org.apache.chemistry.opencmis.commons.data.Ace Java Examples
The following examples show how to use
org.apache.chemistry.opencmis.commons.data.Ace.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: TestRemovePermissions.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 6 votes |
|
/**
*
* @param session Session
* @return List<Ace>
*/
private List<Ace> create2TestACLs(Session session)
{
List<Ace> newACE = new ArrayList<Ace>();
LinkedList<String> permissions1 = new LinkedList<String>();
permissions1.add("{http://www.alfresco.org/model/system/1.0}base.ReadPermissions");
LinkedList<String> permissions2 = new LinkedList<String>();
permissions2.add("{http://www.alfresco.org/model/system/1.0}base.Unlock");
Ace ace1 = session.getObjectFactory().createAce("testUser1", permissions1);
Ace ace2 = session.getObjectFactory().createAce("testUser2", permissions2);
newACE.add(ace1);
newACE.add(ace2);
return newACE;
}
Example #2
| Source File: Converter.java From document-management-software with GNU Lesser General Public License v3.0 | 5 votes |
|
/**
* Converts an ACL object with its ACEs
*
* @param acl the acl
*
* @return the CMIS ACL
*/
public static CmisAccessControlListType convert(Acl acl) {
if (acl == null) {
return null;
}
CmisAccessControlListType result = new CmisAccessControlListType();
if (acl.getAces() != null) {
for (Ace ace : acl.getAces()) {
if (ace == null) {
continue;
}
CmisAccessControlEntryType entry = new CmisAccessControlEntryType();
if (ace.getPrincipal() != null) {
CmisAccessControlPrincipalType pincipal = new CmisAccessControlPrincipalType();
pincipal.setPrincipalId(ace.getPrincipal().getId());
convertExtension(pincipal, ace.getPrincipal());
entry.setPrincipal(pincipal);
}
entry.setDirect(ace.isDirect());
entry.getPermission().addAll(ace.getPermissions());
convertExtension(ace, entry);
result.getPermission().add(entry);
}
}
// handle extensions
convertExtension(acl, result);
return result;
}
Example #3
| Source File: LDRepository.java From document-management-software with GNU Lesser General Public License v3.0 | 5 votes |
|
/**
* Compiles the ACL for a file or folder
*
* @param object the persistent object
*
* @return the ACL
*/
private Acl compileAcl(PersistentObject object) {
AccessControlListImpl result = new AccessControlListImpl();
result.setAces(new ArrayList<Ace>());
for (Map.Entry<String, Boolean> ue : userMap.entrySet()) {
// create principal
// AccessControlPrincipalDataImpl principal = new AccessControlPrincipalDataImpl();
// principal.setPrincipalId(ue.getKey());
// create principal
AccessControlPrincipalDataImpl principal = new AccessControlPrincipalDataImpl(ue.getKey());
// create ACE
AccessControlEntryImpl entry = new AccessControlEntryImpl();
entry.setPrincipal(principal);
entry.setPermissions(new ArrayList<String>());
entry.getPermissions().add(CMIS_READ);
if (!ue.getValue().booleanValue() && checkPermission(object, null, Permission.WRITE)
&& !(object instanceof Folder && ((Folder) object).getType() == Folder.TYPE_WORKSPACE)) {
entry.getPermissions().add(CMIS_WRITE);
entry.getPermissions().add(CMIS_ALL);
}
entry.setDirect(true);
// add ACE
result.getAces().add(entry);
}
return result;
}
Example #4
| Source File: Converter.java From document-management-software with GNU Lesser General Public License v3.0 | 5 votes |
|
/**
* Converts an ACL object with its ACEs
*
* @param acl the security policies
* @param isExact if the specification is exact
*
* @return the converted ACL
*/
public static Acl convert(CmisAccessControlListType acl, Boolean isExact) {
if (acl == null) {
return null;
}
