public void setAccessControlList(NodeRef nodeRef, Acl acl) { Long aclId = null; if (acl != null) { aclId = acl.getId(); } setAccessControlList(nodeRef, aclId); }
if (targetAcl.getInheritsFrom() != null) inheritedAcl = aclCrudDAO.getAcl(targetAcl.getInheritsFrom()); if (inheritedAcl == null) if (!inheritedAcl.isLatest()) final String searchAclId = inheritedAcl.getAclId(); while (test != null) Long testId = test.getId(); if (testId != null && testId.equals(target)) Long parent = test.getInheritsFrom(); if ((parent == null) || (parent == -1l)) test = aclCrudDAO.getAcl(test.getInheritsFrom()); if ((targetAcl.getAclType() != ACLType.DEFINING) && (targetAcl.getAclType() != ACLType.LAYERED)) if (!targetAcl.getInherits()) Long actualInheritedId = inheritedAcl.getId(); if ((inheritedAcl.getAclType() == ACLType.DEFINING) || (inheritedAcl.getAclType() == ACLType.LAYERED))
/** * @param nodeRef NodeRef * @param acl Acl */ private void replaceWithCleanDefiningAcl(NodeRef nodeRef, Acl acl) { // TODO: could just clear out existing SimpleAccessControlListProperties properties = new SimpleAccessControlListProperties(); properties = new SimpleAccessControlListProperties(); properties.setAclType(ACLType.DEFINING); properties.setInherits(Boolean.FALSE); properties.setVersioned(false); Acl newAcl = aclDaoComponent.createAccessControlList(properties); long id = newAcl.getId(); getACLDAO(nodeRef).setAccessControlList(nodeRef, newAcl); List<AclChange> changes = new ArrayList<AclChange>(); changes.addAll(getACLDAO(nodeRef).setInheritanceForChildren(nodeRef, id, acl.getInheritedAcl())); getACLDAO(nodeRef).updateChangedAcls(nodeRef, changes); aclDaoComponent.deleteAccessControlList(acl.getId()); } }
if (acl != null && acl.getInherits()) Long sharedAclchildInheritsFrom = acl.getInheritsFrom(); if(childAclId.equals(oldParentSharedAclId)) if (acl.getAclType() == ACLType.LAYERED) else if (acl.getAclType() == ACLType.DEFINING) List<AclChange> newChanges = aclDaoComponent.mergeInheritedAccessControlList(newParentSharedAclId, childAclId); else if (acl.getAclType() == ACLType.SHARED)
/** * {@inheritDoc} */ @Override public void deleteAclForNode(long aclId) { Acl dbAcl = getAcl(aclId); if (dbAcl.getAclType() == ACLType.DEFINING) { // delete acl members & acl aclCrudDAO.deleteAclMembersByAcl(aclId); aclCrudDAO.deleteAcl(aclId); } if (dbAcl.getAclType() == ACLType.SHARED) { // check unused Long defining = dbAcl.getInheritsFrom(); if (aclCrudDAO.getAcl(defining) == null) { // ADM if (getADMNodesByAcl(aclId, 1).size() == 0) { // delete acl members & acl aclCrudDAO.deleteAclMembersByAcl(aclId); aclCrudDAO.deleteAcl(aclId); } } } }
long id = acl.getId(); changes.add(new AclDAOImpl.AclChangeImpl(null, id, null, acl.getAclType())); changes.addAll(getACLDAO(nodeRef).setInheritanceForChildren(nodeRef, id, null)); getACLDAO(nodeRef).setAccessControlList(nodeRef, acl); List<AclChange> changes; Acl acl; switch (existing.getAclType()) properties.setInherits(existing.getInherits()); properties.setVersioned(false); id = acl.getId(); changes.add(new AclDAOImpl.AclChangeImpl(existing.getId(), id, existing.getAclType(), acl.getAclType())); changes.addAll(aclDaoComponent.mergeInheritedAccessControlList(existing.getId(), id)); changes.addAll(getACLDAO(nodeRef).setInheritanceForChildren(nodeRef, id, aclDaoComponent.getInheritedAccessControlList(existing.getId()))); throw new IllegalStateException("Layering is not supported for DM permissions"); default: throw new IllegalStateException("Unknown type " + existing.getAclType());
