Example 1 with AceWho
use of org.bedework.access.AceWho in project bw-calendar-engine by Bedework.
the class Sharing method setAccess.
private void setAccess(final BwCalendar col, final AddPrincipal ap) throws CalFacadeException {
try {
final String whoHref;
final int whoKind;
if (ap.pr != null) {
whoHref = ap.pr.getPrincipalRef();
whoKind = ap.pr.getKind();
} else {
// Read to all
whoHref = null;
whoKind = WhoDefs.whoTypeAll;
}
Acl acl = col.getCurrentAccess().getAcl();
final AceWho who = AceWho.getAceWho(whoHref, whoKind, false);
final Collection<Privilege> desiredPriv;
if (ap.forRead) {
desiredPriv = readPrivs;
} else {
desiredPriv = readWritePrivs;
}
/*
boolean removeCurrentPrivs = false;
for (Ace a: ainfo.acl.getAces()) {
if (a.getWho().equals(who)) {
if (a.getHow().equals(desiredPriv)) {
// Already have that access
return null;
}
removeCurrentPrivs = true;
}
}
if (removeCurrentPrivs) {
ainfo.acl = ainfo.acl.removeWho(who);
}
*/
Acl removed = acl.removeWho(who);
if (removed != null) {
acl = removed;
}
final BwPrincipal owner = getUsers().getPrincipal(col.getOwnerHref());
final AceWho ownerWho = AceWho.getAceWho(owner.getAccount(), owner.getKind(), false);
removed = acl.removeWho(ownerWho);
if (removed != null) {
acl = removed;
}
final Collection<Ace> aces = new ArrayList<>();
aces.addAll(acl.getAces());
aces.add(Ace.makeAce(who, desiredPriv, null));
aces.add(Ace.makeAce(ownerWho, allPrivs, null));
getSvc().changeAccess(col, aces, true);
if (!col.getInternalAlias()) {
return;
}
final BwCalendar target = getSvc().getCalendarsHandler().resolveAlias(col, false, false);
if (target != null) {
/* Switch identity to the sharee then reget the handler
* and do the share
*/
pushPrincipal(target.getOwnerHref());
try {
setAccess(target, ap);
} catch (final CalFacadeException cfe) {
throw cfe;
} catch (final Throwable t) {
throw new CalFacadeException(t);
} finally {
popPrincipal();
}
}
} catch (final AccessException ae) {
throw new CalFacadeException(ae);
}
}
Also used :
Ace(org.bedework.access.Ace)
ArrayList(java.util.ArrayList)
Acl(org.bedework.access.Acl)
BwCalendar(org.bedework.calfacade.BwCalendar)
CalFacadeException(org.bedework.calfacade.exc.CalFacadeException)
BwPrincipal(org.bedework.calfacade.BwPrincipal)
AccessException(org.bedework.access.AccessException)
AceWho(org.bedework.access.AceWho)
Privilege(org.bedework.access.Privilege)
Example 2 with AceWho
use of org.bedework.access.AceWho in project bw-calendar-engine by Bedework.
the class Restore method createNewSystem.
private void createNewSystem() throws Throwable {
// Create the public user.
final BwPrincipal pu = BwPrincipal.makeUserPrincipal();
pu.setAccount(BwPrincipal.publicUser);
globals.setPrincipalHref(pu);
globals.rintf.restorePrincipal(pu);
// Create the root user.
final BwPrincipal rootUser = BwPrincipal.makeUserPrincipal();
rootUser.setAccount(rootId);
globals.setPrincipalHref(rootUser);
globals.rintf.restorePrincipal(rootUser);
// Create the an authuser entry for the root user.
final BwAuthUser au = new BwAuthUser();
au.setUserHref(rootUser.getPrincipalRef());
au.setUsertype(UserAuth.allAuth);
au.setPrefs(BwAuthUserPrefs.makeAuthUserPrefs());
globals.rintf.restoreAuthUser(au);
// Create a group for all public admin groups
final BwAdminGroup g = new BwAdminGroup();
final String publicAdminGroupsAccount = // XXX Put into config
"publicAdminGroups";
g.setAccount(publicAdminGroupsAccount);
g.setGroupOwnerHref(pu.getPrincipalRef());
g.setOwnerHref(pu.getPrincipalRef());
if (!globals.onlyUsersMap.check(g.getGroupOwnerHref())) {
g.setGroupOwnerHref(globals.getPublicUser().getPrincipalRef());
}
globals.rintf.restoreAdminGroup(g);
// Create the public root.
final Collection<Privilege> privs = new ArrayList<>();
privs.add(Privileges.makePriv(PrivilegeDefs.privRead));
final Collection<Ace> aces = new ArrayList<>();
aces.add(Ace.makeAce(AceWho.other, privs, null));
privs.clear();
privs.add(Privileges.makePriv(PrivilegeDefs.privRead));
privs.add(Privileges.makePriv(PrivilegeDefs.privWriteContent));
final AceWho who = AceWho.getAceWho(publicAdminGroupsAccount, WhoDefs.whoTypeGroup, false);
aces.add(Ace.makeAce(who, privs, null));
makeCal(null, pu, BwCalendar.calTypeFolder, RestoreGlobals.getBasicSyspars().getPublicCalendarRoot(), new String(new Acl(aces).encode()));
// Create the user root.
privs.clear();
privs.add(Privileges.makePriv(PrivilegeDefs.privAll));
aces.clear();
aces.add(Ace.makeAce(AceWho.owner, privs, null));
final BwCalendar userRoot = makeCal(null, pu, BwCalendar.calTypeFolder, RestoreGlobals.getBasicSyspars().getUserCalendarRoot(), new String(new Acl(aces).encode()));
makeUserHome(userRoot, pu);
makeUserHome(userRoot, rootUser);
}
Also used :
BwAuthUser(org.bedework.calfacade.svc.BwAuthUser)
Ace(org.bedework.access.Ace)
BwPrincipal(org.bedework.calfacade.BwPrincipal)
AceWho(org.bedework.access.AceWho)
ArrayList(java.util.ArrayList)
BwAdminGroup(org.bedework.calfacade.svc.BwAdminGroup)
Acl(org.bedework.access.Acl)
BwCalendar(org.bedework.calfacade.BwCalendar)
Privilege(org.bedework.access.Privilege)
Aggregations
ArrayList (java.util.ArrayList)2
Ace (org.bedework.access.Ace)2
AceWho (org.bedework.access.AceWho)2
Acl (org.bedework.access.Acl)2
Privilege (org.bedework.access.Privilege)2
BwCalendar (org.bedework.calfacade.BwCalendar)2
BwPrincipal (org.bedework.calfacade.BwPrincipal)2
AccessException (org.bedework.access.AccessException)1
CalFacadeException (org.bedework.calfacade.exc.CalFacadeException)1
BwAdminGroup (org.bedework.calfacade.svc.BwAdminGroup)1
BwAuthUser (org.bedework.calfacade.svc.BwAuthUser)1