AccessControlListImpl result = new AccessControlListImpl();
List<Ace> aces = new ArrayList<Ace>();
for (CmisAccessControlEntryType entry : acl.getPermission()) {
if (entry == null) {
continue;
}
AccessControlEntryImpl ace = new AccessControlEntryImpl();
ace.setDirect(entry.isDirect());
ace.setPermissions(entry.getPermission());
AccessControlPrincipalDataImpl principal = new AccessControlPrincipalDataImpl(
entry.getPrincipal() == null ? null : entry.getPrincipal().getPrincipalId());
convertExtension(entry.getPrincipal(), principal);
ace.setPrincipal(principal);
// handle extensions
convertExtension(entry, ace);
aces.add(ace);
}
result.setAces(aces);
result.setExact(isExact);
// handle extensions
convertExtension(acl, result);
return result;
}
Example #5
| Source File: CMISConnector.java From alfresco-repository with GNU Lesser General Public License v3.0 | 5 votes |
|
/**
* Filter acl to ignore inherited ACEs
*
* @param nodeRef NodeRef
* @param acl Acl
* @return Acl
*/
protected Acl excludeInheritedAces(NodeRef nodeRef, Acl acl)
{
List<Ace> newAces = new ArrayList<Ace>();
Acl allACLs = getACL(nodeRef, false);
Map<String, Set<String>> originalsAcls = convertAclToMap(allACLs);
Map<String, Set<String>> newAcls = convertAclToMap(acl);
// iterate through the original ACEs
for (Map.Entry<String, Set<String>> ace : originalsAcls.entrySet())
{
// add permissions
Set<String> addPermissions = newAcls.get(ace.getKey());
if (addPermissions != null)
{
ace.getValue().addAll(addPermissions);
}
// create new ACE
if (!ace.getValue().isEmpty())
{
newAces.add(new AccessControlEntryImpl(new AccessControlPrincipalDataImpl(ace
.getKey()), new ArrayList<String>(ace.getValue())));
}
}
return new AccessControlListImpl(newAces);
}
Example #6
| Source File: CMISConnector.java From alfresco-repository with GNU Lesser General Public License v3.0 | 5 votes |
|
/**
* Sets the given ACL.
*/
public void applyACL(NodeRef nodeRef, TypeDefinitionWrapper type, Acl aces)
{
boolean hasAces = (aces != null) && (aces.getAces() != null) && !aces.getAces().isEmpty();
if (!hasAces && !permissionService.getInheritParentPermissions(nodeRef))
{
return;
}
if (!type.getTypeDefinition(false).isControllableAcl())
{
throw new CmisConstraintException("Object is not ACL controllable!");
}
// remove all permissions
permissionService.deletePermissions(nodeRef);
// set new permissions
for (Ace ace : aces.getAces())
{
String principalId = ace.getPrincipalId();
if (CMIS_USER.equals(principalId))
{
principalId = AuthenticationUtil.getFullyAuthenticatedUser();
}
List<String> permissions = translatePermissionsFromCMIS(ace.getPermissions());
for (String permission : permissions)
{
permissionService.setPermission(nodeRef, principalId, permission, true);
}
}
}
Example #7
| Source File: CMISDataCreatorTest.java From SearchServices with GNU Lesser General Public License v3.0 | 5 votes |
|
public void testCreate()
{
Session session = getSession("admin", "admin");
String folderName = getRootFolderName();
Folder root = session.getRootFolder();
Map<String, Object> properties = new HashMap<String, Object>();
properties.put(PropertyIds.OBJECT_TYPE_ID, "cmis:folder");
properties.put(PropertyIds.NAME, folderName);
// create the folder
Folder newFolder = root.createFolder(properties);
for(int i = 0; i < 50; i++)
{
AccessControlPrincipalDataImpl principal = new AccessControlPrincipalDataImpl("user"+i);
List<String> permissions = new ArrayList<String>(1);
permissions.add(BasicPermissions.READ);
List<Ace> addAces = new ArrayList<Ace>(1);
addAces.add(new AccessControlEntryImpl(principal, permissions));
newFolder.addAcl(addAces, AclPropagation.PROPAGATE);