public void setInheritParentPermissions(NodeRef nodeRef, boolean inheritParentPermissions) { Acl acl = getAccessControlList(nodeRef); if ((acl == null) && (inheritParentPermissions == INHERIT_PERMISSIONS_DEFAULT)) { return; } if ((acl != null) && (acl.getInherits() == inheritParentPermissions)) { return; } CreationReport report = getMutableAccessControlList(nodeRef); List<AclChange> changes; if (!inheritParentPermissions) { changes = aclDaoComponent.disableInheritance(report.getCreated().getId(), false); } else { Long parentAcl = getACLDAO(nodeRef).getInheritedAcl(nodeRef); changes = aclDaoComponent.enableInheritance(report.getCreated().getId(), parentAcl); } List<AclChange> all = new ArrayList<AclChange>(changes.size() + report.getChanges().size()); all.addAll(report.getChanges()); all.addAll(changes); getACLDAO(nodeRef).updateChangedAcls(nodeRef, all); }
switch (acl.getAclType()) throw new IllegalStateException("Can not delete from this acl in a node context " + acl.getAclType()); case SHARED: pattern.setAuthority(authority); pattern.setPosition(Integer.valueOf(0)); List<AclChange> changes = aclDaoComponent.deleteAccessControlEntries(report.getCreated().getId(), pattern); getACLDAO(nodeRef).updateChangedAcls(nodeRef, changes); break;
getWritable(inherited.getId(), acl.getInheritsFrom(), null, null, null, true, acls, WriteMode.REMOVE_INHERITED); Acl unusedInherited = null; for (AclChange change : acls) if (change.getBefore()!= null && change.getBefore().equals(inherited.getId())) final Long newId = unusedInherited.getId(); List<Long> inheritors = aclCrudDAO.getAclsThatInheritFromAcl(newId); for (Long nextId : inheritors) aclCrudDAO.deleteAcl(unusedInherited.getId()); if (inherited.isVersioned()) AclUpdateEntity inheritedForUpdate = aclCrudDAO.getAclForUpdate(inherited.getId()); if (inheritedForUpdate != null) aclCrudDAO.deleteAcl(inherited.getId());
if (dbAcl.getAclType() == ACLType.LAYERED) else if (dbAcl.getAclType() == ACLType.DEFINING) if (dbAcl.getInherits()) else if (dbAcl.getAclType() == ACLType.SHARED)
if (target.getAclType() == ACLType.SHARED)
long id = acl.getId(); changes.add(new AclDAOImpl.AclChangeImpl(null, id, null, acl.getAclType())); changes.addAll(getACLDAO(nodeRef).setInheritanceForChildren(nodeRef, id, null)); getACLDAO(nodeRef).setAccessControlList(nodeRef, acl); List<AclChange> changes; Acl acl; switch (existing.getAclType()) properties.setInherits(existing.getInherits()); properties.setVersioned(false); id = acl.getId(); changes.add(new AclDAOImpl.AclChangeImpl(existing.getId(), id, existing.getAclType(), acl.getAclType())); changes.addAll(aclDaoComponent.mergeInheritedAccessControlList(existing.getId(), id)); changes.addAll(getACLDAO(nodeRef).setInheritanceForChildren(nodeRef, id, aclDaoComponent.getInheritedAccessControlList(existing.getId()))); throw new IllegalStateException("Layering is not supported for DM permissions"); default: throw new IllegalStateException("Unknown type " + existing.getAclType());
