public void setValues(PreparedStatement stmt, int i) throws SQLException { AccessControlEntry entry_ = acl.getEntries().get(i); Assert.isTrue(entry_ instanceof AccessControlEntryImpl, "Unknown ACE class"); AccessControlEntryImpl entry = (AccessControlEntryImpl) entry_; stmt.setLong(1, ((Long) acl.getId()).longValue()); stmt.setInt(2, i); stmt.setLong(3, createOrRetrieveSidPrimaryKey(entry.getSid(), true) .longValue()); stmt.setInt(4, entry.getPermission().getMask()); stmt.setBoolean(5, entry.isGranting()); stmt.setBoolean(6, entry.isAuditSuccess()); stmt.setBoolean(7, entry.isAuditFailure()); } });
acls.put(cached.getId(), cached);
public void putInCache(MutableAcl acl) { Assert.notNull(acl, "Acl required"); Assert.notNull(acl.getObjectIdentity(), "ObjectIdentity required"); Assert.notNull(acl.getId(), "ID required"); if ((acl.getParentAcl() != null) && (acl.getParentAcl() instanceof MutableAcl)) { putInCache((MutableAcl) acl.getParentAcl()); } cache.put(acl.getObjectIdentity(), acl); cache.put(acl.getId(), acl); }
public void evictFromCache(Serializable pk) { Assert.notNull(pk, "Primary key (identifier) required"); MutableAcl acl = getFromCache(pk); if (acl != null) { cache.remove(acl.getId()); cache.remove(acl.getObjectIdentity()); } }
public void evictFromCache(ObjectIdentity objectIdentity) { Assert.notNull(objectIdentity, "ObjectIdentity required"); MutableAcl acl = getFromCache(objectIdentity); if (acl != null) { cache.remove(acl.getId()); cache.remove(acl.getObjectIdentity()); } }
public void evictFromCache(Serializable pk) { Assert.notNull(pk, "Primary key (identifier) required"); MutableAcl acl = getFromCache(pk); if (acl != null) { cache.evict(acl.getId()); cache.evict(acl.getObjectIdentity()); } }
public void evictFromCache(ObjectIdentity objectIdentity) { Assert.notNull(objectIdentity, "ObjectIdentity required"); MutableAcl acl = getFromCache(objectIdentity); if (acl != null) { cache.evict(acl.getId()); cache.evict(acl.getObjectIdentity()); } }
public void putInCache(MutableAcl acl) { Assert.notNull(acl, "Acl required"); Assert.notNull(acl.getObjectIdentity(), "ObjectIdentity required"); Assert.notNull(acl.getId(), "ID required"); if (this.aclAuthorizationStrategy == null) { if (acl instanceof AclImpl) { this.aclAuthorizationStrategy = (AclAuthorizationStrategy) FieldUtils .getProtectedFieldValue("aclAuthorizationStrategy", acl); this.permissionGrantingStrategy = (PermissionGrantingStrategy) FieldUtils .getProtectedFieldValue("permissionGrantingStrategy", acl); } } if ((acl.getParentAcl() != null) && (acl.getParentAcl() instanceof MutableAcl)) { putInCache((MutableAcl) acl.getParentAcl()); } cache.put(new Element(acl.getObjectIdentity(), acl)); cache.put(new Element(acl.getId(), acl)); }
@Test public void putInCache() throws Exception { myCache.putInCache(acl); verify(cache, times(2)).put(element.capture()); assertThat(element.getValue().getKey()).isEqualTo(acl.getId()); assertThat(element.getValue().getObjectValue()).isEqualTo(acl); assertThat(element.getAllValues().get(0).getKey()).isEqualTo( acl.getObjectIdentity()); assertThat(element.getAllValues().get(0).getObjectValue()).isEqualTo(acl); }
@Test public void getFromCacheSerializablePopulatesTransient() throws Exception { when(cache.get(acl.getId())).thenReturn(new Element(acl.getId(), acl)); myCache.putInCache(acl); ReflectionTestUtils.setField(acl, "permissionGrantingStrategy", null); ReflectionTestUtils.setField(acl, "aclAuthorizationStrategy", null); MutableAcl fromCache = myCache.getFromCache(acl.getId()); assertThat(ReflectionTestUtils.getField(fromCache, "aclAuthorizationStrategy")) .isNotNull(); assertThat(ReflectionTestUtils.getField(fromCache, "permissionGrantingStrategy")) .isNotNull(); }
