EnumSet<RepositoryFilePermission> permissions = ace.getPermissions(); EnumSet<RepositoryFilePermission> permissionSet = EnumSet.noneOf( RepositoryFilePermission.class ); RepositoryFileSid aceSid = ace.getSid(); ObjectRecipient recipient = new RepositoryObjectRecipient( aceSid.getName() ); if ( aceSid.getType().equals( RepositoryFileSid.Type.USER ) ) {
if ( fileAce != null && fileAce.getSid() != null && fileAce.getPermissions() != null ) { for ( RepositoryFilePermission filePermission : fileAce.getPermissions() ) { if ( RepositoryFileSid.Type.USER == fileAce.getSid().getType() ) { fileAcl.setRecipient( fileAce.getSid().getName() ); } else { fileAcl.setRecipient( new SimpleGrantedAuthority( fileAce.getSid().getName() ) );
public static RepositoryFileAclAceDto toAceDto( RepositoryFileAce v ) { RepositoryFileAclAceDto aceDto = new RepositoryFileAclAceDto(); RepositoryFileSid sid = v.getSid(); aceDto.setRecipient( sid.getName() ); aceDto.setRecipientType( sid.getType().ordinal() ); aceDto.setPermissions( toIntPerms( v.getPermissions() ) ); return aceDto; }
for ( RepositoryFileAce ace : acl.getAces() ) { Principal principal = null; if ( RepositoryFileSid.Type.ROLE == ace.getSid().getType() ) { principal = new SpringSecurityRolePrincipal( JcrTenantUtils.getTenantedRole( ace.getSid().getName() ) ); } else { principal = new SpringSecurityUserPrincipal( JcrTenantUtils.getTenantedUser( ace.getSid().getName() ) );
for ( RepositoryFileAce ace : acl.getAces() ) { Principal principal = null; if ( RepositoryFileSid.Type.ROLE == ace.getSid().getType() ) { String principalName = JcrTenantUtils.getRoleNameUtils().getPrincipleName( ace.getSid().getName() ); if ( tenantAdminAuthorityName.equals( principalName ) ) { adminPrincipalExist = true; principal = new SpringSecurityRolePrincipal( JcrTenantUtils.getTenantedRole( ace.getSid().getName() ) ); } else { principal = new SpringSecurityUserPrincipal( JcrTenantUtils.getTenantedUser( ace.getSid().getName() ) ); principalTenant = JcrTenantUtils.getRoleNameUtils().getTenant( acl.getAces().get( 0 ).getSid().getName() );
private boolean hasAccess( final Serializable fileId, final EnumSet<RepositoryFilePermission> permissions ) { String username = currentUserProvider.getUser(); List<String> roles = currentUserProvider.getRoles(); RepositoryFileAcl acl = idManager.getFileById( fileId ).getAcl(); if ( acl.getOwner().getType() == USER && acl.getOwner().getName().equals( username ) ) { return true; // owner can do anything } List<RepositoryFileAce> aces = internalGetEffectiveAces( fileId ); for ( RepositoryFileAce ace : aces ) { if ( ace.getSid().equals( everyone() ) && ace.getPermissions().containsAll( permissions ) ) { return true; // match special everyone role } else if ( ace.getSid().getType() == USER && ace.getSid().getName().equals( username ) && ace.getPermissions().containsAll( permissions ) ) { return true; // match on user } for ( String role : roles ) { if ( ace.getSid().getType() == ROLE && ace.getSid().getName().equals( role ) && ace.getPermissions().containsAll( permissions ) ) { return true; // match on role } } } return false; }
assertTrue( !acl.isEntriesInheriting() ); assertTrue( acl.getAces().size() == 1 ); assertTrue( "Authenticated".equals( acl.getAces().get( 0 ).getSid().getName().toString() ) ); assertTrue( RepositoryFileSid.Type.ROLE.equals( acl.getAces().get( 0 ).getSid().getType() ) ); assertTrue( acl.getAces().get( 0 ).getPermissions().size() == 1 ); assertTrue( acl.getAces().get( 0 ).getPermissions().contains( RepositoryFilePermission.ALL ) );