org.nuxeo.ecm.core.api.security.ACE.getPermission()方法的使用及代码示例

x33g5p2x  于2022-01-16 转载在 其他  
字(10.4k)|赞(0)|评价(0)|浏览(161)

本文整理了Java中org.nuxeo.ecm.core.api.security.ACE.getPermission()方法的一些代码示例,展示了ACE.getPermission()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。ACE.getPermission()方法的具体详情如下:
包路径:org.nuxeo.ecm.core.api.security.ACE
类名称:ACE
方法名:getPermission

ACE.getPermission介绍

暂无

代码示例

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api

private static boolean permissionsMatch(ACE ace, String permission) {
  String acePerm = ace.getPermission();
  // RESTRICTED_READ needs special handling, is not implied by EVERYTHING.
  if (!SecurityConstants.RESTRICTED_READ.equals(permission)) {
    if (SecurityConstants.EVERYTHING.equals(acePerm)) {
      return true;
    }
  }
  return StringUtils.equals(acePerm, permission);
}

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api

@Override
public String[] listUsernamesForAnyPermission(Set<String> perms) {
  List<String> usernames = new ArrayList<>();
  ACL merged = getMergedACLs("merged");
  for (ACE ace : merged.getACEs()) {
    if (perms.contains(ace.getPermission()) && ace.isGranted()) {
      String username = ace.getUsername();
      if (!usernames.contains(username)) {
        usernames.add(username);
      }
    }
  }
  return usernames.toArray(new String[usernames.size()]);
}

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api

public static Access getAccess(ACE ace, String[] principals, String[] permissions) {
  String acePerm = ace.getPermission();
  String aceUser = ace.getUsername();
  for (String principal : principals) {
    if (principalsMatch(aceUser, principal)) {
      // check permission match only if principal is matching
      for (String permission : permissions) {
        if (permissionsMatch(acePerm, permission)) {
          return ace.isGranted() ? Access.GRANT : Access.DENY;
        } // end permissionMatch
      } // end perm for
    } // end principalMatch
  } // end princ for
  return Access.UNKNOWN;
}

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-storage-sql

/** Key to distinguish ACEs */
protected static String getACEkey(ACE ace) {
  // TODO separate user/group
  return ace.getUsername() + '|' + ace.getPermission();
}

代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-platform-ws

public WsACE(ACE ace) {
  this(ace.getUsername(), ace.getPermission(), ace.isGranted());
}

代码示例来源:origin: toutatice-services.carto-nat/toutatice-carto-nat-ecm

/**
 * Gets IANs of given activity.
 *
 * @param session
 * @param doc
 * @return login and groups of IANs of activity
 */
public List<String> getIans(CoreSession session, DocumentModel doc){
  List<String> ians = new ArrayList<String>(0);
  ACP acp = doc.getACP();
  for(ACL acl : acp.getACLs()){
    for(ACE ace : acl.getACEs()){
      String permission = ace.getPermission();
      if(CartoSecurityConstants.MANAGE_DUN.equals(permission)){
        ians.add(ace.getUsername());
      }
    }
  }
  return ians;
}

代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-core

/**
 * Gets Master Owners of document (users and groups).
 * 
 * @param session
 * @param document
 * @return list of Master Owners
 */
public static List<String> getMasterOwners (CoreSession session, DocumentModel document) {
  List<String> masterOwners = new ArrayList<String>(0);
  
  DocumentModel workspace = ToutaticeDocumentHelper.getWorkspace(session, document, true);
  
  if(workspace != null){
    ACP acp = workspace.getACP();
    ACL[] acLs = acp.getACLs();
    
    for(ACL acl : acLs){
      for(ACE ace :acl){
        if(ToutaticeNuxeoStudioConst.CST_PERM_MASTER_OWNER.equals(ace.getPermission())){
          masterOwners.add(ace.getUsername());
        }
      }
    }
    
  }
  
  return masterOwners;
}

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-storage-sql

protected void checkNegativeAcl(ACP acp) {
  if (negativeAclAllowed) {
    return;
  }
  if (acp == null) {
    return;
  }
  for (ACL acl : acp.getACLs()) {
    if (acl.getName().equals(ACL.INHERITED_ACL)) {
      continue;
    }
    for (ACE ace : acl.getACEs()) {
      if (ace.isGranted()) {
        continue;
      }
      String permission = ace.getPermission();
      if (permission.equals(SecurityConstants.EVERYTHING)
          && ace.getUsername().equals(SecurityConstants.EVERYONE)) {
        continue;
      }
      // allow Write, as we're sure it doesn't include Read/Browse
      if (permission.equals(SecurityConstants.WRITE)) {
        continue;
      }
      throw new IllegalArgumentException("Negative ACL not allowed: " + ace);
    }
  }
}

