Search in sources :

Example 1 with IPentahoAclEntry

use of org.pentaho.platform.api.engine.IPentahoAclEntry in project pentaho-platform by pentaho.

the class SpringSecurityPermissionMgr method getEffectivePermissions.

public Map<IPermissionRecipient, IPermissionMask> getEffectivePermissions(Object domainInstance) {
    IAclHolder aclHolder = (IAclHolder) domainInstance;
    List<IPentahoAclEntry> aclList = aclHolder.getEffectiveAccessControls();
    return transformEntries(aclList);
}
Also used : IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry) IAclHolder(org.pentaho.platform.api.engine.IAclHolder)

Example 2 with IPentahoAclEntry

use of org.pentaho.platform.api.engine.IPentahoAclEntry in project pentaho-platform by pentaho.

the class SpringSecurityPermissionMgr method setPermissions.

@SuppressWarnings("deprecation")
public void setPermissions(final Map<IPermissionRecipient, IPermissionMask> permissionsMap, final Object object) {
    if (object == null || !(object instanceof IAclHolder)) {
        // i would argue that the "object" parameter should be IAclHolder!
        return;
    }
    IAclHolder aclHolder = (IAclHolder) object;
    Set<Map.Entry<IPermissionRecipient, IPermissionMask>> mapEntrySet = permissionsMap.entrySet();
    ArrayList<IPentahoAclEntry> aclList = new ArrayList<IPentahoAclEntry>();
    for (Entry<IPermissionRecipient, IPermissionMask> mapEntry : mapEntrySet) {
        PentahoAclEntry pentahoAclEntry = new PentahoAclEntry();
        IPermissionRecipient permissionRecipient = mapEntry.getKey();
        if (permissionRecipient instanceof SimpleRole) {
            pentahoAclEntry.setRecipient(new SimpleGrantedAuthority(permissionRecipient.getName()));
        } else {
            pentahoAclEntry.setRecipient(permissionRecipient.getName());
        }
        pentahoAclEntry.addPermission(mapEntry.getValue().getMask());
        aclList.add(pentahoAclEntry);
    }
    // HibernateUtil.beginTransaction(); - This is now handled in the RepositoryFile
    aclHolder.resetAccessControls(aclList);
// HibernateUtil.commitTransaction(); - This is covered by the exitPoint
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) PentahoAclEntry(org.pentaho.platform.engine.security.acls.PentahoAclEntry) Entry(java.util.Map.Entry) IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry) IPermissionRecipient(org.pentaho.platform.api.engine.IPermissionRecipient) ArrayList(java.util.ArrayList) IPermissionMask(org.pentaho.platform.api.engine.IPermissionMask) IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry) PentahoAclEntry(org.pentaho.platform.engine.security.acls.PentahoAclEntry) IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry) IAclHolder(org.pentaho.platform.api.engine.IAclHolder)

Example 3 with IPentahoAclEntry

use of org.pentaho.platform.api.engine.IPentahoAclEntry in project pentaho-platform by pentaho.

the class AccessVoterToLegacyAcl method convert.

private LegacyRepositoryFile convert(RepositoryFile file, RepositoryFileAcl acl) {
    LegacyRepositoryFile legacy = new LegacyRepositoryFile(file.getName(), file.getPath(), file.isFolder());
    legacy.setId(file.getId());
    if (file.getLastModifiedDate() != null) {
        legacy.setLastModified(file.getLastModifiedDate().getTime());
    }
    List<IPentahoAclEntry> legacyAcls = new ArrayList<IPentahoAclEntry>();
    for (RepositoryFileAce fileAce : acl.getAces()) {
        if (fileAce != null && fileAce.getSid() != null && fileAce.getPermissions() != null) {
            for (RepositoryFilePermission filePermission : fileAce.getPermissions()) {
                PentahoAclEntry fileAcl = new PentahoAclEntry();
                if (RepositoryFileSid.Type.USER == fileAce.getSid().getType()) {
                    // user
                    fileAcl.setRecipient(fileAce.getSid().getName());
                } else {
                    // role
                    fileAcl.setRecipient(new SimpleGrantedAuthority(fileAce.getSid().getName()));
                }
                fileAcl.setMask(mask(filePermission));
                legacyAcls.add(fileAcl);
            }
        }
    }
    legacy.setAccessControls(legacyAcls);
    return legacy;
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce) ArrayList(java.util.ArrayList) RepositoryFilePermission(org.pentaho.platform.api.repository2.unified.RepositoryFilePermission) IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry) PentahoAclEntry(org.pentaho.platform.engine.security.acls.PentahoAclEntry) IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry)

