Example 1 with Acl
use of org.apache.wiki.api.core.Acl in project jspwiki by apache.
the class DefaultPageManager method changeAcl.
/**
* For a single wiki page, replaces all Acl entries matching a supplied array of Principals with a new Principal.
*
* @param page the wiki page whose Acl is to be modified
* @param oldPrincipals an array of Principals to replace; all AclEntry objects whose {@link AclEntry#getPrincipal()} method returns
* one of these Principals will be replaced
* @param newPrincipal the Principal that should receive the old Principals' permissions
* @return <code>true</code> if the Acl was actually changed; <code>false</code> otherwise
*/
protected boolean changeAcl(final Page page, final Principal[] oldPrincipals, final Principal newPrincipal) {
final Acl acl = page.getAcl();
boolean pageChanged = false;
if (acl != null) {
final Enumeration<AclEntry> entries = acl.aclEntries();
final Collection<AclEntry> entriesToAdd = new ArrayList<>();
final Collection<AclEntry> entriesToRemove = new ArrayList<>();
while (entries.hasMoreElements()) {
final AclEntry entry = entries.nextElement();
if (ArrayUtils.contains(oldPrincipals, entry.getPrincipal())) {
// Create new entry
final AclEntry newEntry = Wiki.acls().entry();
newEntry.setPrincipal(newPrincipal);
final Enumeration<Permission> permissions = entry.permissions();
while (permissions.hasMoreElements()) {
final Permission permission = permissions.nextElement();
newEntry.addPermission(permission);
}
pageChanged = true;
entriesToRemove.add(entry);
entriesToAdd.add(newEntry);
}
}
for (final AclEntry entry : entriesToRemove) {
acl.removeEntry(entry);
}
for (final AclEntry entry : entriesToAdd) {
acl.addEntry(entry);
}
}
return pageChanged;
}
Also used :
AclEntry(org.apache.wiki.api.core.AclEntry)
ArrayList(java.util.ArrayList)
Permission(java.security.Permission)
Acl(org.apache.wiki.api.core.Acl)
Example 2 with Acl
use of org.apache.wiki.api.core.Acl in project jspwiki by apache.
the class AccessRuleLinkNodePostProcessorState method process.
/**
* {@inheritDoc}
*
* @see NodePostProcessorState#process(NodeTracker, Node)
*/
@Override
public void process(final NodeTracker state, final JSPWikiLink link) {
String ruleLine = NodePostProcessorStateCommonOperations.inlineLinkTextOnWysiwyg(state, link, m_wysiwygEditorMode);
if (wikiContext.getEngine().getManager(RenderingManager.class).getParser(wikiContext, link.getUrl().toString()).isParseAccessRules()) {
final Page page = wikiContext.getRealPage();
if (ruleLine.startsWith("{")) {
ruleLine = ruleLine.substring(1);
}
if (ruleLine.endsWith("}")) {
ruleLine = ruleLine.substring(0, ruleLine.length() - 1);
}
LOG.debug("page=" + page.getName() + ", ACL = " + ruleLine);
try {
final Acl acl = wikiContext.getEngine().getManager(AclManager.class).parseAcl(page, ruleLine);
page.setAcl(acl);
link.unlink();
state.nodeRemoved(link);
LOG.debug(acl.toString());
} catch (final WikiSecurityException wse) {
NodePostProcessorStateCommonOperations.makeError(state, link, wse.getMessage());
}
}
}
Also used :
WikiSecurityException(org.apache.wiki.auth.WikiSecurityException)
Page(org.apache.wiki.api.core.Page)
Acl(org.apache.wiki.api.core.Acl)
AclManager(org.apache.wiki.auth.acl.AclManager)
Example 3 with Acl
use of org.apache.wiki.api.core.Acl in project jspwiki by apache.
the class DefaultAclManager method parseAcl.
/**
* {@inheritDoc}
*/
@Override
public Acl parseAcl(final Page page, final String ruleLine) throws WikiSecurityException {
Acl acl = page.getAcl();
if (acl == null) {
acl = Wiki.acls().acl();
}
try {
final StringTokenizer fieldToks = new StringTokenizer(ruleLine);
fieldToks.nextToken();
final String actions = fieldToks.nextToken();
while (fieldToks.hasMoreTokens()) {
final String principalName = fieldToks.nextToken(",").trim();
final Principal principal = m_auth.resolvePrincipal(principalName);
final AclEntry oldEntry = acl.getAclEntry(principal);
if (oldEntry != null) {
log.debug("Adding to old acl list: " + principal + ", " + actions);
oldEntry.addPermission(PermissionFactory.getPagePermission(page, actions));
} else {
log.debug("Adding new acl entry for " + actions);
final AclEntry entry = Wiki.acls().entry();
entry.setPrincipal(principal);
entry.addPermission(PermissionFactory.getPagePermission(page, actions));
acl.addEntry(entry);
}
}
page.setAcl(acl);
log.debug(acl.toString());
} catch (final NoSuchElementException nsee) {
log.warn("Invalid access rule: " + ruleLine + " - defaults will be used.");
throw new WikiSecurityException("Invalid access rule: " + ruleLine, nsee);
} catch (final IllegalArgumentException iae) {
throw new WikiSecurityException("Invalid permission type: " + ruleLine, iae);
}
return acl;
}
Also used :
WikiSecurityException(org.apache.wiki.auth.WikiSecurityException)
StringTokenizer(java.util.StringTokenizer)
AclEntry(org.apache.wiki.api.core.AclEntry)
Acl(org.apache.wiki.api.core.Acl)
Principal(java.security.Principal)
NoSuchElementException(java.util.NoSuchElementException)
Example 4 with Acl
use of org.apache.wiki.api.core.Acl in project jspwiki by apache.
the class DefaultAclManager method getPermissions.