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-io

@Override
protected void writeEntityBody(ACP acp, JsonGenerator jg) throws IOException {
  jg.writeArrayFieldStart("acl");
  for (ACL acl : acp.getACLs()) {
    jg.writeStartObject();
    jg.writeStringField("name", acl.getName());
    jg.writeArrayFieldStart("ace");
    for (ACE ace : acl.getACEs()) {
      jg.writeStartObject();
      jg.writeStringField("id", ace.getId());
      jg.writeStringField("username", ace.getUsername());
      jg.writeStringField("permission", ace.getPermission());
      jg.writeBooleanField("granted", ace.isGranted());
      jg.writeStringField("creator", ace.getCreator());
      jg.writeStringField("begin",
          ace.getBegin() != null ? DateParser.formatW3CDateTime(ace.getBegin().getTime()) : null);
      jg.writeStringField("end", ace.getEnd() != null ? DateParser.formatW3CDateTime(ace.getEnd().getTime())
          : null);
      jg.writeStringField("status", ace.getStatus().toString().toLowerCase());
      jg.writeEndObject();
    }
    jg.writeEndArray();
    jg.writeEndObject();
  }
  jg.writeEndArray();
}

代码示例来源:origin: org.nuxeo.ecm.webengine/nuxeo-webengine-core

private static void copyTo(ACE[] aces, int s0, UserEntry[] entries, int s1, int len) {
  for (int i = s0, k = s1; i < len; i++, k++) {
    ACE ace = aces[i];
    UserEntry entry = new UserEntryImpl(ace.getUsername());
    entry.addPrivilege(ace.getPermission(), ace.isGranted(), false);
    entries[k] = entry;
  }
}

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-storage-sql

protected static void addACLRow(List<ACLRow> aclrows, String name, ACE ace) {
  // XXX should prefix user/group
  String user = ace.getUsername();
  if (user == null) {
    // JCR implementation logs null and skips it
    return;
  }
  String group = null; // XXX all in user for now
  aclrows.add(new ACLRow(aclrows.size(), name, ace.isGranted(), ace.getPermission(), user, group,
      ace.getCreator(), ace.getBegin(), ace.getEnd(), ace.getLongStatus()));
}

代码示例来源:origin: acaren-nuxeo-base/acaren-nuxeo-base-core

for (ACL acl : acpParent.getACLs()) {
  for (ACE ace : acl.getACEs()) {
    if (ace.isGranted() && !lstPerm.contains(ace.getPermission())) {

代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-platform-webapp-core

/**
 * Feeds security data object with user entries.
 */
public static void convertToSecurityData(ACP acp, SecurityData securityData) {
  if (null == acp || null == securityData) {
    log.error("Null params received, returning...");
    return;
  }
  securityData.clear();
  for (ACL acl : acp.getACLs()) {
    boolean modifiable = acl.getName().equals(ACL.LOCAL_ACL);
    for (ACE entry : acl.getACEs()) {
      if (modifiable) {
        securityData.addModifiablePrivilege(entry.getUsername(), entry.getPermission(), entry.isGranted());
      } else {
        securityData.addUnModifiablePrivilege(entry.getUsername(), entry.getPermission(), entry.isGranted());
      }
      if (!entry.isGranted() && entry.getUsername().equals(SecurityConstants.EVERYONE)
          && entry.getPermission().equals(SecurityConstants.EVERYTHING)) {
        break;
      }
    }
  }
  // needed so that the user lists are updated
  securityData.rebuildUserLists();
  securityData.setNeedSave(false);
}

