Examples with RepositoryFileAcl org.pentaho.platform.api.repository2.unified.RepositoryFileAcl used on opensource projects

Search in sources :

Example 21 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class ExportManifestTest method testUnMarshal.

@Test
public void testUnMarshal() {
    String xml = XmlToString();
    ExportManifest importManifest = null;
    ByteArrayInputStream input = new ByteArrayInputStream(xml.getBytes());
    try {
        importManifest = ExportManifest.fromXml(input);
    } catch (JAXBException e) {
        fail("Could not un-marshal to object " + e);
    }
    ExportManifestEntity fileEntity = importManifest.getExportManifestEntity("dir2/file1");
    assertNotNull(fileEntity);
    assertEquals("dir2/file1", fileEntity.getPath());
    assertNotNull(fileEntity.getEntityMetaData());
    assertFalse(fileEntity.getEntityMetaData().isIsFolder());
    fileEntity = importManifest.getExportManifestEntity("dir2");
    assertNotNull(fileEntity);
    assertNotNull(fileEntity.getEntityMetaData());
    assertTrue(fileEntity.getEntityMetaData().isIsFolder());
    RepositoryFile r = fileEntity.getRepositoryFile();
    try {
        RepositoryFileAcl rfa = fileEntity.getRepositoryFileAcl();
        assertNotNull(rfa.getAces());
    } catch (ExportManifestFormatException e) {
        e.printStackTrace();
        fail("Could not un-marshal to RepositoryFileAcl");
    }
    assertEquals(1, importManifest.getMetadataList().size());
    assertEquals(1, importManifest.getMondrianList().size());
    assertEquals(1, importManifest.getScheduleList().size());
    assertEquals(1, importManifest.getDatasourceList().size());
    ExportManifestMondrian mondrian1 = importManifest.getMondrianList().get(0);
    assertEquals("cat1", mondrian1.getCatalogName());
    assertTrue(mondrian1.getParameters().containsKey("testKey"));
    assertEquals("testValue", mondrian1.getParameters().get("testKey"));
    assertEquals("testMondrian.xml", mondrian1.getFile());
    ExportManifestMetadata metadata1 = importManifest.getMetadataList().get(0);
    assertEquals("testDomain", metadata1.getDomainId());
    assertEquals("testMetadata.xml", metadata1.getFile());
    DatabaseConnection connection = importManifest.getDatasourceList().get(0);
    assertEquals("SampleData", connection.getDatabaseName());
    assertEquals("9001", connection.getDatabasePort());
    assertEquals("Hypersonic", connection.getDatabaseType().getName());
    assertEquals("HYPERSONIC", connection.getDatabaseType().getShortName());
    assertEquals("localhost", connection.getHostname());
    assertEquals("pentaho_user", connection.getUsername());
    assertEquals("password", connection.getPassword());
    assertEquals(20, connection.getMaximumPoolSize());
}
Also used : ExportManifestMetadata(org.pentaho.platform.plugin.services.importexport.exportManifest.bindings.ExportManifestMetadata) ByteArrayInputStream(java.io.ByteArrayInputStream) JAXBException(javax.xml.bind.JAXBException) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) ExportManifestMondrian(org.pentaho.platform.plugin.services.importexport.exportManifest.bindings.ExportManifestMondrian) DatabaseConnection(org.pentaho.database.model.DatabaseConnection) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Test(org.junit.Test)

Example 22 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class JcrAclNodeHelper method getAclFor.

/**
 * {@inheritDoc}
 */
@Override
public RepositoryFileAcl getAclFor(final RepositoryFile repositoryFile) {
    if (repositoryFile == null) {
        return null;
    }
    // Obtain a reference to ACL node as "system", guaranteed access
    final RepositoryFile aclNode = getAclNode(repositoryFile);
    // Removed redundant call to getAclNode via BISERVER-12780
    if (aclNode == null) {
        return null;
    }
    RepositoryFileAcl acl;
    try {
        acl = unifiedRepository.getAcl(aclNode.getId());
    } catch (Exception e) {
        return null;
    }
    RepositoryFileAcl.Builder aclBuilder = new RepositoryFileAcl.Builder(acl.getId(), acl.getOwner().getName(), RepositoryFileSid.Type.ROLE);
    aclBuilder.aces(acl.getAces());
    // add the Administrator role
    if (canAdminister()) {
        String adminRoleName = PentahoSystem.get(String.class, "singleTenantAdminAuthorityName", PentahoSessionHolder.getSession());
        RepositoryFileAce adminGroup = new RepositoryFileAce(new RepositoryFileSid(adminRoleName, RepositoryFileSid.Type.ROLE), RepositoryFilePermission.ALL);
        aclBuilder.ace(adminGroup);
    }
    return aclBuilder.build();
}
Also used : RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce) RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)