public void setInheritParentPermissions(NodeRef nodeRef, boolean inheritParentPermissions) { Acl acl = getAccessControlList(nodeRef); if ((acl == null) && (inheritParentPermissions == INHERIT_PERMISSIONS_DEFAULT)) { return; } if ((acl != null) && (acl.getInherits() == inheritParentPermissions)) { return; } CreationReport report = getMutableAccessControlList(nodeRef); List<AclChange> changes; if (!inheritParentPermissions) { changes = aclDaoComponent.disableInheritance(report.getCreated().getId(), false); } else { Long parentAcl = getACLDAO(nodeRef).getInheritedAcl(nodeRef); changes = aclDaoComponent.enableInheritance(report.getCreated().getId(), parentAcl); } List<AclChange> all = new ArrayList<AclChange>(changes.size() + report.getChanges().size()); all.addAll(report.getChanges()); all.addAll(changes); getACLDAO(nodeRef).updateChangedAcls(nodeRef, all); }
switch (acl.getAclType()) throw new IllegalStateException("Can not delete from this acl in a node context " + acl.getAclType()); case SHARED: pattern.setAuthority(authority); pattern.setPosition(Integer.valueOf(0)); List<AclChange> changes = aclDaoComponent.deleteAccessControlEntries(report.getCreated().getId(), pattern); getACLDAO(nodeRef).updateChangedAcls(nodeRef, changes); break;
if (acl != null && acl.getInherits()) Long sharedAclchildInheritsFrom = acl.getInheritsFrom(); if(childAclId.equals(oldParentSharedAclId)) if (acl.getAclType() == ACLType.LAYERED) else if (acl.getAclType() == ACLType.DEFINING) List<AclChange> newChanges = aclDaoComponent.mergeInheritedAccessControlList(newParentSharedAclId, childAclId); else if (acl.getAclType() == ACLType.SHARED)
getWritable(inherited.getId(), acl.getInheritsFrom(), null, null, null, true, acls, WriteMode.REMOVE_INHERITED); Acl unusedInherited = null; for (AclChange change : acls) if (change.getBefore()!= null && change.getBefore().equals(inherited.getId())) final Long newId = unusedInherited.getId(); List<Long> inheritors = aclCrudDAO.getAclsThatInheritFromAcl(newId); for (Long nextId : inheritors) aclCrudDAO.deleteAcl(unusedInherited.getId()); if (inherited.isVersioned()) AclUpdateEntity inheritedForUpdate = aclCrudDAO.getAclForUpdate(inherited.getId()); if (inheritedForUpdate != null) aclCrudDAO.deleteAcl(inherited.getId());
/** * {@inheritDoc} */ @Override public void deleteAclForNode(long aclId) { Acl dbAcl = getAcl(aclId); if (dbAcl.getAclType() == ACLType.DEFINING) { // delete acl members & acl aclCrudDAO.deleteAclMembersByAcl(aclId); aclCrudDAO.deleteAcl(aclId); } if (dbAcl.getAclType() == ACLType.SHARED) { // check unused Long defining = dbAcl.getInheritsFrom(); if (aclCrudDAO.getAcl(defining) == null) { // ADM if (getADMNodesByAcl(aclId, 1).size() == 0) { // delete acl members & acl aclCrudDAO.deleteAclMembersByAcl(aclId); aclCrudDAO.deleteAcl(aclId); } } } }
if (dbAcl.getAclType() == ACLType.LAYERED) else if (dbAcl.getAclType() == ACLType.DEFINING) if (dbAcl.getInherits()) else if (dbAcl.getAclType() == ACLType.SHARED)
protected CreationReport getMutableAccessControlList(NodeRef nodeRef) { Acl acl = getACLDAO(nodeRef).getAccessControlList(nodeRef); if (acl == null) { return createAccessControlList(nodeRef, INHERIT_PERMISSIONS_DEFAULT, null); } else { switch (acl.getAclType()) { case FIXED: case GLOBAL: case SHARED: case LAYERED: // We can not set an ACL on node that has one of these types so we need to make a new one .... return createAccessControlList(nodeRef, INHERIT_PERMISSIONS_DEFAULT, acl); case DEFINING: case OLD: default: // Force a copy on write if one is required getACLDAO(nodeRef).forceCopy(nodeRef); acl = getACLDAO(nodeRef).getAccessControlList(nodeRef); return new CreationReport(acl, Collections.<AclChange> emptyList()); } } }
public void setAccessControlList(NodeRef nodeRef, Acl acl) { Long aclId = null; if (acl != null) { aclId = acl.getId(); } setAccessControlList(nodeRef, aclId); }