Examples with AccessPermission org.alfresco.service.cmr.security.AccessPermission used on opensource projects

Search in sources :

Example 1 with AccessPermission

use of org.alfresco.service.cmr.security.AccessPermission in project alfresco-remote-api by Alfresco.

the class NodeApiTest method validatePermissionsAfterUpdate.

private void validatePermissionsAfterUpdate(NodeRef nodeRef, List<NodePermissions.NodePermission> expectedPermissions) {
    Set<AccessPermission> permissions = permissionService.getAllSetPermissions(nodeRef);
    for (NodePermissions.NodePermission permission : expectedPermissions) {
        String authority = permission.getAuthorityId();
        AccessPermission ap = getPermission(permissions, authority);
        assertNotNull("Permission " + authority + " missing", ap);
        assertEquals(authority, ap.getAuthority());
        comparePermissions(authority, permission, ap);
    }
}
Also used : NodePermissions(org.alfresco.rest.api.model.NodePermissions) AccessPermission(org.alfresco.service.cmr.security.AccessPermission)

Example 2 with AccessPermission

use of org.alfresco.service.cmr.security.AccessPermission in project acs-community-packaging by Alfresco.

the class EmailSpaceUsersDialog method getUsersGroups.

/**
 * Return the List of objects representing the Users and Groups invited to this space.
 * The picker is then responsible for rendering a view to represent those users and groups
 * which allows the users to select and deselect users and groups, also to expand groups
 * to show sub-groups and users.
 *
 * @return List of Map objects representing the users/groups assigned to the current space
 */
public List<Map> getUsersGroups() {
    if (this.usersGroups == null) {
        FacesContext context = FacesContext.getCurrentInstance();
        UserTransaction tx = null;
        try {
            tx = Repository.getUserTransaction(context, true);
            tx.begin();
            // Return all the permissions set against the current node for any authentication
            // instance (user/group), walking the parent space inheritance chain.
            // Then combine them into a single list for each authentication found.
            final String currentAuthority = Application.getCurrentUser(context).getUserName();
            Map<String, List<String>> permissionMap = AuthenticationUtil.runAs(new RunAsWork<Map<String, List<String>>>() {

                public Map<String, List<String>> doWork() throws Exception {
                    NodeRef spaceRef = getSpace().getNodeRef();
                    Map<String, List<String>> permissionMap = new HashMap<String, List<String>>(8, 1.0f);
                    while (spaceRef != null) {
                        Set<AccessPermission> permissions = getPermissionService().getAllSetPermissions(spaceRef);
                        for (AccessPermission permission : permissions) {
                            // we are only interested in Allow and not Guest/Everyone/owner
                            if (permission.getAccessStatus() == AccessStatus.ALLOWED && (permission.getAuthorityType() == AuthorityType.USER || permission.getAuthorityType() == AuthorityType.GROUP)) {
                                String authority = permission.getAuthority();
                                if (currentAuthority.equals(authority) == false) {
                                    List<String> userPermissions = permissionMap.get(authority);
                                    if (userPermissions == null) {
                                        // create for first time
                                        userPermissions = new ArrayList<String>(4);
                                        permissionMap.put(authority, userPermissions);
                                    }
                                    // add the permission name for this authority
                                    userPermissions.add(permission.getPermission());
                                }
                            }
                        }
                        // walk parent inheritance chain until root or no longer inherits
                        if (getPermissionService().getInheritParentPermissions(spaceRef)) {
                            spaceRef = getNodeService().getPrimaryParent(spaceRef).getParentRef();
                        } else {
                            spaceRef = null;
                        }
                    }
                    return permissionMap;
                }
            }, AuthenticationUtil.SYSTEM_USER_NAME);
            // create the structure as a linked list for fast insert/removal of items
            this.usersGroups = new LinkedList<Map>();
            // node represented by it and use that for our list databinding object
            for (String authority : permissionMap.keySet()) {
                Map node = buildAuthorityMap(authority, UserMembersBean.roleListToString(context, permissionMap.get(authority)));
                if (node != null) {
                    this.usersGroups.add(node);
                }
            }
            // commit the transaction
            tx.commit();
        } catch (InvalidNodeRefException refErr) {
            Utils.addErrorMessage(MessageFormat.format(Application.getMessage(context, Repository.ERROR_NODEREF), new Object[] { refErr.getNodeRef() }));
            this.usersGroups = Collections.<Map>emptyList();
            try {
                if (tx != null) {
                    tx.rollback();
                }
            } catch (Exception tex) {
            }
        } catch (Throwable err) {
            Utils.addErrorMessage(MessageFormat.format(Application.getMessage(context, Repository.ERROR_GENERIC), err.getMessage()), err);
            this.usersGroups = Collections.<Map>emptyList();
            try {
                if (tx != null) {
                    tx.rollback();
                }
            } catch (Exception tex) {
            }
        }
    }
    return this.usersGroups;
}
Also used : UserTransaction(javax.transaction.UserTransaction) FacesContext(javax.faces.context.FacesContext) HashSet(java.util.HashSet) Set(java.util.Set) AccessPermission(org.alfresco.service.cmr.security.AccessPermission) ArrayList(java.util.ArrayList) InvalidNodeRefException(org.alfresco.service.cmr.repository.InvalidNodeRefException) NodeRef(org.alfresco.service.cmr.repository.NodeRef) ArrayList(java.util.ArrayList) LinkedList(java.util.LinkedList) List(java.util.List) InvalidNodeRefException(org.alfresco.service.cmr.repository.InvalidNodeRefException) HashMap(java.util.HashMap) Map(java.util.Map)

Example 3 with AccessPermission

use of org.alfresco.service.cmr.security.AccessPermission in project records-management by Alfresco.

the class FilePlanRoleServiceImpl method getCapabilitiesImpl.

