Example 36 with BwCalendar
use of org.bedework.calfacade.BwCalendar in project bw-calendar-engine by Bedework.
the class AccessUtil method checkAccess.
@Override
public CurrentAccess checkAccess(final BwShareableDbentity<?> ent, final int desiredAccess, final boolean alwaysReturnResult) throws CalFacadeException {
if (ent == null) {
return null;
}
if (ent instanceof CalendarWrapper) {
final CalendarWrapper col = (CalendarWrapper) ent;
final CurrentAccess ca = col.getCurrentAccess(desiredAccess);
if (ca != null) {
if (debug) {
debug("Access " + desiredAccess + " already checked for " + cb.getPrincipal().getPrincipalRef() + " and allowed=" + ca.getAccessAllowed());
}
if (!ca.getAccessAllowed() && !alwaysReturnResult) {
throw new CalFacadeAccessException();
}
return ca;
}
}
if (debug) {
final String cname = ent.getClass().getName();
final String ident;
if (ent instanceof BwCalendar) {
ident = ((BwCalendar) ent).getPath();
} else {
ident = String.valueOf(ent.getId());
}
debug("Check access by " + cb.getPrincipal().getPrincipalRef() + " for object " + cname.substring(cname.lastIndexOf(".") + 1) + " ident=" + ident + " desiredAccess = " + desiredAccess);
}
try {
final long startTime = System.currentTimeMillis();
CurrentAccess ca = null;
final AccessPrincipal owner = cb.getPrincipal(ent.getOwnerHref());
if (debug) {
debug("After getPrincipal - took: " + (System.currentTimeMillis() - startTime));
}
if (owner == null) {
error("Principal(owner) " + ent.getOwnerHref() + " does not exist");
if (!alwaysReturnResult) {
throw new CalFacadeAccessException();
}
return new CurrentAccess(false);
}
PrivilegeSet maxPrivs = null;
char[] aclChars = null;
if (ent instanceof BwCalendar) {
final BwCalendar cal = (BwCalendar) ent;
final String path = cal.getPath();
/* I think this was wrong. For superuser we want to see the real
* access but they are going to be allowed access whatever.
if (userRootPath.equals(path)) {
ca = new CurrentAccess();
if (getSuperUser()) {
ca.privileges = PrivilegeSet.makeDefaultOwnerPrivileges();
} else {
ca.privileges = PrivilegeSet.makeDefaultNonOwnerPrivileges();
}
} else if (path.equals(userHomePathPrefix + account)){
// Accessing user home directory
if (getSuperUser()) {
ca = new CurrentAccess();
ca.privileges = PrivilegeSet.makeDefaultOwnerPrivileges();
} else {
// Set the maximumn access
maxPrivs = PrivilegeSet.userHomeMaxPrivileges;
}
}
*/
if (!cb.getSuperUser()) {
if (cb.getUserHomePath().equals(path)) {
ca = new CurrentAccess();
ca = Acl.defaultNonOwnerAccess;
} else if (path.equals(Util.buildPath(colPathEndsWithSlash, cb.getUserHomePath(), "/", owner.getAccount()))) {
// Accessing user home directory
// Set the maximumn access
maxPrivs = PrivilegeSet.userHomeMaxPrivileges;
}
}
}
if (maxPrivs == null) {
maxPrivs = cb.getMaximumAllowedPrivs();
} else if (cb.getMaximumAllowedPrivs() != null) {
maxPrivs = PrivilegeSet.filterPrivileges(maxPrivs, cb.getMaximumAllowedPrivs());
}
if (ca == null) {
/* Not special. getAclChars provides merged access for the current
* entity.
*/
aclChars = getAclChars(ent);
if (aclChars == null) {
error("Unable to fetch aclchars for " + ent);
if (!alwaysReturnResult) {
throw new CalFacadeAccessException();
}
return new CurrentAccess(false);
}
if (debug) {
debug("aclChars = " + new String(aclChars));
}
if (desiredAccess == privAny) {
ca = access.checkAny(cb, cb.getPrincipal(), owner, aclChars, maxPrivs);
} else if (desiredAccess == privRead) {
ca = access.checkRead(cb, cb.getPrincipal(), owner, aclChars, maxPrivs);
} else if (desiredAccess == privWrite) {
ca = access.checkReadWrite(cb, cb.getPrincipal(), owner, aclChars, maxPrivs);
} else {
ca = access.evaluateAccess(cb, cb.getPrincipal(), owner, desiredAccess, aclChars, maxPrivs);
}
}
if ((cb.getPrincipal() != null) && cb.getSuperUser()) {
/* Override rather than just create a readable access as code further
* up expects a valid filled in object.
