Example 41 with RepositoryFileAcl
use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.
the class RepositoryTenantManager method createTenant.
/*
* (non-Javadoc)
*
* @see org.pentaho.platform.api.repository2.unified.ITenantManager#createTenant(java.lang.String,
* java.lang.String)
*/
@Override
public ITenant createTenant(final ITenant parentTenant, final String tenantName, final String tenantAdminRoleName, final String authenticatedRoleName, final String anonymousRoleName) {
Tenant newTenant;
String parentTenantFolder;
if (parentTenant == null) {
if (repositoryFileDao.getFileByAbsolutePath("/" + tenantName) != null) {
return null;
}
} else {
if (repositoryFileDao.getFileByAbsolutePath(parentTenant.getRootFolderAbsolutePath() + "/" + tenantName) != null) {
return null;
}
}
if (parentTenant == null) {
newTenant = new Tenant(RepositoryFile.SEPARATOR + tenantName, true);
parentTenantFolder = "/";
} else {
newTenant = new Tenant(parentTenant.getRootFolderAbsolutePath() + RepositoryFile.SEPARATOR + tenantName, true);
parentTenantFolder = parentTenant.getRootFolderAbsolutePath();
}
String tenantCreatorId = PentahoSessionHolder.getSession().getName();
RepositoryFile tenantRootFolder = createTenantFolder(parentTenant, tenantName, tenantCreatorId);
userRoleDao.createRole(newTenant, tenantAdminRoleName, "", new String[0]);
userRoleDao.createRole(newTenant, authenticatedRoleName, "", new String[0]);
userRoleDao.createRole(newTenant, anonymousRoleName, "", new String[0]);
roleBindingDao.setRoleBindings(newTenant, authenticatedRoleName, singleTenantAuthenticatedAuthorityRoleBindingList);
String tenantAdminRoleId = tenantedRoleNameResolver.getPrincipleId(newTenant, tenantAdminRoleName);
RepositoryFileSid tenantAdminRoleSid = new RepositoryFileSid(tenantAdminRoleId, Type.ROLE);
this.jcrTemplate.save();
// tenant admin permissions on the root folder.
if (parentTenant == null) {
repositoryFileAclDao.addAce(tenantRootFolder.getId(), tenantAdminRoleSid, EnumSet.of(RepositoryFilePermission.ALL));
} else {
RepositoryFileAcl acl = repositoryFileAclDao.getAcl(tenantRootFolder.getId());
Builder aclBuilder = new RepositoryFileAcl.Builder(acl).ace(tenantAdminRoleSid, EnumSet.of(RepositoryFilePermission.ALL));
IPentahoSession origPentahoSession = PentahoSessionHolder.getSession();
Authentication origAuthentication = SecurityContextHolder.getContext().getAuthentication();
login(repositoryAdminUsername, tenantAdminRoleId);
try {
// Give all to Tenant Admin of all ancestors
while (!parentTenantFolder.equals("/")) {
ITenant tenant = new Tenant(parentTenantFolder, true);
String parentTenantAdminRoleId = tenantedRoleNameResolver.getPrincipleId(tenant, tenantAdminRoleName);
RepositoryFileSid parentTenantAdminSid = new RepositoryFileSid(parentTenantAdminRoleId, Type.ROLE);
aclBuilder.ace(parentTenantAdminSid, EnumSet.of(RepositoryFilePermission.ALL));
parentTenantFolder = FilenameUtils.getFullPathNoEndSeparator(parentTenantFolder);
}
repositoryFileAclDao.updateAcl(aclBuilder.build());
} catch (Throwable th) {
th.printStackTrace();
} finally {
PentahoSessionHolder.setSession(origPentahoSession);
SecurityContextHolder.getContext().setAuthentication(origAuthentication);
}
}
try {
RepositoryFileSid fileOwnerSid = new RepositoryFileSid(tenantCreatorId);
createInitialTenantFolders(newTenant, tenantRootFolder, fileOwnerSid);
} catch (Exception ex) {
throw new RuntimeException("Error creating initial tenant folders", ex);
}
return newTenant;
}
Also used :
IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession)
Builder(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl.Builder)
PathNotFoundException(javax.jcr.PathNotFoundException)
RepositoryException(javax.jcr.RepositoryException)
IOException(java.io.IOException)
RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid)
Tenant(org.pentaho.platform.core.mt.Tenant)
ITenant(org.pentaho.platform.api.mt.ITenant)
ITenant(org.pentaho.platform.api.mt.ITenant)
Builder(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl.Builder)
Authentication(org.springframework.security.core.Authentication)
RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile)
RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)
Example 42 with RepositoryFileAcl
use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.
