Example 1 with I_CmsPrincipal
use of org.opencms.security.I_CmsPrincipal in project opencms-core by alkacon.
the class CmsDriverManager method readResponsiblePrincipals.
/**
* Returns the set of users that are responsible for a specific resource.<p>
*
* @param dbc the current database context
* @param resource the resource to get the responsible users from
*
* @return the set of users that are responsible for a specific resource
*
* @throws CmsException if something goes wrong
*/
public Set<I_CmsPrincipal> readResponsiblePrincipals(CmsDbContext dbc, CmsResource resource) throws CmsException {
Set<I_CmsPrincipal> result = new HashSet<I_CmsPrincipal>();
Iterator<CmsAccessControlEntry> aces = getAccessControlEntries(dbc, resource, true).iterator();
while (aces.hasNext()) {
CmsAccessControlEntry ace = aces.next();
if (ace.isResponsible()) {
I_CmsPrincipal p = lookupPrincipal(dbc, ace.getPrincipal());
if (p != null) {
result.add(p);
}
}
}
return result;
}
Also used :
I_CmsPrincipal(org.opencms.security.I_CmsPrincipal)
CmsAccessControlEntry(org.opencms.security.CmsAccessControlEntry)
HashSet(java.util.HashSet)
Example 2 with I_CmsPrincipal
use of org.opencms.security.I_CmsPrincipal in project opencms-core by alkacon.
the class CmsDriverManager method readResponsibleUsers.
/**
* Returns the set of users that are responsible for a specific resource.<p>
*
* @param dbc the current database context
* @param resource the resource to get the responsible users from
*
* @return the set of users that are responsible for a specific resource
*
* @throws CmsException if something goes wrong
*/
public Set<CmsUser> readResponsibleUsers(CmsDbContext dbc, CmsResource resource) throws CmsException {
Set<CmsUser> result = new HashSet<CmsUser>();
Iterator<I_CmsPrincipal> principals = readResponsiblePrincipals(dbc, resource).iterator();
while (principals.hasNext()) {
I_CmsPrincipal principal = principals.next();
if (principal.isGroup()) {
try {
result.addAll(getUsersOfGroup(dbc, principal.getName(), true, false, false));
} catch (CmsException e) {
if (LOG.isInfoEnabled()) {
LOG.info(e.getLocalizedMessage(), e);
}
}
} else {
result.add((CmsUser) principal);
}
}
return result;
}
Also used :
I_CmsPrincipal(org.opencms.security.I_CmsPrincipal)
CmsException(org.opencms.main.CmsException)
CmsUser(org.opencms.file.CmsUser)
HashSet(java.util.HashSet)
Example 3 with I_CmsPrincipal
use of org.opencms.security.I_CmsPrincipal in project opencms-core by alkacon.
the class CmsSecurityManager method lookupPrincipal.
/**
* Lookup and read the user or group with the given UUID.<p>
*
* @param context the current request context
* @param principalId the UUID of the principal to lookup
*
* @return the principal (group or user) if found, otherwise <code>null</code>
*/
public I_CmsPrincipal lookupPrincipal(CmsRequestContext context, CmsUUID principalId) {
CmsDbContext dbc = m_dbContextFactory.getDbContext(context);
I_CmsPrincipal result = null;
try {
result = m_driverManager.lookupPrincipal(dbc, principalId);
} finally {
dbc.clear();
}
return result;
}
Also used :
I_CmsPrincipal(org.opencms.security.I_CmsPrincipal)
Example 4 with I_CmsPrincipal
use of org.opencms.security.I_CmsPrincipal in project opencms-core by alkacon.
the class CmsSecurityManager method lookupPrincipal.
/**
* Lookup and read the user or group with the given name.<p>
*
* @param context the current request context
* @param principalName the name of the principal to lookup
*
* @return the principal (group or user) if found, otherwise <code>null</code>
*/
public I_CmsPrincipal lookupPrincipal(CmsRequestContext context, String principalName) {
CmsDbContext dbc = m_dbContextFactory.getDbContext(context);
I_CmsPrincipal result = null;
try {
result = m_driverManager.lookupPrincipal(dbc, CmsOrganizationalUnit.removeLeadingSeparator(principalName));
} finally {
dbc.clear();
}
return result;
}
Also used :
I_CmsPrincipal(org.opencms.security.I_CmsPrincipal)
Example 5 with I_CmsPrincipal
use of org.opencms.security.I_CmsPrincipal in project opencms-core by alkacon.
the class CmsDefaultXmlContentHandler method resolveMapping.