Map<String, Object> updateProperties = new HashMap<String, Object>();
updateProperties.put("cm:title", "Update title "+i);
newFolder.updateProperties(properties);
if(i % 10 == 0)
{
System.out.println("@ "+i);
}
}
ItemIterable<QueryResult> result = session.query("select * from cmis:folder", false);
assertTrue(result.getTotalNumItems() > 0);
result = session.query("select * from cmis:folder where cmis:name = '"+folderName+"'", false);
assertTrue(result.getTotalNumItems() > 0);
}
Example #8
| Source File: CmisTestObject.java From iaf with Apache License 2.0 | 4 votes |
|
@Override
public Document copy(ObjectId targetFolderId, Map<String, ?> properties, VersioningState versioningState, List<Policy> policies, List<Ace> addACEs, List<Ace> removeACEs, OperationContext context) {
// TODO Auto-generated method stub
return null;
}
Example #9
| Source File: CmisTestObject.java From iaf with Apache License 2.0 | 4 votes |
|
@Override
public ObjectId checkIn(boolean major, Map<String, ?> properties, ContentStream contentStream, String checkinComment, List<Policy> policies, List<Ace> addAces, List<Ace> removeAces) {
// TODO Auto-generated method stub
return null;
}
Example #10
| Source File: CmisTestObject.java From iaf with Apache License 2.0 | 4 votes |
|
@Override
public Acl setAcl(List<Ace> aces) {
// TODO Auto-generated method stub
return null;
}
Example #11
| Source File: CmisTestObject.java From iaf with Apache License 2.0 | 4 votes |
|
@Override
public Acl removeAcl(List<Ace> removeAces, AclPropagation aclPropagation) {
// TODO Auto-generated method stub
return null;
}
Example #12
| Source File: CmisTestObject.java From iaf with Apache License 2.0 | 4 votes |
|
@Override
public Acl addAcl(List<Ace> addAces, AclPropagation aclPropagation) {
// TODO Auto-generated method stub
return null;
}
Example #13
| Source File: CmisTestObject.java From iaf with Apache License 2.0 | 4 votes |
|
@Override
public Acl applyAcl(List<Ace> addAces, List<Ace> removeAces, AclPropagation aclPropagation) {
// TODO Auto-generated method stub
return null;
}
Example #14
| Source File: TestRemovePermissions.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 4 votes |
|
@Test
public void testRemoveAllPermissions_BROWSER_11()
{
Folder testFolder = null;
try
{
Session session = getBROWSER_11_Session();
if (session == null)
{
fail("ATOMPUB 1.1 session cannot be null");
}
testFolder = createFolder(session, "testRemoveAllPermissions_BROWSER_11");
List<Ace> acl = create2TestACLs(session);
// adding new ACE
testFolder.addAcl(acl, AclPropagation.PROPAGATE);
Acl allacl = session.getAcl(session.createObjectId(testFolder.getId()), false);
int oldSize = allacl.getAces().size();
// Removing ALL ACEs
Acl newAcl = testFolder.removeAcl(allacl.getAces(), AclPropagation.PROPAGATE);
int newsize = newAcl.getAces().size();
System.out.println("Old ace size -->" + oldSize);
System.out.println("New ace size --> " + newsize);
assertTrue(newsize == oldSize - acl.size());
}
catch (Exception ex)
{
fail(ex.getMessage());
}
finally
{
if (testFolder != null)
{
testFolder.delete();
}
}
}
Example #15
| Source File: TestRemovePermissions.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 4 votes |
|
@Test
public void testRemoveAllPermissions_ATOMPUB_11()
{
Folder testFolder = null;
try
{
Session session = getATOMPUB_11_Session();
if (session == null)
{
fail("ATOMPUB 1.1 session cannot be null");
}
testFolder = createFolder(session, "testRemoveAllPermissions_ATOMPUB_11");
List<Ace> acl = create2TestACLs(session);
// adding new ACE
testFolder.addAcl(acl, AclPropagation.PROPAGATE);
