use of org.apache.chemistry.opencmis.commons.data.Ace in project copper-cms by PogeyanOSS.
the class MBaseObject method convertMongoAcl.
public static MongoAclImpl convertMongoAcl(Acl acl) {
if (acl != null) {
AccessControlListImplExt acessControl = (AccessControlListImplExt) acl;
List<Ace> list = new ArrayList<Ace>(acl.getAces().size());
for (Ace ace : acl.getAces()) {
MongoAceImpl aces = new MongoAceImpl();
aces.setDirect(true);
aces.setPrincipal(new MongoPrincipalImpl(ace.getPrincipalId()));
aces.setPermissions(ace.getPermissions());
list.add(aces);
}
MongoAclImpl mAcl = new MongoAclImpl();
mAcl.setAces(list);
mAcl.setAclPropagation(acessControl.getAclPropagation());
mAcl.setExact(true);
return mAcl;
}
return null;
}
use of org.apache.chemistry.opencmis.commons.data.Ace in project copper-cms by PogeyanOSS.
the class AbstractSessionTest method checkACL.
protected CmisTestResult checkACL(Session session, Acl acl, boolean checkExact, String message) {
List<CmisTestResult> results = new ArrayList<CmisTestResult>();
CmisTestResult f;
f = createResult(FAILURE, "ACL is null!");
addResult(results, assertNotNull(acl, null, f));
if (acl != null) {
f = createResult(FAILURE, "List of ACEs is null!");
addResult(results, assertNotNull(acl.getAces(), null, f));
if (acl.getAces() != null) {
for (Ace ace : acl.getAces()) {
f = createResult(FAILURE, "ACE with empty principal ID!");
addResult(results, assertStringNotEmpty(ace.getPrincipalId(), null, f));
f = createResult(FAILURE, "ACE with empty permission list!");
addResult(results, assertListNotEmpty(ace.getPermissions(), null, f));
if (ace.getPermissions() != null) {
for (String permission : ace.getPermissions()) {
f = createResult(FAILURE, "ACE with empty permission entry!");
addResult(results, assertStringNotEmpty(permission, null, f));
}
}
}
}
CmisTestResultStatus status = checkExact ? WARNING : INFO;
f = createResult(status, "ACL is provided but the isExact flag is not set!");
addResult(results, assertNotNull(acl.isExact(), null, f));
}
CmisTestResultImpl result = createResult(getWorst(results), message);
result.getChildren().addAll(results);
return result.getStatus().getLevel() <= OK.getLevel() ? null : result;
}
use of org.apache.chemistry.opencmis.commons.data.Ace in project copper-cms by PogeyanOSS.
the class ACLSmokeTest method run.
@Override
public void run(Session session) {
CmisTestResult f;
if (supportsACLs(session)) {
try {
// create folder and document
Folder testFolder = createTestFolder(session);
Document doc = createDocument(session, testFolder, "acltest.txt", "ACL test");
// check if there is an ACL
Acl acl = doc.getAcl();
f = createResult(FAILURE, "ACLs are supported but newly created document has no ACL!");
addResult(assertNotNull(acl, null, f));
// check basic permissions
Acl basicAcl = session.getAcl(doc, true);
f = createResult(FAILURE, "ACLs are supported but repository does not return a basic ACL for the newly created document!");
addResult(assertNotNull(basicAcl, null, f));
if (basicAcl != null) {
addResult(checkACL(session, basicAcl, false, "Basic ACL"));
if (basicAcl.getAces() != null) {
for (Ace ace : basicAcl.getAces()) {
if (ace.getPermissions() != null) {
for (String permission : ace.getPermissions()) {
if (!"cmis:read".equals(permission) && !"cmis:write".equals(permission) && !"cmis:all".equals(permission)) {
addResult(createResult(FAILURE, "ACE contains a non-basic permission: " + permission));
}
}
}
}
}
}
if (getAclCapability(session) == CapabilityAcl.MANAGE && !Boolean.FALSE.equals(doc.getType().isControllableAcl())) {
String principal = getParameters().get(TestParameters.DEFAULT_ACL_PRINCIPAL);
if (principal == null) {
principal = TestParameters.DEFAULT_ACL_PRINCIPAL_VALUE;
}
// apply permission "cmis:write"
List<Ace> aces = new ArrayList<Ace>();
aces.add(session.getObjectFactory().createAce(principal, Collections.singletonList("cmis:write")));
session.applyAcl(doc, aces, null, null);
if (session.getRepositoryInfo().getAclCapabilities().getAclPropagation() != AclPropagation.REPOSITORYDETERMINED) {
// set permission "cmis:all"
aces = new ArrayList<Ace>();
aces.add(session.getObjectFactory().createAce(principal, Collections.singletonList("cmis:all")));
session.setAcl(doc, aces);
}
} else {
addResult(createResult(INFO, "The repository or the type '" + doc.getType().getId() + "' don't support managing ACLs."));
}
deleteObject(doc);
} finally {
deleteTestFolder();
}
} else {
addResult(createResult(SKIPPED, "ACLs are not supported. Test Skipped!"));
}
}
use of org.apache.chemistry.opencmis.commons.data.Ace in project structr by structr.
the class CMISAclService method applyAcl.
/**
* Applies the given Acl exclusively, i.e. removes all other permissions / grants first.
*
* @param repositoryId
* @param objectId
* @param acl
* @param aclPropagation
*
* @return the resulting Acl
*/
public Acl applyAcl(final String repositoryId, final String objectId, final Acl acl, final AclPropagation aclPropagation) {
final App app = StructrApp.getInstance(securityContext);
try (final Tx tx = app.tx()) {
final AbstractNode node = app.get(AbstractNode.class, objectId);
if (node != null) {
node.revokeAll();
// process add ACL entries
for (final Ace toAdd : acl.getAces()) {
applyAce(node, toAdd, false);
}
tx.success();
// return the wrapper which implements the Acl interface
return CMISObjectWrapper.wrap(node, null, false);
}
} catch (FrameworkException fex) {
logger.warn("", fex);
}
throw new CmisObjectNotFoundException("Object with ID " + objectId + " does not exist");
}
Aggregations