/**
 * @param rmRootNode
 * @param roleAuthority
 * @return
 */
private Set<Capability> getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority) {
    Set<AccessPermission> permissions = permissionService.getAllSetPermissions(rmRootNode);
    Set<Capability> capabilities = new HashSet<Capability>(52);
    for (AccessPermission permission : permissions) {
        if (permission.getAuthority().equals(roleAuthority)) {
            String capabilityName = permission.getPermission();
            Capability capability = capabilityService.getCapability(capabilityName);
            if (capability != null && !capability.isPrivate()) {
                capabilities.add(capability);
            }
        }
    }
    return capabilities;
}
Also used : Capability(org.alfresco.module.org_alfresco_module_rm.capability.Capability) AccessPermission(org.alfresco.service.cmr.security.AccessPermission) HashSet(java.util.HashSet)

Example 4 with AccessPermission

use of org.alfresco.service.cmr.security.AccessPermission in project records-management by Alfresco.

the class ExtendedSecurityServiceImplUnitTest method removeAllExtendedSecurity.

/**
 * Given that a node has extended security
 * When I remove the extended security
 * Then the inplace groups permissions are removed
 */
@Test
public void removeAllExtendedSecurity() {
    // group names
    String readGroup = extendedSecurityService.getIPRGroupShortName(READER_GROUP_FULL_PREFIX, READERS, 0);
    String writeGroup = extendedSecurityService.getIPRGroupShortName(WRITER_GROUP_FULL_PREFIX, WRITERS, 0);
    // setup permissions
    Set<AccessPermission> permissions = Stream.of(new AccessPermissionImpl(AlfMock.generateText(), AccessStatus.ALLOWED, readGroup, 0), new AccessPermissionImpl(AlfMock.generateText(), AccessStatus.ALLOWED, AlfMock.generateText(), 1), new AccessPermissionImpl(AlfMock.generateText(), AccessStatus.ALLOWED, writeGroup, 2)).collect(Collectors.toSet());
    when(mockedPermissionService.getAllSetPermissions(nodeRef)).thenReturn(permissions);
    // remove extended security
    extendedSecurityService.remove(nodeRef);
    // verify that the groups permissions have been removed
    verify(mockedPermissionService).clearPermission(nodeRef, readGroup);
    verify(mockedPermissionService).clearPermission(nodeRef, writeGroup);
}
Also used : AccessPermission(org.alfresco.service.cmr.security.AccessPermission) AccessPermissionImpl(org.alfresco.repo.security.permissions.impl.AccessPermissionImpl) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 5 with AccessPermission

use of org.alfresco.service.cmr.security.AccessPermission in project records-management by Alfresco.

the class FilePlanPermissionServiceImplTest method assertExistenceOfSpecialRolesAndPermissions.

private void assertExistenceOfSpecialRolesAndPermissions(NodeRef node) {
    Map<String, String> accessPermissions = new HashMap<String, String>();
    Set<AccessPermission> permissions = permissionService.getAllSetPermissions(node);
    for (AccessPermission permission : permissions) {
        accessPermissions.put(permission.getAuthority(), permission.getPermission());
    }
    String adminRole = authorityService.getName(AuthorityType.GROUP, FilePlanRoleService.ROLE_ADMIN + filePlan.getId());
    assertTrue(accessPermissions.containsKey(adminRole));
    assertEquals(RMPermissionModel.FILING, accessPermissions.get(adminRole));
}
Also used : HashMap(java.util.HashMap) AccessPermission(org.alfresco.service.cmr.security.AccessPermission)

Aggregations

AccessPermission (org.alfresco.service.cmr.security.AccessPermission)19 ArrayList (java.util.ArrayList)6 NodeRef (org.alfresco.service.cmr.repository.NodeRef)6 HashMap (java.util.HashMap)4 HashSet (java.util.HashSet)4 AccessPermissionImpl (org.alfresco.repo.security.permissions.impl.AccessPermissionImpl)4 NodePermissions (org.alfresco.rest.api.model.NodePermissions)4 AccessStatus (org.alfresco.service.cmr.security.AccessStatus)4 FacesContext (javax.faces.context.FacesContext)3 InvalidNodeRefException (org.alfresco.service.cmr.repository.InvalidNodeRefException)3 Test (org.junit.Test)3 Matchers.anyString (org.mockito.Matchers.anyString)3 List (java.util.List)2 Map (java.util.Map)2 UserTransaction (javax.transaction.UserTransaction)2 Capability (org.alfresco.module.org_alfresco_module_rm.capability.Capability)2 PagingRequest (org.alfresco.query.PagingRequest)2 AccessDeniedException (org.alfresco.repo.security.permissions.AccessDeniedException)2 MapNode (org.alfresco.web.bean.repository.MapNode)2 Serializable (java.io.Serializable)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial