Example 1 with IPentahoAclEntry
use of org.pentaho.platform.api.engine.IPentahoAclEntry in project pentaho-platform by pentaho.
the class SpringSecurityPermissionMgr method getEffectivePermissions.
public Map<IPermissionRecipient, IPermissionMask> getEffectivePermissions(Object domainInstance) {
IAclHolder aclHolder = (IAclHolder) domainInstance;
List<IPentahoAclEntry> aclList = aclHolder.getEffectiveAccessControls();
return transformEntries(aclList);
}
Also used :
IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry)
IAclHolder(org.pentaho.platform.api.engine.IAclHolder)
Example 2 with IPentahoAclEntry
use of org.pentaho.platform.api.engine.IPentahoAclEntry in project pentaho-platform by pentaho.
the class SpringSecurityPermissionMgr method setPermissions.
@SuppressWarnings("deprecation")
public void setPermissions(final Map<IPermissionRecipient, IPermissionMask> permissionsMap, final Object object) {
if (object == null || !(object instanceof IAclHolder)) {
// i would argue that the "object" parameter should be IAclHolder!
return;
}
IAclHolder aclHolder = (IAclHolder) object;
Set<Map.Entry<IPermissionRecipient, IPermissionMask>> mapEntrySet = permissionsMap.entrySet();
ArrayList<IPentahoAclEntry> aclList = new ArrayList<IPentahoAclEntry>();
for (Entry<IPermissionRecipient, IPermissionMask> mapEntry : mapEntrySet) {
PentahoAclEntry pentahoAclEntry = new PentahoAclEntry();
IPermissionRecipient permissionRecipient = mapEntry.getKey();
if (permissionRecipient instanceof SimpleRole) {
pentahoAclEntry.setRecipient(new SimpleGrantedAuthority(permissionRecipient.getName()));
} else {
pentahoAclEntry.setRecipient(permissionRecipient.getName());
}
pentahoAclEntry.addPermission(mapEntry.getValue().getMask());
aclList.add(pentahoAclEntry);
}
// HibernateUtil.beginTransaction(); - This is now handled in the RepositoryFile
aclHolder.resetAccessControls(aclList);
// HibernateUtil.commitTransaction(); - This is covered by the exitPoint
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
PentahoAclEntry(org.pentaho.platform.engine.security.acls.PentahoAclEntry)
Entry(java.util.Map.Entry)
IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry)
IPermissionRecipient(org.pentaho.platform.api.engine.IPermissionRecipient)
ArrayList(java.util.ArrayList)
IPermissionMask(org.pentaho.platform.api.engine.IPermissionMask)
IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry)
PentahoAclEntry(org.pentaho.platform.engine.security.acls.PentahoAclEntry)
IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry)
IAclHolder(org.pentaho.platform.api.engine.IAclHolder)
Example 3 with IPentahoAclEntry
use of org.pentaho.platform.api.engine.IPentahoAclEntry in project pentaho-platform by pentaho.
the class AccessVoterToLegacyAcl method convert.
private LegacyRepositoryFile convert(RepositoryFile file, RepositoryFileAcl acl) {
LegacyRepositoryFile legacy = new LegacyRepositoryFile(file.getName(), file.getPath(), file.isFolder());
legacy.setId(file.getId());
if (file.getLastModifiedDate() != null) {
legacy.setLastModified(file.getLastModifiedDate().getTime());
}
List<IPentahoAclEntry> legacyAcls = new ArrayList<IPentahoAclEntry>();
for (RepositoryFileAce fileAce : acl.getAces()) {
if (fileAce != null && fileAce.getSid() != null && fileAce.getPermissions() != null) {
for (RepositoryFilePermission filePermission : fileAce.getPermissions()) {
PentahoAclEntry fileAcl = new PentahoAclEntry();
if (RepositoryFileSid.Type.USER == fileAce.getSid().getType()) {
// user
fileAcl.setRecipient(fileAce.getSid().getName());
} else {
// role
fileAcl.setRecipient(new SimpleGrantedAuthority(fileAce.getSid().getName()));
}
fileAcl.setMask(mask(filePermission));
legacyAcls.add(fileAcl);
}
}
}
legacy.setAccessControls(legacyAcls);
return legacy;
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce)
ArrayList(java.util.ArrayList)
RepositoryFilePermission(org.pentaho.platform.api.repository2.unified.RepositoryFilePermission)
IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry)
PentahoAclEntry(org.pentaho.platform.engine.security.acls.PentahoAclEntry)
IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry)
Example 4 with IPentahoAclEntry
use of org.pentaho.platform.api.engine.IPentahoAclEntry in project pentaho-platform by pentaho.
the class PentahoBasicAclVoter method getEffectiveAcl.
public PentahoAclEntry getEffectiveAcl(final IPentahoSession session, final IAclHolder holder) {
// First, get all the ACLs on the object that apply to the user.
IAclEntry[] effectiveAcls = getEffectiveAcls(session, holder);
PentahoAclEntry entry = new PentahoAclEntry();
entry.setMask(IPentahoAclEntry.PERM_NOTHING);
// indicates their access.
if ((effectiveAcls != null) && (effectiveAcls.length > 0)) {
int[] allAcls = new int[effectiveAcls.length];
for (int i = 0; i < effectiveAcls.length; i++) {
allAcls[i] = ((IPentahoAclEntry) effectiveAcls[i]).getMask();
}
entry.addPermissions(allAcls);
return entry;
} else {
return entry;
}
}
Also used :
IAclEntry(org.pentaho.platform.api.engine.IAclEntry)
IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry)
PentahoAclEntry(org.pentaho.platform.engine.security.acls.PentahoAclEntry)
Example 5 with IPentahoAclEntry
use of org.pentaho.platform.api.engine.IPentahoAclEntry in project pentaho-platform by pentaho.
the class SpringSecurityPermissionMgr method transformEntries.
/**
* Converts from List<IPentahoAclEntry> to Map<IPermissionRecipient, IPermissionMask>.
*/
@SuppressWarnings("deprecation")
protected Map<IPermissionRecipient, IPermissionMask> transformEntries(List<IPentahoAclEntry> entriesFromHolder) {
Map<IPermissionRecipient, IPermissionMask> permissionsMap = new LinkedHashMap<IPermissionRecipient, IPermissionMask>();
for (IPentahoAclEntry pentahoAclEntry : entriesFromHolder) {
IPermissionRecipient permissionRecipient = null;
if (pentahoAclEntry.getRecipient() instanceof SimpleGrantedAuthority) {
SimpleGrantedAuthority grantedAuthorityImpl = (SimpleGrantedAuthority) pentahoAclEntry.getRecipient();
permissionRecipient = new SimpleRole(grantedAuthorityImpl.toString());
} else if (pentahoAclEntry.getRecipient() instanceof SimpleRole) {
permissionRecipient = new SimpleRole((String) pentahoAclEntry.getRecipient());
} else {
permissionRecipient = new SimpleUser((String) pentahoAclEntry.getRecipient());
}
IPermissionMask permissionMask = new SimplePermissionMask(pentahoAclEntry.getMask());
permissionsMap.put(permissionRecipient, permissionMask);
}
return permissionsMap;
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
IPermissionRecipient(org.pentaho.platform.api.engine.IPermissionRecipient)
IPermissionMask(org.pentaho.platform.api.engine.IPermissionMask)
IPentahoAclEntry(org.pentaho.platform.api.engine.IPentahoAclEntry)
LinkedHashMap(java.util.LinkedHashMap)
Aggregations
IPentahoAclEntry (org.pentaho.platform.api.engine.IPentahoAclEntry)7
PentahoAclEntry (org.pentaho.platform.engine.security.acls.PentahoAclEntry)4
IAclHolder (org.pentaho.platform.api.engine.IAclHolder)3
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)3
ArrayList (java.util.ArrayList)2
IPermissionMask (org.pentaho.platform.api.engine.IPermissionMask)2
IPermissionRecipient (org.pentaho.platform.api.engine.IPermissionRecipient)2
LinkedHashMap (java.util.LinkedHashMap)1
Entry (java.util.Map.Entry)1
IAclEntry (org.pentaho.platform.api.engine.IAclEntry)1
RepositoryFileAce (org.pentaho.platform.api.repository2.unified.RepositoryFileAce)1
RepositoryFilePermission (org.pentaho.platform.api.repository2.unified.RepositoryFilePermission)1
