Query q = m_sqlManager.createQuery(dbc, project, C_ACCESS_READ_ENTRY_2); q.setParameter(1, acEntry.getResource().toString()); q.setParameter(2, acEntry.getPrincipal().toString()); q.setParameter(1, acEntry.getResource().toString()); q.setParameter(2, acEntry.getPrincipal().toString()); a.setAccessAllowed(acEntry.getAllowedPermissions()); a.setAccessDenied(acEntry.getDeniedPermissions()); a.setAccessFlags(acEntry.getFlags()); dbc, project, acEntry.getResource(), acEntry.getPrincipal(), acEntry.getAllowedPermissions(), acEntry.getDeniedPermissions(), acEntry.getFlags()); return;
/** * Adds an access control entry to the access control list.<p> * * @param entry the access control entry to add */ public void add(CmsAccessControlEntry entry) { CmsPermissionSetCustom p = m_permissions.get(entry.getPrincipal()); if (p == null) { p = new CmsPermissionSetCustom(); m_permissions.put(entry.getPrincipal(), p); } p.addPermissions(entry.getPermissions()); }
/** * Returns the set of users that are responsible for a specific resource.<p> * * @param dbc the current database context * @param resource the resource to get the responsible users from * * @return the set of users that are responsible for a specific resource * * @throws CmsException if something goes wrong */ public Set<I_CmsPrincipal> readResponsiblePrincipals(CmsDbContext dbc, CmsResource resource) throws CmsException { Set<I_CmsPrincipal> result = new HashSet<I_CmsPrincipal>(); Iterator<CmsAccessControlEntry> aces = getAccessControlEntries(dbc, resource, true).iterator(); while (aces.hasNext()) { CmsAccessControlEntry ace = aces.next(); if (ace.isResponsible()) { I_CmsPrincipal p = lookupPrincipal(dbc, ace.getPrincipal()); if (p != null) { result.add(p); } } } return result; }
/** * Sets the allowed permissions of a given access control entry as allowed permissions in the access control list.<p> * The denied permissions are left unchanged. * * @param entry the access control entry */ public void setAllowedPermissions(CmsAccessControlEntry entry) { CmsPermissionSetCustom p = m_permissions.get(entry.getPrincipal()); if (p == null) { p = new CmsPermissionSetCustom(); m_permissions.put(entry.getPrincipal(), p); } p.setPermissions(entry.getAllowedPermissions(), p.getDeniedPermissions()); }
/** * Sets the denied permissions of a given access control entry as denied permissions in the access control list.<p> * The allowed permissions are left unchanged. * * @param entry the access control entry */ public void setDeniedPermissions(CmsAccessControlEntry entry) { CmsPermissionSetCustom p = (CmsPermissionSetCustom)m_permissions.get(entry.getPrincipal()); if (p == null) { p = new CmsPermissionSetCustom(); m_permissions.put(entry.getPrincipal(), p); } p.setPermissions(p.getAllowedPermissions(), entry.getDeniedPermissions()); } }
principal = CmsPrincipal.readPrincipalIncludingHistory(getCms(), entry.getPrincipal()); } catch (CmsException e) { principal = null; String id = (principal != null) ? principal.getName() : entry.getPrincipal().toString(); String name; String ou = null; CmsRole role = CmsRole.valueOfId(entry.getPrincipal()); if (role != null) { name = role.getName(getLocale()); flags = CmsAccessControlEntry.ACCESS_FLAGS_ROLE; } else { name = entry.getPrincipal().toString(); if ((flags > 0) && ((entry.getFlags() & flags) == 0)) { LOG.error(Messages.get().getBundle(getLocale()).key(Messages.ERR_INVALID_ACE_1, entry.toString())); entry = new CmsAccessControlEntry( entry.getResource(), entry.getPrincipal(), entry.getAllowedPermissions(), entry.getDeniedPermissions(), (entry.getFlags() | flags)); } else if (entry.getFlags() < CmsAccessControlEntry.ACCESS_FLAGS_USER) { LOG.error(Messages.get().getBundle(getLocale()).key(Messages.ERR_INVALID_ACE_1, entry.toString()));
dbc.currentProject(), destination.getResourceId(), ace.getPrincipal(), ace.getPermissions().getAllowedPermissions(), ace.getPermissions().getDeniedPermissions(), ace.getFlags());
/** * Creates a string representation of an access control entry.<p> * * @param ace the access control entry * * @return the string representation of the access control entry */ private String getAceString(CmsAccessControlEntry ace) { String result = ace.getPermissions().getPermissionString() + (ace.isResponsible() ? ace.getResponsibleString() : "") + ace.getInheritingString(); if ((ace.getFlags() & CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE) != 0) { result = result + " (" + Messages.get().getBundle(OpenCms.getWorkplaceManager().getWorkplaceLocale(m_cms)).key( Messages.GUI_PERMISSION_COLUMN_OVERWRITE_0) + ")"; } return result; }
try { I_CmsPrincipal principal = CmsPrincipal.readPrincipal(this, principalType, principalName); acEntry = new CmsAccessControlEntry(res.getResourceId(), principal.getId(), permissionString); acEntry.setFlagsForPrincipal(principal); } catch (CmsDbEntryNotFoundException e) { acEntry = new CmsAccessControlEntry( res.getResourceId(), CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_ID, permissionString); acEntry.setFlags(CmsAccessControlEntry.ACCESS_FLAGS_ALLOTHERS); } else if (principalName.equalsIgnoreCase(CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_NAME)) { acEntry = new CmsAccessControlEntry( res.getResourceId(), CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_ID, permissionString); acEntry.setFlags(CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE_ALL); } else if (principalType.equalsIgnoreCase(CmsRole.PRINCIPAL_ROLE)) { throw e; acEntry = new CmsAccessControlEntry(res.getResourceId(), role.getId(), permissionString); acEntry.setFlags(CmsAccessControlEntry.ACCESS_FLAGS_ROLE); } else { throw e;