*/
if (debug && !ca.getAccessAllowed()) {
debug("Override for superuser");
}
ca = Acl.forceAccessAllowed(ca);
}
if (ent instanceof CalendarWrapper) {
final CalendarWrapper col = (CalendarWrapper) ent;
col.setCurrentAccess(ca, desiredAccess);
}
if (debug) {
debug("access allowed: " + ca.getAccessAllowed());
}
if (!ca.getAccessAllowed() && !alwaysReturnResult) {
throw new CalFacadeAccessException();
}
return ca;
} catch (final CalFacadeException cfe) {
throw cfe;
} catch (final Throwable t) {
throw new CalFacadeException(t);
}
}
Also used :
PrivilegeSet(org.bedework.access.PrivilegeSet)
CurrentAccess(org.bedework.access.Acl.CurrentAccess)
CalendarWrapper(org.bedework.calfacade.wrappers.CalendarWrapper)
BwCalendar(org.bedework.calfacade.BwCalendar)
CalFacadeAccessException(org.bedework.calfacade.exc.CalFacadeAccessException)
AccessPrincipal(org.bedework.access.AccessPrincipal)
CalFacadeException(org.bedework.calfacade.exc.CalFacadeException)
Example 37 with BwCalendar
use of org.bedework.calfacade.BwCalendar in project bw-calendar-engine by Bedework.
the class AccessUtil method getAclChars.
/* ====================================================================
* Private methods
* ==================================================================== */
/* If the entity is not a collection we merge the access in with the container
* access then return the merged aces. We do this because we call getPathInfo
* with a collection entity. That method will recurse up to the root.
*
* For a calendar we just use the access for the calendar.
*
* The calendar/container access might be cached in the pathInfoTable.
*/
private char[] getAclChars(final BwShareableDbentity<?> ent) throws CalFacadeException {
if ((!(ent instanceof BwEventProperty)) && (ent instanceof BwShareableContainedDbentity)) {
BwCalendar container;
if (ent instanceof BwCalendar) {
container = (BwCalendar) ent;
} else {
container = getParent((BwShareableContainedDbentity<?>) ent);
}
if (container == null) {
return null;
}
final String path = container.getPath();
CalendarWrapper wcol = (CalendarWrapper) container;
String aclStr;
char[] aclChars = null;
/* Get access for the parent first if we have one */
BwCalendar parent = getParent(wcol);
if (parent != null) {
aclStr = new String(merged(getAclChars(parent), parent.getPath(), wcol.getAccess()));
} else if (wcol.getAccess() != null) {
aclStr = wcol.getAccess();
} else {
// At root
throw new CalFacadeException("Collections must have default access set at root");
}
if (aclStr != null) {
aclChars = aclStr.toCharArray();
}
if (ent instanceof BwCalendar) {
return aclChars;
}
return merged(aclChars, path, ent.getAccess());
}
/* This is a way of making other objects sort of shareable.
* The objects are locations, sponsors and categories.
* (also calsuite)
*
* We store the default access in the owner principal and manipulate that to give
* us some degree of sharing.
*
* In effect, the owner becomes the container for the object.
*/
String aclString = null;
String entAccess = ent.getAccess();
BwPrincipal owner = (BwPrincipal) cb.getPrincipal(ent.getOwnerHref());
if (ent instanceof BwCategory) {
aclString = owner.getCategoryAccess();
} else if (ent instanceof BwLocation) {
aclString = owner.getLocationAccess();
} else if (ent instanceof BwContact) {
aclString = owner.getContactAccess();
}
if (aclString == null) {
if (entAccess == null) {
if (ent.getPublick()) {
return Access.getDefaultPublicAccess().toCharArray();
}
return Access.getDefaultPersonalAccess().toCharArray();
}
return entAccess.toCharArray();
}
if (entAccess == null) {
return aclString.toCharArray();
}
try {
Acl acl = Acl.decode(entAccess.toCharArray());
acl = acl.merge(aclString.toCharArray(), "/owner");
return acl.getEncoded();
} catch (Throwable t) {
throw new CalFacadeException(t);
}
}
Also used :
BwLocation(org.bedework.calfacade.BwLocation)
BwShareableContainedDbentity(org.bedework.calfacade.base.BwShareableContainedDbentity)
BwCategory(org.bedework.calfacade.BwCategory)
BwEventProperty(org.bedework.calfacade.BwEventProperty)
BwCalendar(org.bedework.calfacade.BwCalendar)
BwContact(org.bedework.calfacade.BwContact)
Acl(org.bedework.access.Acl)
CalFacadeException(org.bedework.calfacade.exc.CalFacadeException)
BwPrincipal(org.bedework.calfacade.BwPrincipal)
CalendarWrapper(org.bedework.calfacade.wrappers.CalendarWrapper)
Example 38 with BwCalendar
use of org.bedework.calfacade.BwCalendar in project bw-calendar-engine by Bedework.
the class CalintfHelper method getEntityCollection.
