Example 1 with AclEntry
use of org.apache.wiki.api.core.AclEntry in project jspwiki by apache.
the class DefaultPageManager method changeAcl.
/**
* For a single wiki page, replaces all Acl entries matching a supplied array of Principals with a new Principal.
*
* @param page the wiki page whose Acl is to be modified
* @param oldPrincipals an array of Principals to replace; all AclEntry objects whose {@link AclEntry#getPrincipal()} method returns
* one of these Principals will be replaced
* @param newPrincipal the Principal that should receive the old Principals' permissions
* @return <code>true</code> if the Acl was actually changed; <code>false</code> otherwise
*/
protected boolean changeAcl(final Page page, final Principal[] oldPrincipals, final Principal newPrincipal) {
final Acl acl = page.getAcl();
boolean pageChanged = false;
if (acl != null) {
final Enumeration<AclEntry> entries = acl.aclEntries();
final Collection<AclEntry> entriesToAdd = new ArrayList<>();
final Collection<AclEntry> entriesToRemove = new ArrayList<>();
while (entries.hasMoreElements()) {
final AclEntry entry = entries.nextElement();
if (ArrayUtils.contains(oldPrincipals, entry.getPrincipal())) {
// Create new entry
final AclEntry newEntry = Wiki.acls().entry();
newEntry.setPrincipal(newPrincipal);
final Enumeration<Permission> permissions = entry.permissions();
while (permissions.hasMoreElements()) {
final Permission permission = permissions.nextElement();
newEntry.addPermission(permission);
}
pageChanged = true;
entriesToRemove.add(entry);
entriesToAdd.add(newEntry);
}
}
for (final AclEntry entry : entriesToRemove) {
acl.removeEntry(entry);
}
for (final AclEntry entry : entriesToAdd) {
acl.addEntry(entry);
}
}
return pageChanged;
}
Also used :
AclEntry(org.apache.wiki.api.core.AclEntry)
ArrayList(java.util.ArrayList)
Permission(java.security.Permission)
Acl(org.apache.wiki.api.core.Acl)
Example 2 with AclEntry
use of org.apache.wiki.api.core.AclEntry in project jspwiki by apache.
the class AclImpl method toString.
/**
* {@inheritDoc}
*/
@Override
public String toString() {
final StringBuilder sb = new StringBuilder();
for (final AclEntry entry : m_entries) {
final Principal pal = entry.getPrincipal();
if (pal != null) {
sb.append(" user = ").append(pal.getName()).append(": ");
} else {
sb.append(" user = null: ");
}
sb.append("(");
for (final Enumeration<Permission> perms = entry.permissions(); perms.hasMoreElements(); ) {
final Permission perm = perms.nextElement();
sb.append(perm.toString());
}
sb.append(")\n");
}
return sb.toString();
}
Also used :
AclEntry(org.apache.wiki.api.core.AclEntry)
Permission(java.security.Permission)
Principal(java.security.Principal)
Example 3 with AclEntry
use of org.apache.wiki.api.core.AclEntry in project jspwiki by apache.
the class AclImpl method findPrincipals.
/**
* {@inheritDoc}
*/
@Override
public Principal[] findPrincipals(final Permission permission) {
final List<Principal> principals = new ArrayList<>();
final Enumeration<AclEntry> entries = aclEntries();
while (entries.hasMoreElements()) {
final AclEntry entry = entries.nextElement();
final Enumeration<Permission> permissions = entry.permissions();
while (permissions.hasMoreElements()) {
final Permission perm = permissions.nextElement();
if (perm.implies(permission)) {
principals.add(entry.getPrincipal());
}
}
}
return principals.toArray(new Principal[0]);
}
Also used :
ArrayList(java.util.ArrayList)
AclEntry(org.apache.wiki.api.core.AclEntry)
Permission(java.security.Permission)
Principal(java.security.Principal)
Example 4 with AclEntry
use of org.apache.wiki.api.core.AclEntry in project jspwiki by apache.
the class DefaultAclManager method printAcl.
/**
* Generates an ACL string for inclusion in a wiki page, based on a supplied Acl object. All of the permissions in this Acl are
* assumed to apply to the same page scope. The names of the pages are ignored; only the actions and principals matter.
