示例#1
0
  public ExternalAccessControlManager(
      NamespaceRegistry namespaceRegistry,
      ExternalSessionImpl session,
      ExternalDataSource dataSource) {

    this.session = session;
    this.workspaceName = session.getWorkspace().getName();
    this.aclReadOnly =
        dataSource instanceof ExternalDataSource.AccessControllable
            || dataSource instanceof ExternalDataSource.SupportPrivileges;
    this.writable = dataSource instanceof ExternalDataSource.Writable;
    this.supportPrivileges = dataSource instanceof ExternalDataSource.SupportPrivileges;
    this.rootUserName = JahiaUserManagerService.getInstance().getRootUserName();
    this.dataSource = dataSource;

    this.pathPermissionCache =
        Collections.synchronizedMap(
            new LRUMap(SettingsBean.getInstance().getAccessManagerPathPermissionCacheMaxSize()));
    this.jahiaPrincipal =
        new JahiaPrincipal(
            session.getUserID(),
            session.getRealm(),
            session.getUserID().startsWith(JahiaLoginModule.SYSTEM),
            JahiaLoginModule.GUEST.equals(session.getUserID()));
    try {
      registry = new JahiaPrivilegeRegistry(namespaceRegistry);
      this.modifyAccessControlPrivilege =
          registry.getPrivilege("jcr:modifyAccessControl", workspaceName);
      this.writePrivilege = registry.getPrivilege("jcr:write", workspaceName);
    } catch (RepositoryException e) {
      throw new JahiaRuntimeException(e);
    }
  }
示例#2
0
  private boolean hasPrivilegesLegacy(String absPath, Privilege[] privileges)
      throws PathNotFoundException, RepositoryException {

    // if no privilege set, return true
    if (privileges == null || privileges.length == 0) {
      return true;
    }

    // if root or system session return true
    String userID = session.getUserID();
    if (userID.startsWith(JahiaLoginModule.SYSTEM) || rootUserName.equals(userID)) {
      return true;
    }

    boolean allowed = true;
    Privilege[] granted = getPrivileges(absPath);
    for (Privilege toCheck : privileges) {
      if (toCheck != null && !ArrayUtils.contains(granted, toCheck)) {
        allowed = false;
        break;
      }
    }

    return allowed;
  }
示例#3
0
 private String[] getPrivilegesNamesLegacy(String absPath) {
   ExternalContentStoreProvider.setCurrentSession(session);
   try {
     return ((ExternalDataSource.SupportPrivileges) dataSource)
         .getPrivilegesNames(session.getUserID(), absPath);
   } finally {
     ExternalContentStoreProvider.removeCurrentSession();
   }
 }