@Override public ACPImpl clone() { ACPImpl copy = new ACPImpl(); for (ACL acl : acls) { copy.acls.add((ACL) acl.clone()); } return copy; }
@Override public void run() { ACP acp = new ACPImpl(); session.setACP(docRef, acp, true); }
protected void unblockPermissionInheritance(DocumentModel doc) { ACP acp = doc.getACP() != null ? doc.getACP() : new ACPImpl(); boolean permissionChanged = acp.unblockInheritance(aclName); if (permissionChanged) { doc.setACP(acp, true); } } }
/** * ajout une ace sur un document * @param session * @param ref * @param ace * @throws ClientException */ public static void setACE(CoreSession session, DocumentRef ref,ACE ace) throws ClientException { ACPImpl acp = new ACPImpl(); ACLImpl acl = new ACLImpl(ACL.LOCAL_ACL); acp.addACL(acl); acl.add(ace); session.setACP(ref, acp, false); }
/** * ajout une ace sur un document * * @param session * @param ref * @param ace * @throws NuxeoException */ public static void setACE(CoreSession session, DocumentRef ref, ACE ace) throws NuxeoException { ACPImpl acp = new ACPImpl(); ACLImpl acl = new ACLImpl(ACL.LOCAL_ACL); acp.addACL(acl); acl.add(ace); session.setACP(ref, acp, false); }
@Override protected DocumentModel initCreateUserWorkspace(CoreSession unrestrictedSession, DocumentModel doc, String username) { ACP acp = new ACPImpl(); ACE grantEverything = new ACE(username, SecurityConstants.EVERYTHING, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { grantEverything }); acp.addACL(acl); doc.setACP(acp, true); Map<String, Serializable> properties = new HashMap<>(); properties.put("username", username); notifyEvent(unrestrictedSession, doc, unrestrictedSession.getPrincipal(), DocumentEventTypes.USER_WORKSPACE_CREATED, properties); return doc; }
@Override protected DocumentModel initCreateUserWorkspacesRoot(CoreSession unrestrictedSession, DocumentModel doc) { ACP acp = new ACPImpl(); ACE denyEverything = new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { denyEverything }); acp.addACL(acl); doc.setACP(acp, true); return doc; }
protected void setACE(DocumentRef ref) { ACPImpl acp = new ACPImpl(); ACLImpl acl = new ACLImpl(aclName); acp.addACL(acl); ACE ace = new ACE(user, permission, grant); acl.add(ace); session.setACP(ref, acp, overwrite); }
protected void blockPermissionInheritance(DocumentModel doc) { ACP acp = doc.getACP() != null ? doc.getACP() : new ACPImpl(); String username = session.getPrincipal().getName(); boolean permissionChanged = acp.blockInheritance(aclName, username); if (permissionChanged) { doc.setACP(acp, true); } } }
protected static void setLocalAcl(CoreSession session, DocumentModel doc, String value) { ACPImpl acp = new ACPImpl(); ACLImpl acl = new ACLImpl(ACL.LOCAL_ACL); acp.addACL(acl); String[] entries = StringUtils.split(value, ',', true); if (entries.length == 0) { return; } for (String entry : entries) { String[] ace = StringUtils.split(entry, ':', true); acl.add(new ACE(ace[0], ace[1], Boolean.parseBoolean(ace[2]))); } session.setACP(doc.getRef(), acp, false); }
@Override public void applyDefaultPermissions(String userOrGroupName) { if (userOrGroupName == null) { throw new NullPointerException("null userOrGroupName"); } if (!isAdministrator()) { throw new DocumentSecurityException("You need to be an Administrator to do this."); } DocumentModel rootDocument = getRootDocument(); ACP acp = new ACPImpl(); UserEntry userEntry = new UserEntryImpl(userOrGroupName); userEntry.addPrivilege(READ); acp.setRules(new UserEntry[] { userEntry }); setACP(rootDocument.getRef(), acp, false); }
protected void setFoldersACL(DocumentModel doc, String userName) throws ClientException { ACP acp = new ACPImpl(); ACE grantMembersRead = new ACE(SecurityConstants.EVERYONE, SecurityConstants.READ, true); ACE grantEverything = new ACE(userName, SecurityConstants.EVERYTHING, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { grantMembersRead, grantEverything }); acp.addACL(acl); doc.setACP(acp, true); } }
