public static ACL newACL(String name) { return new ACLImpl(name); }
@Override public void setACEs(ACE[] aces) { clear(); addAll(Arrays.asList(aces)); warnForDuplicateACEs(aces); }
/** * ajout une ace sur un document * @param session * @param ref * @param ace * @throws ClientException */ public static void setACE(CoreSession session, DocumentRef ref,ACE ace) throws ClientException { ACPImpl acp = new ACPImpl(); ACLImpl acl = new ACLImpl(ACL.LOCAL_ACL); acp.addACL(acl); acl.add(ace); session.setACP(ref, acp, false); }
protected void setACE(final DocumentRef ref) throws NuxeoException { final List<ACE>[] aceList = slurpACEs(entries); final ACP acp = session.getACP(ref); ACLImpl acl = (ACLImpl) acp.getACL(aclName); if ((acl == null) || doOverwrite) { acl = new ACLImpl(aclName); acl.addAll(aceList[0]); } else { for (final ACE ace : aceList[0]) { if (!acl.contains(ace)) { acl.add(0, ace); } } } acl.removeAll(aceList[1]); acp.addACL(acl); session.setACP(ref, acp, doOverwrite); }
/** * ajout une ace sur un document * * @param session * @param ref * @param ace * @throws NuxeoException */ public static void setACE(CoreSession session, DocumentRef ref, ACE ace) throws NuxeoException { ACPImpl acp = new ACPImpl(); ACLImpl acl = new ACLImpl(ACL.LOCAL_ACL); acp.addACL(acl); acl.add(ace); session.setACP(ref, acp, false); }
@Override public ACL getMergedACLs(String name) { ACL mergedAcl = new ACLImpl(name, true); for (ACL acl : acls) { mergedAcl.addAll(acl); } return mergedAcl; }
@Override public ACL getOrCreateACL(String name) { ACL acl = getACL(name); if (acl == null) { acl = new ACLImpl(name); addACL(acl); } return acl; }
protected static void setLocalAcl(CoreSession session, DocumentModel doc, String value) { ACPImpl acp = new ACPImpl(); ACLImpl acl = new ACLImpl(ACL.LOCAL_ACL); acp.addACL(acl); String[] entries = StringUtils.split(value, ',', true); if (entries.length == 0) { return; } for (String entry : entries) { String[] ace = StringUtils.split(entry, ':', true); acl.add(new ACE(ace[0], ace[1], Boolean.parseBoolean(ace[2]))); } session.setACP(doc.getRef(), acp, false); }
public void addAccessRule(String aclName, ACE ace) { ACL acl = getACL(aclName); if (acl == null) { acl = new ACLImpl(aclName); addACL(acl); } acl.add(ace); }
@POST @Path("add") public Response postPermission() { HttpServletRequest req = ctx.getRequest(); String action = req.getParameter("action"); String permission = req.getParameter("permission"); String username = req.getParameter("user"); UserManager userManager = Framework.getService(UserManager.class); NuxeoPrincipal user = userManager.getPrincipal(username); if (user == null) { NuxeoGroup group = userManager.getGroup(username); if (group == null) { return Response.status(500).build(); } } ACPImpl acp = new ACPImpl(); ACLImpl acl = new ACLImpl(ACL.LOCAL_ACL); acp.addACL(acl); boolean granted = "grant".equals(action); ACE ace = new ACE(username, permission, granted); acl.add(ace); CoreSession session = ctx.getCoreSession(); Resource target = getTarget(); session.setACP(target.getAdapter(DocumentModel.class).getRef(), acp, false); session.save(); return redirect(target.getPath()); }
@Override public void setRules(String aclName, UserEntry[] userEntries, boolean overwrite) { ACL acl = getACL(aclName); if (acl == null) { // create the loca ACL acl = new ACLImpl(aclName); addACL(acl); } else if (overwrite) { // :XXX: Should not overwrite entries not given as parameters here. acl.clear(); } for (UserEntry entry : userEntries) { String username = entry.getUserName(); for (String permission : entry.getGrantedPermissions()) { acl.add(new ACE(username, permission, true)); } for (String permission : entry.getDeniedPermissions()) { acl.add(new ACE(username, permission, false)); } } cache.clear(); }
/** * Gets default local ACL, i.e. when inheritance * is blocked. * * @return default local ACL */ public static ACL buildDefaultLocalACL(CoreSession session, DocumentModel document) { ACL acl = new ACLImpl(); String currentUser = session.getPrincipal().getName(); acl.add(new ACE(currentUser, SecurityConstants.EVERYTHING)); // acl.addAll(ACEsOperationHelper.getAdminEverythingACEs()); acl.addAll(getMasterOwnerACEs(session, document)); return acl; }
if (size > 0) { ACP acp = new ACPImpl(); ACL acl = new ACLImpl(ACL.LOCAL_ACL); acp.addACL(acl); for (Element el : entries) {
@Override protected DocumentModel initCreateUserWorkspace(CoreSession unrestrictedSession, DocumentModel doc, String username) { ACP acp = new ACPImpl(); ACE grantEverything = new ACE(username, SecurityConstants.EVERYTHING, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { grantEverything }); acp.addACL(acl); doc.setACP(acp, true); Map<String, Serializable> properties = new HashMap<>(); properties.put("username", username); notifyEvent(unrestrictedSession, doc, unrestrictedSession.getPrincipal(), DocumentEventTypes.USER_WORKSPACE_CREATED, properties); return doc; }
@Override protected DocumentModel initCreateUserWorkspacesRoot(CoreSession unrestrictedSession, DocumentModel doc) { ACP acp = new ACPImpl(); ACE denyEverything = new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { denyEverything }); acp.addACL(acl); doc.setACP(acp, true); return doc; }
@Override @WebMethod public WsACE[] getDocumentLocalACL(@WebParam(name = "sessionId") String sid, @WebParam(name = "uuid") String uuid) { logDeprecation(); WSRemotingSession rs = initSession(sid); ACP acp = rs.getDocumentManager().getACP(new IdRef(uuid)); if (acp != null) { ACL mergedAcl = new ACLImpl("MergedACL", true); for (ACL acl : acp.getACLs()) { if (!ACL.INHERITED_ACL.equals(acl.getName())) { mergedAcl.addAll(acl); } } return WsACE.wrap(mergedAcl.toArray(new ACE[mergedAcl.size()])); } else { return null; } }