Package org.springframework.security.acls.model

Examples of org.springframework.security.acls.model.MutableAcl.insertAce()


            Assert.notNull(acl, "Acl could not be retrieved or created");
        }

        // Now we have an ACL, add another ACE to it
        if (level == LEVEL_NEGATE_READ) {
            acl.insertAce(acl.getEntries().size(), permission, sid, false); // not granting
        } else {
            acl.insertAce(acl.getEntries().size(), permission, sid, true); // granting
        }

        // Finally, persist the modified ACL
View Full Code Here


        // Now we have an ACL, add another ACE to it
        if (level == LEVEL_NEGATE_READ) {
            acl.insertAce(acl.getEntries().size(), permission, sid, false); // not granting
        } else {
            acl.insertAce(acl.getEntries().size(), permission, sid, true); // granting
        }

        // Finally, persist the modified ACL
        aclService.updateAcl(acl);
    }
View Full Code Here

        // Now let's add a couple of permissions
        topParent.insertAce(0, BasePermission.READ, new PrincipalSid(auth), true);
        topParent.insertAce(1, BasePermission.WRITE, new PrincipalSid(auth), false);
        middleParent.insertAce(0, BasePermission.DELETE, new PrincipalSid(auth), true);
        child.insertAce(0, BasePermission.DELETE, new PrincipalSid(auth), false);

        // Explicitly save the changed ACL
        jdbcMutableAclService.updateAcl(topParent);
        jdbcMutableAclService.updateAcl(middleParent);
        jdbcMutableAclService.updateAcl(child);
View Full Code Here

        } catch (NotFoundException expected) {
            assertTrue(true);
        }

        // Let's add an identical permission to the child, but it'll appear AFTER the current permission, so has no impact
        child.insertAce(1, BasePermission.DELETE, new PrincipalSid(auth), true);

        // Let's also add another permission to the child
        child.insertAce(2, BasePermission.CREATE, new PrincipalSid(auth), true);

        // Save the changed child
View Full Code Here

        // Let's add an identical permission to the child, but it'll appear AFTER the current permission, so has no impact
        child.insertAce(1, BasePermission.DELETE, new PrincipalSid(auth), true);

        // Let's also add another permission to the child
        child.insertAce(2, BasePermission.CREATE, new PrincipalSid(auth), true);

        // Save the changed child
        jdbcMutableAclService.updateAcl(child);
        child = (MutableAcl) jdbcMutableAclService.readAclById(childOid);
        assertEquals(3, child.getEntries().size());
View Full Code Here

    @Test
    @Transactional
    public void deleteAclRemovesRowsFromDatabase() throws Exception {
        SecurityContextHolder.getContext().setAuthentication(auth);
        MutableAcl child = jdbcMutableAclService.createAcl(childOid);
        child.insertAce(0, BasePermission.DELETE, new PrincipalSid(auth), false);
        jdbcMutableAclService.updateAcl(child);

        // Remove the child and check all related database rows were removed accordingly
        jdbcMutableAclService.deleteAcl(childOid, false);
        assertEquals(1, jdbcTemplate.queryForList(SELECT_ALL_CLASSES, new Object[] {TARGET_CLASS} ).size());
View Full Code Here

       // Add an ACE permission entry
       Permission cm = new CumulativePermission().set(BasePermission.READ).set(BasePermission.ADMINISTRATION);
       assertEquals(17, cm.getMask());
       Sid benSid = new PrincipalSid(auth);
       topParent.insertAce(0, cm, benSid, true);
       assertEquals(1, topParent.getEntries().size());

       // Explicitly save the changed ACL
       topParent = jdbcMutableAclService.updateAcl(topParent);
View Full Code Here

                new SimpleGrantedAuthority("ROLE_GENERAL"));

        // Let's give the principal the ADMINISTRATION permission, without
        // granting access
        MutableAcl aclFirstDeny = new AclImpl(identity, new Long(1), aclAuthorizationStrategy, new ConsoleAuditLogger());
        aclFirstDeny.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), false);

        // The CHANGE_GENERAL test should pass as the principal has ROLE_GENERAL
        aclAuthorizationStrategy.securityCheck(aclFirstDeny, AclAuthorizationStrategy.CHANGE_GENERAL);

        // The CHANGE_AUDITING and CHANGE_OWNERSHIP should fail since the
View Full Code Here

        }
        catch (AccessDeniedException expected) {
        }

        // Add granting access to this principal
        aclFirstDeny.insertAce(1, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true);
        // and try again for CHANGE_AUDITING - the first ACE's granting flag
        // (false) will deny this access
        try {
            aclAuthorizationStrategy.securityCheck(aclFirstDeny, AclAuthorizationStrategy.CHANGE_AUDITING);
            fail("It should have thrown AccessDeniedException");
View Full Code Here

        // Create another ACL and give the principal the ADMINISTRATION
        // permission, with granting access
        MutableAcl aclFirstAllow = new AclImpl(identity, new Long(1), aclAuthorizationStrategy,
                new ConsoleAuditLogger());
        aclFirstAllow.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true);

        // The CHANGE_AUDITING test should pass as there is one ACE with
        // granting access

        aclAuthorizationStrategy.securityCheck(aclFirstAllow, AclAuthorizationStrategy.CHANGE_AUDITING);
View Full Code Here

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.