/**
* Helper method which does most of the mapping resolution work.<p>
*
* @param cms the CMS context to use
* @param content the content object
* @param valuePath the xpath of the value
* @param valueIsSimple true if this is a simple value
* @param valueIndex the index of the value
* @param valueLocale the locale of the value
* @param originalStringValue the value as a string
*
* @throws CmsException if something goes wrong
*/
private void resolveMapping(CmsObject cms, CmsXmlContent content, String valuePath, boolean valueIsSimple, int valueIndex, Locale valueLocale, String originalStringValue) throws CmsException {
CmsObject rootCms = createRootCms(cms);
// get the original VFS file from the content
CmsFile file = content.getFile();
if (!valueIsSimple) {
// it's just the nested schema value itself that does not support mapping
return;
}
List<String> mappings = getMappings(valuePath);
if (mappings.size() == 0) {
// nothing to do if we have no mappings at all
return;
}
// create OpenCms user context initialized with "/" as site root to read all siblings
// read all siblings of the file
List<CmsResource> siblings = rootCms.readSiblings(content.getFile().getRootPath(), CmsResourceFilter.IGNORE_EXPIRATION);
Set<CmsResource> urlNameMappingResources = new HashSet<CmsResource>();
boolean mapToUrlName = false;
urlNameMappingResources.add(content.getFile());
// since 7.0.2 multiple mappings are possible
// get the string value of the current node
CmsGalleryNameMacroResolver resolver = new CmsGalleryNameMacroResolver(rootCms, content, valueLocale);
resolver.setKeepEmptyMacros(true);
String stringValue = resolver.resolveMacros(originalStringValue);
CmsMappingResolutionContext mappingContext = (CmsMappingResolutionContext) (cms.getRequestContext().getAttribute(ATTR_MAPPING_RESOLUTION_CONTEXT));
for (String mapping : mappings) {
if (CmsStringUtil.isNotEmpty(mapping)) {
// logic in this method.
if (mapping.startsWith(MAPTO_ATTRIBUTE)) {
// this is an attribute mapping
String attribute = mapping.substring(MAPTO_ATTRIBUTE.length());
switch(ATTRIBUTES.indexOf(attribute)) {
case // date released
0:
long date = 0;
try {
date = Long.valueOf(stringValue).longValue();
} catch (NumberFormatException e) {
// ignore, value can be a macro
}
if (date == 0) {
date = CmsResource.DATE_RELEASED_DEFAULT;
}
mappingContext.putReleaseDate(valueLocale, date);
break;
case // date expired
1:
date = 0;
try {
date = Long.valueOf(stringValue).longValue();
} catch (NumberFormatException e) {
// ignore, value can be a macro
}
if (date == 0) {
date = CmsResource.DATE_EXPIRED_DEFAULT;
}
mappingContext.putExpirationDate(valueLocale, date);
break;
default:
}
// skip to next mapping
continue;
}
// b) only the "right" locale is mapped to a sibling
for (int i = (siblings.size() - 1); i >= 0; i--) {
// get filename
String filename = (siblings.get(i)).getRootPath();
if (mapping.startsWith(MAPTO_URLNAME)) {
// should be written regardless of whether there is a sibling with the correct locale
mapToUrlName = true;
}
Locale locale = OpenCms.getLocaleManager().getDefaultLocale(rootCms, filename);
if (!locale.equals(valueLocale)) {
// only map property if the locale fits
continue;
}
// make sure the file is locked
CmsLock lock = rootCms.getLock(filename);
if (lock.isUnlocked()) {
rootCms.lockResource(filename);
} else if (!lock.isDirectlyOwnedInProjectBy(rootCms)) {
rootCms.changeLock(filename);
}
if (mapping.startsWith(MAPTO_PERMISSION) && (valueIndex == 0)) {
// map value to a permission
// example of a mapping: mapto="permission:GROUP:+r+v|GROUP.ALL_OTHERS:|GROUP.Projectmanagers:+r+v+w+c"
// get permission(s) to set
String permissionMappings = mapping.substring(MAPTO_PERMISSION.length());
String mainMapping = permissionMappings;
Map<String, String> permissionsToSet = new HashMap<String, String>();
// separate permission to set for element value from other permissions to set
int sepIndex = permissionMappings.indexOf('|');
if (sepIndex != -1) {
mainMapping = permissionMappings.substring(0, sepIndex);
permissionMappings = permissionMappings.substring(sepIndex + 1);
permissionsToSet = CmsStringUtil.splitAsMap(permissionMappings, "|", ":");
