private Permissions getPermissions(String id) throws IResourceStore.ResourceStoreException, IResourceStore.ResourceNotFoundException { Permissions permissions = permissionStore.readPermissions(id); if (!RuntimeUtilities.isNullOrEmpty(ThreadContext.getSubject())) { PermissionUtilities.keepOwnPermissionsOnly(userStore, groupStore, permissions); } return permissions; }
public static void keepOwnPermissionsOnly(IUserStore userstore, IGroupStore groupStore, Permissions permissions) throws IResourceStore.ResourceStoreException, IResourceStore.ResourceNotFoundException { Subject subject = ThreadContext.getSubject(); if (subject != null) { String username = SecurityUtilities.getPrincipal(subject).getName(); URI currentUser = URI.create(IRestUserStore.resourceURI + userstore.searchUser(username)); AuthorizedSubjects authorizedSubjects; for (IAuthorization.Type type : IAuthorization.Type.values()) { authorizedSubjects = permissions.getPermissions().get(type); if (authorizedSubjects != null) { List<AuthorizedUser> authorizedUsers = PermissionUtilities.mergeAuthorizedSubjects(groupStore, authorizedSubjects); authorizedSubjects.getUsers().clear(); authorizedSubjects.getUsers().addAll(authorizedUsers); PermissionUtilities.filterAuthorizedSubjectsByUser(currentUser, authorizedSubjects.getUsers()); if ((authorizedSubjects.getUsers() == null || authorizedSubjects.getUsers().isEmpty()) && (authorizedSubjects.getGroups() == null || authorizedSubjects.getGroups().isEmpty())) { permissions.getPermissions().remove(type); } } } } }
@Override public Permissions readFilteredPermissions(String resourceId) throws IResourceStore.ResourceStoreException, IResourceStore.ResourceNotFoundException { Permissions permissions = readPermissions(resourceId); Principal principal = SecurityUtilities.getPrincipal(ThreadContext.getSubject()); URI userURI = UserUtilities.getUserURI(userStore, principal); if (!isUserAdministrator(permissions, userURI)) { PermissionUtilities.keepOwnPermissionsOnly(userStore, groupStore, permissions); } return permissions; }
permissionStore.createPermissions(respondedResourceId.getId(), PermissionUtilities.createDefaultPermissions(respondedResourceURI)); } else { Principal userPrincipal = SecurityUtilities.getPrincipal(ThreadContext.getSubject()); URI userURI = UserUtilities.getUserURI(userStore, userPrincipal); if (methodName.equals(METHOD_NAME_START_CONVERSATION)) {
URI createdResourceURI = URI.create(resourceLocationUri); IResourceStore.IResourceId resourceId = RestUtilities.extractResourceId(createdResourceURI); Principal userPrincipal = SecurityUtilities.getPrincipal(ThreadContext.getSubject()); URI userURI = UserUtilities.getUserURI(userStore, userPrincipal); ResourceDescriptor resourceDescriptor = (ResourceDescriptor) descriptorStore.readDescriptor(resourceId.getId(), resourceId.getVersion() - 1); resourceDescriptor.setLastModifiedOn(new Date(System.currentTimeMillis())); resourceDescriptor.setLastModifiedBy(UserUtilities.getUserURI(userStore, SecurityUtilities.getPrincipal(ThreadContext.getSubject()))); resourceDescriptor.setResource(createNewVersionOfResource(resourceDescriptor.getResource(), resourceId.getVersion())); descriptorStore.updateDescriptor(resourceId.getId(), resourceId.getVersion() - 1, resourceDescriptor);