Examples with SimpleAccessControlEntry org.alfresco.repo.security.permissions.SimpleAccessControlEntry used on opensource projects

Search in sources :

Example 16 with SimpleAccessControlEntry

use of org.alfresco.repo.security.permissions.SimpleAccessControlEntry in project alfresco-repository by Alfresco.

the class AbstractPermissionsDaoComponentImpl method deletePermission.

public void deletePermission(StoreRef storeRef, String authority, PermissionReference permission) {
    Acl acl = getAccessControlList(storeRef);
    if (acl == null) {
        return;
    }
    acl = getMutableAccessControlList(storeRef);
    SimpleAccessControlEntry pattern = new SimpleAccessControlEntry();
    pattern.setAuthority(authority);
    pattern.setPermission(permission);
    pattern.setPosition(Integer.valueOf(0));
    aclDaoComponent.deleteAccessControlEntries(acl.getId(), pattern);
}
Also used : SimpleAccessControlEntry(org.alfresco.repo.security.permissions.SimpleAccessControlEntry)

Example 17 with SimpleAccessControlEntry

use of org.alfresco.repo.security.permissions.SimpleAccessControlEntry in project alfresco-repository by Alfresco.

the class AbstractPermissionsDaoComponentImpl method setPermission.

public void setPermission(NodePermissionEntry nodePermissionEntry) {
    NodeRef nodeRef = nodePermissionEntry.getNodeRef();
    // Get the access control list
    // Note the logic here requires to know whether it was created or not
    Acl existing = getAccessControlList(nodeRef);
    if (existing != null) {
        deletePermissions(nodeRef);
    }
    // create the access control list
    existing = getAccessControlList(nodeRef);
    CreationReport report = createAccessControlList(nodeRef, nodePermissionEntry.inheritPermissions(), existing);
    // add all entries
    for (PermissionEntry pe : nodePermissionEntry.getPermissionEntries()) {
        SimpleAccessControlEntry entry = new SimpleAccessControlEntry();
        entry.setAuthority(pe.getAuthority());
        entry.setPermission(pe.getPermissionReference());
        entry.setAccessStatus(pe.isAllowed() ? AccessStatus.ALLOWED : AccessStatus.DENIED);
        entry.setAceType(ACEType.ALL);
        entry.setPosition(Integer.valueOf(0));
        List<AclChange> changes = aclDaoComponent.setAccessControlEntry(report.getCreated().getId(), entry);
        List<AclChange> all = new ArrayList<AclChange>(changes.size() + report.getChanges().size());
        all.addAll(report.getChanges());
        all.addAll(changes);
        getACLDAO(nodeRef).updateChangedAcls(nodeRef, all);
    }
}
Also used : NodeRef(org.alfresco.service.cmr.repository.NodeRef) PermissionEntry(org.alfresco.repo.security.permissions.PermissionEntry) SimpleNodePermissionEntry(org.alfresco.repo.security.permissions.impl.SimpleNodePermissionEntry) SimplePermissionEntry(org.alfresco.repo.security.permissions.impl.SimplePermissionEntry) NodePermissionEntry(org.alfresco.repo.security.permissions.NodePermissionEntry) ArrayList(java.util.ArrayList) AclChange(org.alfresco.repo.security.permissions.impl.AclChange) SimpleAccessControlEntry(org.alfresco.repo.security.permissions.SimpleAccessControlEntry)

Example 18 with SimpleAccessControlEntry

use of org.alfresco.repo.security.permissions.SimpleAccessControlEntry in project alfresco-repository by Alfresco.

the class AclDaoComponentTest method testSimpleInheritFromDefining.

