private List<Privilege> getPrivilegesToFilter(Node node) {
if (node instanceof JCRNodeWrapper) {
node = ((JCRNodeWrapper) node).getRealNode();
}
List<Privilege> privilegeToFilterOut = new ArrayList<>();
// jcr:modifyAccessControl permission when data source is AccessControllable, only on
// ExternalNodeImpl
// ExtensionNodeImpl acls can be modify
if (aclReadOnly && node instanceof ExternalNodeImpl) {
privilegeToFilterOut.add(modifyAccessControlPrivilege);
}
// all write permissions in case of the data source not writable and not extendable
if (!writable
&& node instanceof ExternalNodeImpl
&& (session.getOverridableProperties() == null
|| session.getOverridableProperties().size() == 0)) {
privilegeToFilterOut.add(writePrivilege);
privilegeToFilterOut.addAll(Lists.newArrayList(writePrivilege.getAggregatePrivileges()));
}
return privilegeToFilterOut;
}
