private Authorizable getEffectiveAuthorizable() { // possibly consider the base resource if the authorizable uses it to enforce policy permissions if (authorizable instanceof EnforcePolicyPermissionsThroughBaseResource) { final Authorizable baseAuthorizable = ((EnforcePolicyPermissionsThroughBaseResource) authorizable).getBaseAuthorizable(); // if the base authorizable is for a policy, we don't want to use the base otherwise it would keep unwinding and would eventually // evaluate to the policy of the component and not the policy of the policies for the component if (baseAuthorizable instanceof AccessPolicyAuthorizable) { return authorizable; } else { return baseAuthorizable; } } else { return authorizable; } }
private ComponentReferenceEntity createComponentReferenceEntity(final String resource) { ComponentReferenceEntity componentReferenceEntity = null; try { // get the component authorizable Authorizable componentAuthorizable = authorizableLookup.getAuthorizableFromResource(resource); // if this represents an authorizable whose policy permissions are enforced through the base resource, // get the underlying base authorizable for the component reference if (componentAuthorizable instanceof EnforcePolicyPermissionsThroughBaseResource) { componentAuthorizable = ((EnforcePolicyPermissionsThroughBaseResource) componentAuthorizable).getBaseAuthorizable(); } final ComponentReferenceDTO componentReference = dtoFactory.createComponentReferenceDto(componentAuthorizable); if (componentReference != null) { final PermissionsDTO componentReferencePermissions = dtoFactory.createPermissionsDto(componentAuthorizable); final RevisionDTO componentReferenceRevision = dtoFactory.createRevisionDTO(revisionManager.getRevision(componentReference.getId())); componentReferenceEntity = entityFactory.createComponentReferenceEntity(componentReference, componentReferenceRevision, componentReferencePermissions); } } catch (final ResourceNotFoundException e) { // component not found for the specified resource } return componentReferenceEntity; }