本文整理了Java中org.nuxeo.ecm.core.api.security.ACE
类的一些代码示例,展示了ACE
类的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。ACE
类的具体详情如下:
包路径:org.nuxeo.ecm.core.api.security.ACE
类名称:ACE
[英]Access control entry, assigning a permission to a user.
Optionally, the assignment can be denied instead of being granted.
[中]访问控制项,将权限分配给用户。
或者,可以拒绝分配,而不是授予分配。
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api
@Override
public Object clone() {
return new ACE(username, permission, isGranted, creator, begin, end, contextData);
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api
public static Access getAccess(ACE ace, String[] principals, String[] permissions) {
String acePerm = ace.getPermission();
String aceUser = ace.getUsername();
for (String principal : principals) {
if (principalsMatch(aceUser, principal)) {
// check permission match only if principal is matching
for (String permission : permissions) {
if (permissionsMatch(acePerm, permission)) {
return ace.isGranted() ? Access.GRANT : Access.DENY;
} // end permissionMatch
} // end perm for
} // end principalMatch
} // end princ for
return Access.UNKNOWN;
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api
@Override
public boolean blockInheritance(String username) {
boolean aclChanged = false;
List<ACE> aces = Lists.newArrayList(getACEs());
if (!aces.contains(ACE.BLOCK)) {
aces.add(ACE.builder(username, SecurityConstants.EVERYTHING).creator(username).build());
aces.addAll(getAdminEverythingACES());
aces.add(ACE.BLOCK);
aclChanged = true;
setACEs(aces.toArray(new ACE[aces.size()]));
}
return aclChanged;
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api
/**
* Constructs an ACE for a given username, permission, specifying whether to grant or deny it, creator user, begin
* and end date.
*
* @since 7.4
*/
ACE(String username, String permission, boolean isGranted, String creator, Calendar begin, Calendar end,
Map<String, Serializable> contextData) {
this.username = username;
this.permission = permission;
this.isGranted = isGranted;
this.creator = creator;
setBegin(begin);
setEnd(end);
if (contextData != null) {
this.contextData = new HashMap<>(contextData);
}
if (begin != null && end != null) {
if (begin.after(end)) {
throw new IllegalArgumentException("'begin' date cannot be after 'end' date");
}
}
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-storage-sql
/** Key to distinguish ACEs */
protected static String getACEkey(ACE ace) {
// TODO separate user/group
return ace.getUsername() + '|' + ace.getPermission();
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-storage-sql
protected static void addACLRow(List<ACLRow> aclrows, String name, ACE ace) {
// XXX should prefix user/group
String user = ace.getUsername();
if (user == null) {
// JCR implementation logs null and skips it
return;
}
String group = null; // XXX all in user for now
aclrows.add(new ACLRow(aclrows.size(), name, ace.isGranted(), ace.getPermission(), user, group,
ace.getCreator(), ace.getBegin(), ace.getEnd(), ace.getLongStatus()));
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-io
@Override
protected void writeEntityBody(ACP acp, JsonGenerator jg) throws IOException {
jg.writeArrayFieldStart("acl");
for (ACL acl : acp.getACLs()) {
jg.writeStartObject();
jg.writeStringField("name", acl.getName());
jg.writeArrayFieldStart("ace");
for (ACE ace : acl.getACEs()) {
jg.writeStartObject();
jg.writeStringField("id", ace.getId());
jg.writeStringField("username", ace.getUsername());
jg.writeStringField("permission", ace.getPermission());
jg.writeBooleanField("granted", ace.isGranted());
jg.writeStringField("creator", ace.getCreator());
jg.writeStringField("begin",
ace.getBegin() != null ? DateParser.formatW3CDateTime(ace.getBegin().getTime()) : null);
jg.writeStringField("end", ace.getEnd() != null ? DateParser.formatW3CDateTime(ace.getEnd().getTime())
: null);
jg.writeStringField("status", ace.getStatus().toString().toLowerCase());
jg.writeEndObject();
}
jg.writeEndArray();
jg.writeEndObject();
}
jg.writeEndArray();
}
代码示例来源:origin: org.nuxeo.elasticsearch/nuxeo-elasticsearch-core
outerloop: for (ACL acl : acp.getACLs()) {
for (ACE ace : acl.getACEs()) {
if (ace.isGranted() && ace.isEffective() && browsePermissions.contains(ace.getPermission())) {
jg.writeString(ace.getUsername());
if (ace.isDenied() && ace.isEffective()) {
if (!EVERYONE.equals(ace.getUsername())) {
jg.writeString(UNSUPPORTED_ACL);
代码示例来源:origin: toutatice-services.dafpic/toutatice-dafpic-import-compatibility
ACE currentUserAce = new ACE(principal.getName(),
SecurityConstants.WRITE, true);
if(ACE.BLOCK.equals(ace)){
acesList.add(currentUserAce);
acesList.add(ACE.BLOCK);
} else {
String username = ace.getUsername();
DocumentModel userModel = getUserManager().getUserModel(username);
代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-platform-task-core
if (currentActors.contains(ace.getUsername()) || taskInitator.equals(ace.getUsername())) {
toRemove.add(ace);
