public final boolean equals(Object arg0) { if (arg0 == null) { return false; } if (!(arg0 instanceof Permission)) { return false; } Permission rhs = (Permission) arg0; return (this.mask == rhs.getMask()); }
public CumulativePermission set(Permission permission) { this.mask |= permission.getMask(); this.pattern = AclFormattingUtils.mergePatterns(this.pattern, permission.getPattern()); return this; }
public static String transformPermission(Permission p) { String permString = null; if (AclPermission.ADMINISTRATION.equals(p)) { permString = ADMINISTRATION; } else if (AclPermission.MANAGEMENT.equals(p)) { permString = MANAGEMENT; } else if (AclPermission.OPERATION.equals(p)) { permString = OPERATION; } else if (AclPermission.READ.equals(p)) { permString = READ; } else { permString = p.getPattern(); } return permString; }
@Bean public DefaultPermissionFactory permissionFactory() { Map<String, Permission> permissions = new HashMap<String, Permission>(); permissions.put(BasePermission.READ.getPattern(), BasePermission.READ); permissions.put(BasePermission.WRITE.getPattern(), BasePermission.WRITE); permissions.put(BasePermission.CREATE.getPattern(), BasePermission.CREATE); permissions.put(BasePermission.DELETE.getPattern(), BasePermission.DELETE); return new DefaultPermissionFactory(permissions); }
void setPermission(Permission perm) { this.permissionMask = perm.getMask(); this.perm = null; }
public CumulativePermission clear(Permission permission) { this.mask &= ~permission.getMask(); this.pattern = AclFormattingUtils.demergePatterns(this.pattern, permission.getPattern()); return this; }
protected void registerPermission(Permission perm, String permissionName) { Assert.notNull(perm, "Permission required"); Assert.hasText(permissionName, "Permission name required"); Integer mask = Integer.valueOf(perm.getMask()); // Ensure no existing Permission uses this integer or code Assert.isTrue(!registeredPermissionsByInteger.containsKey(mask), () -> "An existing Permission already provides mask " + mask); Assert.isTrue(!registeredPermissionsByName.containsKey(permissionName), () -> "An existing Permission already provides name '" + permissionName + "'"); // Register the new Permission registeredPermissionsByInteger.put(mask, perm); registeredPermissionsByName.put(permissionName, perm); }
public CumulativePermission set(Permission permission) { this.mask |= permission.getMask(); this.pattern = AclFormattingUtils.mergePatterns(this.pattern, permission.getPattern()); return this; }
public AceImpl(Sid sid, Permission perm) { this(new SidInfo(sid), perm == null ? 0 : perm.getMask()); }
public Builder remove(Permission permission) { this.mask &= ~permission.getMask(); this.pattern = AclFormattingUtils.demergePatterns(this.pattern, permission.getPattern()); return this; }
public void setValues(PreparedStatement stmt, int i) throws SQLException { AccessControlEntry entry_ = acl.getEntries().get(i); Assert.isTrue(entry_ instanceof AccessControlEntryImpl, "Unknown ACE class"); AccessControlEntryImpl entry = (AccessControlEntryImpl) entry_; stmt.setLong(1, ((Long) acl.getId()).longValue()); stmt.setInt(2, i); stmt.setLong(3, createOrRetrieveSidPrimaryKey(entry.getSid(), true) .longValue()); stmt.setInt(4, entry.getPermission().getMask()); stmt.setBoolean(5, entry.isGranting()); stmt.setBoolean(6, entry.isAuditSuccess()); stmt.setBoolean(7, entry.isAuditFailure()); } });
public static PermissionData from(Permission permission) { if(permission == null || permission instanceof PermissionData) { return (PermissionData) permission; } return new PermissionData(permission.getPattern(), permission.getMask()); }
public LegacyAceInfo(AccessControlEntry ace) { super(); this.sidInfo = new SidInfo(ace.getSid()); this.permissionMask = ace.getPermission().getMask(); }
public Builder add(Permission permission) { this.mask |= permission.getMask(); this.pattern = AclFormattingUtils.mergePatterns(this.pattern, permission.getPattern()); return this; }