}
// determine principal type and permission string to set
String principalType = I_CmsPrincipal.PRINCIPAL_GROUP;
String permissionString = mainMapping;
sepIndex = mainMapping.indexOf(':');
if (sepIndex != -1) {
principalType = mainMapping.substring(0, sepIndex);
permissionString = mainMapping.substring(sepIndex + 1);
}
if (permissionString.toLowerCase().indexOf('o') == -1) {
permissionString += "+o";
}
// remove all existing permissions from the file
List<CmsAccessControlEntry> aces = rootCms.getAccessControlEntries(filename, false);
for (Iterator<CmsAccessControlEntry> j = aces.iterator(); j.hasNext(); ) {
CmsAccessControlEntry ace = j.next();
if (ace.getPrincipal().equals(CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_ID)) {
// remove the entry "All others", which has to be treated in a special way
rootCms.rmacc(filename, CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_NAME, CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_ID.toString());
} else {
// this is a group or user principal
I_CmsPrincipal principal = CmsPrincipal.readPrincipal(rootCms, ace.getPrincipal());
if (principal.isGroup()) {
rootCms.rmacc(filename, I_CmsPrincipal.PRINCIPAL_GROUP, principal.getName());
} else if (principal.isUser()) {
rootCms.rmacc(filename, I_CmsPrincipal.PRINCIPAL_USER, principal.getName());
}
}
}
// set additional permissions that are defined in mapping
for (Iterator<Map.Entry<String, String>> j = permissionsToSet.entrySet().iterator(); j.hasNext(); ) {
Map.Entry<String, String> entry = j.next();
sepIndex = entry.getKey().indexOf('.');
if (sepIndex != -1) {
String type = entry.getKey().substring(0, sepIndex);
String name = entry.getKey().substring(sepIndex + 1);
String permissions = entry.getValue();
if (permissions.toLowerCase().indexOf('o') == -1) {
permissions += "+o";
}
try {
rootCms.chacc(filename, type, name, permissions);
} catch (CmsException e) {
// setting permission did not work
LOG.error(e.getLocalizedMessage(), e);
}
}
}
// set permission(s) using the element value(s)
// the set with all selected principals
TreeSet<String> allPrincipals = new TreeSet<String>();
String path = CmsXmlUtils.removeXpathIndex(valuePath);
List<I_CmsXmlContentValue> values = content.getValues(path, valueLocale);
Iterator<I_CmsXmlContentValue> j = values.iterator();
while (j.hasNext()) {
I_CmsXmlContentValue val = j.next();
String principalName = val.getStringValue(rootCms);
// the prinicipal name can be a principal list
List<String> principalNames = CmsStringUtil.splitAsList(principalName, PRINCIPAL_LIST_SEPARATOR);
// iterate over the principals
Iterator<String> iterPrincipals = principalNames.iterator();
while (iterPrincipals.hasNext()) {
// get the next principal
String principal = iterPrincipals.next();
allPrincipals.add(principal);
}
}
// iterate over the set with all principals and set the permissions
Iterator<String> iterAllPricinipals = allPrincipals.iterator();
while (iterAllPricinipals.hasNext()) {
// get the next principal
String principal = iterAllPricinipals.next();
rootCms.chacc(filename, principalType, principal, permissionString);
}
// special case: permissions are written only to one sibling, end loop
i = 0;
} else if (mapping.startsWith(MAPTO_PROPERTY_LIST) && (valueIndex == 0)) {
boolean mapToShared;
int prefixLength;
// check which mapping is used (shared or individual)
if (mapping.startsWith(MAPTO_PROPERTY_LIST_SHARED)) {
mapToShared = true;
prefixLength = MAPTO_PROPERTY_LIST_SHARED.length();
} else if (mapping.startsWith(MAPTO_PROPERTY_LIST_INDIVIDUAL)) {
mapToShared = false;
prefixLength = MAPTO_PROPERTY_LIST_INDIVIDUAL.length();
} else {
mapToShared = false;
prefixLength = MAPTO_PROPERTY_LIST.length();
}
// this is a property list mapping
String property = mapping.substring(prefixLength);
String path = CmsXmlUtils.removeXpathIndex(valuePath);
List<I_CmsXmlContentValue> values = content.getValues(path, valueLocale);
Iterator<I_CmsXmlContentValue> j = values.iterator();
StringBuffer result = new StringBuffer(values.size() * 64);
while (j.hasNext()) {
I_CmsXmlContentValue val = j.next();