*
* @param acl the ACL
* @return the ACL string
*/
protected static String printAcl(final Acl acl) {
// Extract the ACL entries into a Map with keys == permissions, values == principals
final Map<String, List<Principal>> permissionPrincipals = new TreeMap<>();
final Enumeration<AclEntry> entries = acl.aclEntries();
while (entries.hasMoreElements()) {
final AclEntry entry = entries.nextElement();
final Principal principal = entry.getPrincipal();
final Enumeration<Permission> permissions = entry.permissions();
while (permissions.hasMoreElements()) {
final Permission permission = permissions.nextElement();
List<Principal> principals = permissionPrincipals.get(permission.getActions());
if (principals == null) {
principals = new ArrayList<>();
final String action = permission.getActions();
if (action.indexOf(',') != -1) {
throw new IllegalStateException("AclEntry permission cannot have multiple targets.");
}
permissionPrincipals.put(action, principals);
}
principals.add(principal);
}
}
// Now, iterate through each permission in the map and generate an ACL string
final StringBuilder s = new StringBuilder();
for (final Map.Entry<String, List<Principal>> entry : permissionPrincipals.entrySet()) {
final String action = entry.getKey();
final List<Principal> principals = entry.getValue();
principals.sort(new PrincipalComparator());
s.append("[{ALLOW ").append(action).append(" ");
for (int i = 0; i < principals.size(); i++) {
final Principal principal = principals.get(i);
s.append(principal.getName());
if (i < (principals.size() - 1)) {
s.append(",");
}
}
s.append("}]\n");
}
return s.toString();
}
Also used :
AclEntry(org.apache.wiki.api.core.AclEntry)
TreeMap(java.util.TreeMap)
PrincipalComparator(org.apache.wiki.util.comparators.PrincipalComparator)
PagePermission(org.apache.wiki.auth.permissions.PagePermission)
Permission(java.security.Permission)
ArrayList(java.util.ArrayList)
List(java.util.List)
Map(java.util.Map)
TreeMap(java.util.TreeMap)
Principal(java.security.Principal)
Example 5 with AclEntry
use of org.apache.wiki.api.core.AclEntry in project jspwiki by apache.
the class DefaultAclManager method parseAcl.
/**
* {@inheritDoc}
*/
@Override
public Acl parseAcl(final Page page, final String ruleLine) throws WikiSecurityException {
Acl acl = page.getAcl();
if (acl == null) {
acl = Wiki.acls().acl();
}
try {
final StringTokenizer fieldToks = new StringTokenizer(ruleLine);
fieldToks.nextToken();
final String actions = fieldToks.nextToken();
while (fieldToks.hasMoreTokens()) {
final String principalName = fieldToks.nextToken(",").trim();
final Principal principal = m_auth.resolvePrincipal(principalName);
final AclEntry oldEntry = acl.getAclEntry(principal);
if (oldEntry != null) {
log.debug("Adding to old acl list: " + principal + ", " + actions);
oldEntry.addPermission(PermissionFactory.getPagePermission(page, actions));
} else {
log.debug("Adding new acl entry for " + actions);
final AclEntry entry = Wiki.acls().entry();
entry.setPrincipal(principal);
entry.addPermission(PermissionFactory.getPagePermission(page, actions));
acl.addEntry(entry);
}
}
page.setAcl(acl);
log.debug(acl.toString());
} catch (final NoSuchElementException nsee) {
log.warn("Invalid access rule: " + ruleLine + " - defaults will be used.");
throw new WikiSecurityException("Invalid access rule: " + ruleLine, nsee);
} catch (final IllegalArgumentException iae) {
throw new WikiSecurityException("Invalid permission type: " + ruleLine, iae);
}
return acl;
}
Also used :
WikiSecurityException(org.apache.wiki.auth.WikiSecurityException)
StringTokenizer(java.util.StringTokenizer)
AclEntry(org.apache.wiki.api.core.AclEntry)
Acl(org.apache.wiki.api.core.Acl)
Principal(java.security.Principal)
NoSuchElementException(java.util.NoSuchElementException)
Aggregations
AclEntry (org.apache.wiki.api.core.AclEntry)9
Principal (java.security.Principal)7
Permission (java.security.Permission)5
Acl (org.apache.wiki.api.core.Acl)4
ArrayList (java.util.ArrayList)3
Page (org.apache.wiki.api.core.Page)2
WikiPrincipal (org.apache.wiki.auth.WikiPrincipal)2
PagePermission (org.apache.wiki.auth.permissions.PagePermission)2
PageManager (org.apache.wiki.pages.PageManager)2
List (java.util.List)1
Map (java.util.Map)1
NoSuchElementException (java.util.NoSuchElementException)1
StringTokenizer (java.util.StringTokenizer)1
TreeMap (java.util.TreeMap)1
Session (org.apache.wiki.api.core.Session)1
GroupPrincipal (org.apache.wiki.auth.GroupPrincipal)1
WikiSecurityException (org.apache.wiki.auth.WikiSecurityException)1
UnresolvedPrincipal (org.apache.wiki.auth.acl.UnresolvedPrincipal)1
Group (org.apache.wiki.auth.authorize.Group)1
AllPermission (org.apache.wiki.auth.permissions.AllPermission)1