@Test public void expectedIntegerValues() { assertThat(BasePermission.READ.getMask()).isEqualTo(1); assertThat(BasePermission.ADMINISTRATION.getMask()).isEqualTo(16); assertThat( new CumulativePermission().set(BasePermission.READ) .set(BasePermission.WRITE).set(BasePermission.CREATE).getMask()) .isEqualTo(7); assertThat( new CumulativePermission().set(BasePermission.READ) .set(BasePermission.ADMINISTRATION).getMask()) .isEqualTo(17); }
public CumulativePermission clear(Permission permission) { this.mask &= ~permission.getMask(); this.pattern = AclFormattingUtils.demergePatterns(this.pattern, permission.getPattern()); return this; }
private Map<String, Integer> getProjectPermission(String project) { Map<String, Integer> SidWithPermission = new HashMap<>(); String uuid = ProjectManager.getInstance(KylinConfig.getInstanceFromEnv()).getProject(project).getUuid(); AclEntity ae = getAclEntity(AclEntityType.PROJECT_INSTANCE, uuid); Acl acl = getAcl(ae); if (acl != null && acl.getEntries() != null) { List<AccessControlEntry> aces = acl.getEntries(); for (AccessControlEntry ace : aces) { Sid sid = ace.getSid(); if (sid instanceof PrincipalSid) { String principal = ((PrincipalSid) sid).getPrincipal(); SidWithPermission.put(principal, ace.getPermission().getMask()); } if (sid instanceof GrantedAuthoritySid) { String grantedAuthority = ((GrantedAuthoritySid) sid).getGrantedAuthority(); SidWithPermission.put(grantedAuthority, ace.getPermission().getMask()); } } } return SidWithPermission; }
@Test @Transactional public void cumulativePermissions() { Authentication auth = new TestingAuthenticationToken("ben", "ignored", "ROLE_ADMINISTRATOR"); auth.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(auth); ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(110)); MutableAcl topParent = jdbcMutableAclService.createAcl(topParentOid); // Add an ACE permission entry Permission cm = new CumulativePermission().set(BasePermission.READ).set( BasePermission.ADMINISTRATION); assertThat(cm.getMask()).isEqualTo(17); Sid benSid = new PrincipalSid(auth); topParent.insertAce(0, cm, benSid, true); assertThat(topParent.getEntries()).hasSize(1); // Explicitly save the changed ACL topParent = jdbcMutableAclService.updateAcl(topParent); // Check the mask was retrieved correctly assertThat(topParent.getEntries().get(0).getPermission().getMask()).isEqualTo(17); assertThat(topParent.isGranted(Arrays.asList(cm), Arrays.asList(benSid), true)).isTrue(); SecurityContextHolder.clearContext(); }
assertThat(parent.getEntries().get(0).getPermission().getMask()).isEqualTo(16); assertThat(parent.getEntries() .get(0).getSid()).isEqualTo(new GrantedAuthoritySid("ROLE_ADMINISTRATOR")); assertThat(parent.getEntries().get(1).getPermission().getMask()).isEqualTo(8); assertThat(parent.getEntries().get(1).getSid()).isEqualTo(new PrincipalSid("terry"));
/** * SEC-655 */ @Test @Transactional public void childrenAreClearedFromCacheWhenParentIsUpdated() throws Exception { Authentication auth = new TestingAuthenticationToken("ben", "ignored", "ROLE_ADMINISTRATOR"); auth.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(auth); ObjectIdentity parentOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(104)); ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(105)); MutableAcl parent = jdbcMutableAclService.createAcl(parentOid); MutableAcl child = jdbcMutableAclService.createAcl(childOid); child.setParent(parent); jdbcMutableAclService.updateAcl(child); parent = (AclImpl) jdbcMutableAclService.readAclById(parentOid); parent.insertAce(0, BasePermission.READ, new PrincipalSid("ben"), true); jdbcMutableAclService.updateAcl(parent); parent = (AclImpl) jdbcMutableAclService.readAclById(parentOid); parent.insertAce(1, BasePermission.READ, new PrincipalSid("scott"), true); jdbcMutableAclService.updateAcl(parent); child = (MutableAcl) jdbcMutableAclService.readAclById(childOid); parent = (MutableAcl) child.getParentAcl(); assertThat(parent.getEntries()).hasSize(2).withFailMessage("Fails because child has a stale reference to its parent"); assertThat(parent.getEntries().get(0).getPermission().getMask()).isEqualTo(1); assertThat(parent.getEntries().get(0).getSid()).isEqualTo(new PrincipalSid("ben")); assertThat(parent.getEntries().get(1).getPermission().getMask()).isEqualTo(1); assertThat(parent.getEntries().get(1).getSid()).isEqualTo(new PrincipalSid("scott")); }