Acl allacl = session.getAcl(session.createObjectId(testFolder.getId()), false);
int oldSize = allacl.getAces().size();
// Removing ALL ACEs
Acl newAcl = testFolder.removeAcl(allacl.getAces(), AclPropagation.PROPAGATE);
int newsize = newAcl.getAces().size();
System.out.println("Old ace size -->" + oldSize);
System.out.println("New ace size --> " + newsize);
assertTrue(newsize == oldSize - acl.size());
}
catch (Exception ex)
{
fail(ex.getMessage());
}
finally
{
if (testFolder != null)
{
testFolder.delete();
}
}
}
Example #16
| Source File: TestRemovePermissions.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 4 votes |
|
@Test
public void testRemoveAllPermissions_ATOMPUB_10()
{
Folder testFolder = null;
try
{
Session session = getATOMPUB_10_Session();
if (session == null)
{
fail("ATOMPUB 1.0 session cannot be null");
}
testFolder = createFolder(session, "testRemoveAllPermissions_ATOMPUB_10");
List<Ace> acl = create2TestACLs(session);
// adding new ACE
testFolder.addAcl(acl, AclPropagation.PROPAGATE);
Acl allacl = session.getAcl(session.createObjectId(testFolder.getId()), false);
int oldSize = allacl.getAces().size();
// Removing ALL ACEs
Acl newAcl = testFolder.removeAcl(allacl.getAces(), AclPropagation.PROPAGATE);
int newsize = newAcl.getAces().size();
System.out.println("Old ace size -->" + oldSize);
System.out.println("New ace size --> " + newsize);
assertTrue(newsize == oldSize - acl.size());
}
catch (Exception ex)
{
fail(ex.getMessage());
}
finally
{
if (testFolder != null)
{
testFolder.delete();
}
}
}
Example #17
| Source File: TestRemovePermissions.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 4 votes |
|
/**
* cmisws?wsdl is not available using jetty in automated test suite should
* be runned using an external alfresco server
*
*/
// @Test
public void testRemoveAllPermissions_WEBSERVICE_10()
{
Folder testFolder = null;
try
{
Session session = getWEBSERVICE_10_Session();
if (session == null)
{
fail("WEBSERVICE 1.0 session cannot be null");
}
testFolder = createFolder(session, "testRemoveAllPermissions_WEBSERVICE_10");
List<Ace> acl = create2TestACLs(session);
// adding new ACE
testFolder.addAcl(acl, AclPropagation.PROPAGATE);
Acl allacl = session.getAcl(session.createObjectId(testFolder.getId()), false);
int oldSize = allacl.getAces().size();
// Removing ALL ACEs
Acl newAcl = testFolder.removeAcl(allacl.getAces(), AclPropagation.PROPAGATE);
int newsize = newAcl.getAces().size();
System.out.println("Old ace size -->" + oldSize);
System.out.println("New ace size --> " + newsize);
assertTrue(newsize == oldSize - acl.size());
}
catch (Exception ex)
{
fail(ex.getMessage());
}
finally
{
if (testFolder != null)
{
testFolder.delete();
}
}
}
Example #18
| Source File: CMISDataCreatorTest.java From SearchServices with GNU Lesser General Public License v3.0 | 4 votes |
|
public void testCreateLots() throws Exception
{
Session session = getSession("admin", "admin");
Folder root = session.getRootFolder();
String folderNameBase = getRootFolderName();
Map<String, Object> properties = new HashMap<String, Object>();
properties.put(PropertyIds.OBJECT_TYPE_ID, "cmis:folder");
properties.put(PropertyIds.NAME, folderNameBase);
Folder base = root.createFolder(properties);
for(int i = 0; i < 10; i++)
{
AccessControlPrincipalDataImpl principal = new AccessControlPrincipalDataImpl(""+i+i+i);
List<String> permissions = new ArrayList<String>(1);
permissions.add(BasicPermissions.ALL);
List<Ace> addAces = new ArrayList<Ace>(1);
addAces.add(new AccessControlEntryImpl(principal, permissions));
base.addAcl(addAces, AclPropagation.PROPAGATE);
}
