@Override public List<String> getAvailableSecurityPermissions() { // XXX: add security check? return Arrays.asList(getSecurityService().getPermissionProvider().getPermissions()); }
public List<UserVisiblePermission> getVisibleUserPermissions(String documentType) { return Framework.getService(PermissionProvider.class).getUserVisiblePermissionDescriptors(documentType); }
/** * Get possible aliases of WriteModifyOwnOnly permission. * * @return aliases of WriteModifyOwnOnly permission */ public static String[] getAliases(){ return getSecurityService().getPermissionProvider().getAliasPermissions(ToutaticeNuxeoStudioConst.CST_PERM_CONTRIBUTOR); }
protected String[] getPermissionsToCheck() { if (CACHED_PERMISSION_TO_CHECK == null) { PermissionProvider pprovider = Framework.getService(PermissionProvider.class); List<String> aggregatedPerms = new LinkedList<String>(); for (String seedPerm : SEED_PERMISSIONS_TO_CHECK) { aggregatedPerms.add(seedPerm); String[] compoundPerms = pprovider.getPermissionGroups(seedPerm); if (compoundPerms != null) { aggregatedPerms.addAll(Arrays.asList(compoundPerms)); } } CACHED_PERMISSION_TO_CHECK = aggregatedPerms.toArray(new String[aggregatedPerms.size()]); } return CACHED_PERMISSION_TO_CHECK; }
/** * Returns a Map containing all contributed permissions and their associated labels. * * @since 8.1 */ public Map<String, String> getPermissionsToLabels() { PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class); String[] permissions = permissionProvider.getPermissions(); Map<String, String> permissionsToLabels = new HashMap<>(); for (String permission : permissions) { permissionsToLabels.put(permission, getLabel(permission)); } return permissionsToLabels; }
@Override public void write(JsonGenerator jg, DocumentModel document) throws IOException { PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class); List<UserVisiblePermission> userVisiblePermissions = permissionProvider.getUserVisiblePermissionDescriptors(document.getType()); jg.writeArrayFieldStart(NAME); for (UserVisiblePermission permission : userVisiblePermissions) { jg.writeString(permission.getId()); } jg.writeEndArray(); }
private Collection<String> getPermissionsInSession(DocumentModel doc, CoreSession session) { PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class); return session.filterGrantedPermissions(session.getPrincipal(), doc.getRef(), Arrays.asList(permissionProvider.getPermissions())); }
@Override protected void writeEntityBody(Annotation entity, JsonGenerator jg) throws IOException { writeCommentEntity(entity, jg); jg.writeStringField(ANNOTATION_XPATH, entity.getXpath()); // Write permissions of current user on the annotation, // which are the ones granted on the annotated document CoreSession session = ctx.getSession(null).getSession(); NuxeoPrincipal principal = session.getPrincipal(); PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class); Collection<String> permissions = CoreInstance.doPrivileged(session, s -> { return s.filterGrantedPermissions(principal, new IdRef(entity.getParentId()), Arrays.asList(permissionProvider.getPermissions())); }); jg.writeArrayFieldStart(ANNOTATION_PERMISSIONS); for (String permission : permissions) { jg.writeString(permission); } jg.writeEndArray(); } }
@Override protected void writeEntityBody(Comment entity, JsonGenerator jg) throws IOException { writeCommentEntity(entity, jg); CoreSession session = ctx.getSession(null).getSession(); NuxeoPrincipal principal = session.getPrincipal(); PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class); // Write permissions of current user on the annotation, // which are the ones granted on the commented document Collection<String> permissions = CoreInstance.doPrivileged(session, s -> { if (entity.getId() == null) { return Collections.emptyList(); } DocumentRef ancestorRef = new IdRef( (String) commentManager.getThreadForComment(s.getDocument(new IdRef(entity.getId()))) .getPropertyValue(COMMENT_PARENT_ID)); return s.filterGrantedPermissions(principal, ancestorRef, Arrays.asList(permissionProvider.getPermissions())); }); jg.writeArrayFieldStart(COMMENT_PERMISSIONS); for (String permission : permissions) { jg.writeString(permission); } jg.writeEndArray(); boolean includeRepliesSummary = ctx.getFetched(COMMENT_ENTITY_TYPE).contains(FETCH_REPLIES_SUMMARY); if (includeRepliesSummary) { writeRepliesSummary(session, entity, jg); } }