/**
* Apply every permission from list to every sid from list.
*
* @param sids list of sids
* @param permissions list of permissions
* @param target securable object
* @param acl ACL of this object
* @param granting grant if true, revoke if false
*/
private void applyPermissionsToSids(
List<Sid> sids,
List<Permission> permissions,
Entity target,
MutableAcl acl,
boolean granting) {
deletePermissionsFromAcl(acl, sids, permissions);
int aclIndex = acl.getEntries().size();
for (Sid recipient : sids) {
for (Permission permission : permissions) {
// add permission to acl for recipient
acl.insertAce(aclIndex++, permission, recipient, granting);
logger.debug(
"Added permission mask {} for Sid {} securedObject {} id {}",
new Object[] {
permission.getMask(), recipient, target.getClass().getSimpleName(), target.getId()
});
}
}
}
/**
* Creates {@code ObjectIdentity} for {@code securedObject}
*
* @param securedObject object
* @return identity with {@code securedObject} class name and id
*/
private ObjectIdentity createIdentityFor(Entity securedObject) {
if (securedObject.getId() <= 0) {
throw new IllegalStateException("Object id must be assigned before creating acl.");
}
return new ObjectIdentityImpl(securedObject.getClass(), securedObject.getId());
}
/** {@inheritDoc} */
@Override
public void deleteFromAcl(Entity securedObject) {
deleteFromAcl(securedObject.getClass(), securedObject.getId());
}