank filters and merges all of them in a single resulting authorizable predicate.
setLimit(java.lang.String key, long limit)Sets the limit for the number of authorizables included in the object with the specified key.
write(JSONWriter writer, Authorizable authorizable)Write the data of the specified
authorizableto the given
public AuthorizableJSONWriter(UserPropertiesManager userPropertiesMgr, ResourceResolver resourceResolver, Session session, java.util.Set<java.lang.String> outputProps, XSSFilter xss)
userPropertiesMgr- the manager to access the profile.
resourceResolver- the resource resolver
session- the session
outputProps- the output properties
xss- the XSS protection service
public void setLimit(java.lang.String key, long limit)Sets the limit for the number of authorizables included in the object with the specified key.
key- The key as present in the output props.
limit- The maximal number of entries to be created for the given key.
public void setFilterPredicates(java.lang.String filters)Creates a predicate list based of the given filters array containing only the non blank filters and merges all of them in a single resulting authorizable predicate. The
resultingAuthorizablePredicatewill validate an authorizable if any of the predicates from the list are valid.
filters- an array of given filters to use for creating a predicate list and a resulting predicate from that list