RepositoryFileSid sid = acl.getOwner(); ObjectRecipient owner = new RepositoryObjectRecipient( sid.getName() ); if ( sid.getType().equals( RepositoryFileSid.Type.USER ) ) { aces = pur.getEffectiveAces( acl.getId(), true ); } else { objectAcl.setEntriesInheriting( acl.isEntriesInheriting() ); aces = ( acl.isEntriesInheriting() ) ? pur.getEffectiveAces( acl.getId() ) : acl.getAces();
@Override public boolean matchesSafely( final RepositoryFileAcl acl ) { return ( expectedAcl.getId() != null ? expectedAcl.getId().equals( acl.getId() ) : true ) && expectedAcl.isEntriesInheriting() == acl.isEntriesInheriting() && ( testAcesUsingEquals ? acl.getAces().equals( expectedAcl.getAces() ) : acl.getAces().containsAll( expectedAcl.getAces() ) ); }
JcrRepositoryFileAclUtils.setAclMetadata( session, absPath, acList, new AclMetadata( acl.getOwner().getName(), acl .isEntriesInheriting() ) ); if ( !acl.isEntriesInheriting() ) { for ( RepositoryFileAce ace : acl.getAces() ) { Principal principal = null; if ( RepositoryFileSid.Type.ROLE == ace.getSid().getType() ) {
private List<RepositoryFileAce> internalGetEffectiveAces( final Serializable fileId ) { FileRecord r = idManager.getFileById( fileId ); if ( r.getParent() == null ) { return r.getAcl().getAces(); } else if ( r.getAcl().isEntriesInheriting() == false ) { return r.getAcl().getAces(); } else { return getEffectiveAces( r.getParent().getFile().getId() ); } }
public Object doInJcr( final Session session ) throws RepositoryException, IOException { PentahoJcrConstants pentahoJcrConstants = new PentahoJcrConstants( session ); JcrRepositoryFileUtils.checkoutNearestVersionableFileIfNecessary( session, pentahoJcrConstants, acl.getId() ); RepositoryFileAcl updatedAcl = internalUpdateAcl( session, pentahoJcrConstants, acl.getId(), acl ); JcrRepositoryFileUtils.checkinNearestVersionableFileIfNecessary( session, pentahoJcrConstants, acl.getId(), null, null, true ); return updatedAcl; } } );
@Override public List<RepositoryFileAce> getEffectiveAces( final Serializable fileId, final boolean forceEntriesInheriting ) { FileRecord r = idManager.getFileById( fileId ); if ( r.getParent() != null ) { return getEffectiveAces( r.getParent().getFile().getId() ); } return r.getAcl().getAces(); }
Date modifiedDate = repositoryFile.getLastModifiedDate(); String ownerName = repositoryFileAcl != null ? repositoryFileAcl.getOwner().getName() : ""; boolean deleted = isDeleted( repositoryFile ); RepositoryDirectoryInterface directory = findDirectory( parentPath );
@Test public void testCreateDefaultAcl() { RepositoryFileAcl repositoryFileAcl = inheritDefaultAclHandler.createDefaultAcl( repositoryFile ); assertTrue( repositoryFileAcl.isEntriesInheriting() ); }
public RepositoryFileAcl build() { return new RepositoryFileAcl( id, owner, this.entriesInheriting, this.aces ); }
public RepositoryFileAcl( Serializable id, RepositoryFileSid owner, boolean entriesInheriting, List<RepositoryFileAce> aces ) { super(); notNull( owner ); notNull( aces ); this.id = id; this.owner = owner; this.entriesInheriting = entriesInheriting; this.aces = new ArrayList<RepositoryFileAce>( aces ); }
@Override public void describeTo( final Description description ) { boolean appended = false; description.appendText( shortName ); description.appendText( "(" ); if ( expectedAcl.getId() != null ) { description.appendText( appended ? "," : "" ); description.appendText( "id=" ); description.appendText( expectedAcl.getId().toString() ); appended = true; } description.appendText( appended ? "," : "" ); description.appendText( "isEntriesInheriting=" ); description.appendText( String.valueOf( expectedAcl.isEntriesInheriting() ) ); appended = true; if ( expectedAcl.getAces() != null ) { description.appendText( appended ? "," : "" ); description.appendText( "aces=" ); description.appendText( expectedAcl.getAces().toString() ); appended = true; } description.appendText( ")" ); }
JcrRepositoryFileAclUtils.setAclMetadata( session, absPath, acList, new AclMetadata( acl.getOwner().getName(), acl .isEntriesInheriting() ) ); if ( !acl.isEntriesInheriting() ) { for ( RepositoryFileAce ace : acl.getAces() ) { Principal principal = null; if ( RepositoryFileSid.Type.ROLE == ace.getSid().getType() ) { if ( acl.getAces() != null && acl.getAces().size() > 0 ) { principalTenant = JcrTenantUtils.getRoleNameUtils().getTenant( acl.getAces().get( 0 ).getSid().getName() );
