@Override
public boolean hasPrivileges(final String absPath, final Privilege[] privileges)
throws PathNotFoundException, RepositoryException {
if (supportPrivileges) {
// if the node is created in the same session, return true
for (Item item : session.getNewItems()) {
if (item.getPath().equals(absPath)) {
return true;
}
}
// check privilege names
return hasPrivilegesLegacy(absPath, privileges);
} else {
// check ACLs
Set<String> privs = new HashSet<>();
for (Privilege privilege : privileges) {
privs.add(privilege.getName());
}
String mountPoint = session.getRepository().getStoreProvider().getMountPoint();
Session securitySession =
JCRSessionFactory.getInstance()
.getCurrentSystemSession(session.getWorkspace().getName(), null, null);
PathWrapper pathWrapper =
new ExternalPathWrapperImpl(
StringUtils.equals(absPath, "/") ? mountPoint : mountPoint + absPath,
securitySession);
return AccessManagerUtils.isGranted(
pathWrapper,
privs,
securitySession,
jahiaPrincipal,
workspaceName,
false,
pathPermissionCache,
compiledAcls,
registry);
}
}
private static Privilege[] filterPrivileges(
Privilege[] privileges, List<Privilege> privilegesToFilterOut) {
Set<Privilege> filteredResult = new HashSet<Privilege>();
for (Privilege privilege : privileges) {
if (!privilegesToFilterOut.contains(privilege)) {
if (privilege.isAggregate()
&& areIntersecting(privilege.getDeclaredAggregatePrivileges(), privilegesToFilterOut)) {
// We de-aggregate a privilege in case any of its children are to be filtered out, since a
// privilege is valid only if all its children are valid.
filteredResult.addAll(
Arrays.asList(
filterPrivileges(
privilege.getDeclaredAggregatePrivileges(), privilegesToFilterOut)));
} else {
filteredResult.add(privilege);
}
}
}
return filteredResult.toArray(new Privilege[filteredResult.size()]);
}