Examples of org.pentaho.platform.api.repository2.unified.RepositoryFileSid

• org.pentaho.platform.api.repository2.unified.RepositoryFileSid
  Repository file security identifier (SID) used as file owners and permission recipients in access control entries.

  Same abstraction as {@code org.springframework.security.acls.sid.Sid}.

    addAce( session, pentahoJcrConstants, fileId, recipient, permissions );
  }

  public static void setOwner( final Session session, final PentahoJcrConstants pentahoJcrConstants,
      final RepositoryFile file, final RepositoryFileSid owner ) throws RepositoryException {
    RepositoryFileSid newOwnerSid = owner;
    if ( JcrTenantUtils.getUserNameUtils().getTenant( owner.getName() ) == null ) {
      newOwnerSid = new RepositoryFileSid( JcrTenantUtils.getTenantedUser( owner.getName() ), owner.getType() );
    }
    RepositoryFileAcl acl = getAcl( session, pentahoJcrConstants, file.getId() );
    RepositoryFileAcl newAcl = new RepositoryFileAcl.Builder( acl ).owner( newOwnerSid ).build();
    updateAcl( session, newAcl );
  }

  }

  public static void addAce( final Session session, final PentahoJcrConstants pentahoJcrConstants,
      final Serializable id, final RepositoryFileSid recipient, final EnumSet<RepositoryFilePermission> permission )
    throws RepositoryException {
    RepositoryFileSid newRecipient = recipient;
    if ( JcrTenantUtils.getUserNameUtils().getTenant( recipient.getName() ) == null ) {
      newRecipient = new RepositoryFileSid( JcrTenantUtils.getTenantedUser( recipient.getName() ),
        recipient.getType() );
    }
    RepositoryFileAcl acl = getAcl( session, pentahoJcrConstants, id );
    RepositoryFileAcl updatedAcl = new RepositoryFileAcl.Builder( acl ).ace( newRecipient, permission ).build();
    updateAcl( session, updatedAcl );

    }
    String absPath = node.getPath();
    AccessControlManager acMgr = session.getAccessControlManager();
    AccessControlList acList = getAccessControlList( acMgr, absPath );

    RepositoryFileSid owner = null;
    String ownerString = JcrTenantUtils.getUserNameUtils().getPrincipleName( getOwner( session, absPath, acList ) );

    if ( ownerString != null ) {
      // for now, just assume all owners are users; only has UI impact
      owner = new RepositoryFileSid( ownerString, RepositoryFileSid.Type.USER );
    }

    RepositoryFileAcl.Builder aclBuilder = new RepositoryFileAcl.Builder( id, owner );

    aclBuilder.entriesInheriting( isEntriesInheriting( session, absPath, acList ) );

  }

  private static RepositoryFileAce toAce( final Session session, final AccessControlEntry acEntry )
    throws RepositoryException {
    Principal principal = acEntry.getPrincipal();
    RepositoryFileSid sid = null;
    if ( principal instanceof Group ) {
      sid = new RepositoryFileSid( principal.getName(), RepositoryFileSid.Type.ROLE );
    } else {
      sid = new RepositoryFileSid( principal.getName(), RepositoryFileSid.Type.USER );
    }
    Privilege[] privileges = acEntry.getPrivileges();
    IPermissionConversionHelper permissionConversionHelper = new DefaultPermissionConversionHelper( session );
    return new RepositoryFileAce( sid, permissionConversionHelper.privilegesToPentahoPermissions( session,
      privileges ) );

      builder = new RepositoryFile.Builder( v.id, v.name );
    } else {
      builder = new RepositoryFile.Builder( v.name );
    }
    if ( v.ownerType != -1 ) {
      new RepositoryFileSid( v.owner, RepositoryFileSid.Type.values()[ v.ownerType ] );
    }
    if ( v.localePropertiesMapEntries != null ) {
      for ( LocaleMapDto localeMapDto : v.localePropertiesMapEntries ) {

        String locale = localeMapDto.getLocale();

    if ( theTenant == null || theTenant.getId() == null ) {
      theTenant = JcrTenantUtils.getDefaultTenant();
    }
    RepositoryFile userHomeFolder = null;
    String userId = tenantedUserNameUtils.getPrincipleId( theTenant, username );
    final RepositoryFileSid userSid = new RepositoryFileSid( userId );
    RepositoryFile tenantHomeFolder = null;
    RepositoryFile tenantRootFolder = null;
    RepositoryFileSid ownerSid = null;
    // Get the Tenant Root folder. If the Tenant Root folder does not exist then exit.
    tenantRootFolder =
        JcrRepositoryFileUtils.getFileByAbsolutePath( session, ServerRepositoryPaths
            .getTenantRootFolderPath( theTenant ), pathConversionHelper, lockHelper, false, null );
    if ( tenantRootFolder != null ) {
      // Try to see if Tenant Home folder exist
      tenantHomeFolder =
          JcrRepositoryFileUtils.getFileByAbsolutePath( session, ServerRepositoryPaths
              .getTenantHomeFolderPath( theTenant ), pathConversionHelper, lockHelper, false, null );

      if ( tenantHomeFolder == null ) {
        String ownerId = tenantedUserNameUtils.getPrincipleId( theTenant, username );
        ownerSid = new RepositoryFileSid( ownerId, Type.USER );