acl.add(new ACE(actorId, SecurityConstants.EVERYTHING, true));
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api
private static boolean principalsMatch(ACE ace, String principal) {
String acePrincipal = ace.getUsername();
return principalsMatch(acePrincipal, principal);
}
代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-admin-center-core
for (ACL acl : acp.getACLs()) {
for (ACE ace : acl) {
if (username.equals(ace.getUsername())) {
Calendar now = new GregorianCalendar();
ace.setEnd(now);
changed = true;
代码示例来源:origin: acaren-nuxeo-base/acaren-nuxeo-base-core
for (ACL acl : acpParent.getACLs()) {
for (ACE ace : acl.getACEs()) {
if (ace.isGranted() && !lstPerm.contains(ace.getPermission())) {
代码示例来源:origin: toutatice-services.carto-nat/toutatice-carto-nat-ecm
/**
* @param docCtx
* @param sourceDocument
*/
public void removePublicAce(CoreSession session, DocumentModel sourceDocument) {
// Get proxy
DocumentModel proxy = ToutaticeDocumentHelper.getProxy(session, sourceDocument, SecurityConstants.READ);
// Get local ACL
ACP acp = session.getACP(sourceDocument.getRef());
ACL acl = acp.getOrCreateACL(ACL.LOCAL_ACL);
// Remove public ACE (iteraot for dirty doublon case)
ACE publicAce = new ACE(SecurityConstants.EVERYONE, SecurityConstants.READ);
Iterator<ACE> iterator = acl.iterator();
while (iterator.hasNext()) {
ACE ace = iterator.next();
if (publicAce.equals(ace)) {
iterator.remove();
}
}
UnrestrictedAcpSetter setter = new UnrestrictedAcpSetter(session, proxy, acp);
setter.runUnrestricted();
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api
private static boolean permissionsMatch(ACE ace, String permission) {
String acePerm = ace.getPermission();
// RESTRICTED_READ needs special handling, is not implied by EVERYTHING.
if (!SecurityConstants.RESTRICTED_READ.equals(permission)) {
if (SecurityConstants.EVERYTHING.equals(acePerm)) {
return true;
}
}
return StringUtils.equals(acePerm, permission);
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api
@Override
public Access getAccess(String principal, String permission) {
// check first the cache
String key = principal + ':' + permission;
Access access = cache.get(key);
if (access == null) {
access = Access.UNKNOWN;
FOUND_ACE: for (ACL acl : acls) {
for (ACE ace : acl) {
if (permissionsMatch(ace, permission) && principalsMatch(ace, principal)) {
access = ace.isGranted() ? Access.GRANT : Access.DENY;
break FOUND_ACE;
}
}
}
cache.put(key, access);
}
return access;
}
代码示例来源:origin: org.nuxeo.ecm.automation/nuxeo-automation-core
protected void replacePermission(DocumentModel doc) {
Map<String, Serializable> contextData = new HashMap<>();
contextData.put(NOTIFY_KEY, notify);
contextData.put(COMMENT_KEY, comment);
ACE oldACE = ACE.fromId(id);
ACE newACE = ACE.builder(user, permission)
.creator(session.getPrincipal().getName())
.begin(begin)
.end(end)
.contextData(contextData)
.build();
session.replaceACE(doc.getRef(), aclName, oldACE, newACE);
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-io
protected static void readACP(Element element, ACP acp) {
ACL[] acls = acp.getACLs();
for (ACL acl : acls) {
Element aclElement = element.addElement(ExportConstants.ACL_TAG);
aclElement.addAttribute(ExportConstants.NAME_ATTR, acl.getName());
ACE[] aces = acl.getACEs();
for (ACE ace : aces) {
Element aceElement = aclElement.addElement(ExportConstants.ACE_TAG);
aceElement.addAttribute(ExportConstants.PRINCIPAL_ATTR, ace.getUsername());
aceElement.addAttribute(ExportConstants.PERMISSION_ATTR, ace.getPermission());
aceElement.addAttribute(ExportConstants.GRANT_ATTR, String.valueOf(ace.isGranted()));
aceElement.addAttribute(ExportConstants.CREATOR_ATTR, ace.getCreator());
Calendar begin = ace.getBegin();
if (begin != null) {
aceElement.addAttribute(ExportConstants.BEGIN_ATTR,
DateParser.formatW3CDateTime((begin).getTime()));
}
Calendar end = ace.getEnd();
if (end != null) {
aceElement.addAttribute(ExportConstants.END_ATTR, DateParser.formatW3CDateTime((end).getTime()));
}
}
}
}
代码示例来源:origin: toutatice-services.carto-nat/toutatice-carto-nat-ecm
/**
* Gets IANs of given activity.
*
* @param session
* @param doc
* @return login and groups of IANs of activity
*/
public List<String> getIans(CoreSession session, DocumentModel doc){
List<String> ians = new ArrayList<String>(0);
ACP acp = doc.getACP();
for(ACL acl : acp.getACLs()){
for(ACE ace : acl.getACEs()){
String permission = ace.getPermission();
if(CartoSecurityConstants.MANAGE_DUN.equals(permission)){
ians.add(ace.getUsername());
}
}
}
return ians;
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api
@Override
public boolean removeByUsername(String username) {
boolean aclChanged = false;
List<ACE> aces = Lists.newArrayList(getACEs());
for (Iterator<ACE> it = aces.iterator(); it.hasNext();) {
ACE ace = it.next();
if (ace.getUsername().equals(username)) {
it.remove();
aclChanged = true;
}
}
setACEs(aces.toArray(new ACE[aces.size()]));
return aclChanged;
}
内容来源于网络,如有侵权,请联系作者删除!