Example 23 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class JcrRepositoryFileAclDao method createAcl.

public RepositoryFileAcl createAcl(final Serializable fileId, final RepositoryFileAcl acl) {
    if (isKioskEnabled()) {
        // $NON-NLS-1$
        throw new RuntimeException(Messages.getInstance().getString("JcrRepositoryFileDao.ERROR_0006_ACCESS_DENIED"));
    }
    return (RepositoryFileAcl) jcrTemplate.execute(new JcrCallback() {

        public Object doInJcr(final Session session) throws RepositoryException, IOException {
            PentahoJcrConstants pentahoJcrConstants = new PentahoJcrConstants(session);
            Node node = session.getNodeByIdentifier(fileId.toString());
            String absPath = node.getPath();
            AccessControlManager acMgr = session.getAccessControlManager();
            AccessControlList acList = getAccessControlList(acMgr, absPath);
            acMgr.setPolicy(absPath, acList);
            return internalUpdateAcl(session, pentahoJcrConstants, fileId, acl);
        }
    });
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) Node(javax.jcr.Node) JcrCallback(org.springframework.extensions.jcr.JcrCallback) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl) Session(javax.jcr.Session)

Example 24 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class JcrRepositoryFileAclDao method addAce.

public void addAce(final Serializable id, final RepositoryFileSid recipient, final EnumSet<RepositoryFilePermission> permission) {
    if (isKioskEnabled()) {
        // $NON-NLS-1$
        throw new RuntimeException(Messages.getInstance().getString("JcrRepositoryFileDao.ERROR_0006_ACCESS_DENIED"));
    }
    Assert.notNull(id);
    Assert.notNull(recipient);
    Assert.notNull(permission);
    RepositoryFileAcl acl = getAcl(id);
    Assert.notNull(acl);
    // TODO mlowery find an ACE with the recipient and update that rather than adding a new ACE
    RepositoryFileSid newRecipient = recipient;
    if (recipient.getType().equals(Type.USER)) {
        if (JcrTenantUtils.getUserNameUtils().getTenant(recipient.getName()) == null) {
            newRecipient = new RepositoryFileSid(JcrTenantUtils.getTenantedUser(recipient.getName()), recipient.getType());
        }
    } else {
        if (JcrTenantUtils.getRoleNameUtils().getTenant(recipient.getName()) == null) {
            newRecipient = new RepositoryFileSid(JcrTenantUtils.getTenantedRole(recipient.getName()), recipient.getType());
        }
    }
    RepositoryFileAcl updatedAcl = new RepositoryFileAcl.Builder(acl).ace(newRecipient, permission).build();
    updateAcl(updatedAcl);
    // $NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
    logger.debug("added ace: id=" + id + ", sid=" + recipient + ", permission=" + permission);
}
Also used : RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid) RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)

Example 25 with RepositoryFileAcl

use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.

the class JcrRepositoryFileAclDao method internalUpdateAcl.

