Search in sources :

Example 1 with AccessControlEntryImpl

use of org.springframework.security.acls.domain.AccessControlEntryImpl in project spring-security by spring-projects.

the class BasicLookupStrategy method convert.

/**
 * The final phase of converting the <code>Map</code> of <code>AclImpl</code>
 * instances which contain <code>StubAclParent</code>s into proper, valid
 * <code>AclImpl</code>s with correct ACL parents.
 * @param inputMap the unconverted <code>AclImpl</code>s
 * @param currentIdentity the current<code>Acl</code> that we wish to convert (this
 * may be
 */
private AclImpl convert(Map<Serializable, Acl> inputMap, Long currentIdentity) {
    Assert.notEmpty(inputMap, "InputMap required");
    Assert.notNull(currentIdentity, "CurrentIdentity required");
    // Retrieve this Acl from the InputMap
    Acl uncastAcl = inputMap.get(currentIdentity);
    Assert.isInstanceOf(AclImpl.class, uncastAcl, "The inputMap contained a non-AclImpl");
    AclImpl inputAcl = (AclImpl) uncastAcl;
    Acl parent = inputAcl.getParentAcl();
    if ((parent != null) && parent instanceof StubAclParent) {
        // Lookup the parent
        StubAclParent stubAclParent = (StubAclParent) parent;
        parent = convert(inputMap, stubAclParent.getId());
    }
    // Now we have the parent (if there is one), create the true AclImpl
    AclImpl result = new AclImpl(inputAcl.getObjectIdentity(), inputAcl.getId(), this.aclAuthorizationStrategy, this.grantingStrategy, parent, null, inputAcl.isEntriesInheriting(), inputAcl.getOwner());
    // Copy the "aces" from the input to the destination
    // Obtain the "aces" from the input ACL
    List<AccessControlEntryImpl> aces = readAces(inputAcl);
    // Create a list in which to store the "aces" for the "result" AclImpl instance
    List<AccessControlEntryImpl> acesNew = new ArrayList<>();
    // This ensures StubAclParent instances are removed, as per SEC-951
    for (AccessControlEntryImpl ace : aces) {
        setAclOnAce(ace, result);
        acesNew.add(ace);
    }
    // Finally, now that the "aces" have been converted to have the "result" AclImpl
    // instance, modify the "result" AclImpl instance
    setAces(result, acesNew);
    return result;
}
Also used : AccessControlEntryImpl(org.springframework.security.acls.domain.AccessControlEntryImpl) AclImpl(org.springframework.security.acls.domain.AclImpl) ArrayList(java.util.ArrayList) MutableAcl(org.springframework.security.acls.model.MutableAcl) Acl(org.springframework.security.acls.model.Acl)

Aggregations

ArrayList (java.util.ArrayList)1 AccessControlEntryImpl (org.springframework.security.acls.domain.AccessControlEntryImpl)1 AclImpl (org.springframework.security.acls.domain.AclImpl)1 Acl (org.springframework.security.acls.model.Acl)1 MutableAcl (org.springframework.security.acls.model.MutableAcl)1