protected void closeInThisThread() { SessionInfo si = sessionHolder.get(); if (si == null) { return; } if (log.isDebugEnabled()) { log.debug("Removing thread " + Thread.currentThread().getName() + " for CoreSession: " + sessionId); } try { si.session.close(); } finally { sessionHolder.remove(); allSessions.remove(si); } }
protected Document resolveReference(DocumentRef docRef) { if (docRef == null) { throw new IllegalArgumentException("null docRref"); } Object ref = docRef.reference(); if (ref == null) { throw new IllegalArgumentException("null reference"); } int type = docRef.type(); switch (type) { case DocumentRef.ID: return getSession().getDocumentByUUID((String) ref); case DocumentRef.PATH: return getSession().resolvePath((String) ref); case DocumentRef.INSTANCE: return getSession().getDocumentByUUID(((DocumentModel) ref).getId()); default: throw new IllegalArgumentException("Invalid type: " + type); } }
@Override public Lock removeLock(String owner) { try { return getSession().getLockManager().removeLock(getUUID(), owner); } catch (DocumentNotFoundException e) { return removeDocumentLock(owner); } }
/** * Remove proxies for the same base document in the folder. doc may be a normal document or a proxy. */ protected List<String> removeExistingProxies(Document doc, Document folder) { Collection<Document> otherProxies = getSession().getProxies(doc, folder); List<String> removedProxyIds = new ArrayList<>(otherProxies.size()); for (Document otherProxy : otherProxies) { removedProxyIds.add(otherProxy.getUUID()); removeNotifyOneDoc(otherProxy); } return removedProxyIds; }
doc = getSession().move(doc, doc.getParent(), name); List<Document> proxies = getSession().getProxies(doc); if (proxies != null && !proxies.isEmpty()) { proxies.forEach(proxy -> {
@Override public ACP getACP(DocumentRef docRef) { Document doc = resolveReference(docRef); checkPermission(doc, READ_SECURITY); return getSession().getMergedACP(doc); }
@Override public DocumentModel getRootDocument() { return readModel(getSession().getRootDocument()); }
protected Document fillCreateOptions(DocumentRef parentRef, String childName, Map<String, Serializable> options) throws DocumentSecurityException { Document folder; if (parentRef == null || EMPTY_PATH.equals(parentRef)) { folder = getSession().getNullDocument(); options.put(CoreEventConstants.DESTINATION_REF, null); options.put(CoreEventConstants.DESTINATION_PATH, null); options.put(CoreEventConstants.DESTINATION_NAME, childName); options.put(CoreEventConstants.DESTINATION_EXISTS, false); } else { folder = resolveReference(parentRef); checkPermission(folder, ADD_CHILDREN); options.put(CoreEventConstants.DESTINATION_REF, parentRef); options.put(CoreEventConstants.DESTINATION_PATH, folder.getPath()); options.put(CoreEventConstants.DESTINATION_NAME, childName); if (Boolean.TRUE.equals(options.get(CoreSession.SKIP_DESTINATION_CHECK_ON_CREATE))) { options.put(CoreEventConstants.DESTINATION_EXISTS, false); } else { options.put(CoreEventConstants.DESTINATION_EXISTS, folder.hasChild(childName)); } } return folder; }
protected DocumentModel createProxyInternal(Document doc, Document folder, Map<String, Serializable> options) { // create the new proxy Document proxy = getSession().createProxy(doc, folder); DocumentModel proxyModel = readModel(proxy); notifyEvent(DocumentEventTypes.DOCUMENT_CREATED, proxyModel, options, null, null, true, false); notifyEvent(DocumentEventTypes.DOCUMENT_PROXY_PUBLISHED, proxyModel, options, null, null, true, false); DocumentModel folderModel = readModel(folder); notifyEvent(DocumentEventTypes.SECTION_CONTENT_PUBLISHED, folderModel, options, null, null, true, false); return proxyModel; }
Document doc = getSession().copy(srcDoc, dstDoc, name);
@Override public Map<String, String> getBinaryFulltext(DocumentRef ref) { Document doc = resolveReference(ref); checkPermission(doc, READ); // Use an id whether than system properties to avoid to store fulltext properties in cache String id = doc.getUUID(); if (doc.isProxy()) { id = doc.getTargetDocument().getUUID(); } return getSession().getBinaryFulltext(id); }
Document doc = ((AbstractSession) session).getSession().getDocumentByUUID(id);
/** * Update the proxy for doc in the given section to point to the new target. Do nothing if there are several * proxies. * * @return the proxy if it was updated, or {@code null} if none or several were found */ protected DocumentModel updateExistingProxies(Document doc, Document folder, Document target) { Collection<Document> proxies = getSession().getProxies(doc, folder); try { if (proxies.size() == 1) { Document proxy = proxies.iterator().next(); proxy.setTargetDocument(target); return readModel(proxy); } } catch (UnsupportedOperationException e) { log.error("Cannot update proxy, try to remove"); } return null; }
/** * Filters the supplied permissions based on whether they are granted to a given principal for a given document. * * @since 9.1 */ public Collection<String> filterGrantedPermissions(Document doc, NuxeoPrincipal principal, Collection<String> permissions) { if (principal.isAdministrator()) { return permissions; } String[] additionalPrincipals = getPrincipalsToCheck(principal); ACP acp = doc.getSession().getMergedACP(doc); List<String> result = new ArrayList<>(); for(String permission : permissions) { String[] resolvedPermissions = getPermissionsToCheck(permission); Access access = securityPolicyService.checkPermission(doc, acp, principal, permission, resolvedPermissions, additionalPrincipals); if (access == null || Access.UNKNOWN.equals(access)) { access = acp == null ? null : acp.getAccess(additionalPrincipals, resolvedPermissions); } if (access != null && access.toBoolean()) { result.add(permission); } } return result; }
@Override public void removeVersions(Session session, Document doc, CoreSession coreSession) { Collection<Document> proxies = session.getProxies(doc, null); if (doc.isProxy()) {
public boolean checkPermission(Document doc, NuxeoPrincipal principal, String permission) { if (principal.isAdministrator()) { return true; } // fully check each ACE in turn String[] resolvedPermissions = getPermissionsToCheck(permission); String[] additionalPrincipals = getPrincipalsToCheck(principal); // get the ordered list of ACE ACP acp = doc.getSession().getMergedACP(doc); // check pluggable policies Access access = securityPolicyService.checkPermission(doc, acp, principal, permission, resolvedPermissions, additionalPrincipals); if (access != null && !Access.UNKNOWN.equals(access)) { return access.toBoolean(); } if (acp == null) { return false; // no ACP on that doc - by default deny } access = acp.getAccess(additionalPrincipals, resolvedPermissions); return access.toBoolean(); }
@Override public Lock setLock(Lock lock) { if (lock == null) { throw new NullPointerException("Attempt to use null lock on: " + getUUID()); } try { return getSession().getLockManager().setLock(getUUID(), lock); } catch (DocumentNotFoundException e) { return setDocumentLock(lock); } }
@Override public DocumentModelList getProxies(DocumentRef docRef, DocumentRef folderRef) { Document folder = null; if (folderRef != null) { folder = resolveReference(folderRef); checkPermission(folder, READ_CHILDREN); } Document doc = resolveReference(docRef); Collection<Document> children = getSession().getProxies(doc, folder); DocumentModelList docs = new DocumentModelListImpl(); for (Document child : children) { if (hasPermission(child, READ)) { docs.add(readModel(child)); } } return docs; }
@Override public DocumentModelRefresh refreshDocument(DocumentRef ref, int refreshFlags, String[] schemas) { Document doc = resolveReference(ref); // permission checks if ((refreshFlags & (DocumentModel.REFRESH_STATE | DocumentModel.REFRESH_CONTENT)) != 0) { checkPermission(doc, READ); } if ((refreshFlags & DocumentModel.REFRESH_ACP) != 0) { checkPermission(doc, READ_SECURITY); } DocumentModelRefresh refresh = DocumentModelFactory.refreshDocumentModel(doc, refreshFlags, schemas); // ACPs need the session, so aren't done in the factory method if ((refreshFlags & DocumentModel.REFRESH_ACP) != 0) { refresh.acp = getSession().getMergedACP(doc); } if ((refreshFlags & DocumentModel.REFRESH_STATE) != 0) { refresh.isTrashed = isTrashed(ref); } return refresh; }
@Override public Lock getLock() { try { return getSession().getLockManager().getLock(getUUID()); } catch (DocumentNotFoundException e) { return getDocumentLock(); } }