@Test public void putInCacheAclWithParent() throws Exception { Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL"); auth.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(auth); ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(2)); AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl( new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority( "ROLE_AUDITING"), new SimpleGrantedAuthority("ROLE_GENERAL")); MutableAcl parentAcl = new AclImpl(identityParent, Long.valueOf(2), aclAuthorizationStrategy, new ConsoleAuditLogger()); acl.setParent(parentAcl); myCache.putInCache(acl); verify(cache, times(4)).put(element.capture()); List<Element> allValues = element.getAllValues(); assertThat(allValues.get(0).getKey()).isEqualTo(parentAcl.getObjectIdentity()); assertThat(allValues.get(0).getObjectValue()).isEqualTo(parentAcl); assertThat(allValues.get(1).getKey()).isEqualTo(parentAcl.getId()); assertThat(allValues.get(1).getObjectValue()).isEqualTo(parentAcl); assertThat(allValues.get(2).getKey()).isEqualTo(acl.getObjectIdentity()); assertThat(allValues.get(2).getObjectValue()).isEqualTo(acl); assertThat(allValues.get(3).getKey()).isEqualTo(acl.getId()); assertThat(allValues.get(3).getObjectValue()).isEqualTo(acl); }
@Test public void getFromCacheObjectIdentityPopulatesTransient() throws Exception { when(cache.get(acl.getObjectIdentity())) .thenReturn(new Element(acl.getId(), acl)); myCache.putInCache(acl); ReflectionTestUtils.setField(acl, "permissionGrantingStrategy", null); ReflectionTestUtils.setField(acl, "aclAuthorizationStrategy", null); MutableAcl fromCache = myCache.getFromCache(acl.getObjectIdentity()); assertThat(ReflectionTestUtils.getField(fromCache, "aclAuthorizationStrategy")) .isNotNull(); assertThat(ReflectionTestUtils.getField(fromCache, "permissionGrantingStrategy")) .isNotNull(); }
/** * Updates an existing acl_object_identity row, with new information presented in the * passed MutableAcl object. Also will create an acl_sid entry if needed for the Sid * that owns the MutableAcl. * * @param acl to modify (a row must already exist in acl_object_identity) * * @throws NotFoundException if the ACL could not be found to update. */ protected void updateObjectIdentity(MutableAcl acl) { Long parentId = null; if (acl.getParentAcl() != null) { Assert.isInstanceOf(ObjectIdentityImpl.class, acl.getParentAcl() .getObjectIdentity(), "Implementation only supports ObjectIdentityImpl"); ObjectIdentityImpl oii = (ObjectIdentityImpl) acl.getParentAcl() .getObjectIdentity(); parentId = retrieveObjectIdentityPrimaryKey(oii); } Assert.notNull(acl.getOwner(), "Owner is required in this implementation"); Long ownerSid = createOrRetrieveSidPrimaryKey(acl.getOwner(), true); int count = jdbcOperations.update(updateObjectIdentity, parentId, ownerSid, Boolean.valueOf(acl.isEntriesInheriting()), acl.getId()); if (count != 1) { throw new NotFoundException("Unable to locate ACL to update"); } }
/** * This implementation will simply delete all ACEs in the database and recreate them * on each invocation of this method. A more comprehensive implementation might use * dirty state checking, or more likely use ORM capabilities for create, update and * delete operations of {@link MutableAcl}. */ public MutableAcl updateAcl(MutableAcl acl) throws NotFoundException { Assert.notNull(acl.getId(), "Object Identity doesn't provide an identifier"); // Delete this ACL's ACEs in the acl_entry table deleteEntries(retrieveObjectIdentityPrimaryKey(acl.getObjectIdentity())); // Create this ACL's ACEs in the acl_entry table createEntries(acl); // Change the mutable columns in acl_object_identity updateObjectIdentity(acl); // Clear the cache, including children clearCacheIncludingChildren(acl.getObjectIdentity()); // Retrieve the ACL via superclass (ensures cache registration, proper retrieval // etc) return (MutableAcl) super.readAclById(acl.getObjectIdentity()); }
assertThat(topParent.getId()).isNotNull(); assertThat(middleParent.getId()).isNotNull(); assertThat(child.getId()).isNotNull(); assertThat(Long.valueOf(1)).isEqualTo(topParent.getId()); assertThat(new PrincipalSid("ben")).isEqualTo(topParent.getOwner()); assertThat(Long.valueOf(1)).isEqualTo(topParent.getEntries().get(0).getId()); assertThat(Long.valueOf(2)).isEqualTo(middleParent.getId()); assertThat(new PrincipalSid("ben")).isEqualTo(middleParent.getOwner()); assertThat(Long.valueOf(3)).isEqualTo(middleParent.getEntries().get(0).getId()); assertThat(Long.valueOf(3)).isEqualTo(child.getId()); assertThat(new PrincipalSid("ben")).isEqualTo(child.getOwner()); assertThat(Long.valueOf(4)).isEqualTo(child.getEntries().get(0).getId());
service.updateAcl(acl); assertThat(1).isEqualTo(acl.getId()); assertThat(identity).isEqualTo(acl.getObjectIdentity()); assertThat(new PrincipalSid("joe")).isEqualTo(acl.getOwner());