/** * @see java.util.Comparator#compare(java.lang.Object, java.lang.Object) */ public int compare(CmsAccessControlEntry ace1, CmsAccessControlEntry ace2) { if (ace1 == ace2) { return 0; } CmsUUID id1 = (ace1).getPrincipal(); CmsUUID id2 = (ace2).getPrincipal(); return COMPARATOR_PRINCIPALS.compare(id1, id2); } };
/** * Creates a new access control entry and stores it for later write out. * * @param res the resource * @param id the id of the principal * @param allowed the allowed permissions * @param denied the denied permissions * @param flags the flags * * @return the created ACE */ protected CmsAccessControlEntry getImportAccessControlEntry( CmsResource res, String id, String allowed, String denied, String flags) { return new CmsAccessControlEntry( res.getResourceId(), new CmsUUID(id), Integer.parseInt(allowed), Integer.parseInt(denied), Integer.parseInt(flags)); }
for (int k = 0; k < allEntries.size(); k++) { CmsAccessControlEntry curEntry = allEntries.get(k); String curType = getEntryType(curEntry.getFlags(), false); I_CmsPrincipal p; try { p = CmsPrincipal.readPrincipalIncludingHistory(getCms(), curEntry.getPrincipal()); } catch (CmsException e) { p = null; flags = curEntry.getFlags(); break; } else if (p == null) { CmsRole role = CmsRole.valueOfId(curEntry.getPrincipal()); if ((role != null) && name.equals(role.getRoleName())) { flags = curEntry.getFlags(); break; } else if ((curEntry.getPrincipal().equals(CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_ID) && name.equals(CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_NAME)) || (curEntry.getPrincipal().equals(CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_ID) && name.equals(CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_NAME))) { flags = curEntry.getFlags(); break;
/** * Converts an OpenCms ACE to a list of basic CMIS permissions.<p> * * @param ace the access control entry * * @return the list of permissions */ public static List<String> getCmisPermissions(CmsAccessControlEntry ace) { int permissionBits = ace.getPermissions().getPermissions(); List<String> result = new ArrayList<String>(); if (0 != (permissionBits & CmsPermissionSet.PERMISSION_READ)) { result.add(A_CmsCmisRepository.CMIS_READ); } if (0 != (permissionBits & CmsPermissionSet.PERMISSION_WRITE)) { result.add(A_CmsCmisRepository.CMIS_WRITE); } int all = CmsPermissionSet.PERMISSION_WRITE | CmsPermissionSet.PERMISSION_READ | CmsPermissionSet.PERMISSION_CONTROL | CmsPermissionSet.PERMISSION_DIRECT_PUBLISH; if ((permissionBits & all) == all) { result.add(A_CmsCmisRepository.CMIS_ALL); } return result; }
/** * Compiles the ACL for a file or folder. * @param cms the CMS context * @param resource the resource for which to collect the ACLs * @param onlyBasic flag to only include basic ACEs * * @return the ACL for the resource * @throws CmsException if something goes wrong */ protected Acl collectAcl(CmsObject cms, CmsResource resource, boolean onlyBasic) throws CmsException { AccessControlListImpl cmisAcl = new AccessControlListImpl(); List<Ace> cmisAces = new ArrayList<Ace>(); List<CmsAccessControlEntry> aces = cms.getAccessControlEntries(resource.getRootPath(), true); for (CmsAccessControlEntry ace : aces) { boolean isDirect = ace.getResource().equals(resource.getResourceId()); CmsUUID principalId = ace.getPrincipal(); String principalName = getAcePrincipalName(cms, principalId); AccessControlEntryImpl cmisAce = new AccessControlEntryImpl(); AccessControlPrincipalDataImpl cmisPrincipal = new AccessControlPrincipalDataImpl(); cmisPrincipal.setId(principalName); cmisAce.setPrincipal(cmisPrincipal); cmisAce.setPermissions(onlyBasic ? getCmisPermissions(ace) : getNativePermissions(ace)); cmisAce.setDirect(isDirect); cmisAces.add(cmisAce); } cmisAcl.setAces(cmisAces); cmisAcl.setExact(Boolean.FALSE); return cmisAcl; }
/** * Returns the resource on which the specified access control entry was set.<p> * * @param entry the current access control entry * @param parents the parent resources to determine the connected resource * @return the resource name of the corresponding resource */ protected String getConnectedResource(CmsAccessControlEntry entry, Map parents) { CmsUUID resId = entry.getResource(); String resName = (String)parents.get(resId); if (CmsStringUtil.isNotEmptyOrWhitespaceOnly(resName)) { return resName; } return resId.toString(); }
if (inheritedOnly && !ace.isInheriting()) { continue; if (inheritedOnly && ace.isInheriting()) { ace.setFlags(CmsAccessControlEntry.ACCESS_FLAGS_INHERITED);
/** * Returns the string representation of the "responsible" flag.<p> * * @return string of the format {{+|-}l}* */ public String getResponsibleString() { if (isResponsible()) { return "+l"; } else { return "-l"; } }
while (itAces.hasNext()) { CmsAccessControlEntry curEntry = itAces.next(); if (!curEntry.isInherited()) {
int flags = m_entry.getFlags();