@Override protected boolean isAdminAction(Action action) { return action.implies(DatasourceAccessControl.CHANGE_PERMS); } }
@Override public boolean enableOnly(Principal principal, AllowedActions actions) { return enableOnly(principal, actions.getAvailableActions().stream() .flatMap(avail -> avail.stream()) .collect(Collectors.toSet())); }
@Override public void checkPermission(String moduleName, Set<Action> actions) { this.metadata.read(() -> { return this.actionsProvider.getAllowedActions(moduleName) .map((allowed) -> { allowed.checkPermission(actions); return moduleName; }) .<AccessControlException>orElseThrow(() -> new AccessControlException("No actions are defined for the module named: " + moduleName)); }); }
@Override public ActionsTreeBuilder<P> action(Action action) { Node currentNode = this.actionsNode; for (Action current : action.getHierarchy()) { currentNode = JcrUtil.getOrCreateNode(currentNode, current.getSystemName(), JcrAllowableAction.NODE_TYPE); } return new JcrActionBuilder<>(currentNode, this) .title(action.getTitle()) .description(action.getDescription()) .add(); }
@Override public void checkPermission(Set<Action> actions) { for (Action action : actions) { Node current = getNode(); for (Action parent : action.getHierarchy()) { if (!JcrUtil.hasNode(current, parent.getSystemName())) { throw new AccessControlException("Not authorized to perform the action: " + action.getTitle()); } current = JcrUtil.getNode(current, parent.getSystemName()); } } }
@Override public void deleteUser(@Nonnull final User user) { this.actionsProvider.getAllowedActions(AccessController.SERVICES).ifPresent(allowed -> allowed.disableAll(user.getPrincipal())); this.membershipProvider.findAll().forEach(membership -> membership.removeMember(user.getPrincipal())); delete(user); }
private Optional<Node> findActionNode(Action action) { Node current = getNode(); for (Action pathAction : action.getHierarchy()) { if (JcrUtil.hasNode(current, pathAction.getSystemName())) { current = JcrUtil.getNode(current, pathAction.getSystemName()); } else { return Optional.empty(); } } return Optional.of(current); } }
@Override public void checkPermission(String moduleName, Action action) { getAllowedActions(moduleName) .map((allowed) -> { allowed.checkPermission(action); return null; }) .orElseThrow(() -> new AccessControlException("No actions are defined for a madule named: " + moduleName)); }
@Override public ActionBuilder<ActionBuilder<P>> subAction(Action action) { return subAction(action.getSystemName()); }
@Override public boolean enableAll(Principal principal) { return enableOnly(principal, getAvailableActions().stream() .flatMap(avail -> avail.stream()) .collect(Collectors.toSet())); }
@Override public boolean disable(Principal principal, AllowedActions actions) { return disable(principal, actions.getAvailableActions().stream() .flatMap(avail -> avail.stream()) .collect(Collectors.toSet())); }
@Override public void deleteGroup(@Nonnull final UserGroup group) { this.actionsProvider.getAllowedActions(AccessController.SERVICES).ifPresent(allowed -> allowed.disableAll(group.getPrincipal())); this.membershipProvider.findAll().forEach(membership -> membership.removeMember(group.getPrincipal())); delete(group); }
@Override protected boolean isAdminAction(Action action) { return action.implies(CategoryAccessControl.CHANGE_PERMS); } }
@Override public Category update(Category category) { if (accessController.isEntityAccessControlled()) { category.getAllowedActions().checkPermission(CategoryAccessControl.EDIT_DETAILS); } return super.update(category); }
@Override protected boolean isAdminAction(Action action) { return action.implies(TemplateAccessControl.CHANGE_PERMS); } }
@Override public void deleteProject(Project domain) { if (accessController.isEntityAccessControlled()) { domain.getAllowedActions().checkPermission(ProjectAccessControl.DELETE_PROJECT); } super.delete(domain); }
@Override protected boolean isAdminAction(Action action) { return action.implies(ConnectorAccessControl.CHANGE_PERMS); }
@Override protected boolean isAdminAction(Action action) { return action.implies(FeedAccessControl.CHANGE_PERMS); }
@Override protected boolean isAdminAction(Action action) { return action.implies(DatasourceAccessControl.CHANGE_PERMS); }
@Override protected boolean isAdminAction(Action action) { return action.implies(ProjectAccessControl.CHANGE_PERMS); }