use of com.zimbra.cs.account.accesscontrol.RightCommand.RightsByTargetType in project zm-mailbox by Zimbra.
the class TestACLAll method isRightInGetAllEffectiveRights.
private boolean isRightInGetAllEffectiveRights(AllEffectiveRights allEffRights, Account grantee, Entry target, Right right, RightType rightType, boolean allAttrs, Set<String> attrs) throws ServiceException {
TargetType targetType = TargetType.getTargetType(target);
Map<TargetType, RightsByTargetType> rbttMap = allEffRights.rightsByTargetType();
RightsByTargetType rbtt = rbttMap.get(targetType);
if (rbtt != null) {
boolean found = false;
// all entries
EffectiveRights effRights = rbtt.all();
if (effRights != null) {
found = isRightInEffectiveRights(effRights, right, rightType, allAttrs, attrs);
if (found) {
return true;
}
}
// check domained entries
if (rbtt instanceof DomainedRightsByTargetType) {
DomainedRightsByTargetType domainedRights = (DomainedRightsByTargetType) rbtt;
for (RightAggregation rightsByDomains : domainedRights.domains()) {
found = isRightInRightAggregation(rightsByDomains, true, target, right, rightType, allAttrs, attrs);
if (found) {
return true;
}
}
}
// check individual entry
for (RightCommand.RightAggregation rightsByEntries : rbtt.entries()) {
found = isRightInRightAggregation(rightsByEntries, false, target, right, rightType, allAttrs, attrs);
if (found) {
return true;
}
}
}
return false;
}
use of com.zimbra.cs.account.accesscontrol.RightCommand.RightsByTargetType in project zm-mailbox by Zimbra.
the class TestACLEffectiveRights method getAllEffectiveRights.
@Test
public void getAllEffectiveRights() throws Exception {
Domain domain = provUtil.createDomain(genDomainSegmentName() + "." + BASE_DOMAIN_NAME);
Account target = provUtil.createAccount(genAcctNameLocalPart("user"), domain);
Account grantee = provUtil.createDelegatedAdmin(genAcctNameLocalPart("da"), domain);
Account grantingAccount = globalAdmin;
TargetType targetType = TargetType.getTargetType(target);
GranteeType granteeType = GranteeType.GT_USER;
Right right = ADMIN_PRESET_ACCOUNT;
RightCommand.grantRight(prov, grantingAccount, targetType.getCode(), TargetBy.name, target.getName(), granteeType.getCode(), GranteeBy.name, grantee.getName(), null, right.getName(), null);
AllEffectiveRights allEffRights = RightCommand.getAllEffectiveRights(prov, granteeType.getCode(), GranteeBy.name, grantee.getName(), false, false);
Map<TargetType, RightsByTargetType> rbttMap = allEffRights.rightsByTargetType();
RightsByTargetType rbtt = rbttMap.get(targetType);
boolean found = false;
for (RightCommand.RightAggregation rightsByEntries : rbtt.entries()) {
Set<String> targetNames = rightsByEntries.entries();
if (targetNames.contains(target.getName())) {
// this RightAggregation contains our target
// see if it contains out right
EffectiveRights effRights = rightsByEntries.effectiveRights();
List<String> presetRights = effRights.presetRights();
if (presetRights.contains(right.getName())) {
found = true;
}
}
}
assertTrue(found);
}
Aggregations