Package org.apache.jackrabbit.api.jsr283.security

Examples of org.apache.jackrabbit.api.jsr283.security.AccessControlPolicy


            throw new ServletException(throwable);
        }
  }

  private AccessControlEntry[] getDeclaredAccessControlEntries(Session session, String absPath) throws RepositoryException {
    AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
    AccessControlPolicy[] policies = accessControlManager.getPolicies(absPath);
    for (AccessControlPolicy accessControlPolicy : policies) {
      if (accessControlPolicy instanceof AccessControlList) {
        AccessControlEntry[] accessControlEntries = ((AccessControlList)accessControlPolicy).getAccessControlEntries();
        return accessControlEntries;
      }
View Full Code Here


   * @param absPath the path to get the privileges for
   * @return array of Privileges
   * @throws RepositoryException
   */
  public Privilege [] getSupportedPrivileges(Session session, String absPath) throws RepositoryException {
    AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
    Privilege[] supportedPrivileges = accessControlManager.getSupportedPrivileges(absPath);
    return supportedPrivileges;
  }
View Full Code Here

        }
      }
    }

    try {
      AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
      AccessControlList updatedAcl = null;
      AccessControlPolicyIterator applicablePolicies = accessControlManager.getApplicablePolicies(resourcePath);
      while (applicablePolicies.hasNext()) {
        AccessControlPolicy policy = applicablePolicies.nextAccessControlPolicy();
        if (policy instanceof AccessControlList) {
          updatedAcl = (AccessControlList)policy;
          break;
        }
      }
      if (updatedAcl == null) {
        throw new RepositoryException("Unable to find an access conrol policy to update.");
      }

      StringBuilder oldPrivileges = null;
      StringBuilder newPrivileges = null;
      if (log.isDebugEnabled()) {
        oldPrivileges = new StringBuilder();
        newPrivileges = new StringBuilder();
      }

      //keep track of the existing Aces for the target principal
      AccessControlEntry[] accessControlEntries = updatedAcl.getAccessControlEntries();
      List<AccessControlEntry> oldAces = new ArrayList<AccessControlEntry>();
      for (AccessControlEntry ace : accessControlEntries) {
        if (principalId.equals(ace.getPrincipal().getName())) {
          if (log.isDebugEnabled()) {
            log.debug("Found Existing ACE for principal {0} on resource: ", new Object[] {principalId, resourcePath});
          }
          oldAces.add(ace);
         
          if (log.isDebugEnabled()) {
            //collect the information for debug logging
            boolean isAllow = AccessControlUtil.isAllow(ace);
            Privilege[] privileges = ace.getPrivileges();
            for (Privilege privilege : privileges) {
              if (oldPrivileges.length() > 0) {
                oldPrivileges.append(", "); //separate entries by commas
              }
              if (isAllow) {
                oldPrivileges.append("granted=");
              } else {
                oldPrivileges.append("denied=");
              }
              oldPrivileges.append(privilege.getName());
            }
          }
        }
      }

      //remove the old aces
      if (!oldAces.isEmpty()) {
        for (AccessControlEntry ace : oldAces) {
          updatedAcl.removeAccessControlEntry(ace);
        }
      }
     
      //add a fresh ACE with the granted privileges
      List<Privilege> grantedPrivilegeList = new ArrayList<Privilege>();
      for (String name : grantedPrivilegeNames) {
        if (name.length() == 0) {
          continue; //empty, skip it.
        }
        Privilege privilege = accessControlManager.privilegeFromName(name);
        grantedPrivilegeList.add(privilege);
         
        if (log.isDebugEnabled()) {
          if (newPrivileges.length() > 0) {
            newPrivileges.append(", "); //separate entries by commas
          }
          newPrivileges.append("granted=");
          newPrivileges.append(privilege.getName());
        }
      }
      if (grantedPrivilegeList.size() > 0) {
        Principal principal = authorizable.getPrincipal();
        updatedAcl.addAccessControlEntry(principal, grantedPrivilegeList.toArray(new Privilege[grantedPrivilegeList.size()]));
      }

