示例#1
0
  protected RepositoryFileAcl internalUpdateAcl(
      final Session session,
      final PentahoJcrConstants pentahoJcrConstants,
      final Serializable fileId,
      final RepositoryFileAcl acl)
      throws RepositoryException {
    Node node = session.getNodeByIdentifier(fileId.toString());
    if (node == null) {
      throw new RepositoryException(
          Messages.getInstance()
              .getString(
                  "JackrabbitRepositoryFileAclDao.ERROR_0001_NODE_NOT_FOUND",
                  fileId.toString())); // $NON-NLS-1$
    }
    String absPath = node.getPath();
    AccessControlManager acMgr = session.getAccessControlManager();
    AccessControlList acList = getAccessControlList(acMgr, absPath);

    // clear all entries
    AccessControlEntry[] acEntries = acList.getAccessControlEntries();
    for (int i = 0; i < acEntries.length; i++) {
      acList.removeAccessControlEntry(acEntries[i]);
    }

    JcrRepositoryFileAclUtils.setAclMetadata(
        session,
        absPath,
        acList,
        new AclMetadata(acl.getOwner().getName(), acl.isEntriesInheriting()));

    // add entries to now empty list but only if not inheriting; force user to start with clean
    // slate
    if (!acl.isEntriesInheriting()) {
      for (RepositoryFileAce ace : acl.getAces()) {
        Principal principal = null;
        if (RepositoryFileSid.Type.ROLE == ace.getSid().getType()) {
          principal = new SpringSecurityRolePrincipal(ace.getSid().getName());
        } else {
          principal = new SpringSecurityUserPrincipal(ace.getSid().getName());
        }
        acList.addAccessControlEntry(
            principal,
            permissionConversionHelper.pentahoPermissionsToPrivileges(
                session, ace.getPermissions()));
      }
    }
    acMgr.setPolicy(absPath, acList);
    session.save();
    return getAcl(fileId);
  }
示例#2
0
 protected RepositoryFileAce toAce(final Session session, final AccessControlEntry acEntry)
     throws RepositoryException {
   Principal principal = acEntry.getPrincipal();
   RepositoryFileSid sid = null;
   String name = principal.getName();
   if (principal instanceof Group) {
     if (tenantedRoleNameUtils != null) {
       name = tenantedRoleNameUtils.getPrincipleName(name);
     }
     sid = new RepositoryFileSid(name, RepositoryFileSid.Type.ROLE);
   } else {
     if (tenantedUserNameUtils != null) {
       name = tenantedUserNameUtils.getPrincipleName(name);
     }
     sid = new RepositoryFileSid(name, RepositoryFileSid.Type.USER);
   }
   logger.debug(
       String.format("principal class [%s]", principal.getClass().getName())); // $NON-NLS-1$
   Privilege[] privileges = acEntry.getPrivileges();
   return new RepositoryFileAce(
       sid, permissionConversionHelper.privilegesToPentahoPermissions(session, privileges));
 }