the class DefaultUnifiedRepository method updateAcl.
/**
* {@inheritDoc}
*/
public RepositoryFileAcl updateAcl(final RepositoryFileAcl acl) {
Assert.notNull(acl);
RepositoryFile file = getFileById(acl.getId());
List<RepositoryFilePermission> perms = new ArrayList<RepositoryFilePermission>();
perms.add(RepositoryFilePermission.ACL_MANAGEMENT);
if (!hasAccess(file.getPath(), EnumSet.copyOf(perms))) {
throw new UnifiedRepositoryAccessDeniedException(Messages.getInstance().getString("DefaultUnifiedRepository.ERROR_0001_ACCESS_DENIED_UPDATE_ACL", acl.getId()));
}
return repositoryFileAclDao.updateAcl(acl);
}
Also used :
UnifiedRepositoryAccessDeniedException(org.pentaho.platform.api.repository2.unified.UnifiedRepositoryAccessDeniedException)
RepositoryFilePermission(org.pentaho.platform.api.repository2.unified.RepositoryFilePermission)
ArrayList(java.util.ArrayList)
RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile)
Example 43 with RepositoryFileAcl
use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.
the class RepositoryUtils method getFolder.
public RepositoryFile getFolder(final String path, final RepositoryFileAcl acl, final boolean createIfNotExist, final boolean createParents, final String versionMessage) {
RepositoryFile folder = repository.getFile(path);
if (null == folder && createIfNotExist) {
final String parentPath = RepositoryFilenameUtils.getFullPathNoEndSeparator(path);
if (!parentPath.equals(path)) {
final RepositoryFile parentFolder = getFolder(parentPath, acl, createParents, createParents, versionMessage);
if (null != parentFolder) {
final String folderName = RepositoryFilenameUtils.getName(path);
folder = new RepositoryFile.Builder(folderName).path(path).folder(true).build();
if (null != acl) {
folder = repository.createFolder(parentFolder.getId(), folder, acl, versionMessage);
} else {
folder = repository.createFolder(parentFolder.getId(), folder, versionMessage);
}
}
}
}
return folder;
}
Also used :
RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile)
Example 44 with RepositoryFileAcl
use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.
the class MondrianImportHandlerTest method testImportFile_applyAclSettings.
@Test
public void testImportFile_applyAclSettings() throws Exception {
RepositoryFileAcl acl = mock(RepositoryFileAcl.class);
when(bundle.getProperty(eq(MondrianImportHandler.DOMAIN_ID))).thenReturn(MondrianImportHandler.DOMAIN_ID);
when(bundle.isApplyAclSettings()).thenReturn(true);
when(bundle.getAcl()).thenReturn(acl);
IAclAwareMondrianCatalogService aclImporter = mock(IAclAwareMondrianCatalogService.class);
MondrianImportHandler handler = new MondrianImportHandler(mimeTypes, aclImporter);
handler.importFile(bundle);
ArgumentCaptor<RepositoryFileAcl> captor = ArgumentCaptor.forClass(RepositoryFileAcl.class);
verify(aclImporter).addCatalog(any(InputStream.class), any(MondrianCatalog.class), anyBoolean(), captor.capture(), any(IPentahoSession.class));
assertEquals(acl, captor.getValue());
}
Also used :
MondrianCatalog(org.pentaho.platform.plugin.action.mondrian.catalog.MondrianCatalog)
IAclAwareMondrianCatalogService(org.pentaho.platform.plugin.action.mondrian.catalog.IAclAwareMondrianCatalogService)
InputStream(java.io.InputStream)
IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession)
RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)
Test(org.junit.Test)
Example 45 with RepositoryFileAcl
use of org.pentaho.platform.api.repository2.unified.RepositoryFileAcl in project pentaho-platform by pentaho.
the class MondrianCatalogHelperIT method addCatalog_WithAcl.
