Examples of org.springframework.security.acls.model.ObjectIdentity

• org.springframework.security.acls.model.ObjectIdentity
  Represents the identity of an individual domain object instance.

  As implementations of ObjectIdentity are used as the key to represent domain objects in the ACL subsystem, it is essential that implementations provide methods so that object-equality rather than reference-equality can be relied upon reliably. In other words, the ACL subsystem can consider two ObjectIdentitys equal if identity1.equals(identity2), rather than reference-equality of identity1==identity2.

  @author Ben Alex

        }

        final List<Sid> sids =
                sidRetrievalStrategy.getSids(SecurityContextHolder.getContext().getAuthentication());

        final ObjectIdentity oid =
                objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);

        try {

            final Acl acl = aclService.readAclById(oid, sids);

    @Test
    @SuppressWarnings("unchecked")
    public void hasPermissionReturnsTrueIfAclGrantsPermission() throws Exception {
        AclService service = mock(AclService.class);
        AclPermissionEvaluator pe = new AclPermissionEvaluator(service);
        ObjectIdentity oid = mock(ObjectIdentity.class);
        ObjectIdentityRetrievalStrategy oidStrategy = mock(ObjectIdentityRetrievalStrategy.class);
        when(oidStrategy.getObjectIdentity(anyObject())).thenReturn(oid);
        pe.setObjectIdentityRetrievalStrategy(oidStrategy);
        pe.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class));
        Acl acl = mock(Acl.class);

    public boolean hasPermission(Authentication authentication, Object domainObject, Object permission) {
        if (domainObject == null) {
            return false;
        }

        ObjectIdentity objectIdentity = objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);

        return checkPermission(authentication, objectIdentity, permission);
    }

        return checkPermission(authentication, objectIdentity, permission);
    }

    public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType, Object permission) {
        ObjectIdentity objectIdentity = objectIdentityGenerator.createObjectIdentity(targetId, targetType);

        return checkPermission(authentication, objectIdentity, permission);
    }

                        + " for object: " + domainObject);
                }
            }

            // Obtain the OID applicable to the domain object
            ObjectIdentity objectIdentity = objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);

            // Obtain the SIDs applicable to the principal
            List<Sid> sids = sidRetrievalStrategy.getSids(authentication);

            Acl acl;

    public void create(AbstractElement element) {
        super.create(element);

        // Create an ACL identity for this element
        ObjectIdentity identity = new ObjectIdentityImpl(element);
        MutableAcl acl = mutableAclService.createAcl(identity);

        // If the AbstractElement has a parent, go and retrieve its identity (it should already exist)
        if (element.getParent() != null) {
            ObjectIdentity parentIdentity = new ObjectIdentityImpl(element.getParent());
            MutableAcl aclParent = (MutableAcl) mutableAclService.readAclById(parentIdentity);
            acl.setParent(aclParent);
        }
        acl.insertAce(acl.getEntries().size(), BasePermission.ADMINISTRATION, new PrincipalSid(SecurityContextHolder.getContext().getAuthentication()), true);

            sid = new PrincipalSid(recipient);
        }

        // We need to identify the target domain object and create an ObjectIdentity for it
        // This works because AbstractElement has a "getId()" method
        ObjectIdentity identity = new ObjectIdentityImpl(element);
        // ObjectIdentity identity = new ObjectIdentityImpl(element.getClass(), element.getId()); // equivalent

        // Next we need to create a Permission
        Permission permission = null;
        if (level == LEVEL_NEGATE_READ || level == LEVEL_GRANT_READ) {

        for (Object domainObject : objects) {
            if (domainObject == null) {
                continue;
            }
            ObjectIdentity oid = oidRetrievalStrategy.getObjectIdentity(domainObject);
            oidsToCache.add(oid);
        }

        List<Sid> sids = sidRetrievalStrategy.getSids(authentication);

        return processDomainObjectClass;
    }

    protected boolean hasPermission(Authentication authentication, Object domainObject) {
        // Obtain the OID applicable to the domain object
        ObjectIdentity objectIdentity = objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);

        // Obtain the SIDs applicable to the principal
        List<Sid> sids = sidRetrievalStrategy.getSids(authentication);

        try {

    // SEC-1898
    @Test(expected = NotFoundException.class)
    public void readAclByIdMissingAcl() {
        Map<ObjectIdentity, Acl> result = new HashMap<ObjectIdentity, Acl>();
        when(lookupStrategy.readAclsById(anyListOf(ObjectIdentity.class), anyListOf(Sid.class))).thenReturn(result);
        ObjectIdentity objectIdentity = new ObjectIdentityImpl(Object.class, 1);
        List<Sid> sids = Arrays.<Sid> asList(new PrincipalSid("user"));

        aclService.readAclById(objectIdentity, sids);
    }