Thread last = null;
for(int i = 0; i < 10; i++)
{
Creator creator = new Creator(base.getPath(), i);
Thread thread = new Thread(creator);
thread.start();
last = thread;
}
if(last != null)
{
last.join();
}
ItemIterable<QueryResult> result = session.query("select * from cmis:folder", false);
assertTrue(result.getTotalNumItems() > 0);
//result = session.query("select * from cmis:folder where cmis:name = '"+folderName+"'", false);
//assertTrue(result.getTotalNumItems() > 0);
}
Example #19
| Source File: CMISConnector.java From alfresco-repository with GNU Lesser General Public License v3.0 | 4 votes |
|
/**
* Converts Acl to map and ignore the indirect ACEs
*
* @param acl Acl
* @return Map
*/
private Map<String, Set<String>> convertAclToMap(Acl acl)
{
Map<String, Set<String>> result = new HashMap<String, Set<String>>();
if (acl == null || acl.getAces() == null)
{
return result;
}
for (Ace ace : acl.getAces())
{
// don't consider indirect ACEs - we can't change them
if (!ace.isDirect())
{
// ignore
continue;
}
// although a principal must not be null, check it
if (ace.getPrincipal() == null || ace.getPrincipal().getId() == null)
{
// ignore
continue;
}
Set<String> permissions = result.get(ace.getPrincipal().getId());
if (permissions == null)
{
permissions = new HashSet<String>();
result.put(ace.getPrincipal().getId(), permissions);
}
if (ace.getPermissions() != null)
{
permissions.addAll(ace.getPermissions());
}
}
return result;
}
Example #20
| Source File: CMISConnector.java From alfresco-repository with GNU Lesser General Public License v3.0 | 4 votes |
|
@SuppressWarnings("unchecked")
private ObjectData createCMISObjectImpl(final CMISNodeInfo info, Properties nodeProps, String filter,
boolean includeAllowableActions, IncludeRelationships includeRelationships, String renditionFilter,
boolean includePolicyIds, boolean includeAcl)
{
final ObjectDataImpl result = new ObjectDataImpl();
// set allowable actions
if (includeAllowableActions)
{
result.setAllowableActions(getAllowableActions(info));
}
// set policy ids
if (includePolicyIds)
{
result.setPolicyIds(new PolicyIdListImpl());
}
if (info.isRelationship())
{
// set properties
result.setProperties(getAssocProperties(info, filter));
// set ACL
if (includeAcl)
{
// association have no ACL - return an empty list of ACEs
result.setAcl(new AccessControlListImpl((List<Ace>) Collections.EMPTY_LIST));
result.setIsExactAcl(Boolean.FALSE);
}
}
else
{
// set properties
result.setProperties(nodeProps);
// set relationships
if (includeRelationships != IncludeRelationships.NONE)
{
result.setRelationships(getRelationships(info.getNodeRef(), includeRelationships));
}
// set renditions
if (!RENDITION_NONE.equals(renditionFilter))
{
List<RenditionData> renditions = getRenditions(info.getNodeRef(), renditionFilter, null, null);
if ((renditions != null) && (!renditions.isEmpty()))
{
result.setRenditions(renditions);
}
else
{
result.setRenditions(Collections.EMPTY_LIST);
}
}
// set ACL
if (includeAcl)
{
AuthenticationUtil.runAsSystem(new RunAsWork<Void>()
{
@Override
public Void doWork() throws Exception
{
Acl acl = getACL(info.getCurrentNodeNodeRef(), false);
if (acl != null)
{
result.setAcl(acl);
result.setIsExactAcl(acl.isExact());
}
return null;
}
});
}
// add aspects
List<CmisExtensionElement> extensions = getAspectExtensions(info, filter, result.getProperties()
.getProperties().keySet());
if (!extensions.isEmpty())
{
result.getProperties().setExtensions(
Collections.singletonList((CmisExtensionElement) new CmisExtensionElementImpl(
ALFRESCO_EXTENSION_NAMESPACE, ASPECTS, null, extensions)));
}
}
return result;
}
