protected RepositoryFileAcl internalUpdateAcl(
final Session session,
final PentahoJcrConstants pentahoJcrConstants,
final Serializable fileId,
final RepositoryFileAcl acl)
throws RepositoryException {
Node node = session.getNodeByIdentifier(fileId.toString());
if (node == null) {
throw new RepositoryException(
Messages.getInstance()
.getString(
"JackrabbitRepositoryFileAclDao.ERROR_0001_NODE_NOT_FOUND",
fileId.toString())); // $NON-NLS-1$
}
String absPath = node.getPath();
AccessControlManager acMgr = session.getAccessControlManager();
AccessControlList acList = getAccessControlList(acMgr, absPath);
// clear all entries
AccessControlEntry[] acEntries = acList.getAccessControlEntries();
for (int i = 0; i < acEntries.length; i++) {
acList.removeAccessControlEntry(acEntries[i]);
}
JcrRepositoryFileAclUtils.setAclMetadata(
session,
absPath,
acList,
new AclMetadata(acl.getOwner().getName(), acl.isEntriesInheriting()));
// add entries to now empty list but only if not inheriting; force user to start with clean
// slate
if (!acl.isEntriesInheriting()) {
for (RepositoryFileAce ace : acl.getAces()) {
Principal principal = null;
if (RepositoryFileSid.Type.ROLE == ace.getSid().getType()) {
principal = new SpringSecurityRolePrincipal(ace.getSid().getName());
} else {
principal = new SpringSecurityUserPrincipal(ace.getSid().getName());
}
acList.addAccessControlEntry(
principal,
permissionConversionHelper.pentahoPermissionsToPrivileges(
session, ace.getPermissions()));
}
}
acMgr.setPolicy(absPath, acList);
session.save();
return getAcl(fileId);
}