@Test
public void addCatalog_WithAcl() throws Exception {
initMondrianCatalogsCache();
MondrianCatalogHelper helperSpy = spy(helper);
IPentahoSession session = mock(IPentahoSession.class);
doNothing().when(helperSpy).init(session);
doReturn(Collections.<MondrianCatalog>emptyList()).when(helperSpy).getCatalogs(session);
doReturn(null).when(helperSpy).makeSchema(anyString());
MondrianCatalog cat = createTestCatalog();
RepositoryFileAcl acl = mock(RepositoryFileAcl.class);
IAclNodeHelper aclHelper = mock(IAclNodeHelper.class);
doNothing().when(aclHelper).setAclFor(any(RepositoryFile.class), eq(acl));
doReturn(aclHelper).when(helperSpy).getAclHelper();
doReturn(null).when(helperSpy).makeSchema(CATALOG_NAME);
doReturn(true).when(helperSpy).catalogExists(any(MondrianCatalog.class), eq(session));
MondrianCatalogRepositoryHelper repositoryHelper = mock(MondrianCatalogRepositoryHelper.class);
doReturn(repositoryHelper).when(helperSpy).getMondrianCatalogRepositoryHelper();
helperSpy.addCatalog(new ByteArrayInputStream(new byte[0]), cat, true, acl, session);
verify(aclHelper, times(1)).setAclFor(any(RepositoryFile.class), eq(acl));
doNothing().when(aclHelper).setAclFor(any(RepositoryFile.class), any(RepositoryFileAcl.class));
helperSpy.addCatalog(new ByteArrayInputStream(new byte[0]), cat, true, null, session);
verify(aclHelper, times(2)).setAclFor(any(RepositoryFile.class), any(RepositoryFileAcl.class));
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession)
IAclNodeHelper(org.pentaho.platform.api.repository2.unified.IAclNodeHelper)
MondrianCatalogRepositoryHelper(org.pentaho.platform.plugin.services.importexport.legacy.MondrianCatalogRepositoryHelper)
RepositoryFile(org.pentaho.platform.api.repository2.unified.RepositoryFile)
RepositoryFileAcl(org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)
Test(org.junit.Test)
Aggregations
RepositoryFileAcl (org.pentaho.platform.api.repository2.unified.RepositoryFileAcl)99
RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)73
Test (org.junit.Test)50
ITenant (org.pentaho.platform.api.mt.ITenant)25
RepositoryFileSid (org.pentaho.platform.api.repository2.unified.RepositoryFileSid)23
RepositoryFileAce (org.pentaho.platform.api.repository2.unified.RepositoryFileAce)15
Node (javax.jcr.Node)13
Matchers.anyString (org.mockito.Matchers.anyString)13
UnifiedRepositoryException (org.pentaho.platform.api.repository2.unified.UnifiedRepositoryException)13
Serializable (java.io.Serializable)12
Session (javax.jcr.Session)12
JcrCallback (org.springframework.extensions.jcr.JcrCallback)12
ArrayList (java.util.ArrayList)11
RepositoryException (javax.jcr.RepositoryException)10
ByteArrayInputStream (java.io.ByteArrayInputStream)9
IOException (java.io.IOException)9
DataNode (org.pentaho.platform.api.repository2.unified.data.node.DataNode)9
IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)8
RepositoryFilePermission (org.pentaho.platform.api.repository2.unified.RepositoryFilePermission)8
InputStream (java.io.InputStream)7
