Example 1 with AccessException
use of org.bedework.access.AccessException in project bw-calendar-engine by Bedework.
the class CalSuites method validateGroup.
/**
* Ensure the given group is valid for the given calendar suite
*
* @param cs
* @param groupName
* @return home for the group
* @throws CalFacadeException
*/
private BwCalendar validateGroup(final BwCalSuite cs, final String groupName) throws CalFacadeException {
if (groupName.length() > BwCalSuite.maxNameLength) {
throw new CalFacadeException(CalFacadeException.calsuiteGroupNameTooLong);
}
BwAdminGroup agrp = (BwAdminGroup) getSvc().getAdminDirectories().findGroup(groupName);
if (agrp == null) {
throw new CalFacadeException(CalFacadeException.groupNotFound, groupName);
}
final BwCalSuiteWrapper csw = get(agrp);
if ((csw != null) && !csw.equals(cs)) {
// Group already assigned to another cal suite
throw new CalFacadeException(CalFacadeException.calsuiteGroupAssigned, csw.getName());
}
final BwPrincipal eventsOwner = getPrincipal(agrp.getOwnerHref());
if (eventsOwner == null) {
throw new CalFacadeException(CalFacadeException.calsuiteBadowner);
}
final BwCalendar home = getCols().getHomeDb(eventsOwner, true);
if (home == null) {
throw new CalFacadeException(CalFacadeException.missingGroupOwnerHome);
}
cs.setGroup(agrp);
/* Change access on the home for the events creator which is also the
* owner of the calsuite resources.
*/
final Collection<Privilege> allPrivs = new ArrayList<>();
allPrivs.add(Access.all);
final Collection<Privilege> readPrivs = new ArrayList<>();
readPrivs.add(Access.read);
final Collection<Ace> aces = new ArrayList<>();
try {
aces.add(Ace.makeAce(AceWho.owner, allPrivs, null));
aces.add(Ace.makeAce(AceWho.getAceWho(eventsOwner.getAccount(), WhoDefs.whoTypeUser, false), allPrivs, null));
aces.add(Ace.makeAce(AceWho.getAceWho(null, WhoDefs.whoTypeAuthenticated, false), readPrivs, null));
aces.add(Ace.makeAce(AceWho.all, readPrivs, null));
getSvc().changeAccess(home, aces, true);
/* Same access to the calsuite itself */
getSvc().changeAccess(cs, aces, true);
/* Also set access so that categories, locations etc are readable */
final String aclStr = new String(new Acl(aces).encode());
eventsOwner.setCategoryAccess(aclStr);
eventsOwner.setLocationAccess(aclStr);
eventsOwner.setContactAccess(aclStr);
} catch (final AccessException ae) {
throw new CalFacadeException(ae);
}
getSvc().getUsersHandler().update(eventsOwner);
return home;
}
Also used :
Ace(org.bedework.access.Ace)
ArrayList(java.util.ArrayList)
BwCalSuiteWrapper(org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper)
BwCalendar(org.bedework.calfacade.BwCalendar)
Acl(org.bedework.access.Acl)
CalFacadeException(org.bedework.calfacade.exc.CalFacadeException)
BwPrincipal(org.bedework.calfacade.BwPrincipal)
AccessException(org.bedework.access.AccessException)
BwAdminGroup(org.bedework.calfacade.svc.BwAdminGroup)
Privilege(org.bedework.access.Privilege)
Example 2 with AccessException
use of org.bedework.access.AccessException in project bw-calendar-engine by Bedework.
the class Sharing method setAccess.
private void setAccess(final BwCalendar col, final AddPrincipal ap) throws CalFacadeException {
try {
final String whoHref;
final int whoKind;
if (ap.pr != null) {
whoHref = ap.pr.getPrincipalRef();
whoKind = ap.pr.getKind();
} else {
// Read to all
whoHref = null;
whoKind = WhoDefs.whoTypeAll;
}
Acl acl = col.getCurrentAccess().getAcl();
final AceWho who = AceWho.getAceWho(whoHref, whoKind, false);
final Collection<Privilege> desiredPriv;
if (ap.forRead) {
desiredPriv = readPrivs;
} else {
desiredPriv = readWritePrivs;
}
/*
boolean removeCurrentPrivs = false;
for (Ace a: ainfo.acl.getAces()) {
if (a.getWho().equals(who)) {
if (a.getHow().equals(desiredPriv)) {
// Already have that access
return null;
}
removeCurrentPrivs = true;
}
}
if (removeCurrentPrivs) {
ainfo.acl = ainfo.acl.removeWho(who);
}
*/
Acl removed = acl.removeWho(who);
if (removed != null) {
acl = removed;
}
final BwPrincipal owner = getUsers().getPrincipal(col.getOwnerHref());
final AceWho ownerWho = AceWho.getAceWho(owner.getAccount(), owner.getKind(), false);
removed = acl.removeWho(ownerWho);
if (removed != null) {
acl = removed;
}
final Collection<Ace> aces = new ArrayList<>();
aces.addAll(acl.getAces());
aces.add(Ace.makeAce(who, desiredPriv, null));
aces.add(Ace.makeAce(ownerWho, allPrivs, null));
getSvc().changeAccess(col, aces, true);
if (!col.getInternalAlias()) {
return;
}
final BwCalendar target = getSvc().getCalendarsHandler().resolveAlias(col, false, false);
if (target != null) {
/* Switch identity to the sharee then reget the handler
* and do the share
*/
pushPrincipal(target.getOwnerHref());
try {
setAccess(target, ap);
} catch (final CalFacadeException cfe) {
throw cfe;
} catch (final Throwable t) {
throw new CalFacadeException(t);
} finally {
popPrincipal();
}
}
} catch (final AccessException ae) {
throw new CalFacadeException(ae);
}
}
Also used :
Ace(org.bedework.access.Ace)
ArrayList(java.util.ArrayList)
Acl(org.bedework.access.Acl)
BwCalendar(org.bedework.calfacade.BwCalendar)
CalFacadeException(org.bedework.calfacade.exc.CalFacadeException)
BwPrincipal(org.bedework.calfacade.BwPrincipal)
AccessException(org.bedework.access.AccessException)
AceWho(org.bedework.access.AceWho)
Privilege(org.bedework.access.Privilege)
Example 3 with AccessException
use of org.bedework.access.AccessException in project bw-calendar-engine by Bedework.