代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-automation

/**
 * Converts ACE to JSOObject.
 * 
 * @param ace
 * @param groupIds
 * @return ACE as JSONObject
 */
protected JSONObject convert(ACE ace, List<String> groupIds){
  JSONObject aceEntry = new JSONObject();
  aceEntry.element("username", ace.getUsername());
  aceEntry.element("permission", ace.getPermission());
  aceEntry.element("isGranted", ace.isGranted());
  
  if(CollectionUtils.isNotEmpty(groupIds)){
    aceEntry.element("isGroup", groupIds.contains(ace.getUsername()));
  } else {
    aceEntry.element("isGroup", false);
  }
  
  return aceEntry;
}

代码示例来源:origin: org.nuxeo.ecm.webengine/nuxeo-webengine-base

public List<Permission> getPermissions() {
  try {
    ACP acp = ctx.getCoreSession().getACP(getTarget().getAdapter(DocumentModel.class).getRef());
    List<Permission> permissions = new ArrayList<Permission>();
    for (ACL acl : acp.getACLs()) {
      for (ACE ace : acl.getACEs()) {
        permissions.add(new Permission(ace.getUsername(), ace.getPermission(), ace.isGranted()));
      }
    }
    return permissions;
  } catch (NuxeoException e) {
    e.addInfo("Failed to get ACLs");
    throw e;
  }
}

代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-automation

/**
 * @param document
 * @param permission
 * @return names of groups with given permission.
 */
protected List<String> getGroupsForPermission(DocumentModel document, String permission) {
  List<String> groups = new ArrayList<String>();
  PrincipalHelper principalHelper = new PrincipalHelper(userManager, permissionProvider);
  String[] perms = principalHelper.getPermissionsToCheck(permission);
  ACP acp = document.getACP();
  for (ACL acl : acp.getACLs()) {
    for (ACE ace : acl.getACEs()) {
      if (ace.isGranted() && permissionMatch(perms, ace.getPermission())) {
        NuxeoGroup group = userManager.getGroup(ace.getUsername());
        if(group != null){
          groups.add(group.getName());
        }
      }
    }
  }
  return groups;
}

代码示例来源:origin: org.nuxeo.ecm.webengine/nuxeo-webengine-core

if (permission.equals(aces[i].getPermission()) && username.equals(aces[i].getUsername())) {
  break;

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-io

protected static void readACP(Element element, ACP acp) {
  ACL[] acls = acp.getACLs();
  for (ACL acl : acls) {
    Element aclElement = element.addElement(ExportConstants.ACL_TAG);
    aclElement.addAttribute(ExportConstants.NAME_ATTR, acl.getName());
    ACE[] aces = acl.getACEs();
    for (ACE ace : aces) {
      Element aceElement = aclElement.addElement(ExportConstants.ACE_TAG);
      aceElement.addAttribute(ExportConstants.PRINCIPAL_ATTR, ace.getUsername());
      aceElement.addAttribute(ExportConstants.PERMISSION_ATTR, ace.getPermission());
      aceElement.addAttribute(ExportConstants.GRANT_ATTR, String.valueOf(ace.isGranted()));
      aceElement.addAttribute(ExportConstants.CREATOR_ATTR, ace.getCreator());
      Calendar begin = ace.getBegin();
      if (begin != null) {
        aceElement.addAttribute(ExportConstants.BEGIN_ATTR,
            DateParser.formatW3CDateTime((begin).getTime()));
      }
      Calendar end = ace.getEnd();
      if (end != null) {
        aceElement.addAttribute(ExportConstants.END_ATTR, DateParser.formatW3CDateTime((end).getTime()));
      }
    }
  }
}

代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-automation

@OperationMethod
public Blob run(DocumentModel doc) throws Exception 
{
  JSONArray rows = new JSONArray();
  
  ACP acp = doc.getACP();
  ACL[] aclTab = acp.getACLs();
  
  for(int i=0;i<aclTab.length;i++){
    ACL acl = aclTab[i];
    ACE[] aceTab = acl.getACEs();
    
    for(int j=0;j<aceTab.length;j++){
      ACE ace = aceTab[j];
      JSONObject obj = new JSONObject();
      if(ace.isGranted()){
        obj.element("userOrGroup", ace.getUsername());
        obj.element("permission", ace.getPermission());
        rows.add(obj);
      }
    }
  }
  
  if(rows.size()>0){
    return new StringBlob(rows.toString(), "application/json");
  }else{
    return null;
  }
  }

代码示例来源:origin: toutatice-services.carto-nat/toutatice-carto-nat-ecm

for (ACE ace : acl.getACEs()) {
  if (ace.isGranted()
      && permissionMatch(perms, ace.getPermission())) {
    NuxeoGroup group = userManager.getGroup(ace.getUsername());
    if (group == null) {

相关文章