/** * Returns a Map containing all contributed permissions and their associated labels. * * @since 8.1 */ public Map<String, String> getPermissionsToLabels() { PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class); String[] permissions = permissionProvider.getPermissions(); Map<String, String> permissionsToLabels = new HashMap<>(); for (String permission : permissions) { permissionsToLabels.put(permission, getLabel(permission)); } return permissionsToLabels; }
@Override public List<String> getAvailableSecurityPermissions() { // XXX: add security check? return Arrays.asList(getSecurityService().getPermissionProvider().getPermissions()); }
private Collection<String> getPermissionsInSession(DocumentModel doc, CoreSession session) { PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class); return session.filterGrantedPermissions(session.getPrincipal(), doc.getRef(), Arrays.asList(permissionProvider.getPermissions())); }
@Override protected void writeEntityBody(Annotation entity, JsonGenerator jg) throws IOException { writeCommentEntity(entity, jg); jg.writeStringField(ANNOTATION_XPATH, entity.getXpath()); // Write permissions of current user on the annotation, // which are the ones granted on the annotated document CoreSession session = ctx.getSession(null).getSession(); NuxeoPrincipal principal = session.getPrincipal(); PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class); Collection<String> permissions = CoreInstance.doPrivileged(session, s -> { return s.filterGrantedPermissions(principal, new IdRef(entity.getParentId()), Arrays.asList(permissionProvider.getPermissions())); }); jg.writeArrayFieldStart(ANNOTATION_PERMISSIONS); for (String permission : permissions) { jg.writeString(permission); } jg.writeEndArray(); } }
@Override protected void writeEntityBody(Comment entity, JsonGenerator jg) throws IOException { writeCommentEntity(entity, jg); CoreSession session = ctx.getSession(null).getSession(); NuxeoPrincipal principal = session.getPrincipal(); PermissionProvider permissionProvider = Framework.getService(PermissionProvider.class); // Write permissions of current user on the annotation, // which are the ones granted on the commented document Collection<String> permissions = CoreInstance.doPrivileged(session, s -> { if (entity.getId() == null) { return Collections.emptyList(); } DocumentRef ancestorRef = new IdRef( (String) commentManager.getThreadForComment(s.getDocument(new IdRef(entity.getId()))) .getPropertyValue(COMMENT_PARENT_ID)); return s.filterGrantedPermissions(principal, ancestorRef, Arrays.asList(permissionProvider.getPermissions())); }); jg.writeArrayFieldStart(COMMENT_PERMISSIONS); for (String permission : permissions) { jg.writeString(permission); } jg.writeEndArray(); boolean includeRepliesSummary = ctx.getFetched(COMMENT_ENTITY_TYPE).contains(FETCH_REPLIES_SUMMARY); if (includeRepliesSummary) { writeRepliesSummary(session, entity, jg); } }