the class Sharing method removeAccess.
private boolean removeAccess(final BwCalendar col, final String principalHref) throws CalFacadeException {
Acl acl = col.getCurrentAccess().getAcl();
try {
if (Util.isEmpty(acl.getAces())) {
return false;
}
final BwPrincipal pr = caladdrToPrincipal(principalHref);
acl = removeAccess(acl, pr.getAccount(), pr.getKind());
if (acl == null) {
// no change
return false;
}
getSvc().changeAccess(col, acl.getAces(), true);
if (!col.getInternalAlias()) {
return true;
}
final BwCalendar target = getSvc().getCalendarsHandler().resolveAlias(col, false, false);
if (target == null) {
return false;
}
/* Switch identity to the sharee then reget the handler
* and do the share
*/
pushPrincipal(target.getOwnerHref());
try {
return removeAccess(target, principalHref);
} catch (final CalFacadeException cfe) {
throw cfe;
} catch (final Throwable t) {
throw new CalFacadeException(t);
} finally {
popPrincipal();
}
} catch (final AccessException ae) {
throw new CalFacadeException(ae);
}
}
Also used :
BwPrincipal(org.bedework.calfacade.BwPrincipal)
AccessException(org.bedework.access.AccessException)
Acl(org.bedework.access.Acl)
BwCalendar(org.bedework.calfacade.BwCalendar)
CalFacadeException(org.bedework.calfacade.exc.CalFacadeException)
Example 4 with AccessException
use of org.bedework.access.AccessException in project bw-calendar-engine by Bedework.
the class CalSuites method getResourcesDir.
/* ====================================================================
* Private methods
* =================================================================== */
private BwCalendar getResourcesDir(final BwCalSuite suite, final ResourceClass cl) throws CalFacadeException {
String path = getResourcesPath(suite, cl);
if (path == null) {
throw new CalFacadeException(CalFacadeException.noCalsuiteResCol);
}
BwCalendar resCol = getCols().get(path);
if (resCol != null) {
return resCol;
}
/* Create the collection. All are world readable. The calsuite class
* collection is writable to the calsuite owner.
*/
resCol = new BwCalendar();
resCol.setName(path.substring(path.lastIndexOf("/") + 1));
resCol.setSummary(resCol.getName());
resCol.setCreatorHref(suite.getOwnerHref());
if (cl == ResourceClass.calsuite) {
// Owned by the suite
resCol.setOwnerHref(suite.getOwnerHref());
} else {
resCol.setOwnerHref(getPublicUser().getPrincipalRef());
}
String parentPath = path.substring(0, path.lastIndexOf("/"));
resCol = getCols().add(resCol, parentPath);
try {
Collection<Privilege> readPrivs = new ArrayList<Privilege>();
readPrivs.add(Access.read);
Collection<Ace> aces = new ArrayList<Ace>();
aces.add(Ace.makeAce(AceWho.all, readPrivs, null));
getSvc().changeAccess(resCol, aces, true);
} catch (AccessException ae) {
throw new CalFacadeException(ae);
}
return resCol;
}
Also used :
Ace(org.bedework.access.Ace)
AccessException(org.bedework.access.AccessException)
ArrayList(java.util.ArrayList)
BwCalendar(org.bedework.calfacade.BwCalendar)
Privilege(org.bedework.access.Privilege)
CalFacadeException(org.bedework.calfacade.exc.CalFacadeException)
Aggregations
AccessException (org.bedework.access.AccessException)4
BwCalendar (org.bedework.calfacade.BwCalendar)4
CalFacadeException (org.bedework.calfacade.exc.CalFacadeException)4
ArrayList (java.util.ArrayList)3
Ace (org.bedework.access.Ace)3
Acl (org.bedework.access.Acl)3
Privilege (org.bedework.access.Privilege)3
BwPrincipal (org.bedework.calfacade.BwPrincipal)3
AceWho (org.bedework.access.AceWho)1
BwAdminGroup (org.bedework.calfacade.svc.BwAdminGroup)1
BwCalSuiteWrapper (org.bedework.calfacade.svc.wrappers.BwCalSuiteWrapper)1
