Examples of org.exoplatform.services.jcr.access.AccessControlList

Package org.exoplatform.services.jcr.access

Examples of org.exoplatform.services.jcr.access.AccessControlList

org.exoplatform.services.jcr.access.AccessControlList
Created by The eXo Platform SAS.
Access Control List. @author Gennady Azarenkov @version $Id: AccessControlList.java 14556 2008-05-21 15:22:15Z pnedonosko $

      PlainChangesLog changesLog = new PlainChangesLogImpl();
      TransientNodeData rootNode;


      if (addACL)
      {
         AccessControlList acl = new AccessControlList();


         if (rootPermissions != null)
         {
            acl.removePermissions(SystemIdentity.ANY);
            acl.addPermissions(rootPermissions);
         }


         InternalQName[] mixins = new InternalQName[]{Constants.EXO_OWNEABLE, Constants.EXO_PRIVILEGEABLE};


         rootNode =
            new TransientNodeData(Constants.ROOT_PATH, Constants.ROOT_UUID, -1, rootNodeType, mixins, 0, null, acl);
         changesLog.add(new ItemState(rootNode, ItemState.ADDED, false, null));


         TransientPropertyData primaryType =
            new TransientPropertyData(QPath.makeChildPath(rootNode.getQPath(), Constants.JCR_PRIMARYTYPE), IdGenerator
               .generate(), -1, PropertyType.NAME, rootNode.getIdentifier(), false,
               new TransientValueData(rootNodeType));


         changesLog.add(new ItemState(primaryType, ItemState.ADDED, false, null)); // 


         // jcr:mixinTypes
         List<ValueData> mixValues = new ArrayList<ValueData>();
         for (InternalQName mixin : mixins)
         {
            mixValues.add(new TransientValueData(mixin));
         }
         TransientPropertyData exoMixinTypes =
            TransientPropertyData.createPropertyData(rootNode, Constants.JCR_MIXINTYPES, PropertyType.NAME, true,
               mixValues);


         TransientPropertyData exoOwner =
            TransientPropertyData.createPropertyData(rootNode, Constants.EXO_OWNER, PropertyType.STRING, false,
               new TransientValueData(acl.getOwner()));


         List<ValueData> permsValues = new ArrayList<ValueData>();
         for (int i = 0; i < acl.getPermissionEntries().size(); i++)
         {
            AccessControlEntry entry = acl.getPermissionEntries().get(i);
            permsValues.add(new TransientValueData(entry));
         }
         TransientPropertyData exoPerms =
            TransientPropertyData.createPropertyData(rootNode, Constants.EXO_PERMISSIONS,
               ExtendedPropertyType.PERMISSION, true, permsValues);


         changesLog.add(ItemState.createAddedState(exoMixinTypes)).add(ItemState.createAddedState(exoOwner)).add(
            ItemState.createAddedState(exoPerms));
         changesLog.add(new ItemState(rootNode, ItemState.MIXIN_CHANGED, false, null));
      }
      else
      {
         rootNode =
            new TransientNodeData(Constants.ROOT_PATH, Constants.ROOT_UUID, -1, rootNodeType, new InternalQName[0], 0,
               null, new AccessControlList());
         changesLog.add(new ItemState(rootNode, ItemState.ADDED, false, null));


         TransientPropertyData primaryType =
            new TransientPropertyData(QPath.makeChildPath(rootNode.getQPath(), Constants.JCR_PRIMARYTYPE), IdGenerator
               .generate(), -1, PropertyType.NAME, rootNode.getIdentifier(), false,

View Full Code Here


         jcrSystem =
            TransientNodeData.createNodeData(root, Constants.JCR_SYSTEM, Constants.NT_UNSTRUCTURED, mixins,
               Constants.SYSTEM_UUID);


         AccessControlList acl = jcrSystem.getACL();


         TransientPropertyData primaryType =
            TransientPropertyData.createPropertyData(jcrSystem, Constants.JCR_PRIMARYTYPE, PropertyType.NAME, false,
               new TransientValueData(jcrSystem.getPrimaryTypeName()));


         changesLog.add(ItemState.createAddedState(jcrSystem)).add(ItemState.createAddedState(primaryType));


         // jcr:mixinTypes
         List<ValueData> mixValues = new ArrayList<ValueData>();
         for (InternalQName mixin : mixins)
         {
            mixValues.add(new TransientValueData(mixin));
         }
         TransientPropertyData exoMixinTypes =
            TransientPropertyData.createPropertyData(jcrSystem, Constants.JCR_MIXINTYPES, PropertyType.NAME, true,
               mixValues);


         TransientPropertyData exoOwner =
            TransientPropertyData.createPropertyData(jcrSystem, Constants.EXO_OWNER, PropertyType.STRING, false,
               new TransientValueData(acl.getOwner()));


