Example 1 with IPermissionConversionHelper
use of org.pentaho.platform.repository2.unified.jcr.JcrRepositoryFileAclDao.IPermissionConversionHelper in project pentaho-platform by pentaho.
the class JcrRepositoryFileAclUtils method toAce.
private static RepositoryFileAce toAce(final Session session, final AccessControlEntry acEntry) throws RepositoryException {
Principal principal = acEntry.getPrincipal();
RepositoryFileSid sid = null;
if (principal instanceof Group) {
sid = new RepositoryFileSid(principal.getName(), RepositoryFileSid.Type.ROLE);
} else {
sid = new RepositoryFileSid(principal.getName(), RepositoryFileSid.Type.USER);
}
Privilege[] privileges = acEntry.getPrivileges();
IPermissionConversionHelper permissionConversionHelper = new DefaultPermissionConversionHelper(session);
return new RepositoryFileAce(sid, permissionConversionHelper.privilegesToPentahoPermissions(session, privileges));
}
Also used :
Group(org.apache.jackrabbit.api.security.user.Group)
RepositoryFileSid(org.pentaho.platform.api.repository2.unified.RepositoryFileSid)
RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce)
IPermissionConversionHelper(org.pentaho.platform.repository2.unified.jcr.JcrRepositoryFileAclDao.IPermissionConversionHelper)
Privilege(javax.jcr.security.Privilege)
SpringSecurityRolePrincipal(org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityRolePrincipal)
SpringSecurityUserPrincipal(org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityUserPrincipal)
Principal(java.security.Principal)
Example 2 with IPermissionConversionHelper
use of org.pentaho.platform.repository2.unified.jcr.JcrRepositoryFileAclDao.IPermissionConversionHelper in project pentaho-platform by pentaho.
the class JcrRepositoryFileAclUtils method internalUpdateAcl.
private static RepositoryFileAcl internalUpdateAcl(final Session session, final PentahoJcrConstants pentahoJcrConstants, final Serializable fileId, final RepositoryFileAcl acl) throws RepositoryException {
Node node = session.getNodeByIdentifier(fileId.toString());
if (node == null) {
// $NON-NLS-1$
throw new RepositoryException("Node not found");
}
String absPath = node.getPath();
AccessControlManager acMgr = session.getAccessControlManager();
AccessControlList acList = getAccessControlList(acMgr, absPath);
// clear all entries
AccessControlEntry[] acEntries = acList.getAccessControlEntries();
for (int i = 0; i < acEntries.length; i++) {
acList.removeAccessControlEntry(acEntries[i]);
}
JcrRepositoryFileAclUtils.setAclMetadata(session, absPath, acList, new AclMetadata(acl.getOwner().getName(), acl.isEntriesInheriting()));
// add entries to now empty list but only if not inheriting; force user to start with clean slate
if (!acl.isEntriesInheriting()) {
for (RepositoryFileAce ace : acl.getAces()) {
Principal principal = null;
if (RepositoryFileSid.Type.ROLE == ace.getSid().getType()) {
principal = new SpringSecurityRolePrincipal(JcrTenantUtils.getTenantedRole(ace.getSid().getName()));
} else {
principal = new SpringSecurityUserPrincipal(JcrTenantUtils.getTenantedUser(ace.getSid().getName()));
}
IPermissionConversionHelper permissionConversionHelper = new DefaultPermissionConversionHelper(session);
acList.addAccessControlEntry(principal, permissionConversionHelper.pentahoPermissionsToPrivileges(session, ace.getPermissions()));
}
}
acMgr.setPolicy(absPath, acList);
session.save();
return getAcl(session, pentahoJcrConstants, fileId);
}
Also used :
AccessControlManager(javax.jcr.security.AccessControlManager)
AccessControlList(javax.jcr.security.AccessControlList)
RepositoryFileAce(org.pentaho.platform.api.repository2.unified.RepositoryFileAce)
Node(javax.jcr.Node)
AclMetadata(org.pentaho.platform.repository2.unified.jcr.IAclMetadataStrategy.AclMetadata)
AccessControlEntry(javax.jcr.security.AccessControlEntry)
RepositoryException(javax.jcr.RepositoryException)
IPermissionConversionHelper(org.pentaho.platform.repository2.unified.jcr.JcrRepositoryFileAclDao.IPermissionConversionHelper)
SpringSecurityRolePrincipal(org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityRolePrincipal)
SpringSecurityRolePrincipal(org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityRolePrincipal)
SpringSecurityUserPrincipal(org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityUserPrincipal)
Principal(java.security.Principal)
SpringSecurityUserPrincipal(org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityUserPrincipal)
Aggregations
Principal (java.security.Principal)2
RepositoryFileAce (org.pentaho.platform.api.repository2.unified.RepositoryFileAce)2
IPermissionConversionHelper (org.pentaho.platform.repository2.unified.jcr.JcrRepositoryFileAclDao.IPermissionConversionHelper)2
SpringSecurityRolePrincipal (org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityRolePrincipal)2
SpringSecurityUserPrincipal (org.pentaho.platform.repository2.unified.jcr.jackrabbit.security.SpringSecurityUserPrincipal)2
Node (javax.jcr.Node)1
RepositoryException (javax.jcr.RepositoryException)1
AccessControlEntry (javax.jcr.security.AccessControlEntry)1
AccessControlList (javax.jcr.security.AccessControlList)1
AccessControlManager (javax.jcr.security.AccessControlManager)1
Privilege (javax.jcr.security.Privilege)1
Group (org.apache.jackrabbit.api.security.user.Group)1
RepositoryFileSid (org.pentaho.platform.api.repository2.unified.RepositoryFileSid)1
AclMetadata (org.pentaho.platform.repository2.unified.jcr.IAclMetadataStrategy.AclMetadata)1