      //if the authorizable is a user (not a group) process any denied privileges
      if (!authorizable.isGroup()) {
        //add a fresh ACE with the denied privileges
        List<Privilege> deniedPrivilegeList = new ArrayList<Privilege>();
        for (String name : deniedPrivilegeNames) {
          if (name.length() == 0) {
            continue; //empty, skip it.
          }
          Privilege privilege = accessControlManager.privilegeFromName(name);
          deniedPrivilegeList.add(privilege);

          if (log.isDebugEnabled()) {
            if (newPrivileges.length() > 0) {
              newPrivileges.append(", "); //separate entries by commas
            }
            newPrivileges.append("denied=");
            newPrivileges.append(privilege.getName());
          }
        }
        if (deniedPrivilegeList.size() > 0) {
          Principal principal = authorizable.getPrincipal();
          AccessControlUtil.addEntry(updatedAcl, principal, deniedPrivilegeList.toArray(new Privilege[deniedPrivilegeList.size()]), false);
        }
      }

      accessControlManager.setPolicy(resourcePath, updatedAcl);
      if (session.hasPendingChanges()) {
        session.save();
      }

      if (log.isDebugEnabled()) {
View Full Code Here

   
    return accessMap;
  }

  private AccessControlEntry[] getDeclaredAccessControlEntries(Session session, String absPath) throws RepositoryException {
    AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
    AccessControlPolicy[] policies = accessControlManager.getPolicies(absPath);
    for (AccessControlPolicy accessControlPolicy : policies) {
      if (accessControlPolicy instanceof AccessControlList) {
        AccessControlEntry[] accessControlEntries = ((AccessControlList)accessControlPolicy).getAccessControlEntries();
        return accessControlEntries;
      }
View Full Code Here

   * @throws RepositoryException
   */
  public AccessRights getDeclaredAccessRightsForPrincipal(Session session, String absPath, String principalId) throws RepositoryException {
    AccessRights rights = new AccessRights();
    if (principalId != null && principalId.length() > 0) {
      AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
      AccessControlPolicy[] policies = accessControlManager.getPolicies(absPath);
      for (AccessControlPolicy accessControlPolicy : policies) {
        if (accessControlPolicy instanceof AccessControlList) {
          AccessControlEntry[] accessControlEntries = ((AccessControlList)accessControlPolicy).getAccessControlEntries();
          for (AccessControlEntry ace : accessControlEntries) {
            if (principalId.equals(ace.getPrincipal().getName())) {
View Full Code Here

   
    return accessMap;
  }
 
  private AccessControlEntry[] getEffectiveAccessControlEntries(Session session, String absPath) throws RepositoryException {
    AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
    AccessControlPolicy[] policies = accessControlManager.getEffectivePolicies(absPath);
    for (AccessControlPolicy accessControlPolicy : policies) {
      if (accessControlPolicy instanceof AccessControlList) {
        AccessControlEntry[] accessControlEntries = ((AccessControlList)accessControlPolicy).getAccessControlEntries();
        return accessControlEntries;
      }
View Full Code Here

   * @throws RepositoryException
   */
  public AccessRights getEffectiveAccessRightsForPrincipal(Session session, String absPath, String principalId) throws RepositoryException {
    AccessRights rights = new AccessRights();
    if (principalId != null && principalId.length() > 0) {
      AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
      AccessControlPolicy[] policies = accessControlManager.getEffectivePolicies(absPath);
      for (AccessControlPolicy accessControlPolicy : policies) {
        if (accessControlPolicy instanceof AccessControlList) {
          AccessControlEntry[] accessControlEntries = ((AccessControlList)accessControlPolicy).getAccessControlEntries();
          for (AccessControlEntry ace : accessControlEntries) {
            if (principalId.equals(ace.getPrincipal().getName())) {
View Full Code Here

   * @param absPath the path of the resource to check
   * @return true if the current user has the privileges, false otherwise
   */
  public boolean canAddChildren(Session session, String absPath) {
    try {
      AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
      return accessControlManager.hasPrivileges(absPath, new Privilege[] {
              accessControlManager.privilegeFromName(Privilege.JCR_ADD_CHILD_NODES)
            });
    } catch (RepositoryException e) {
      return false;
    }
  }
View Full Code Here

   * @param absPath the path of the resource to check
   * @return true if the current user has the privileges, false otherwise
   */
  public boolean canDeleteChildren(Session session, String absPath) {
    try {
      AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
     
      return accessControlManager.hasPrivileges(absPath, new Privilege[] {
              accessControlManager.privilegeFromName(Privilege.JCR_REMOVE_CHILD_NODES)
            });
    } catch (RepositoryException e) {
      return false;
    }
  }
View Full Code Here

   * @param absPath the path of the resource to check
   * @return true if the current user has the privileges, false otherwise
   */
  public boolean canDelete(Session session, String absPath) {
    try {
      AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
     
      String parentPath = absPath.substring(0, absPath.lastIndexOf('/'));
      boolean canDelete = accessControlManager.hasPrivileges(absPath, new Privilege[] {
              accessControlManager.privilegeFromName(Privilege.JCR_REMOVE_NODE)
            }) && canDeleteChildren(session, parentPath);
      return canDelete;
    } catch (RepositoryException e) {
      return false;
    }
View Full Code Here

TOP

Related Classes of org.apache.jackrabbit.api.jsr283.security.AccessControlPolicy

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.