@VisibleForTesting
void getPermitDeny(NotesACL acl, List<String> permitUsers,
List<String> permitGroups, List<String> noAccessUsers,
List<String> noAccessGroups, NotesSession ns) throws RepositoryException {
final String METHOD = "getPermitDeny";
NotesACLEntry ae = acl.getFirstEntry();
while (ae != null) {
LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
"Checking ACL Entry: " + ae.getName());
int userType = ae.getUserType();
// If this is a user explicitly listed with NO ACCESS
if (NotesACL.LEVEL_DEPOSITOR > ae.getLevel()) {
// Send both specified and unspecified users with NO ACCESS to GSA as
// DENY users. As a result, unspecified groups with NO ACCESS will also
// be included in the DENY user list but they will not have any impact
// to authenticated users.
if ((userType == NotesACLEntry.TYPE_PERSON) ||
(userType == NotesACLEntry.TYPE_UNSPECIFIED)) {
LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
"Adding the user entry to deny list: " + ae.getName());
noAccessUsers.add(ae.getName().toLowerCase());
}
// Skip unspecified groups such as -Default- and Anonymous.
// Do not need to send deny access for groups and unspecified groups.
}
// If this entry has an access level greater than DEPOSITOR
if (NotesACL.LEVEL_DEPOSITOR < ae.getLevel()) {
// Add to the PERMIT USERS if they are a user
if ((userType == NotesACLEntry.TYPE_PERSON) ||
(userType == NotesACLEntry.TYPE_UNSPECIFIED)) {
LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
"Adding the user entry to person allow list: " + ae.getName());
permitUsers.add(ae.getName().toLowerCase());
}
// Add to the PERMIT GROUPS if they are a group
if ((userType == NotesACLEntry.TYPE_MIXED_GROUP) ||
(userType == NotesACLEntry.TYPE_PERSON_GROUP) ||
(userType == NotesACLEntry.TYPE_UNSPECIFIED)) {
LOGGER.logp(Level.FINER, CLASS_NAME, METHOD,
"Adding the user entry to group allow list: " + ae.getName());
permitGroups.add(ae.getName().toLowerCase());
}
}
NotesACLEntry prevae = ae;
ae = acl.getNextEntry(prevae);
prevae.recycle();
}
}