public static ACL newACL(String name) { return new ACLImpl(name); }
@Override public ACL getMergedACLs(String name) { ACL mergedAcl = new ACLImpl(name, true); for (ACL acl : acls) { mergedAcl.addAll(acl); } return mergedAcl; }
@Override public ACL getOrCreateACL(String name) { ACL acl = getACL(name); if (acl == null) { acl = new ACLImpl(name); addACL(acl); } return acl; }
public void addAccessRule(String aclName, ACE ace) { ACL acl = getACL(aclName); if (acl == null) { acl = new ACLImpl(aclName); addACL(acl); } acl.add(ace); }
@Override public Object clone() { ACLImpl copy = new ACLImpl(name, isReadOnly); ACE[] aces = new ACE[size()]; for (int i = 0; i < size(); i++) { aces[i] = (ACE) get(i).clone(); } copy.setACEs(aces); return copy; }
@Override public void setRules(String aclName, UserEntry[] userEntries, boolean overwrite) { ACL acl = getACL(aclName); if (acl == null) { // create the loca ACL acl = new ACLImpl(aclName); addACL(acl); } else if (overwrite) { // :XXX: Should not overwrite entries not given as parameters here. acl.clear(); } for (UserEntry entry : userEntries) { String username = entry.getUserName(); for (String permission : entry.getGrantedPermissions()) { acl.add(new ACE(username, permission, true)); } for (String permission : entry.getDeniedPermissions()) { acl.add(new ACE(username, permission, false)); } } cache.clear(); }
/** * Gets default local ACL, i.e. when inheritance * is blocked. * * @return default local ACL */ public static ACL buildDefaultLocalACL(CoreSession session, DocumentModel document) { ACL acl = new ACLImpl(); String currentUser = session.getPrincipal().getName(); acl.add(new ACE(currentUser, SecurityConstants.EVERYTHING)); // acl.addAll(ACEsOperationHelper.getAdminEverythingACEs()); acl.addAll(getMasterOwnerACEs(session, document)); return acl; }
/** * ajout une ace sur un document * @param session * @param ref * @param ace * @throws ClientException */ public static void setACE(CoreSession session, DocumentRef ref,ACE ace) throws ClientException { ACPImpl acp = new ACPImpl(); ACLImpl acl = new ACLImpl(ACL.LOCAL_ACL); acp.addACL(acl); acl.add(ace); session.setACP(ref, acp, false); }
@Override protected DocumentModel initCreateUserWorkspacesRoot(CoreSession unrestrictedSession, DocumentModel doc) { ACP acp = new ACPImpl(); ACE denyEverything = new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { denyEverything }); acp.addACL(acl); doc.setACP(acp, true); return doc; }
protected void setACE(DocumentRef ref) { ACPImpl acp = new ACPImpl(); ACLImpl acl = new ACLImpl(aclName); acp.addACL(acl); ACE ace = new ACE(user, permission, grant); acl.add(ace); session.setACP(ref, acp, overwrite); }
protected static void setLocalAcl(CoreSession session, DocumentModel doc, String value) { ACPImpl acp = new ACPImpl(); ACLImpl acl = new ACLImpl(ACL.LOCAL_ACL); acp.addACL(acl); String[] entries = StringUtils.split(value, ',', true); if (entries.length == 0) { return; } for (String entry : entries) { String[] ace = StringUtils.split(entry, ':', true); acl.add(new ACE(ace[0], ace[1], Boolean.parseBoolean(ace[2]))); } session.setACP(doc.getRef(), acp, false); }
protected void setCommentPermissions(CoreSession session, DocumentModel documentModel) { ACP acp = new ACPImpl(); ACE grantRead = new ACE(SecurityConstants.EVERYONE, SecurityConstants.READ, true); ACE grantRemove = new ACE("members", SecurityConstants.REMOVE, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { grantRead, grantRemove }); acp.addACL(acl); session.setACP(documentModel.getRef(), acp, true); }
protected void setFoldersACL(DocumentModel doc, String userName) throws ClientException { ACP acp = new ACPImpl(); ACE grantMembersRead = new ACE(SecurityConstants.EVERYONE, SecurityConstants.READ, true); ACE grantEverything = new ACE(userName, SecurityConstants.EVERYTHING, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { grantMembersRead, grantEverything }); acp.addACL(acl); doc.setACP(acp, true); } }
protected void setFolderPermissions(CoreSession session, DocumentModel documentModel) { ACP acp = new ACPImpl(); ACE grantAddChildren = new ACE("members", SecurityConstants.ADD_CHILDREN, true); ACE grantRemoveChildren = new ACE("members", SecurityConstants.REMOVE_CHILDREN, true); ACE grantRemove = new ACE("members", SecurityConstants.REMOVE, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { grantAddChildren, grantRemoveChildren, grantRemove }); acp.addACL(acl); session.setACP(documentModel.getRef(), acp, true); }
/** * @since 10.3 */ protected DocumentModel initCreateFavorites(CoreSession session, DocumentModel favorites) { ACP acp = new ACPImpl(); ACE denyEverything = new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false); ACE allowEverything = new ACE(session.getPrincipal().getName(), SecurityConstants.EVERYTHING, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { allowEverything, denyEverything }); acp.addACL(acl); favorites.setACP(acp, true); return favorites; }
/** * @since 10.3 */ protected DocumentModel initDefaultCollectionsRoot(final CoreSession session, DocumentModel collectionsRoot) { ACP acp = new ACPImpl(); ACE denyEverything = new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false); ACE allowEverything = new ACE(session.getPrincipal().getName(), SecurityConstants.EVERYTHING, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { allowEverything, denyEverything }); acp.addACL(acl); collectionsRoot.setACP(acp, true); return collectionsRoot; }
@Override public void run() { for (DocumentModel doc : docs) { ACP acp = doc.getACP(); acp.removeACL(aclName); ACL acl = new ACLImpl(aclName); for (String actorId : actorIds) { acl.add(ACE.builder(actorId, permission).creator(ACTOR_ACE_CREATOR).build()); } acp.addACL(0, acl); // add first to get before blocks doc.setACP(acp, true); session.saveDocument(doc); } }
protected static DocumentModel createUserWorkspaceDomain( CoreSession unrestrictedSession, String domainName) throws ClientException { DocumentModel doc = unrestrictedSession.createDocumentModel("/",domainName, "Domain"); doc.setProperty("dublincore", "title", domainName); doc.setProperty("dublincore", "description", ""); doc = unrestrictedSession.createDocument(doc); ACP acp = new ACPImpl(); ACE denyEverything = new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { denyEverything }); acp.addACL(acl); doc.setACP(acp, true); return doc; }
@Override public void populate(CoreSession session) { super.populate(session); DocumentModel test = session.getDocument(new PathRef(ROOT)); ACP acp = new ACPImpl(); ACL acl = new ACLImpl(); acl.add(new ACE("Administrator", "Everything", true)); acl.add(new ACE(USERNAME, "WriteProperties", true)); acl.add(new ACE(USERNAME, "Read", true)); acp.addACL(acl); test.setACP(acp, false); createChildren(session, test, SIZE); }
@Override public void run() { DocumentModel root = session.createDocumentModel(Root_PATH, Root_NAME, "Folder"); root.setProperty("dublincore", "title", Root_NAME); root = session.createDocument(root); ACL acl = new ACLImpl(); acl.add(new ACE(Write_Grp, "Write", true)); acl.add(new ACE(Read_Grp, "Read", true)); ACP acp = root.getACP(); acp.addACL(acl); session.setACP(root.getRef(), acp, true); rootRef = root.getRef(); // flush caches session.save(); }