public void testSimpleInheritFromDefining() {
    SimpleAccessControlListProperties properties = new SimpleAccessControlListProperties();
    properties.setAclType(ACLType.DEFINING);
    properties.setVersioned(true);
    AccessControlListProperties aclProps = aclDaoComponent.createAccessControlList(properties);
    long id = aclProps.getId();
    assertEquals(aclProps.getAclType(), ACLType.DEFINING);
    assertEquals(aclProps.getAclVersion(), Long.valueOf(1l));
    assertEquals(aclProps.getInherits(), Boolean.TRUE);
    assertEquals(aclDaoComponent.getAccessControlListProperties(id), aclProps);
    SimpleAccessControlEntry ace1 = new SimpleAccessControlEntry();
    ace1.setAccessStatus(AccessStatus.ALLOWED);
    ace1.setAceType(ACEType.ALL);
    ace1.setAuthority("andy");
    ace1.setPermission(new SimplePermissionReference(QName.createQName("uri", "local"), "Read"));
    ace1.setPosition(null);
    aclDaoComponent.setAccessControlEntry(id, ace1);
    AccessControlList defined = aclDaoComponent.getAccessControlList(id);
    assertEquals(defined.getProperties().getAclType(), ACLType.DEFINING);
    assertEquals(defined.getProperties().getAclVersion(), Long.valueOf(1l));
    assertEquals(defined.getProperties().getInherits(), Boolean.TRUE);
    assertEquals(defined.getEntries().size(), 1);
    assertTrue(hasAce(defined.getEntries(), ace1, 0));
    Long sharedId = aclDaoComponent.getInheritedAccessControlList(id);
    AccessControlListProperties sharedProps = aclDaoComponent.getAccessControlListProperties(sharedId);
    assertEquals(sharedProps.getAclType(), ACLType.SHARED);
    assertEquals(sharedProps.getAclVersion(), Long.valueOf(1l));
    assertEquals(sharedProps.getInherits(), Boolean.TRUE);
    assertEquals(aclDaoComponent.getInheritedAccessControlList(id), sharedId);
    AccessControlList shared = aclDaoComponent.getAccessControlList(sharedId);
    assertEquals(shared.getProperties().getAclType(), ACLType.SHARED);
    assertEquals(shared.getProperties().getAclVersion(), Long.valueOf(1l));
    assertEquals(shared.getProperties().getInherits(), Boolean.TRUE);
    assertEquals(shared.getEntries().size(), 1);
    assertTrue(hasAce(shared.getEntries(), ace1, 1));
    SimpleAccessControlEntry ace2 = new SimpleAccessControlEntry();
    ace2.setAccessStatus(AccessStatus.ALLOWED);
    ace2.setAceType(ACEType.ALL);
    ace2.setAuthority("paul");
    ace2.setPermission(new SimplePermissionReference(QName.createQName("uri", "local"), "Write"));
    ace2.setPosition(null);
    aclDaoComponent.setAccessControlEntry(id, ace2);
    defined = aclDaoComponent.getAccessControlList(id);
    assertEquals(defined.getProperties().getAclType(), ACLType.DEFINING);
    assertEquals(defined.getProperties().getAclVersion(), Long.valueOf(1l));
    assertEquals(defined.getProperties().getInherits(), Boolean.TRUE);
    assertEquals(defined.getEntries().size(), 2);
    assertTrue(hasAce(defined.getEntries(), ace1, 0));
    assertTrue(hasAce(defined.getEntries(), ace2, 0));
    sharedId = aclDaoComponent.getInheritedAccessControlList(id);
    shared = aclDaoComponent.getAccessControlList(sharedId);
    assertEquals(shared.getProperties().getAclType(), ACLType.SHARED);
    assertEquals(shared.getProperties().getAclVersion(), Long.valueOf(1l));
    assertEquals(shared.getProperties().getInherits(), Boolean.TRUE);
    assertEquals(shared.getEntries().size(), 2);
    assertTrue(hasAce(shared.getEntries(), ace1, 1));
    assertTrue(hasAce(shared.getEntries(), ace2, 1));
}
Also used : AccessControlList(org.alfresco.repo.security.permissions.AccessControlList) AccessControlListProperties(org.alfresco.repo.security.permissions.AccessControlListProperties) SimpleAccessControlListProperties(org.alfresco.repo.security.permissions.SimpleAccessControlListProperties) SimpleAccessControlListProperties(org.alfresco.repo.security.permissions.SimpleAccessControlListProperties) SimpleAccessControlEntry(org.alfresco.repo.security.permissions.SimpleAccessControlEntry)

Example 19 with SimpleAccessControlEntry

use of org.alfresco.repo.security.permissions.SimpleAccessControlEntry in project alfresco-repository by Alfresco.

the class AclDaoComponentTest method testDeleteAuthority.

