Examples of org.acegisecurity.acls.Acl

• org.acegisecurity.acls.Acl
  Represents an access control list (ACL) for a domain object.

  An Acl represents all ACL entries for a given domain object. In order to avoid needing references to the domain object itself, this interface handles indirection between a domain object and an ACL object identity via the {@link org.acegisecurity.acls.objectidentity.ObjectIdentity} interface.

  An implementation represents the {@link org.acegisecurity.acls.Permission}list applicable for some or all {@link org.acegisecurity.acls.sid.Sid}instances.

  @author Ben Alex @version $Id: Acl.java 1784 2007-02-24 21:00:24Z luke_t $

        Sid[] sids = sidRetrievalStrategy.getSids(SecurityContextHolder.getContext().getAuthentication());
        ObjectIdentity oid = objectIdentityRetrievalStrategy.getObjectIdentity(resolvedDomainObject);

        // Obtain aclEntrys applying to the current Authentication object
        try {
            Acl acl = aclService.readAclById(oid, sids);

            if (acl.isGranted(requiredPermissions, sids, false)) {
                return Tag.EVAL_BODY_INCLUDE;
            } else {
                return Tag.SKIP_BODY;
            }
        } catch (NotFoundException nfe) {

        // Create the acl_object_identity row
        createObjectIdentity(objectIdentity, sid);

        // Retrieve the ACL via superclass (ensures cache registration, proper retrieval etc)
        Acl acl = readAclById(objectIdentity);
        Assert.isInstanceOf(MutableAcl.class, acl, "MutableAcl should be been returned");

        return (MutableAcl) acl;
    }

    private AclImpl convert(Map inputMap, Long currentIdentity) {
        Assert.notEmpty(inputMap, "InputMap required");
        Assert.notNull(currentIdentity, "CurrentIdentity required");

        // Retrieve this Acl from the InputMap
        Acl uncastAcl = (Acl) inputMap.get(currentIdentity);
        Assert.isInstanceOf(AclImpl.class, uncastAcl, "The inputMap contained a non-AclImpl");

        AclImpl inputAcl = (AclImpl) uncastAcl;

        Acl parent = inputAcl.getParentAcl();

        if ((parent != null) && parent instanceof StubAclParent) {
            // Lookup the parent
            StubAclParent stubAclParent = (StubAclParent) parent;
            parent = convert(inputMap, stubAclParent.getId());

        if (acl == null) {
            // Make an AclImpl and pop it into the Map
            ObjectIdentity objectIdentity = new ObjectIdentityImpl(rs.getString("CLASS"),
                    new Long(rs.getLong("OBJECT_ID_IDENTITY")));

            Acl parentAcl = null;
            long parentAclId = rs.getLong("PARENT_OBJECT");

            if (parentAclId != 0) {
                parentAcl = new StubAclParent(new Long(parentAclId));
            }

        // Finally, convert our "acls" containing StubAclParents into true Acls
        Map resultMap = new HashMap();
        Iterator iter = acls.values().iterator();

        while (iter.hasNext()) {
            Acl inputAcl = (Acl) iter.next();
            Assert.isInstanceOf(AclImpl.class, inputAcl, "Map should have contained an AclImpl");
            Assert.isInstanceOf(Long.class, ((AclImpl) inputAcl).getId(), "Acl.getId() must be Long");

            Acl result = convert(acls, (Long) ((AclImpl) inputAcl).getId());
            resultMap.put(result.getObjectIdentity(), result);
        }

        return resultMap;
    }

            if (result.containsKey(objects[i])) {
                continue; // already in results, so move to next element
            }

            // Check cache for the present ACL entry
            Acl acl = aclCache.getFromCache(objects[i]);

            // Ensure any cached element supports all the requested SIDs
            // (they should always, as our base impl doesn't filter on SID)
            if (acl != null) {
                if (acl.isSidLoaded(sids)) {
                    result.put(acl.getObjectIdentity(), acl);

                    continue; // now in results, so move to next element
                } else {
                    throw new IllegalStateException(
                        "Error: SID-filtered element detected when implementation does not perform SID filtering "

                ObjectIdentity objectIdentity = objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);

                // Obtain the SIDs applicable to the principal
                Sid[] sids = sidRetrievalStrategy.getSids(authentication);

                Acl acl;

                try {
                    // Lookup only ACLs for SIDs we're interested in
                    acl = aclService.readAclById(objectIdentity, sids);
                } catch (NotFoundException nfe) {
                    if (logger.isDebugEnabled()) {
                        logger.debug("Voting to deny access - no ACLs apply for this principal");
                    }

                    return AccessDecisionVoter.ACCESS_DENIED;
                }

                try {
                    if (acl.isGranted(requirePermission, sids, false)) {
                        if (logger.isDebugEnabled()) {
                            logger.debug("Voting to grant access");
                        }

                        return AccessDecisionVoter.ACCESS_GRANTED;

        ObjectIdentity objectIdentity = objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);

        // Obtain the SIDs applicable to the principal
        Sid[] sids = sidRetrievalStrategy.getSids(authentication);

        Acl acl = null;

        try {
            // Lookup only ACLs for SIDs we're interested in
            acl = aclService.readAclById(objectIdentity, sids);

            return acl.isGranted(requirePermission, sids, false);
        } catch (NotFoundException ignore) {
            return false;
        }
    }

    public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response)
        throws ServletException, IOException {
        int id = RequestUtils.getRequiredIntParameter(request, "contactId");

        Contact contact = contactManager.getById(new Long(id));
        Acl acl = aclService.readAclById(new ObjectIdentityImpl(contact));

        Map model = new HashMap();
        model.put("contact", contact);
        model.put("acl", acl);