protected BwCalendar getEntityCollection(final String path, final int nonSchedAccess, final boolean scheduling, final boolean alwaysReturn) throws CalFacadeException {
final int desiredAccess;
if (!scheduling) {
desiredAccess = nonSchedAccess;
} else {
desiredAccess = privAny;
}
final BwCalendar cal = getCollection(path, desiredAccess, alwaysReturn | scheduling);
if (cal == null) {
return null;
}
if (!cal.getCalendarCollection()) {
throwException(new CalFacadeAccessException());
}
if (!scheduling) {
return cal;
}
CurrentAccess ca;
final AccessUtilI access = ac.getAccessUtil();
if ((cal.getCalType() == BwCalendar.calTypeInbox) || (cal.getCalType() == BwCalendar.calTypePendingInbox)) {
ca = access.checkAccess(cal, privScheduleDeliver, true);
if (!ca.getAccessAllowed()) {
// try old style
ca = access.checkAccess(cal, privScheduleRequest, alwaysReturn);
}
} else if (cal.getCalType() == BwCalendar.calTypeOutbox) {
ca = access.checkAccess(cal, privScheduleSend, true);
if (!ca.getAccessAllowed()) {
// try old style
ca = access.checkAccess(cal, privScheduleReply, alwaysReturn);
}
} else {
throw new CalFacadeAccessException();
}
if (!ca.getAccessAllowed()) {
return null;
}
return cal;
}
Also used :
AccessUtilI(org.bedework.calfacade.util.AccessUtilI)
CurrentAccess(org.bedework.access.Acl.CurrentAccess)
BwCalendar(org.bedework.calfacade.BwCalendar)
CalFacadeAccessException(org.bedework.calfacade.exc.CalFacadeAccessException)
Example 39 with BwCalendar
use of org.bedework.calfacade.BwCalendar in project bw-calendar-engine by Bedework.
the class CoreCalendars method touchCalendar.
@Override
public void touchCalendar(final String path) throws CalFacadeException {
final BwCalendar col = dao.getCollection(path);
if (col == null) {
return;
}
touchCalendar(col);
}
Also used :
BwCalendar(org.bedework.calfacade.BwCalendar)
Example 40 with BwCalendar
use of org.bedework.calfacade.BwCalendar in project bw-calendar-engine by Bedework.
the class CoreCalendars method getSyncToken.
@Override
public String getSyncToken(final String path) throws CalFacadeException {
final BwCalendar thisCol = getCalendar(path, privAny, false);
if (thisCol == null) {
return null;
}
/* Because we don't have a trailing "/" on the paths the path
prefix may pull in more than we want. We have to check the path on
return.
For example - if path is /a/x - we might get /a/x/y but we might
also get /a/xxx/y
*/
// Removes "/"
final String fpath = fixPath(path);
final String fpathSlash = fpath + "/";
@SuppressWarnings("unchecked") final List<BwCalendar> cols = dao.getPathPrefix(fpath);
String token = thisCol.getLastmod().getTagValue();
for (final BwCalendar col : cols) {
final String colPath = col.getPath();
if (!colPath.equals(fpath) && !colPath.startsWith(fpathSlash)) {
continue;
}
final BwCalendar wcol = wrap(col);
final CurrentAccess ca = ac.checkAccess(wcol, privAny, true);
if (!ca.getAccessAllowed()) {
continue;
}
final String t = col.getLastmod().getTagValue();
if (t.compareTo(token) > 0) {
token = t;
}
}
return token;
}
Also used :
CurrentAccess(org.bedework.access.Acl.CurrentAccess)
BwCalendar(org.bedework.calfacade.BwCalendar)
Aggregations
BwCalendar (org.bedework.calfacade.BwCalendar)134
CalFacadeException (org.bedework.calfacade.exc.CalFacadeException)46
EventInfo (org.bedework.calfacade.svc.EventInfo)23
BwEvent (org.bedework.calfacade.BwEvent)19
ArrayList (java.util.ArrayList)18
CalFacadeAccessException (org.bedework.calfacade.exc.CalFacadeAccessException)18
BwPrincipal (org.bedework.calfacade.BwPrincipal)15
TreeSet (java.util.TreeSet)10
CoreEventInfo (org.bedework.calcorei.CoreEventInfo)10
BwCategory (org.bedework.calfacade.BwCategory)10
BwResource (org.bedework.calfacade.BwResource)10
WebdavException (org.bedework.webdav.servlet.shared.WebdavException)9
FilterBase (org.bedework.caldav.util.filter.FilterBase)8
BwPreferences (org.bedework.calfacade.svc.BwPreferences)8
BwEventProxy (org.bedework.calfacade.BwEventProxy)7
CalendarWrapper (org.bedework.calfacade.wrappers.CalendarWrapper)7
CurrentAccess (org.bedework.access.Acl.CurrentAccess)6
CalendarsI (org.bedework.calsvci.CalendarsI)6
Acl (org.bedework.access.Acl)5
BwEventAnnotation (org.bedework.calfacade.BwEventAnnotation)5