protected void setCommentPermissions(CoreSession session, DocumentModel documentModel) { ACP acp = new ACPImpl(); ACE grantRead = new ACE(SecurityConstants.EVERYONE, SecurityConstants.READ, true); ACE grantRemove = new ACE("members", SecurityConstants.REMOVE, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { grantRead, grantRemove }); acp.addACL(acl); session.setACP(documentModel.getRef(), acp, true); }
protected void setFoldersACL( DocumentModel doc, String userName) throws ClientException { // UserService userService = Framework.getService(UserService.class); // String defaultGroup = userService.getUserManager().getDefaultGroup(); ACP acp = new ACPImpl(); // ACE grantMembersRead = new ACE(defaultGroup, SecurityConstants.READ, // true); ACE grantMembersRead = new ACE(SecurityConstants.MEMBERS, SecurityConstants.READ, true); ACE grantEverything = new ACE(userName, SecurityConstants.EVERYTHING, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { grantMembersRead, grantEverything }); acp.addACL(acl); doc.setACP(acp, true); } }
/** * @since 10.3 */ protected DocumentModel initCreateFavorites(CoreSession session, DocumentModel favorites) { ACP acp = new ACPImpl(); ACE denyEverything = new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false); ACE allowEverything = new ACE(session.getPrincipal().getName(), SecurityConstants.EVERYTHING, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { allowEverything, denyEverything }); acp.addACL(acl); favorites.setACP(acp, true); return favorites; }
protected void setFolderPermissions(CoreSession session, DocumentModel documentModel) { ACP acp = new ACPImpl(); ACE grantAddChildren = new ACE("members", SecurityConstants.ADD_CHILDREN, true); ACE grantRemoveChildren = new ACE("members", SecurityConstants.REMOVE_CHILDREN, true); ACE grantRemove = new ACE("members", SecurityConstants.REMOVE, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { grantAddChildren, grantRemoveChildren, grantRemove }); acp.addACL(acl); session.setACP(documentModel.getRef(), acp, true); }
/** * @since 10.3 */ protected DocumentModel initDefaultCollectionsRoot(final CoreSession session, DocumentModel collectionsRoot) { ACP acp = new ACPImpl(); ACE denyEverything = new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false); ACE allowEverything = new ACE(session.getPrincipal().getName(), SecurityConstants.EVERYTHING, true); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { allowEverything, denyEverything }); acp.addACL(acl); collectionsRoot.setACP(acp, true); return collectionsRoot; }
@Override public void run() { DocumentModel doc = session.getDocument(ref); ACP acp = new ACPImpl(); // add new ACL to set READ permission to everyone ACL routingACL = acp.getOrCreateACL(DocumentRoutingConstants.DOCUMENT_ROUTING_ACL); routingACL.add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.READ, true)); // block rights inheritance ACL localACL = acp.getOrCreateACL(ACL.LOCAL_ACL); localACL.add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false)); doc.setACP(acp, true); session.saveDocument(doc); } }
protected static DocumentModel createUserWorkspaceDomain( CoreSession unrestrictedSession, String domainName) throws ClientException { DocumentModel doc = unrestrictedSession.createDocumentModel("/",domainName, "Domain"); doc.setProperty("dublincore", "title", domainName); doc.setProperty("dublincore", "description", ""); doc = unrestrictedSession.createDocument(doc); ACP acp = new ACPImpl(); ACE denyEverything = new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false); ACL acl = new ACLImpl(); acl.setACEs(new ACE[] { denyEverything }); acp.addACL(acl); doc.setACP(acp, true); return doc; }
@Override public void populate(CoreSession session) { super.populate(session); DocumentModel test = session.getDocument(new PathRef(ROOT)); ACP acp = new ACPImpl(); ACL acl = new ACLImpl(); acl.add(new ACE("Administrator", "Everything", true)); acl.add(new ACE(USERNAME, "WriteProperties", true)); acl.add(new ACE(USERNAME, "Read", true)); acp.addACL(acl); test.setACP(acp, false); createChildren(session, test, SIZE); }