result.append(val.getStringValue(rootCms));
if (j.hasNext()) {
result.append(CmsProperty.VALUE_LIST_DELIMITER);
}
}
CmsProperty p;
if (mapToShared) {
// map to shared value
p = new CmsProperty(property, null, result.toString());
} else {
// map to individual value
p = new CmsProperty(property, result.toString(), null);
}
// write the created list string value in the selected property
rootCms.writePropertyObject(filename, p);
if (mapToShared) {
// special case: shared mappings must be written only to one sibling, end loop
i = 0;
}
} else if (mapping.startsWith(MAPTO_PROPERTY)) {
boolean mapToShared;
int prefixLength;
// check which mapping is used (shared or individual)
if (mapping.startsWith(MAPTO_PROPERTY_SHARED)) {
mapToShared = true;
prefixLength = MAPTO_PROPERTY_SHARED.length();
} else if (mapping.startsWith(MAPTO_PROPERTY_INDIVIDUAL)) {
mapToShared = false;
prefixLength = MAPTO_PROPERTY_INDIVIDUAL.length();
} else {
mapToShared = false;
prefixLength = MAPTO_PROPERTY.length();
}
// this is a property mapping
String property = mapping.substring(prefixLength);
CmsProperty p;
if (mapToShared) {
// map to shared value
p = new CmsProperty(property, null, stringValue);
} else {
// map to individual value
p = new CmsProperty(property, stringValue, null);
}
// just store the string value in the selected property
rootCms.writePropertyObject(filename, p);
if (mapToShared) {
// special case: shared mappings must be written only to one sibling, end loop
i = 0;
}
} else if (mapping.startsWith(MAPTO_URLNAME)) {
// we write the actual mappings later
urlNameMappingResources.add(siblings.get(i));
}
}
}
}
if (mapToUrlName) {
for (CmsResource resourceForUrlNameMapping : urlNameMappingResources) {
if (!CmsResource.isTemporaryFileName(resourceForUrlNameMapping.getRootPath())) {
String mappedName = stringValue;
if (!CmsStringUtil.isEmptyOrWhitespaceOnly(mappedName)) {
mappedName = mappedName.trim();
mappingContext.addUrlNameMapping(mappedName, valueLocale, resourceForUrlNameMapping.getStructureId());
}
}
}
}
// make sure the original is locked
CmsLock lock = rootCms.getLock(file);
if (lock.isUnlocked()) {
rootCms.lockResource(file.getRootPath());
} else if (!lock.isExclusiveOwnedBy(rootCms.getRequestContext().getCurrentUser())) {
rootCms.changeLock(file.getRootPath());
}
}
Also used :
Locale(java.util.Locale)
LinkedHashMap(java.util.LinkedHashMap)
HashMap(java.util.HashMap)
CmsLock(org.opencms.lock.CmsLock)
I_CmsPrincipal(org.opencms.security.I_CmsPrincipal)
Entry(org.opencms.xml.content.CmsGeoMappingConfiguration.Entry)
CmsAccessControlEntry(org.opencms.security.CmsAccessControlEntry)
CmsLogEntry(org.opencms.db.log.CmsLogEntry)
CmsObject(org.opencms.file.CmsObject)
TreeSet(java.util.TreeSet)
Iterator(java.util.Iterator)
CmsProperty(org.opencms.file.CmsProperty)
ArrayList(java.util.ArrayList)
List(java.util.List)
LinkedHashSet(java.util.LinkedHashSet)
HashSet(java.util.HashSet)
I_CmsXmlContentValue(org.opencms.xml.types.I_CmsXmlContentValue)
CmsAccessControlEntry(org.opencms.security.CmsAccessControlEntry)
CmsFile(org.opencms.file.CmsFile)
CmsResource(org.opencms.file.CmsResource)
CmsGalleryNameMacroResolver(org.opencms.search.galleries.CmsGalleryNameMacroResolver)
CmsException(org.opencms.main.CmsException)
Map(java.util.Map)
LinkedHashMap(java.util.LinkedHashMap)
HashMap(java.util.HashMap)
Aggregations
I_CmsPrincipal (org.opencms.security.I_CmsPrincipal)22
CmsAccessControlEntry (org.opencms.security.CmsAccessControlEntry)13
CmsException (org.opencms.main.CmsException)11
CmsRole (org.opencms.security.CmsRole)8
CmsResource (org.opencms.file.CmsResource)7
ArrayList (java.util.ArrayList)6
HashMap (java.util.HashMap)5
CmsDbEntryNotFoundException (org.opencms.db.CmsDbEntryNotFoundException)5
CmsObject (org.opencms.file.CmsObject)5
Map (java.util.Map)4
HashSet (java.util.HashSet)3
CmsGroup (org.opencms.file.CmsGroup)3
CmsUUID (org.opencms.util.CmsUUID)3
Iterator (java.util.Iterator)2
LinkedHashMap (java.util.LinkedHashMap)2
List (java.util.List)2
Locale (java.util.Locale)2
CmsLogEntry (org.opencms.db.log.CmsLogEntry)2
CmsProperty (org.opencms.file.CmsProperty)2
CmsUser (org.opencms.file.CmsUser)2
