Examples of com.ecyrd.jspwiki.auth.permissions.GroupPermission

• com.ecyrd.jspwiki.auth.permissions.GroupPermission

  Permission to perform an operation on a group in a given wiki. Permission actions include: view, edit, delete.

  The target of a permission is a single group or collection in a given wiki. The syntax for the target is the wiki name, followed by a colon (:) and the name of the group. “All wikis” can be specified using a wildcard (*). Group collections may also be specified using a wildcard. For groups, the wildcard may be a prefix, suffix, or all by itself. Examples of targets include:

  *:*
*:TestPlanners
*:*Planners
*:Test*
mywiki:TestPlanners
mywiki:*Planners
mywiki:Test*

  For a given target, certain permissions imply others:

  • edit implies view
  • delete implies edit and view

  Targets that do not include a wiki prefix never imply others.

  GroupPermission accepts a special target called <groupmember> that means “all groups that a user is a member of.” When included in a policy file grant block, it functions like a wildcard. Thus, this block:

   grant signedBy "jspwiki", principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" { permission com.ecyrd.jspwiki.auth.permissions.GroupPermission "*:<groupmember>", "edit"; 

  means, “allow Authenticated users to edit any groups they are members of.” The wildcard target (*) does not imply <groupmember>; it must be granted explicitly. @author Andrew Jaquith @since 2.4.17

        assertEquals( a.getJSP(), b.getJSP() );
        assertEquals( a.getURLPattern(), b.getURLPattern() );
        assertEquals( a.getContentTemplate(), b.getContentTemplate() );
        assertNotNull( b.getTarget() );
        assertNotNull( b.requiredPermission() );
        assertEquals( new GroupPermission( "*:Test", "view" ), b.requiredPermission() );
        assertEquals( group, b.getTarget() );

        // Do the same with edit command
        a = GroupCommand.EDIT_GROUP;
        b = a.targetedCommand( group );
        assertNotSame( a, b );
        assertNotNull( b.getTarget() );
        assertNotNull( b.requiredPermission() );
        assertEquals( new GroupPermission( "*:Test", "edit" ), b.requiredPermission() );
        assertEquals( group, b.getTarget() );

        // Do the same with delete command
        a = GroupCommand.DELETE_GROUP;
        b = a.targetedCommand( group );
        assertNotSame( a, b );
        assertNotNull( b.getTarget() );
        assertNotNull( b.requiredPermission() );
        assertEquals( new GroupPermission( "*:Test", "delete" ), b.requiredPermission() );
        assertEquals( group, b.getTarget() );
    }

                for( String groupAction : groupActions )
                {
                    Permission permission = null;
                    if ( groupAction != null)
                    {
                        permission = new GroupPermission( wiki + ":" + group, groupAction );
                    }
                    s.append( printPermissionTest( permission, role, 1 ) );
                }
            }
            s.append( "  </tr>\n" );

                }
                else if ( DELETE_GROUP.equals( permission ) )
                {
                    action = "delete";
                }
                gotPermission = mgr.checkPermission( session, new GroupPermission( groupName, action ) );
            }
        }
        else if ( ALL_PERMISSION.equals( permission ) )
        {
            gotPermission = mgr.checkPermission( session, new AllPermission( m_wikiContext.getEngine().getApplicationName() ) );

        {
            m_permission = null;
        }
        else
        {
            m_permission = new GroupPermission( target.getName(), action );
        }
    }