Example 4 with IPentahoAclEntry

use of org.pentaho.platform.api.engine.IPentahoAclEntry in project pentaho-platform by pentaho.

the class PentahoBasicAclVoter method getEffectiveAcl.

public PentahoAclEntry getEffectiveAcl(final IPentahoSession session, final IAclHolder holder) {
    // First, get all the ACLs on the object that apply to the user.
    IAclEntry[] effectiveAcls = getEffectiveAcls(session, holder);
    PentahoAclEntry entry = new PentahoAclEntry();
    entry.setMask(IPentahoAclEntry.PERM_NOTHING);
    // indicates their access.
    if ((effectiveAcls != null) && (effectiveAcls.length > 0)) {
        int[] allAcls = new int[effectiveAcls.length];
        for (int i = 0; i < effectiveAcls.length; i++) {
            allAcls[i] = ((IPentahoAclEntry) effectiveAcls[i]).getMask();
        }
        entry.addPermissions(allAcls);
        return entry;
    } else {
        return entry;
    }
}
Also used : IAclEntry(org.pentaho.platform.api.engine.IAclEntry) IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry) PentahoAclEntry(org.pentaho.platform.engine.security.acls.PentahoAclEntry)

Example 5 with IPentahoAclEntry

use of org.pentaho.platform.api.engine.IPentahoAclEntry in project pentaho-platform by pentaho.

the class SpringSecurityPermissionMgr method transformEntries.

/**
 * Converts from List&lt;IPentahoAclEntry&gt; to Map&lt;IPermissionRecipient, IPermissionMask&gt;.
 */
@SuppressWarnings("deprecation")
protected Map<IPermissionRecipient, IPermissionMask> transformEntries(List<IPentahoAclEntry> entriesFromHolder) {
    Map<IPermissionRecipient, IPermissionMask> permissionsMap = new LinkedHashMap<IPermissionRecipient, IPermissionMask>();
    for (IPentahoAclEntry pentahoAclEntry : entriesFromHolder) {
        IPermissionRecipient permissionRecipient = null;
        if (pentahoAclEntry.getRecipient() instanceof SimpleGrantedAuthority) {
            SimpleGrantedAuthority grantedAuthorityImpl = (SimpleGrantedAuthority) pentahoAclEntry.getRecipient();
            permissionRecipient = new SimpleRole(grantedAuthorityImpl.toString());
        } else if (pentahoAclEntry.getRecipient() instanceof SimpleRole) {
            permissionRecipient = new SimpleRole((String) pentahoAclEntry.getRecipient());
        } else {
            permissionRecipient = new SimpleUser((String) pentahoAclEntry.getRecipient());
        }
        IPermissionMask permissionMask = new SimplePermissionMask(pentahoAclEntry.getMask());
        permissionsMap.put(permissionRecipient, permissionMask);
    }
    return permissionsMap;
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) IPermissionRecipient(org.pentaho.platform.api.engine.IPermissionRecipient) IPermissionMask(org.pentaho.platform.api.engine.IPermissionMask) IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry) LinkedHashMap(java.util.LinkedHashMap)

Aggregations

IPentahoAclEntry (org.pentaho.platform.api.engine.IPentahoAclEntry)7 PentahoAclEntry (org.pentaho.platform.engine.security.acls.PentahoAclEntry)4 IAclHolder (org.pentaho.platform.api.engine.IAclHolder)3 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)3 ArrayList (java.util.ArrayList)2 IPermissionMask (org.pentaho.platform.api.engine.IPermissionMask)2 IPermissionRecipient (org.pentaho.platform.api.engine.IPermissionRecipient)2 LinkedHashMap (java.util.LinkedHashMap)1 Entry (java.util.Map.Entry)1 IAclEntry (org.pentaho.platform.api.engine.IAclEntry)1 RepositoryFileAce (org.pentaho.platform.api.repository2.unified.RepositoryFileAce)1 RepositoryFilePermission (org.pentaho.platform.api.repository2.unified.RepositoryFilePermission)1