Example 6 with AccessControlEntry
use of org.alfresco.repo.security.permissions.AccessControlEntry in project alfresco-repository by Alfresco.
the class AbstractPermissionsDaoComponentImpl method createSimpleNodePermissionEntry.
private SimpleNodePermissionEntry createSimpleNodePermissionEntry(StoreRef storeRef) {
Acl acl = getACLDAO(storeRef).getAccessControlList(storeRef);
if (acl == null) {
// there isn't an access control list for the node - spoof a null one
SimpleNodePermissionEntry snpe = new SimpleNodePermissionEntry(null, true, Collections.<SimplePermissionEntry>emptyList());
return snpe;
} else {
AccessControlList info = aclDaoComponent.getAccessControlList(acl.getId());
ArrayList<SimplePermissionEntry> spes = new ArrayList<SimplePermissionEntry>(info.getEntries().size());
for (AccessControlEntry entry : info.getEntries()) {
SimplePermissionEntry spe = new SimplePermissionEntry(null, entry.getPermission(), entry.getAuthority(), entry.getAccessStatus(), entry.getPosition());
spes.add(spe);
}
SimpleNodePermissionEntry snpe = new SimpleNodePermissionEntry(null, acl.getInherits(), spes);
return snpe;
}
}
Also used :
AccessControlList(org.alfresco.repo.security.permissions.AccessControlList)
SimpleNodePermissionEntry(org.alfresco.repo.security.permissions.impl.SimpleNodePermissionEntry)
ArrayList(java.util.ArrayList)
SimplePermissionEntry(org.alfresco.repo.security.permissions.impl.SimplePermissionEntry)
SimpleAccessControlEntry(org.alfresco.repo.security.permissions.SimpleAccessControlEntry)
AccessControlEntry(org.alfresco.repo.security.permissions.AccessControlEntry)
Example 7 with AccessControlEntry
use of org.alfresco.repo.security.permissions.AccessControlEntry in project alfresco-repository by Alfresco.
the class AbstractPermissionsDaoComponentImpl method createSimpleNodePermissionEntry.
// Utility methods to create simple detached objects for the outside world
// We do not pass out the hibernate objects
private SimpleNodePermissionEntry createSimpleNodePermissionEntry(NodeRef nodeRef) {
Acl acl = getACLDAO(nodeRef).getAccessControlList(nodeRef);
if (acl == null) {
// there isn't an access control list for the node - spoof a null one
SimpleNodePermissionEntry snpe = new SimpleNodePermissionEntry(nodeRef, true, Collections.<SimplePermissionEntry>emptyList());
return snpe;
} else {
AccessControlList info = aclDaoComponent.getAccessControlList(acl.getId());
SimpleNodePermissionEntry cached = info.getCachedSimpleNodePermissionEntry();
if (cached != null) {
return cached;
}
ArrayList<SimplePermissionEntry> spes = new ArrayList<SimplePermissionEntry>(info.getEntries().size());
for (AccessControlEntry entry : info.getEntries()) {
SimplePermissionEntry spe = new SimplePermissionEntry(nodeRef, entry.getPermission(), entry.getAuthority(), entry.getAccessStatus(), entry.getPosition());
spes.add(spe);
}
SimpleNodePermissionEntry snpe = new SimpleNodePermissionEntry(nodeRef, acl.getInherits(), spes);
info.setCachedSimpleNodePermissionEntry(snpe);
return snpe;
}
}
Also used :
AccessControlList(org.alfresco.repo.security.permissions.AccessControlList)
SimpleNodePermissionEntry(org.alfresco.repo.security.permissions.impl.SimpleNodePermissionEntry)
ArrayList(java.util.ArrayList)
SimplePermissionEntry(org.alfresco.repo.security.permissions.impl.SimplePermissionEntry)
SimpleAccessControlEntry(org.alfresco.repo.security.permissions.SimpleAccessControlEntry)
AccessControlEntry(org.alfresco.repo.security.permissions.AccessControlEntry)
Example 8 with AccessControlEntry
use of org.alfresco.repo.security.permissions.AccessControlEntry in project records-management by Alfresco.
the class ExtendedPermissionServiceImpl method getWriters.
/**
* @see org.alfresco.repo.security.permissions.impl.ExtendedPermissionService#getWriters(java.lang.Long)
*/
@Override
public Set<String> getWriters(Long aclId) {
AccessControlList acl = aclDaoComponent.getAccessControlList(aclId);
if (acl == null) {
return Collections.emptySet();
}
Set<String> aclWriters = writersCache.get((Serializable) acl.getProperties());
if (aclWriters != null) {
return aclWriters;
}
HashSet<String> assigned = new HashSet<String>();
HashSet<String> readers = new HashSet<String>();
for (AccessControlEntry ace : acl.getEntries()) {
assigned.add(ace.getAuthority());
}
for (String authority : assigned) {
UnconditionalAclTest test = new UnconditionalAclTest(getPermissionReference(PermissionService.WRITE));
if (test.evaluate(authority, aclId)) {
readers.add(authority);
}
}
aclWriters = Collections.unmodifiableSet(readers);
writersCache.put((Serializable) acl.getProperties(), aclWriters);
return aclWriters;
}
Also used :
AccessControlList(org.alfresco.repo.security.permissions.AccessControlList)
AccessControlEntry(org.alfresco.repo.security.permissions.AccessControlEntry)
HashSet(java.util.HashSet)
Example 9 with AccessControlEntry
use of org.alfresco.repo.security.permissions.AccessControlEntry in project records-management by Alfresco.
the class ExtendedPermissionServiceImpl method getReaders.
