Examples with SecurityReference org.xwiki.security.SecurityReference used on opensource projects

Example 16 with SecurityReference

use of org.xwiki.security.SecurityReference in project xwiki-platform by xwiki.

the class DefaultSecurityCacheLoader method getRules.

/**
 * Retrieve rules for all hierarchy levels of the provided reference.
 * Rules may be read from the cache, or from the entities and fill the cache.
 *
 * @param entity The entity for which rules should be loaded and retrieve.
 * @return A collection of security rule entry, once for each level of the hierarchy.
 * @exception org.xwiki.security.authorization.AuthorizationException if an error occurs
 * @exception ParentEntryEvictedException if any parent entry is
 * evicted before the operation completes.
 * @throws ConflictingInsertionException When different threads
 * have inserted conflicting entries into the cache.
 */
private Deque<SecurityRuleEntry> getRules(SecurityReference entity) throws AuthorizationException, ParentEntryEvictedException, ConflictingInsertionException {
    Deque<SecurityRuleEntry> rules = new LinkedList<SecurityRuleEntry>();
    List<SecurityRuleEntry> emptyRuleEntryTail = new ArrayList<SecurityRuleEntry>();
    for (SecurityReference ref : entity.getReversedSecurityReferenceChain()) {
        SecurityRuleEntry entry = securityCache.get(ref);
        if (entry == null) {
            if (Right.getEnabledRights(ref.getType()).isEmpty()) {
                // Do not call the reader on entity that will give useless rules
                entry = new EmptySecurityRuleEntry(ref);
                emptyRuleEntryTail.add(entry);
            } else {
                entry = securityEntryReader.read(ref);
                if (!emptyRuleEntryTail.isEmpty()) {
                    // Add intermediate empty rules sets to the cache to hold this significant one
                    for (SecurityRuleEntry emptyRuleEntry : emptyRuleEntryTail) {
                        securityCache.add(emptyRuleEntry);
                    }
                    emptyRuleEntryTail.clear();
                }
                securityCache.add(entry);
            }
        }
        rules.push(entry);
    }
    return rules;
}

Example 17 with SecurityReference

use of org.xwiki.security.SecurityReference in project xwiki-platform by xwiki.

the class AbstractAuthorizationSettler method settle.

@Override
public SecurityAccessEntry settle(UserSecurityReference user, Collection<GroupSecurityReference> groups, Deque<SecurityRuleEntry> ruleEntries) {
    XWikiSecurityAccess access = new XWikiSecurityAccess();
    SecurityReference reference = null;
    Policies policies = new Policies();
    for (SecurityRuleEntry entry : ruleEntries) {
        if (!entry.isEmpty()) {
            // Chose the highest possible level to store the resulting access
            if (reference == null) {
                reference = entry.getReference();
            }
            // Compute access of this level and merge it with previous access result
            merge(settle(user, groups, entry, policies), access, entry.getReference(), policies);
        }
        if (reference == null && entry.getReference().getType() == EntityType.WIKI) {
            reference = entry.getReference();
        }
    }
    // Apply defaults and return the resulting access entry
    return new InternalSecurityAccessEntry(user, reference, applyDefaults(user, reference, access));
}