@Override public boolean enableAll(Principal principal) { return enableOnly(principal, getAvailableActions().stream() .flatMap(avail -> avail.stream()) .collect(Collectors.toSet())); }
@Override public boolean enableOnly(Principal principal, AllowedActions actions) { return enableOnly(principal, actions.getAvailableActions().stream() .flatMap(avail -> avail.stream()) .collect(Collectors.toSet())); }
@Override public boolean disable(Principal principal, AllowedActions actions) { return disable(principal, actions.getAvailableActions().stream() .flatMap(avail -> avail.stream()) .collect(Collectors.toSet())); }
@Override public boolean disableAll(Principal principal) { return disable(principal, getAvailableActions().stream() .flatMap(avail -> avail.stream()) .collect(Collectors.toSet())); }
protected Set<Action> getEnabledActions(Principal principal) { return getAvailableActions().stream() .flatMap(avail -> avail.stream()) .filter(action -> JcrAccessControlUtil.hasAnyPermission(((JcrAllowableAction) action).getNode(), principal, Privilege.JCR_READ, Privilege.JCR_ALL)) .collect(Collectors.toSet()); }
@Override public boolean enableOnly(Principal principal, Set<Action> actions) { final AtomicBoolean result = new AtomicBoolean(false); getAvailableActions().stream().forEach(available -> { available.stream().forEach(child -> { if (actions.contains(child)) { result.set(togglePermission(child, principal, true) || result.get()); } else { togglePermission(child, principal, false); } }); }); return result.get(); }
/** * A convenience method for enabling only the permissions granted by the role memberships among the passed in set * of which the given principal is a member. The supplied allowedActions must be compatible with the kinds of actions * that the RoleMemberships control. * * @param principal the principal involved * @param allMemberships a stream of all potential role memberships that may be involved in enabling permissions for this principal * @param allowed the allowed actions that should be updated to allow the new permissions */ public static void enableOnly(Principal principal, Stream<RoleMembership> allMemberships, AllowedActions allowed) { // Get a union of all actions allowed by all role memberships containing the principal as a member. Set<Action> actions = allMemberships .filter(membership -> membership.getMembers().contains(principal)) .map(membership -> membership.getRole()) .flatMap(role -> role.getAllowedActions().getAvailableActions().stream()) .flatMap(avail -> avail.stream()) .collect(Collectors.toSet()); // Update the given allowed actions to enable only the derived set of permitted actions based // on the current set of role memberships of the principal. allowed.enableOnly(principal, actions); }