@Override public boolean canAccess(String workspaceName) throws RepositoryException { boolean ret = super.canAccess(workspaceName); log.debug("canAccess({})?{}", workspaceName, ret); if (amctx == null || amctx.getSubject() == null || amctx.getSubject().getPrincipals().size() == 0) { log.warn("not logged in for {}, granting ws level access to everyone", workspaceName); } //TODO: check real perms here .. or rely on super ... double check return ret; }
@Override public void init(final AMContext amContext) throws AccessDeniedException, Exception { super.init(amContext); this.amctx = amContext; // can get our user from here as we put it in the list of principals final String user = this.amctx.getSubject().getPrincipals().iterator().next().getName(); log.debug("{}:init({})", user, amContext); }
@Override public boolean canRead(Path itemPath, ItemId itemId) throws RepositoryException { boolean res = super.canRead(itemPath, itemId); boolean ourRes = ami.isGranted(null, Permission.READ); log.debug("can {} read({}:{},{})?{} or {}", printUserNames(amctx.getSubject().getPrincipals()), amctx.getWorkspaceName(), itemPath, itemId, res, ourRes); //TODO: check real perms here .. or rely on super ... double check return res; }
/** * {@inheritDoc} */ public void init(AMContext context, AccessControlProvider acProvider, WorkspaceAccessManager wspAccessManager) throws AccessDeniedException, Exception { if (initialized) { throw new IllegalStateException("already initialized"); } subject = context.getSubject(); hierMgr = context.getHierarchyManager(); resolver = context.getNamePathResolver(); privilegeManager = ((JackrabbitWorkspace) context.getSession().getWorkspace()).getPrivilegeManager(); wspAccessMgr = wspAccessManager; anonymous = !subject.getPrincipals(AnonymousPrincipal.class).isEmpty(); system = !subject.getPrincipals(SystemPrincipal.class).isEmpty(); // @todo check permission to access given workspace based on principals initialized = true; if (!canAccess(context.getWorkspaceName())) { throw new AccessDeniedException("Not allowed to access Workspace " + context.getWorkspaceName()); } }
/** * {@inheritDoc} */ public void init(AMContext context, AccessControlProvider acProvider, WorkspaceAccessManager wspAccessManager) throws AccessDeniedException, Exception { if (initialized) { throw new IllegalStateException("already initialized"); } subject = context.getSubject(); hierMgr = context.getHierarchyManager(); resolver = context.getNamePathResolver(); privilegeManager = ((JackrabbitWorkspace) context.getSession().getWorkspace()).getPrivilegeManager(); wspAccessMgr = wspAccessManager; anonymous = !subject.getPrincipals(AnonymousPrincipal.class).isEmpty(); system = !subject.getPrincipals(SystemPrincipal.class).isEmpty(); // @todo check permission to access given workspace based on principals initialized = true; if (!canAccess(context.getWorkspaceName())) { throw new AccessDeniedException("Not allowed to access Workspace " + context.getWorkspaceName()); } }
throw new IllegalStateException("already initialized"); subject = context.getSubject(); npRes = context.getNamePathResolver();
public void init(AMContext context, AccessControlProvider acProvider, WorkspaceAccessManager wspAccessMgr) throws AccessDeniedException, Exception { accessManagerFactoryTracker = Activator.getAccessManagerFactoryTracker(); accessManagerFactory = getAccessManagerFactory(); if (accessManagerFactory != null) { this.accessManagerPlugin = accessManagerFactory.getAccessManager(); } this.sanityCheck(); super.init(context, acProvider, wspAccessMgr); this.namePathResolver = context.getNamePathResolver(); if (this.accessManagerPlugin != null) { this.accessManagerPlugin.init(context.getSubject(), context.getSession()); } this.session = context.getSession(); this.subject = context.getSubject(); hierMgr = context.getHierarchyManager(); }
hierMgr = amContext.getHierarchyManager(); Subject subject = amContext.getSubject(); if (subject == null) { principals = Collections.emptySet();
hierMgr = amContext.getHierarchyManager(); Subject subject = amContext.getSubject(); if (subject == null) { principals = Collections.emptySet();