/**
* @see org.alfresco.repo.security.permissions.impl.PermissionServiceImpl#getReaders(java.lang.Long)
*/
@Override
public Set<String> getReaders(Long aclId) {
AccessControlList acl = aclDaoComponent.getAccessControlList(aclId);
if (acl == null) {
return Collections.emptySet();
}
Set<String> aclReaders = readersCache.get((Serializable) acl.getProperties());
if (aclReaders != null) {
return aclReaders;
}
HashSet<String> assigned = new HashSet<String>();
HashSet<String> readers = new HashSet<String>();
for (AccessControlEntry ace : acl.getEntries()) {
assigned.add(ace.getAuthority());
}
for (String authority : assigned) {
UnconditionalAclTest test = new UnconditionalAclTest(getPermissionReference(PermissionService.READ));
UnconditionalAclTest rmTest = new UnconditionalAclTest(getPermissionReference(RMPermissionModel.READ_RECORDS));
if (test.evaluate(authority, aclId) || rmTest.evaluate(authority, aclId)) {
readers.add(authority);
}
}
aclReaders = Collections.unmodifiableSet(readers);
readersCache.put((Serializable) acl.getProperties(), aclReaders);
return aclReaders;
}
Also used :
AccessControlList(org.alfresco.repo.security.permissions.AccessControlList)
AccessControlEntry(org.alfresco.repo.security.permissions.AccessControlEntry)
HashSet(java.util.HashSet)
Example 10 with AccessControlEntry
use of org.alfresco.repo.security.permissions.AccessControlEntry in project records-management by Alfresco.
the class ExtendedPermissionServiceImpl method getReadersDenied.
/**
* Override with check for RM read
*
* @param aclId
* @return
*/
@Override
public Set<String> getReadersDenied(Long aclId) {
AccessControlList acl = aclDaoComponent.getAccessControlList(aclId);
if (acl == null) {
return Collections.emptySet();
}
Set<String> denied = readersDeniedCache.get(aclId);
if (denied != null) {
return denied;
}
denied = new HashSet<String>();
Set<String> assigned = new HashSet<String>();
for (AccessControlEntry ace : acl.getEntries()) {
assigned.add(ace.getAuthority());
}
for (String authority : assigned) {
UnconditionalDeniedAclTest test = new UnconditionalDeniedAclTest(getPermissionReference(PermissionService.READ));
UnconditionalDeniedAclTest rmTest = new UnconditionalDeniedAclTest(getPermissionReference(RMPermissionModel.READ_RECORDS));
if (test.evaluate(authority, aclId) || rmTest.evaluate(authority, aclId)) {
denied.add(authority);
}
}
readersDeniedCache.put((Serializable) acl.getProperties(), denied);
return denied;
}
Also used :
AccessControlList(org.alfresco.repo.security.permissions.AccessControlList)
AccessControlEntry(org.alfresco.repo.security.permissions.AccessControlEntry)
HashSet(java.util.HashSet)
Aggregations
AccessControlEntry (org.alfresco.repo.security.permissions.AccessControlEntry)12
AccessControlList (org.alfresco.repo.security.permissions.AccessControlList)10
HashSet (java.util.HashSet)5
SimpleAccessControlEntry (org.alfresco.repo.security.permissions.SimpleAccessControlEntry)5
ArrayList (java.util.ArrayList)4
LinkedHashSet (java.util.LinkedHashSet)2
SimpleAccessControlList (org.alfresco.repo.security.permissions.SimpleAccessControlList)2
SimpleAccessControlListProperties (org.alfresco.repo.security.permissions.SimpleAccessControlListProperties)2
AclChange (org.alfresco.repo.security.permissions.impl.AclChange)2
SimpleNodePermissionEntry (org.alfresco.repo.security.permissions.impl.SimpleNodePermissionEntry)2
SimplePermissionEntry (org.alfresco.repo.security.permissions.impl.SimplePermissionEntry)2
Extend (org.alfresco.traitextender.Extend)2
Map (java.util.Map)1
NodeIdAndAclId (org.alfresco.repo.domain.node.NodeIdAndAclId)1
Acl (org.alfresco.repo.domain.permissions.Acl)1
AuthenticationUtil (org.alfresco.repo.security.authentication.AuthenticationUtil)1
AccessControlListProperties (org.alfresco.repo.security.permissions.AccessControlListProperties)1
SimplePermissionReference (org.alfresco.repo.security.permissions.impl.SimplePermissionReference)1
ChildAssociationRef (org.alfresco.service.cmr.repository.ChildAssociationRef)1
QName (org.alfresco.service.namespace.QName)1
