// security on versions, see TestLocalAPIWithCustomVersioning @Test public void testVersionSecurity() throws Exception { DocumentModel folder = new DocumentModelImpl("/", "folder", "Folder"); folder = session.createDocument(folder); ACP acp = new ACPImpl(); ACE ace = new ACE("princ1", "perm1", true); ACL acl = new ACLImpl("acl1", false); acl.add(ace); acp.addACL(acl); session.setACP(folder.getRef(), acp, true); DocumentModel file = new DocumentModelImpl("/folder", "file", "File"); file = session.createDocument(file); // set security acp = new ACPImpl(); ace = new ACE("princ2", "perm2", true); acl = new ACLImpl("acl2", false); acl.add(ace); acp.addACL(acl); session.setACP(file.getRef(), acp, true); session.save(); DocumentModel proxy = session.publishDocument(file, folder); DocumentModel version = session.getLastDocumentVersion(file.getRef()); session.save(); // check security on version acp = session.getACP(version.getRef()); ACL[] acls = acp.getACLs(); assertEquals(2, acls.length); acl = acls[0]; assertEquals(1, acl.size()); assertEquals("princ2", acl.get(0).getUsername()); acl = acls[1]; assertEquals(1 + 3, acl.size()); // 1 + 3 root defaults assertEquals("princ1", acl.get(0).getUsername()); // remove live document (there's a proxy so the version stays) session.removeDocument(file.getRef()); session.save(); // recheck security on version (works because we're administrator) acp = session.getACP(version.getRef()); assertNull(acp); // check proxy still accessible (in another session) try (CoreSession session2 = openSessionAs(SecurityConstants.ADMINISTRATOR)) { session2.getDocument(proxy.getRef()); } }
protected void setPermission( DocumentModel doc, String userName, String permission, boolean isGranted) { ACP acp = session.getACP(doc.getRef()); ACL localACL = acp.getOrCreateACL(ACL.LOCAL_ACL); localACL.add(new ACE(userName, permission, isGranted)); session.setACP(doc.getRef(), acp, true); session.save(); }
protected void resetPermissions(DocumentModel doc, String userName) { ACP acp = session.getACP(doc.getRef()); ACL localACL = acp.getOrCreateACL(ACL.LOCAL_ACL); Iterator<ACE> localACLIt = localACL.iterator(); while (localACLIt.hasNext()) { ACE ace = localACLIt.next(); if (userName.equals(ace.getUsername())) { localACLIt.remove(); } } session.setACP(doc.getRef(), acp, true); session.save(); }
protected void resetPermissions(DocumentRef docRef, String userName) { ACP acp = session.getACP(docRef); ACL localACL = acp.getOrCreateACL(ACL.LOCAL_ACL); Iterator<ACE> localACLIt = localACL.iterator(); while (localACLIt.hasNext()) { ACE ace = localACLIt.next(); if (userName.equals(ace.getUsername())) { localACLIt.remove(); } } session.setACP(docRef, acp, true); TransactionHelper.commitOrRollbackTransaction(); TransactionHelper.startTransaction(); }
@Override public boolean isPublished(DocumentModel doc, CoreSession session) throws ClientException { return session.getACP(doc.getRef()).getACL(CoreProxyWithWorkflowFactory.ACL_NAME) == null; }