         List<ValueData> permsValues = new ArrayList<ValueData>();
         for (int i = 0; i < acl.getPermissionEntries().size(); i++)
         {
            AccessControlEntry entry = acl.getPermissionEntries().get(i);
            permsValues.add(new TransientValueData(entry));
         }
         TransientPropertyData exoPerms =
            TransientPropertyData.createPropertyData(jcrSystem, Constants.EXO_PERMISSIONS,
               ExtendedPropertyType.PERMISSION, true, permsValues);


         changesLog.add(ItemState.createAddedState(exoMixinTypes)).add(ItemState.createAddedState(exoOwner)).add(
            ItemState.createAddedState(exoPerms));
         changesLog.add(new ItemState(jcrSystem, ItemState.MIXIN_CHANGED, false, null));
      }
      else
      {
         jcrSystem =
            TransientNodeData.createNodeData(root, Constants.JCR_SYSTEM, Constants.NT_UNSTRUCTURED,
               Constants.SYSTEM_UUID);


         TransientPropertyData primaryType =
            TransientPropertyData.createPropertyData(jcrSystem, Constants.JCR_PRIMARYTYPE, PropertyType.NAME, false,
               new TransientValueData(jcrSystem.getPrimaryTypeName()));


         changesLog.add(ItemState.createAddedState(jcrSystem)).add(ItemState.createAddedState(primaryType));
      }


      // init version storage
      AccessControlList acl = new AccessControlList();
      acl.removePermissions(SystemIdentity.ANY);
      acl.addPermissions(SystemIdentity.ANY, new String[]{PermissionType.READ});


      for (AccessControlEntry entry : jcrSystem.getACL().getPermissionEntries())
      {
         String identity = entry.getIdentity();
         String permission = entry.getPermission();


         if (!identity.equals(SystemIdentity.ANY) || !permission.equals(PermissionType.READ))
         {
            acl.addPermissions(identity, new String[]{permission});
         }
      }


      TransientNodeData versionStorageNodeData =
         TransientNodeData.createNodeData(jcrSystem, Constants.JCR_VERSIONSTORAGE, Constants.EXO_VERSIONSTORAGE,
            Constants.VERSIONSTORAGE_UUID, acl);


      TransientPropertyData vsPrimaryType =
         TransientPropertyData.createPropertyData(versionStorageNodeData, Constants.JCR_PRIMARYTYPE, PropertyType.NAME,
            false, new TransientValueData(versionStorageNodeData.getPrimaryTypeName()));


      TransientPropertyData exoMixinTypes =
         TransientPropertyData.createPropertyData(versionStorageNodeData, Constants.JCR_MIXINTYPES, PropertyType.NAME,
            true, new TransientValueData(Constants.EXO_PRIVILEGEABLE));


      List<ValueData> permsValues = new ArrayList<ValueData>();
      for (int i = 0; i < acl.getPermissionEntries().size(); i++)
      {
         AccessControlEntry entry = acl.getPermissionEntries().get(i);
         permsValues.add(new TransientValueData(entry));
      }
      TransientPropertyData exoPerms =
         TransientPropertyData.createPropertyData(versionStorageNodeData, Constants.EXO_PERMISSIONS,
            ExtendedPropertyType.PERMISSION, true, permsValues);

View Full Code Here


            // MIXIN
            MixinInfo mixins = readMixins(cid);


            // ACL
            AccessControlList acl; // NO DEFAULT values!


            if (mixins.hasOwneable())
            {
               // has own owner
               if (mixins.hasPrivilegeable())
               {
                  // and permissions
                  acl = new AccessControlList(readACLOwner(cid), readACLPermisions(cid));
               }
               else if (parentACL != null)
               {
                  // use permissions from existed parent
                  acl =
                     new AccessControlList(readACLOwner(cid), parentACL.hasPermissions() ? parentACL
                        .getPermissionEntries() : null);
               }
               else
               {
                  // have to search nearest ancestor permissions in ACL manager
                  // acl = new AccessControlList(readACLOwner(cid), traverseACLPermissions(cpid));
                  acl = new AccessControlList(readACLOwner(cid), null);
               }
            }
            else if (mixins.hasPrivilegeable())
            {
               // has own permissions
               if (mixins.hasOwneable())
               {
                  // and owner
                  acl = new AccessControlList(readACLOwner(cid), readACLPermisions(cid));
               }
               else if (parentACL != null)
               {
                  // use owner from existed parent
                  acl = new AccessControlList(parentACL.getOwner(), readACLPermisions(cid));
               }
               else
               {
                  // have to search nearest ancestor owner in ACL manager
                  // acl = new AccessControlList(traverseACLOwner(cpid), readACLPermisions(cid));
                  acl = new AccessControlList(null, readACLPermisions(cid));
               }
            }
            else
            {
               if (parentACL != null)
               {
                  // construct ACL from existed parent ACL
                  acl =
                     new AccessControlList(parentACL.getOwner(), parentACL.hasPermissions() ? parentACL
                        .getPermissionEntries() : null);
               }
               else
               {
                  // have to search nearest ancestor owner and permissions in ACL manager