when( f.getPath() ).thenReturn( "/pentaho/tenant0/etc/pdi/databases/Test.kdb" ); RepositoryFileAcl acl = aclHandler.createDefaultAcl( f ); assertTrue( !acl.isEntriesInheriting() ); assertTrue( acl.getAces().size() == 1 ); assertTrue( "Authenticated".equals( acl.getAces().get( 0 ).getSid().getName().toString() ) ); assertTrue( RepositoryFileSid.Type.ROLE.equals( acl.getAces().get( 0 ).getSid().getType() ) ); assertTrue( acl.getAces().get( 0 ).getPermissions().size() == 1 ); assertTrue( acl.getAces().get( 0 ).getPermissions().contains( RepositoryFilePermission.ALL ) ); assertTrue( acl.isEntriesInheriting() ); assertTrue( !acl.isEntriesInheriting() ); System.out.println( acl.getAces() ); assertTrue( acl.getAces().size() == 0 ); assertTrue( acl.isEntriesInheriting() );
public static void updateAcl( final Session session, final RepositoryFileAcl acl ) throws RepositoryException { PentahoJcrConstants pentahoJcrConstants = new PentahoJcrConstants( session ); JcrRepositoryFileUtils.checkoutNearestVersionableFileIfNecessary( session, pentahoJcrConstants, acl.getId() ); internalUpdateAcl( session, pentahoJcrConstants, acl.getId(), acl ); JcrRepositoryFileUtils.checkinNearestVersionableFileIfNecessary( session, pentahoJcrConstants, acl.getId(), null, null, true ); }
for ( RepositoryFileAce fileAce : acl.getAces() ) { if ( fileAce != null && fileAce.getSid() != null && fileAce.getPermissions() != null ) { for ( RepositoryFilePermission filePermission : fileAce.getPermissions() ) {
private boolean hasAccess( final Serializable fileId, final EnumSet<RepositoryFilePermission> permissions ) { String username = currentUserProvider.getUser(); List<String> roles = currentUserProvider.getRoles(); RepositoryFileAcl acl = idManager.getFileById( fileId ).getAcl(); if ( acl.getOwner().getType() == USER && acl.getOwner().getName().equals( username ) ) { return true; // owner can do anything } List<RepositoryFileAce> aces = internalGetEffectiveAces( fileId ); for ( RepositoryFileAce ace : aces ) { if ( ace.getSid().equals( everyone() ) && ace.getPermissions().containsAll( permissions ) ) { return true; // match special everyone role } else if ( ace.getSid().getType() == USER && ace.getSid().getName().equals( username ) && ace.getPermissions().containsAll( permissions ) ) { return true; // match on user } for ( String role : roles ) { if ( ace.getSid().getType() == ROLE && ace.getSid().getName().equals( role ) && ace.getPermissions().containsAll( permissions ) ) { return true; // match on role } } } return false; }
@Override public RepositoryFileAclDto marshal( final RepositoryFileAcl v ) { RepositoryFileAclDto aclDto = new RepositoryFileAclDto(); Serializable id = v.getId(); aclDto.setId( id != null ? id.toString() : null ); RepositoryFileSid owner = v.getOwner(); if ( owner != null ) { aclDto.setOwner( owner.getName() ); aclDto.setOwnerType( owner.getType() != null ? owner.getType().ordinal() : -1 ); } aclDto.setAces( toAcesDto( v.getAces() ), v.isEntriesInheriting() ); return aclDto; }
/** * {@inheritDoc} */ public RepositoryFileAcl updateAcl( final RepositoryFileAcl acl ) { Assert.notNull( acl ); RepositoryFile file = getFileById( acl.getId() ); List<RepositoryFilePermission> perms = new ArrayList<RepositoryFilePermission>(); perms.add( RepositoryFilePermission.ACL_MANAGEMENT ); if ( !hasAccess( file.getPath(), EnumSet.copyOf( perms ) ) ) { throw new UnifiedRepositoryAccessDeniedException( Messages.getInstance().getString( "DefaultUnifiedRepository.ERROR_0001_ACCESS_DENIED_UPDATE_ACL", acl.getId() ) ); } return repositoryFileAclDao.updateAcl( acl ); }
@Override public Void call() throws Exception { RepositoryFile aclNode = getAclNode( fileToAddAclFor ); if ( acl == null ) { if ( aclNode != null ) { unifiedRepository.deleteFile( aclNode.getId(), true, Messages.getInstance().getString( "AclNodeHelper.WARN_0001_REMOVE_ACL_NODE", aclNode.getPath() ) ); } // ignore if no ACL node is present. } else { if ( aclNode == null ) { // Create ACL Node with reference to given file. aclNode = createAclNode( fileToAddAclFor ); } // Update ACL on file. RepositoryFileAcl existing = unifiedRepository.getAcl( aclNode.getId() ); RepositoryFileAcl updated = new RepositoryFileAcl.Builder( existing ) .aces( acl.getAces() ) .build(); unifiedRepository.updateAcl( updated ); } return null; } } );