use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.
the class JcrRepositoryFileAclDao method toAce.
protected RepositoryFileAce toAce(final Session session, final AccessControlEntry acEntry) throws RepositoryException {
Principal principal = acEntry.getPrincipal();
RepositoryFileSid sid = null;
String name = principal.getName();
DefaultPermissionConversionHelper permissionConversionHelper = new DefaultPermissionConversionHelper(session);
if (principal instanceof Group) {
sid = new RepositoryFileSid(JcrTenantUtils.getRoleNameUtils().getPrincipleName(name), RepositoryFileSid.Type.ROLE);
} else {
sid = new RepositoryFileSid(JcrTenantUtils.getUserNameUtils().getPrincipleName(name), RepositoryFileSid.Type.USER);
}
// $NON-NLS-1$
logger.debug(String.format("principal class [%s]", principal.getClass().getName()));
Privilege[] privileges = acEntry.getPrivileges();
return new RepositoryFileAce(sid, permissionConversionHelper.privilegesToPentahoPermissions(session, privileges));
}
use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.
the class JcrRepositoryFileAclDao method addAce.
public void addAce(final Serializable id, final RepositoryFileSid recipient, final EnumSet<RepositoryFilePermission> permission) {
if (isKioskEnabled()) {
// $NON-NLS-1$
throw new RuntimeException(Messages.getInstance().getString("JcrRepositoryFileDao.ERROR_0006_ACCESS_DENIED"));
}
Assert.notNull(id);
Assert.notNull(recipient);
Assert.notNull(permission);
RepositoryFileAcl acl = getAcl(id);
Assert.notNull(acl);
// TODO mlowery find an ACE with the recipient and update that rather than adding a new ACE
RepositoryFileSid newRecipient = recipient;
if (recipient.getType().equals(Type.USER)) {
if (JcrTenantUtils.getUserNameUtils().getTenant(recipient.getName()) == null) {
newRecipient = new RepositoryFileSid(JcrTenantUtils.getTenantedUser(recipient.getName()), recipient.getType());
}
} else {
if (JcrTenantUtils.getRoleNameUtils().getTenant(recipient.getName()) == null) {
newRecipient = new RepositoryFileSid(JcrTenantUtils.getTenantedRole(recipient.getName()), recipient.getType());
}
}
RepositoryFileAcl updatedAcl = new RepositoryFileAcl.Builder(acl).ace(newRecipient, permission).build();
updateAcl(updatedAcl);
// $NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
logger.debug("added ace: id=" + id + ", sid=" + recipient + ", permission=" + permission);
}
use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.
the class JcrRepositoryFileAclUtils method setOwner.
public static void setOwner(final Session session, final PentahoJcrConstants pentahoJcrConstants, final RepositoryFile file, final RepositoryFileSid owner) throws RepositoryException {
RepositoryFileSid newOwnerSid = owner;
if (JcrTenantUtils.getUserNameUtils().getTenant(owner.getName()) == null) {
newOwnerSid = new RepositoryFileSid(JcrTenantUtils.getTenantedUser(owner.getName()), owner.getType());
}
RepositoryFileAcl acl = getAcl(session, pentahoJcrConstants, file.getId());
RepositoryFileAcl newAcl = new RepositoryFileAcl.Builder(acl).owner(newOwnerSid).build();
updateAcl(session, newAcl);
}
use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.
the class JcrRepositoryFileAclUtils method getAcl.
public static RepositoryFileAcl getAcl(final Session session, final PentahoJcrConstants pentahoJcrConstants, final Serializable id) throws RepositoryException {
Node node = session.getNodeByIdentifier(id.toString());
if (node == null) {
throw new RepositoryException(Messages.getInstance().getString("JackrabbitRepositoryFileAclDao.ERROR_0001_NODE_NOT_FOUND", // $NON-NLS-1$
id.toString()));
}
String absPath = node.getPath();
AccessControlManager acMgr = session.getAccessControlManager();
AccessControlList acList = getAccessControlList(acMgr, absPath);
RepositoryFileSid owner = null;
String ownerString = JcrTenantUtils.getUserNameUtils().getPrincipleName(getOwner(session, absPath, acList));
if (ownerString != null) {
// for now, just assume all owners are users; only has UI impact
owner = new RepositoryFileSid(ownerString, RepositoryFileSid.Type.USER);
}
RepositoryFileAcl.Builder aclBuilder = new RepositoryFileAcl.Builder(id, owner);
aclBuilder.entriesInheriting(isEntriesInheriting(session, absPath, acList));
List<AccessControlEntry> cleanedAcEntries = JcrRepositoryFileAclUtils.removeAclMetadata(Arrays.asList(acList.getAccessControlEntries()));
for (AccessControlEntry acEntry : cleanedAcEntries) {
aclBuilder.ace(toAce(session, acEntry));
}
return aclBuilder.build();
}
use of org.pentaho.platform.api.repository2.unified.RepositoryFileSid in project pentaho-platform by pentaho.
the class JcrRepositoryFileAclUtils method toAce.
private static RepositoryFileAce toAce(final Session session, final AccessControlEntry acEntry) throws RepositoryException {
Principal principal = acEntry.getPrincipal();
RepositoryFileSid sid = null;
if (principal instanceof Group) {
sid = new RepositoryFileSid(principal.getName(), RepositoryFileSid.Type.ROLE);
} else {
sid = new RepositoryFileSid(principal.getName(), RepositoryFileSid.Type.USER);
}
Privilege[] privileges = acEntry.getPrivileges();
IPermissionConversionHelper permissionConversionHelper = new DefaultPermissionConversionHelper(session);
return new RepositoryFileAce(sid, permissionConversionHelper.privilegesToPentahoPermissions(session, privileges));
}
Aggregations