/**
* {@inheritDoc}
*/
@Override
public Acl getPermissions(final Page page) {
// Does the page already have cached ACLs?
Acl acl = page.getAcl();
log.debug("page=" + page.getName() + "\n" + acl);
if (acl == null) {
// If null, try the parent.
if (page instanceof Attachment) {
final Page parent = m_engine.getManager(PageManager.class).getPage(((Attachment) page).getParentName());
acl = getPermissions(parent);
} else {
// Or, try parsing the page
final Context ctx = Wiki.context().create(m_engine, page);
ctx.setVariable(Context.VAR_EXECUTE_PLUGINS, Boolean.FALSE);
m_engine.getManager(RenderingManager.class).getHTML(ctx, page);
if (page.getAcl() == null) {
page.setAcl(Wiki.acls().acl());
}
acl = page.getAcl();
}
}
return acl;
}
Also used :
Context(org.apache.wiki.api.core.Context)
PageManager(org.apache.wiki.pages.PageManager)
RenderingManager(org.apache.wiki.render.RenderingManager)
Attachment(org.apache.wiki.api.core.Attachment)
Page(org.apache.wiki.api.core.Page)
Acl(org.apache.wiki.api.core.Acl)
Example 5 with Acl
use of org.apache.wiki.api.core.Acl in project jspwiki by apache.
the class DefaultAclManagerTest method testPrintAcl.
@Test
public void testPrintAcl() {
// Verify that the printed Acl for the test page is OK
final Page page = m_engine.getManager(PageManager.class).getPage("TestAclPage");
Acl acl = m_engine.getManager(AclManager.class).getPermissions(page);
final String aclString = DefaultAclManager.printAcl(acl);
Assertions.assertEquals("[{ALLOW edit Charlie,Herman}]\n", aclString);
// Create an ACL from scratch
acl = Wiki.acls().acl();
AclEntry entry = Wiki.acls().entry();
entry.setPrincipal(new WikiPrincipal("Charlie"));
entry.addPermission(PermissionFactory.getPagePermission("Main:Foo", "view"));
entry.addPermission(PermissionFactory.getPagePermission("Main:Foo", "edit"));
acl.addEntry(entry);
entry = Wiki.acls().entry();
entry.setPrincipal(new WikiPrincipal("Devin"));
entry.addPermission(PermissionFactory.getPagePermission("Main:Foo", "edit"));
entry.addPermission(PermissionFactory.getPagePermission("Main:Foo", "delete"));
acl.addEntry(entry);
// Verify that the printed ACL is OK
final String expectedValue = "[{ALLOW delete Devin}]\n[{ALLOW edit Charlie,Devin}]\n[{ALLOW view Charlie}]\n";
Assertions.assertEquals(expectedValue, DefaultAclManager.printAcl(acl));
}
Also used :
PageManager(org.apache.wiki.pages.PageManager)
WikiPrincipal(org.apache.wiki.auth.WikiPrincipal)
AclEntry(org.apache.wiki.api.core.AclEntry)
Page(org.apache.wiki.api.core.Page)
Acl(org.apache.wiki.api.core.Acl)
Test(org.junit.jupiter.api.Test)
Aggregations
Acl (org.apache.wiki.api.core.Acl)8
Page (org.apache.wiki.api.core.Page)6
AclEntry (org.apache.wiki.api.core.AclEntry)4
PageManager (org.apache.wiki.pages.PageManager)4
Principal (java.security.Principal)3
WikiSecurityException (org.apache.wiki.auth.WikiSecurityException)3
Permission (java.security.Permission)2
WikiPrincipal (org.apache.wiki.auth.WikiPrincipal)2
AclManager (org.apache.wiki.auth.acl.AclManager)2
Test (org.junit.jupiter.api.Test)2
ArrayList (java.util.ArrayList)1
NoSuchElementException (java.util.NoSuchElementException)1
StringTokenizer (java.util.StringTokenizer)1
Attachment (org.apache.wiki.api.core.Attachment)1
Context (org.apache.wiki.api.core.Context)1
UnresolvedPrincipal (org.apache.wiki.auth.acl.UnresolvedPrincipal)1
AllPermission (org.apache.wiki.auth.permissions.AllPermission)1
PagePermission (org.apache.wiki.auth.permissions.PagePermission)1
RenderingManager (org.apache.wiki.render.RenderingManager)1