View Full Code Here

         }


         try
         {
            // ACL
            AccessControlList acl; // NO DEFAULT values!


            if (owneable)
            {
               // has own owner
               if (privilegeable)
               {
                  // and permissions
                  acl = new AccessControlList(readACLOwner(cid, properties), readACLPermisions(cid, properties));
               }
               else if (parentACL != null)
               {
                  // use permissions from existed parent
                  acl =
                     new AccessControlList(readACLOwner(cid, properties), parentACL.hasPermissions() ? parentACL
                        .getPermissionEntries() : null);
               }
               else
               {
                  // have to search nearest ancestor permissions in ACL manager
                  acl = new AccessControlList(readACLOwner(cid, properties), null);
               }
            }
            else if (privilegeable)
            {
               // has own permissions
               if (owneable)
               {
                  // and owner
                  acl = new AccessControlList(readACLOwner(cid, properties), readACLPermisions(cid, properties));
               }
               else if (parentACL != null)
               {
                  // use owner from existed parent
                  acl = new AccessControlList(parentACL.getOwner(), readACLPermisions(cid, properties));
               }
               else
               {
                  // have to search nearest ancestor owner in ACL manager
                  // acl = new AccessControlList(traverseACLOwner(cpid), readACLPermisions(cid));
                  acl = new AccessControlList(null, readACLPermisions(cid, properties));
               }
            }
            else
            {
               if (parentACL != null)
               {
                  // construct ACL from existed parent ACL
                  acl =
                     new AccessControlList(parentACL.getOwner(), parentACL.hasPermissions() ? parentACL
                        .getPermissionEntries() : null);
               }
               else
               {
                  // have to search nearest ancestor owner and permissions in ACL manager

View Full Code Here

      {
         owner = versionableNodeData.getACL().getOwner();
         mixinsList.add(Constants.EXO_OWNEABLE);
      }


      AccessControlList acl = new AccessControlList(owner, new ArrayList<AccessControlEntry>(accessList));
      InternalQName[] mixins = mixinsList.toArray(new InternalQName[mixinsList.size()]);


      // nt:version
      NodeData versionData =
         TransientNodeData.createNodeData(nodeData(), new InternalQName(null, nextVersionName()), Constants.NT_VERSION,
            mixins, uuid, acl);
      changesLog.add(ItemState.createAddedState(versionData));


      // jcr:primaryType
      TransientPropertyData propData =
         TransientPropertyData.createPropertyData(versionData, Constants.JCR_PRIMARYTYPE, PropertyType.NAME, false,
            new TransientValueData(Constants.NT_VERSION));
      changesLog.add(ItemState.createAddedState(propData));


      // jcr:mixinTypes
      List<ValueData> mixValues = new ArrayList<ValueData>();
      for (InternalQName mixin : mixins)
      {
         mixValues.add(new TransientValueData(mixin));
      }
      TransientPropertyData exoMixinTypes =
         TransientPropertyData.createPropertyData(versionData, Constants.JCR_MIXINTYPES, PropertyType.NAME, true,
            mixValues);
      changesLog.add(ItemState.createAddedState(exoMixinTypes));


      // exo:owner
      if (isOwneable)
      {
         TransientPropertyData exoOwner =
            TransientPropertyData.createPropertyData(versionData, Constants.EXO_OWNER, PropertyType.STRING, false,
               new TransientValueData(acl.getOwner()));
         changesLog.add(ItemState.createAddedState(exoOwner));
      }


      // exo:permissions
      if (isPrivilegeable)
      {
         List<ValueData> permsValues = new ArrayList<ValueData>();
         for (AccessControlEntry entry : acl.getPermissionEntries())
         {
            permsValues.add(new TransientValueData(entry));
         }


         TransientPropertyData exoPerms =

View Full Code Here

               {
                  PropertyData aclData =
                     (PropertyData)dataManager.getItemData(frozen, new QPathEntry(Constants.EXO_PERMISSIONS, 0),
                        ItemType.PROPERTY);