public void testDeleteAuthority() {
    SimpleAccessControlListProperties properties = new SimpleAccessControlListProperties();
    properties.setAclType(ACLType.DEFINING);
    properties.setVersioned(true);
    Long defined = aclDaoComponent.createAccessControlList(properties).getId();
    SimpleAccessControlEntry ace1 = new SimpleAccessControlEntry();
    ace1.setAccessStatus(AccessStatus.ALLOWED);
    ace1.setAceType(ACEType.ALL);
    ace1.setAuthority("offski");
    ace1.setPermission(new SimplePermissionReference(QName.createQName("uri", "local"), "P1"));
    ace1.setPosition(null);
    SimpleAccessControlEntry ace2 = new SimpleAccessControlEntry();
    ace2.setAccessStatus(AccessStatus.ALLOWED);
    ace2.setAceType(ACEType.ALL);
    ace2.setAuthority("offski");
    ace2.setPermission(new SimplePermissionReference(QName.createQName("uri", "local"), "P2"));
    ace2.setPosition(null);
    SimpleAccessControlEntry ace3 = new SimpleAccessControlEntry();
    ace3.setAccessStatus(AccessStatus.ALLOWED);
    ace3.setAceType(ACEType.ALL);
    ace3.setAuthority("keepski");
    ace3.setPermission(new SimplePermissionReference(QName.createQName("uri", "local"), "P3"));
    ace3.setPosition(null);
    Long shared = aclDaoComponent.getInheritedAccessControlList(defined);
    properties = new SimpleAccessControlListProperties();
    properties.setAclType(ACLType.FIXED);
    properties.setVersioned(true);
    Long fixed = aclDaoComponent.createAccessControlList(properties).getId();
    properties = new SimpleAccessControlListProperties();
    properties.setAclType(ACLType.GLOBAL);
    properties.setVersioned(true);
    Long global = aclDaoComponent.createAccessControlList(properties).getId();
    properties = new SimpleAccessControlListProperties();
    properties.setAclType(ACLType.OLD);
    properties.setVersioned(false);
    Long old = aclDaoComponent.createAccessControlList(properties).getId();
    aclDaoComponent.setAccessControlEntry(defined, ace1);
    aclDaoComponent.setAccessControlEntry(defined, ace2);
    aclDaoComponent.setAccessControlEntry(defined, ace3);
    aclDaoComponent.setAccessControlEntry(fixed, ace1);
    aclDaoComponent.setAccessControlEntry(fixed, ace2);
    aclDaoComponent.setAccessControlEntry(fixed, ace3);
    aclDaoComponent.setAccessControlEntry(global, ace1);
    aclDaoComponent.setAccessControlEntry(global, ace2);
    aclDaoComponent.setAccessControlEntry(global, ace3);
    aclDaoComponent.setAccessControlEntry(old, ace1);
    aclDaoComponent.setAccessControlEntry(old, ace2);
    aclDaoComponent.setAccessControlEntry(old, ace3);
    assertEquals(aclDaoComponent.getAccessControlList(defined).getEntries().size(), 3);
    assertEquals(aclDaoComponent.getAccessControlList(shared).getEntries().size(), 3);
    assertEquals(aclDaoComponent.getAccessControlList(fixed).getEntries().size(), 3);
    assertEquals(aclDaoComponent.getAccessControlList(global).getEntries().size(), 3);
    assertEquals(aclDaoComponent.getAccessControlList(old).getEntries().size(), 3);
    aclDaoComponent.deleteAccessControlEntries("offski");
    assertEquals(aclDaoComponent.getAccessControlList(defined).getEntries().size(), 1);
    assertEquals(aclDaoComponent.getAccessControlList(shared).getEntries().size(), 1);
    assertEquals(aclDaoComponent.getAccessControlList(fixed).getEntries().size(), 1);
    assertEquals(aclDaoComponent.getAccessControlList(global).getEntries().size(), 1);
    assertEquals(aclDaoComponent.getAccessControlList(old).getEntries().size(), 1);
}
Also used : SimpleAccessControlListProperties(org.alfresco.repo.security.permissions.SimpleAccessControlListProperties) SimpleAccessControlEntry(org.alfresco.repo.security.permissions.SimpleAccessControlEntry)

Example 20 with SimpleAccessControlEntry

use of org.alfresco.repo.security.permissions.SimpleAccessControlEntry in project alfresco-repository by Alfresco.

the class AclDaoComponentTest method testSimpleCowHerd2.