        String tenantAuthenticatedRoleId = tenantedRoleNameUtils.getPrincipleId( theTenant, authenticatedRoleName );
        RepositoryFileSid tenantAuthenticatedRoleSid = new RepositoryFileSid( tenantAuthenticatedRoleId, Type.ROLE );

        aclsForTenantHomeFolder =
            new RepositoryFileAcl.Builder( userSid ).ace( tenantAuthenticatedRoleSid, EnumSet
                .of( RepositoryFilePermission.READ ) );

        aclsForUserHomeFolder =
            new RepositoryFileAcl.Builder( userSid ).ace( ownerSid, EnumSet.of( RepositoryFilePermission.ALL ) );
        tenantHomeFolder =
            internalCreateFolder( session, tenantRootFolder.getId(), new RepositoryFile.Builder( ServerRepositoryPaths
                .getTenantHomeFolderName() ).folder( true ).title(
                Messages.getInstance().getString( "AbstractJcrBackedUserRoleDao.usersFolderDisplayName" ) ).build(),
                aclsForTenantHomeFolder.build(), "tenant home folder" ); //$NON-NLS-1$
      } else {
        String ownerId = tenantedUserNameUtils.getPrincipleId( theTenant, username );
        ownerSid = new RepositoryFileSid( ownerId, Type.USER );
        aclsForUserHomeFolder =
            new RepositoryFileAcl.Builder( userSid ).ace( ownerSid, EnumSet.of( RepositoryFilePermission.ALL ) );
      }

      // now check if user's home folder exist

    return toAce( v );
  }

  public static RepositoryFileAce toAce( RepositoryFileAclAceDto v ) {
    return new RepositoryFileAce(
        new RepositoryFileSid( v.recipient, RepositoryFileSid.Type.values()[v.recipientType] ),
      toPerms( v.permissions ) );
  }

    }
    String absPath = node.getPath();
    AccessControlManager acMgr = session.getAccessControlManager();
    AccessControlList acList = getAccessControlList( acMgr, absPath );

    RepositoryFileSid owner = null;
    String ownerString = getOwner( session, absPath, acList );

    if ( ownerString != null ) {
      // for now, just assume all owners are users; only has UI impact
      owner =
          new RepositoryFileSid( JcrTenantUtils.getUserNameUtils().getPrincipleName( ownerString ),
              RepositoryFileSid.Type.USER );
    }

    RepositoryFileAcl.Builder aclBuilder = new RepositoryFileAcl.Builder( id, owner );

  }

  protected RepositoryFileAce toAce( final Session session, final AccessControlEntry acEntry )
    throws RepositoryException {
    Principal principal = acEntry.getPrincipal();
    RepositoryFileSid sid = null;
    String name = principal.getName();
    DefaultPermissionConversionHelper permissionConversionHelper = new DefaultPermissionConversionHelper( session );

    if ( principal instanceof Group ) {
      sid =
          new RepositoryFileSid( JcrTenantUtils.getRoleNameUtils().getPrincipleName( name ),
              RepositoryFileSid.Type.ROLE );
    } else {
      sid =
          new RepositoryFileSid( JcrTenantUtils.getUserNameUtils().getPrincipleName( name ),
              RepositoryFileSid.Type.USER );
    }
    logger.debug( String.format( "principal class [%s]", principal.getClass().getName() ) ); //$NON-NLS-1$
    Privilege[] privileges = acEntry.getPrivileges();
    return new RepositoryFileAce( sid, permissionConversionHelper

    Assert.notNull( recipient );
    Assert.notNull( permission );
    RepositoryFileAcl acl = getAcl( id );
    Assert.notNull( acl );
    // TODO mlowery find an ACE with the recipient and update that rather than adding a new ACE
    RepositoryFileSid newRecipient = recipient;
    if ( recipient.getType().equals( Type.USER ) ) {
      if ( JcrTenantUtils.getUserNameUtils().getTenant( recipient.getName() ) == null ) {
        newRecipient =
            new RepositoryFileSid( JcrTenantUtils.getTenantedUser( recipient.getName() ), recipient.getType() );
      }
    } else {
      if ( JcrTenantUtils.getRoleNameUtils().getTenant( recipient.getName() ) == null ) {
        newRecipient =
            new RepositoryFileSid( JcrTenantUtils.getTenantedRole( recipient.getName() ), recipient.getType() );
      }
    }
    RepositoryFileAcl updatedAcl = new RepositoryFileAcl.Builder( acl ).ace( newRecipient, permission ).build();
    updateAcl( updatedAcl );
    logger.debug( "added ace: id=" + id + ", sid=" + recipient + ", permission=" + permission ); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$