protected RepositoryFileAcl internalUpdateAcl(final Session session, final PentahoJcrConstants pentahoJcrConstants, final Serializable fileId, final RepositoryFileAcl acl) throws RepositoryException {
    if (isKioskEnabled()) {
        // $NON-NLS-1$
        throw new RuntimeException(Messages.getInstance().getString("JcrRepositoryFileDao.ERROR_0006_ACCESS_DENIED"));
    }
    DefaultPermissionConversionHelper permissionConversionHelper = new DefaultPermissionConversionHelper(session);
    Node node = session.getNodeByIdentifier(fileId.toString());
    if (node == null) {
        throw new RepositoryException(Messages.getInstance().getString("JackrabbitRepositoryFileAclDao.ERROR_0001_NODE_NOT_FOUND", // $NON-NLS-1$
        fileId.toString()));
    }
    String absPath = node.getPath();
    AccessControlManager acMgr = session.getAccessControlManager();
    AccessControlList acList = getAccessControlList(acMgr, absPath);
    // clear all entries
    AccessControlEntry[] acEntries = acList.getAccessControlEntries();
    for (int i = 0; i < acEntries.length; i++) {
        acList.removeAccessControlEntry(acEntries[i]);
    }
    JcrRepositoryFileAclUtils.setAclMetadata(session, absPath, acList, new AclMetadata(acl.getOwner().getName(), acl.isEntriesInheriting()));
    // add entries to now empty list but only if not inheriting; force user to start with clean slate
    boolean adminPrincipalExist = false;
    ITenant principalTenant = null;
    if (!acl.isEntriesInheriting()) {
        for (RepositoryFileAce ace : acl.getAces()) {
            Principal principal = null;
            if (RepositoryFileSid.Type.ROLE == ace.getSid().getType()) {
                String principalName = JcrTenantUtils.getRoleNameUtils().getPrincipleName(ace.getSid().getName());
                if (tenantAdminAuthorityName.equals(principalName)) {
                    adminPrincipalExist = true;
                }
                principal = new SpringSecurityRolePrincipal(JcrTenantUtils.getTenantedRole(ace.getSid().getName()));
            } else {
                principal = new SpringSecurityUserPrincipal(JcrTenantUtils.getTenantedUser(ace.getSid().getName()));
            }
            acList.addAccessControlEntry(principal, permissionConversionHelper.pentahoPermissionsToPrivileges(session, ace.getPermissions()));
        }
        if (!adminPrincipalExist) {
            if (acl.getAces() != null && acl.getAces().size() > 0) {
                principalTenant = JcrTenantUtils.getRoleNameUtils().getTenant(acl.getAces().get(0).getSid().getName());
            }
            if (principalTenant == null || principalTenant.getId() == null) {
                principalTenant = JcrTenantUtils.getTenant();
            }
            List<RepositoryFilePermission> permissionList = new ArrayList<RepositoryFilePermission>();
            permissionList.add(RepositoryFilePermission.ALL);
            Principal adminPrincipal = new SpringSecurityRolePrincipal(JcrTenantUtils.getRoleNameUtils().getPrincipleId(principalTenant, tenantAdminAuthorityName));
            acList.addAccessControlEntry(adminPrincipal, permissionConversionHelper.pentahoPermissionsToPrivileges(session, EnumSet.copyOf(permissionList)));
        }
    }
    acMgr.setPolicy(absPath, acList);
    session.save();
    return getAcl(fileId);
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce) Node(javax.jcr.Node) AclMetadata(org.pentaho.platform.repository2.unified.jcr.IAclMetadataStrategy.AclMetadata) ArrayList(java.util.ArrayList) AccessControlEntry(javax.jcr.security.AccessControlEntry) RepositoryException(javax.jcr.RepositoryException) ITenant(org.pentaho.platform.api.mt.ITenant) SpringSecurityRolePrincipal(org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityRolePrincipal) RepositoryFilePermission(org.pentaho.platform.api.repository2.unified.RepositoryFilePermission) SpringSecurityRolePrincipal(org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityRolePrincipal) SpringSecurityUserPrincipal(org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityUserPrincipal) Principal(java.security.Principal) SpringSecurityUserPrincipal(org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityUserPrincipal)

Aggregations

RepositoryFileAcl (org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)99 RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)73 Test (org.junit.Test)50 ITenant (org.pentaho.platform.api.mt.ITenant)25 RepositoryFileSid (org.pentaho.platform.api.repository2.unified.RepositoryFileSid)23 RepositoryFileAce (org.pentaho.platform.api.repository2.unified.RepositoryFileAce)15 Node (javax.jcr.Node)13 Matchers.anyString (org.mockito.Matchers.anyString)13 UnifiedRepositoryException (org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException)13 Serializable (java.io.Serializable)12 Session (javax.jcr.Session)12 JcrCallback (org.springframework.extensions.jcr.JcrCallback)12 ArrayList (java.util.ArrayList)11 RepositoryException (javax.jcr.RepositoryException)10 ByteArrayInputStream (java.io.ByteArrayInputStream)9 IOException (java.io.IOException)9 DataNode (org.pentaho.platform.api.repository2.unified.data.node.DataNode)9 IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)8 RepositoryFilePermission (org.pentaho.platform.api.repository2.unified.RepositoryFilePermission)8 InputStream (java.io.InputStream)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial