@Override public void setEntriesInheriting(boolean entriesInheriting) { aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL); this.entriesInheriting = entriesInheriting; }
/** * Registers the <tt>Permission</tt> fields from the <tt>BasePermission</tt> class. */ public DefaultPermissionFactory() { registerPublicPermissions(BasePermission.class); }
public Sid getSid(String sid, boolean isPrincepal) { if (isPrincepal) { return new PrincipalSid(sid); } else { return new GrantedAuthoritySid(sid); } }
@Test(expected = NotFoundException.class) public void insertAceFailsForNonExistentElement() throws Exception { MutableAcl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe")); MockAclService service = new MockAclService(); // Insert one permission acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST1"), true); service.updateAcl(acl); acl.insertAce(55, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST2"), true); }
@Before public void setup() { myCache = new EhCacheBasedAclCache(cache, new DefaultPermissionGrantingStrategy( new ConsoleAuditLogger()), new AclAuthorizationStrategyImpl( new SimpleGrantedAuthority("ROLE_USER"))); ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100)); AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority( "ROLE_AUDITING"), new SimpleGrantedAuthority("ROLE_GENERAL")); acl = new AclImpl(identity, Long.valueOf(1), aclAuthorizationStrategy, new ConsoleAuditLogger()); }
private static String getName(Sid sid) { if (sid instanceof PrincipalSid) { return ((PrincipalSid) sid).getPrincipal(); } else { return ((GrantedAuthoritySid) sid).getGrantedAuthority(); } }
@SuppressWarnings("deprecation") @Test(expected = IllegalArgumentException.class) public void constructorsRejectNullAclAuthzStrategy() throws Exception { try { new AclImpl(objectIdentity, 1, null, new DefaultPermissionGrantingStrategy( mockAuditLogger), null, null, true, new PrincipalSid("joe")); fail("It should have thrown IllegalArgumentException"); } catch (IllegalArgumentException expected) { } new AclImpl(objectIdentity, 1, null, mockAuditLogger); }
@Test(expected = NotFoundException.class) public void deleteAceRaisesNotFoundExceptionForIndexLessThanZero() throws Exception { AclImpl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe")); acl.deleteAce(-1); }
@Test(expected = IllegalArgumentException.class) public void constructorRejectsNullParameters() throws Exception { new EhCacheBasedAclCache(null, new DefaultPermissionGrantingStrategy( new ConsoleAuditLogger()), new AclAuthorizationStrategyImpl( new SimpleGrantedAuthority("ROLE_USER"))); }
@Override public void updateAuditing(int aceIndex, boolean auditSuccess, boolean auditFailure) { aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_AUDITING); verifyAceIndexExists(aceIndex); synchronized (aces) { AccessControlEntryImpl ace = (AccessControlEntryImpl) aces.get(aceIndex); ace.setAuditSuccess(auditSuccess); ace.setAuditFailure(auditFailure); } }
/** * Creates a principal-like sid from the authentication information. * * @param authentication the authentication information that can provide principal and * thus the sid's id will be dependant on the value inside * @return a sid with the ID taken from the authentication information */ protected Sid createCurrentUser(Authentication authentication) { return new PrincipalSid(authentication); }
@Override public void updateAce(int aceIndex, Permission permission) throws NotFoundException { aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL); verifyAceIndexExists(aceIndex); synchronized (aces) { AccessControlEntryImpl ace = (AccessControlEntryImpl) aces.get(aceIndex); ace.setPermission(permission); } }
public ObjectIdentity createObjectIdentity(Serializable id, String type) { return new ObjectIdentityImpl(type, id); } }
@Override public void deleteAce(int aceIndex) throws NotFoundException { aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL); verifyAceIndexExists(aceIndex); synchronized (aces) { this.aces.remove(aceIndex); } }
@Test public void securityCheckWhenCustomAuthorityThenNameIsUsed() { strategy = new AclAuthorizationStrategyImpl(new CustomAuthority()); strategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_GENERAL); }
/** * Constructor accepting mandatory arguments * * @param dataSource to access the database * @param aclCache the cache where fully-loaded elements can be stored * @param aclAuthorizationStrategy authorization strategy (required) */ public BasicLookupStrategy(DataSource dataSource, AclCache aclCache, AclAuthorizationStrategy aclAuthorizationStrategy, AuditLogger auditLogger) { this(dataSource, aclCache, aclAuthorizationStrategy, new DefaultPermissionGrantingStrategy(auditLogger)); }
/** * Returns a representation of the active bits in the presented mask, with each active * bit being denoted by character '*'. * <p> * Inactive bits will be denoted by character {@link Permission#RESERVED_OFF}. * * @param i the integer bit mask to print the active bits for * * @return a 32-character representation of the bit mask */ public static String printBinary(int i) { return printBinary(i, '*', Permission.RESERVED_OFF); }
public Sid getSidObj() { if (sidObj == null) { sidObj = isPrincipal ? new PrincipalSid(sid) : new GrantedAuthoritySid(sid); } return sidObj; } }
protected EhCacheBasedAclCache aclCache() { return new EhCacheBasedAclCache(getCache(), new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()), new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_USER"))); }
/** * Registers the <tt>Permission</tt> fields from the supplied class. */ public DefaultPermissionFactory(Class<? extends Permission> permissionClass) { registerPublicPermissions(permissionClass); }