Example 1 with RightSet
use of org.xwiki.security.authorization.RightSet in project xwiki-platform by xwiki.
the class DefaultAuthorizationSettler method settle.
@Override
protected XWikiSecurityAccess settle(UserSecurityReference user, Collection<GroupSecurityReference> groups, SecurityRuleEntry entry, Policies policies) {
Set<Right> enabledRights = Right.getEnabledRights(entry.getReference().getSecurityType());
Set<Right> fromUser = new RightSet();
Set<Right> allowed = new RightSet();
XWikiSecurityAccess access = new XWikiSecurityAccess();
// Evaluate rules from current entity
for (Right right : enabledRights) {
for (SecurityRule rule : entry.getRules()) {
if (rule.match(right)) {
if (rule.getState() == ALLOW) {
allowed.add(right);
}
resolveLevel(right, user, groups, rule, access, policies, fromUser);
if (access.get(right) == ALLOW) {
implyRights(right, access, enabledRights, policies, fromUser);
}
}
}
}
// The same behavior as the old implementation. I.e., an allow means implicit deny for everyone else.
for (Right right : allowed) {
if (access.get(right) == UNDETERMINED) {
access.deny(right);
}
}
return access;
}
Also used :
RightSet(org.xwiki.security.authorization.RightSet)
Right(org.xwiki.security.authorization.Right)
SecurityRule(org.xwiki.security.authorization.SecurityRule)
Aggregations
Right (org.xwiki.security.authorization.Right)1
RightSet (org.xwiki.security.authorization.RightSet)1
SecurityRule (org.xwiki.security.authorization.SecurityRule)1