                  AccessControlList acl = new AccessControlList();
                  acl.removePermissions(SystemIdentity.ANY);


                  for (ValueData value : aclData.getValues())
                  {
                     acl.addPermissions(new String(value.getAsByteArray(), Constants.DEFAULT_ENCODING));
                  }


                  accessList = acl.getPermissionEntries();
               }
               else if (mixins[i].equals(Constants.EXO_OWNEABLE))
               {
                  PropertyData ownerData =
                     (PropertyData)dataManager.getItemData(frozen, new QPathEntry(Constants.EXO_OWNER, 0),
                        ItemType.PROPERTY);


                  owner = new String(ownerData.getValues().get(0).getAsByteArray(), Constants.DEFAULT_ENCODING);
               }
            }
         }
         catch (IllegalNameException e)
         {
            throw new RepositoryException("jcr:frozenMixinTypes, error of data read "
               + userSession.getLocationFactory().createJCRPath(frozenMixinTypes.getQPath()).getAsString(false), e);
         }
         catch (IllegalStateException e)
         {
            throw new RepositoryException("jcr:frozenMixinTypes, error of data read "
               + userSession.getLocationFactory().createJCRPath(frozenMixinTypes.getQPath()).getAsString(false), e);
         }
         catch (IOException e)
         {
            throw new RepositoryException("jcr:frozenMixinTypes, error of data read "
               + userSession.getLocationFactory().createJCRPath(frozenMixinTypes.getQPath()).getAsString(false), e);
         }
      }


      AccessControlList acl = new AccessControlList(owner, accessList);


      InternalQName ptName = null;
      try
      {
         ptName = InternalQName.parse(new String(frozenPrimaryType.getValues().get(0).getAsByteArray()));

View Full Code Here

      int orderNum = resultSet.getInt(DBConstants.COLUMN_NORDERNUM);
      int version = resultSet.getInt(DBConstants.COLUMN_VERSION);
      QPath path = QPath.makeChildPath(QPath.parse("[]unknown-parent-node-remover"), extractName(resultSet));


      return new TransientNodeData(path, nodeId, version, Constants.NT_UNSTRUCTURED, new InternalQName[0], orderNum,
         Constants.ROOT_UUID, new AccessControlList());
   }

View Full Code Here

                        + existing.getIdentifier());
                  }
               }
            }


            AccessControlList acl = currentNode().getACL();


            boolean isPrivilegeable =
               nodeTypeDataManager.isNodeType(Constants.EXO_PRIVILEGEABLE, frozen.getPrimaryTypeName(),
                  frozen.getMixinTypeNames());


            boolean isOwneable =
               nodeTypeDataManager.isNodeType(Constants.EXO_OWNEABLE, frozen.getPrimaryTypeName(),
                  frozen.getMixinTypeNames());


            if (isPrivilegeable || isOwneable)
            {
               List<AccessControlEntry> permissionEntries = new ArrayList<AccessControlEntry>();
               permissionEntries.addAll((isPrivilegeable ? frozen.getACL() : currentNode().getACL())
                  .getPermissionEntries());


               String owner = isOwneable ? frozen.getACL().getOwner() : currentNode().getACL().getOwner();


               acl = new AccessControlList(owner, permissionEntries);
            }


            NodeData restoredData =
               new TransientNodeData(restoredPath, jcrUuid, frozen.getPersistedVersion(), frozen.getPrimaryTypeName(),
                  frozen.getMixinTypeNames(), frozen.getOrderNumber(), currentNode().getIdentifier(), acl);

View Full Code Here

   public void checkPermission(String absPath, String actions) throws AccessControlException
   {
      try
      {
         JCRPath jcrPath = locationFactory.parseAbsPath(absPath);
         AccessControlList acl = dataManager.getACL(jcrPath.getInternalPath());
         if (!accessManager.hasPermission(acl, actions, getUserState().getIdentity()))
         {
            throw new AccessControlException("Permission denied " + absPath + " : " + actions);
         }
      }

View Full Code Here

   public void checkPermission(String absPath, String actions) throws AccessControlException
   {
      try
      {
         JCRPath jcrPath = locationFactory.parseAbsPath(absPath);
         AccessControlList acl = dataManager.getACL(jcrPath.getInternalPath());
         if (!accessManager.hasPermission(acl, actions, getUserState().getIdentity()))
         {
            throw new AccessControlException("Permission denied " + absPath + " : " + actions);
         }
      }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.exoplatform.services.jcr.access.AccessControlList

org.exoplatform.services.jcr.dataflow.persistent.PersistedNodeData

org.exoplatform.services.jcr.ext.audit.AuditServiceImpl

org.exoplatform.services.jcr.ext.audit.AuditServiceImpl$AuditSession

org.exoplatform.services.jcr.impl.access.TestAccess

org.exoplatform.services.jcr.impl.access.TestAutoInitPermissions

org.exoplatform.services.jcr.impl.checker.NodeRemover

org.exoplatform.services.jcr.impl.core.ItemImpl

org.exoplatform.services.jcr.impl.core.NamespaceDataPersister

org.exoplatform.services.jcr.impl.core.NodeImpl

org.exoplatform.services.jcr.impl.core.nodetype.ItemAutocreator

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.