public void testSimpleCowHerd2() throws Exception {
    SimpleAccessControlListProperties properties = new SimpleAccessControlListProperties();
    properties.setAclType(ACLType.DEFINING);
    properties.setVersioned(true);
    Long i_1 = aclDaoComponent.createAccessControlList(properties).getId();
    Long s_1 = aclDaoComponent.getInheritedAccessControlList(i_1);
    Long i_1_2 = aclDaoComponent.createAccessControlList(properties).getId();
    Long s_1_2 = aclDaoComponent.getInheritedAccessControlList(i_1_2);
    aclDaoComponent.mergeInheritedAccessControlList(s_1, i_1_2);
    Long i_1_3 = aclDaoComponent.createAccessControlList(properties).getId();
    Long s_1_3 = aclDaoComponent.getInheritedAccessControlList(i_1_3);
    aclDaoComponent.mergeInheritedAccessControlList(s_1, i_1_3);
    Long i_1_2_4 = aclDaoComponent.createAccessControlList(properties).getId();
    Long s_1_2_4 = aclDaoComponent.getInheritedAccessControlList(i_1_2_4);
    aclDaoComponent.mergeInheritedAccessControlList(s_1_2, i_1_2_4);
    Long i_1_2_4_5 = aclDaoComponent.createAccessControlList(properties).getId();
    Long s_1_2_4_5 = aclDaoComponent.getInheritedAccessControlList(i_1_2_4_5);
    assertNotNull(s_1_2_4_5);
    aclDaoComponent.mergeInheritedAccessControlList(s_1_2_4, i_1_2_4_5);
    Long i_1_3_6 = aclDaoComponent.createAccessControlList(properties).getId();
    Long s_1_3_6 = aclDaoComponent.getInheritedAccessControlList(i_1_3_6);
    aclDaoComponent.mergeInheritedAccessControlList(s_1_3, i_1_3_6);
    Long i_1_3_6_7 = aclDaoComponent.createAccessControlList(properties).getId();
    Long s_1_3_6_7 = aclDaoComponent.getInheritedAccessControlList(i_1_3_6_7);
    aclDaoComponent.mergeInheritedAccessControlList(s_1_3_6, i_1_3_6_7);
    testTX.commit();
    testTX = transactionService.getUserTransaction();
    testTX.begin();
    SimpleAccessControlEntry ace1 = new SimpleAccessControlEntry();
    ace1.setAccessStatus(AccessStatus.ALLOWED);
    ace1.setAceType(ACEType.ALL);
    ace1.setAuthority("andy");
    ace1.setPermission(new SimplePermissionReference(QName.createQName("uri", "local"), "Read"));
    ace1.setPosition(null);
    List<AclChange> changes = aclDaoComponent.setAccessControlEntry(i_1_3, ace1);
    // All should have changed
    Set<Long> changed = new HashSet<Long>(changes.size());
    for (AclChange change : changes) {
        changed.add(change.getBefore());
        assertFalse(change.getBefore().equals(change.getAfter()));
    }
    assertTrue(changed.contains(i_1_3));
    assertTrue(changed.contains(s_1_3));
    assertTrue(changed.contains(i_1_3_6));
    assertTrue(changed.contains(s_1_3_6));
    assertTrue(changed.contains(i_1_3_6_7));
    assertTrue(changed.contains(s_1_3_6_7));
}
Also used : SimpleAccessControlListProperties(org.alfresco.repo.security.permissions.SimpleAccessControlListProperties) SimpleAccessControlEntry(org.alfresco.repo.security.permissions.SimpleAccessControlEntry) HashSet(java.util.HashSet)

Aggregations

SimpleAccessControlEntry (org.alfresco.repo.security.permissions.SimpleAccessControlEntry)21 SimpleAccessControlListProperties (org.alfresco.repo.security.permissions.SimpleAccessControlListProperties)9 AclChange (org.alfresco.repo.security.permissions.impl.AclChange)9 ArrayList (java.util.ArrayList)8 AccessControlListProperties (org.alfresco.repo.security.permissions.AccessControlListProperties)4 InvalidNodeRefException (org.alfresco.service.cmr.repository.InvalidNodeRefException)3 HashSet (java.util.HashSet)2 AccessControlEntry (org.alfresco.repo.security.permissions.AccessControlEntry)2 AccessControlList (org.alfresco.repo.security.permissions.AccessControlList)2 SimplePermissionReference (org.alfresco.repo.security.permissions.impl.SimplePermissionReference)2 QName (org.alfresco.service.namespace.QName)2 Map (java.util.Map)1 NodePermissionEntry (org.alfresco.repo.security.permissions.NodePermissionEntry)1 PermissionEntry (org.alfresco.repo.security.permissions.PermissionEntry)1 SimpleAccessControlList (org.alfresco.repo.security.permissions.SimpleAccessControlList)1 SimpleNodePermissionEntry (org.alfresco.repo.security.permissions.impl.SimpleNodePermissionEntry)1 SimplePermissionEntry (org.alfresco.repo.security.permissions.impl.SimplePermissionEntry)1 NodeRef (org.alfresco.service.cmr.repository.NodeRef)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial