List of usage examples for org.springframework.security.acls.domain BasePermission DELETE
Permission DELETE
To view the source code for org.springframework.security.acls.domain BasePermission DELETE.
Click Source Link
From source file:sample.contact.AddPermissionValidator.java
public void validate(Object obj, Errors errors) { AddPermission addPermission = (AddPermission) obj; ValidationUtils.rejectIfEmptyOrWhitespace(errors, "permission", "err.permission", "Permission is required. *"); ValidationUtils.rejectIfEmptyOrWhitespace(errors, "recipient", "err.recipient", "Recipient is required. *"); if (addPermission.getPermission() != null) { int permission = addPermission.getPermission().intValue(); if ((permission != BasePermission.ADMINISTRATION.getMask()) && (permission != BasePermission.READ.getMask()) && (permission != BasePermission.DELETE.getMask())) { errors.rejectValue("permission", "err.permission.invalid", "The indicated permission is invalid. *"); }//from www . j a v a 2 s .co m } if (addPermission.getRecipient() != null) { if (addPermission.getRecipient().length() > 100) { errors.rejectValue("recipient", "err.recipient.length", "The recipient is too long (maximum 100 characters). *"); } } }
From source file:de.iew.services.impl.AclEditorServiceImpl.java
/** * Erstellt die ACL-Regeln fr die ROLE_SKETCHPAD_ADMIN fr das angegebene * Polygon. Diese sind fr alle Benutzer die selben und daher als eigene * Methode aufgeschrieben.//from w w w .j a va 2 s . c o m * * @param polygonId Die Id des Polygons. */ public void setupSketchPadPolygonAdminPermissions(long polygonId) { MutableAcl polygonAcl = findOrCreateAcl(Polygon.class, polygonId); Permission[] allPermissions = new Permission[] { BasePermission.READ, BasePermission.WRITE, BasePermission.CREATE, BasePermission.DELETE }; grantAuthorityPermissions(polygonAcl, allPermissions, "ROLE_SKETCHPAD_ADMIN"); }
From source file:org.jtalks.common.service.security.AclBuilderImpl.java
/** * {@inheritDoc} */ @Override public AclBuilder delete() { permissions.add(BasePermission.DELETE); return this; }
From source file:org.jtalks.common.service.security.AclBuilderImplTest.java
@Test public void testDelete() throws Exception { builder.delete(); assertTrue(builder.hasPermission(BasePermission.DELETE)); }
From source file:com.wooki.services.security.WookiSecurityContextImpl.java
public boolean canDelete(WookiEntity object) { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { return false; }/*from w w w .j a va 2 s . c om*/ return this.aclPermissionEvaluator.hasPermission(authentication, object, new Permission[] { BasePermission.DELETE, BasePermission.ADMINISTRATION }); }
From source file:es.ucm.fdi.dalgs.acl.service.AclObjectService.java
public boolean addACLToObject(Long id_object, String name_class) { Authentication authentication = null; ObjectIdentity objectIdentity = new ObjectIdentityImpl(name_class, id_object); // Create or update the relevant ACL MutableAcl acl = null;// ww w.j a v a 2 s . c om try { acl = (MutableAcl) mutableAclService.readAclById(objectIdentity); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(objectIdentity); } try { authentication = SecurityContextHolder.getContext().getAuthentication(); List<Sid> sids = sidRetrievalStrategy.getSids(authentication); acl = (MutableAcl) this.mutableAclService.readAclById(objectIdentity, sids); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(objectIdentity); return false; } if (authentication.getPrincipal() != "anonymousUser") { User user = (User) authentication.getPrincipal(); acl.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(user.getUsername()), true); acl.insertAce(1, BasePermission.DELETE, new GrantedAuthoritySid("ROLE_ADMIN"), true); } acl.insertAce(0, BasePermission.ADMINISTRATION, new GrantedAuthoritySid("ROLE_ADMIN"), true); acl.insertAce(1, BasePermission.DELETE, new GrantedAuthoritySid("ROLE_ADMIN"), true); /* * // READ access for users with ROLE_USER acl.insertAce(2, * BasePermission.READ, new GrantedAuthoritySid( "ROLE_USER"), true); */ return true; }
From source file:com.cedac.security.acls.mongo.MongoMutableAclServiceTests.java
@Test @ShouldMatchDataSet//from w w w. ja v a 2 s. c om public void updateAcl_updateEntries() { MutableAcl acl = (MutableAcl) fixture .readAclById(new ObjectIdentityImpl("com.cedac.smartresidence.profile.domain.Home", "1")); acl.updateAce(2, BasePermission.DELETE); fixture.updateAcl(acl); }
From source file:org.jtalks.common.service.security.AclManagerImplTest.java
@Test public void testDelete() throws Exception { ObjectIdentity objectIdentity = new ObjectIdentityImpl(target.getClass(), ID); MutableAcl objectAcl = new AclImpl(objectIdentity, 2L, mock(AclAuthorizationStrategy.class), mock(AuditLogger.class)); objectAcl.insertAce(objectAcl.getEntries().size(), BasePermission.READ, new PrincipalSid(USERNAME), true); objectAcl.insertAce(objectAcl.getEntries().size(), BasePermission.READ, new GrantedAuthoritySid(ROLE), true);/*from w w w .java 2s .c o m*/ objectAcl.insertAce(objectAcl.getEntries().size(), BasePermission.DELETE, new GrantedAuthoritySid(ROLE), true); when(aclService.readAclById(objectIdentity)).thenReturn(objectAcl); manager.delete(sids, permissions, target); assertNotGranted(objectAcl, new PrincipalSid(USERNAME), BasePermission.READ, "Permission to user granted"); assertNotGranted(objectAcl, new GrantedAuthoritySid(ROLE), BasePermission.READ, "Permission to ROLE_USER granted"); assertGranted(objectAcl, new GrantedAuthoritySid(ROLE), BasePermission.DELETE, "Permission to ROLE_USER not granted"); verify(aclService).readAclById(objectIdentity); verify(aclService).updateAcl(objectAcl); }
From source file:sample.contact.web.AdminPermissionController.java
private Map<Integer, String> listPermissions() { Map<Integer, String> map = new LinkedHashMap<Integer, String>(); map.put(Integer.valueOf(BasePermission.ADMINISTRATION.getMask()), messages.getMessage("select.administer", "Administer")); map.put(Integer.valueOf(BasePermission.READ.getMask()), messages.getMessage("select.read", "Read")); map.put(Integer.valueOf(BasePermission.DELETE.getMask()), messages.getMessage("select.delete", "Delete")); return map;/* ww w. j a va 2 s. co m*/ }
From source file:sample.contact.DataSourcePopulator.java
public void afterPropertiesSet() throws Exception { Assert.notNull(mutableAclService, "mutableAclService required"); Assert.notNull(template, "dataSource required"); Assert.notNull(tt, "platformTransactionManager required"); // Set a user account that will initially own all the created data Authentication authRequest = new UsernamePasswordAuthenticationToken("rod", "koala", AuthorityUtils.createAuthorityList("ROLE_IGNORED")); SecurityContextHolder.getContext().setAuthentication(authRequest); try {/*from w w w .j av a 2 s. c o m*/ template.execute("DELETE FROM CONTACTS"); template.execute("DELETE FROM AUTHORITIES"); template.execute("DELETE FROM USERS"); template.execute("DELETE FROM ACL_ENTRY"); template.execute("DELETE FROM ACL_OBJECT_IDENTITY"); template.execute("DELETE FROM ACL_CLASS"); template.execute("DELETE FROM ACL_SID"); } catch (Exception e) { System.out.println("Failed to DELETE FROMs: " + e.getMessage()); } /* * Passwords encoded using MD5, NOT in Base64 format, with null as salt Encoded * password for rod is "koala" Encoded password for dianne is "emu" Encoded * password for scott is "wombat" Encoded password for peter is "opal" (but user * is disabled) Encoded password for bill is "wombat" Encoded password for bob is * "wombat" Encoded password for jane is "wombat" */ template.execute( "INSERT INTO USERS VALUES('rod','$2a$10$75pBjapg4Nl8Pzd.3JRnUe7PDJmk9qBGwNEJDAlA3V.dEJxcDKn5O',TRUE);"); template.execute( "INSERT INTO USERS VALUES('dianne','$2a$04$bCMEyxrdF/7sgfUiUJ6Ose2vh9DAMaVBldS1Bw2fhi1jgutZrr9zm',TRUE);"); template.execute( "INSERT INTO USERS VALUES('scott','$2a$06$eChwvzAu3TSexnC3ynw4LOSw1qiEbtNItNeYv5uI40w1i3paoSfLu',TRUE);"); template.execute( "INSERT INTO USERS VALUES('peter','$2a$04$8.H8bCMROLF4CIgd7IpeQ.tcBXLP5w8iplO0n.kCIkISwrIgX28Ii',FALSE);"); template.execute( "INSERT INTO USERS VALUES('bill','$2a$04$8.H8bCMROLF4CIgd7IpeQ.3khQlPVNWbp8kzSQqidQHGFurim7P8O',TRUE);"); template.execute( "INSERT INTO USERS VALUES('bob','$2a$06$zMgxlMf01SfYNcdx7n4NpeFlAGU8apCETz/i2C7VlYWu6IcNyn4Ay',TRUE);"); template.execute( "INSERT INTO USERS VALUES('jane','$2a$05$ZrdS7yMhCZ1J.AAidXZhCOxdjD8LO/dhlv4FJzkXA6xh9gdEbBT/u',TRUE);"); template.execute("INSERT INTO AUTHORITIES VALUES('rod','ROLE_USER');"); template.execute("INSERT INTO AUTHORITIES VALUES('rod','ROLE_ADMIN');"); template.execute("INSERT INTO AUTHORITIES VALUES('dianne','ROLE_USER');"); template.execute("INSERT INTO AUTHORITIES VALUES('scott','ROLE_USER');"); template.execute("INSERT INTO AUTHORITIES VALUES('peter','ROLE_USER');"); template.execute("INSERT INTO AUTHORITIES VALUES('bill','ROLE_USER');"); template.execute("INSERT INTO AUTHORITIES VALUES('bob','ROLE_USER');"); template.execute("INSERT INTO AUTHORITIES VALUES('jane','ROLE_USER');"); template.execute("INSERT INTO AUTHORITIES VALUES('jane','ROLE_ADMIN');"); template.execute("INSERT INTO contacts VALUES (1, 'John Smith', 'john@somewhere.com');"); template.execute("INSERT INTO contacts VALUES (2, 'Michael Citizen', 'michael@xyz.com');"); template.execute("INSERT INTO contacts VALUES (3, 'Joe Bloggs', 'joe@demo.com');"); template.execute("INSERT INTO contacts VALUES (4, 'Karen Sutherland', 'karen@sutherland.com');"); template.execute("INSERT INTO contacts VALUES (5, 'Mitchell Howard', 'mitchell@abcdef.com');"); template.execute("INSERT INTO contacts VALUES (6, 'Rose Costas', 'rose@xyz.com');"); template.execute("INSERT INTO contacts VALUES (7, 'Amanda Smith', 'amanda@abcdef.com');"); template.execute("INSERT INTO contacts VALUES (8, 'Cindy Smith', 'cindy@smith.com');"); template.execute("INSERT INTO contacts VALUES (9, 'Jonathan Citizen', 'jonathan@xyz.com');"); for (int i = 10; i < createEntities; i++) { String[] person = selectPerson(); template.execute("INSERT INTO contacts VALUES (" + i + ", '" + person[2] + "', '" + person[0].toLowerCase() + "@" + person[1].toLowerCase() + ".com');"); } // Create acl_object_identity rows (and also acl_class rows as needed for (int i = 1; i < createEntities; i++) { final ObjectIdentity objectIdentity = new ObjectIdentityImpl(Contact.class, new Long(i)); tt.execute(new TransactionCallback<Object>() { public Object doInTransaction(TransactionStatus arg0) { mutableAclService.createAcl(objectIdentity); return null; } }); } // Now grant some permissions grantPermissions(1, "rod", BasePermission.ADMINISTRATION); grantPermissions(2, "rod", BasePermission.READ); grantPermissions(3, "rod", BasePermission.READ); grantPermissions(3, "rod", BasePermission.WRITE); grantPermissions(3, "rod", BasePermission.DELETE); grantPermissions(4, "rod", BasePermission.ADMINISTRATION); grantPermissions(4, "dianne", BasePermission.ADMINISTRATION); grantPermissions(4, "scott", BasePermission.READ); grantPermissions(5, "dianne", BasePermission.ADMINISTRATION); grantPermissions(5, "dianne", BasePermission.READ); grantPermissions(6, "dianne", BasePermission.READ); grantPermissions(6, "dianne", BasePermission.WRITE); grantPermissions(6, "dianne", BasePermission.DELETE); grantPermissions(6, "scott", BasePermission.READ); grantPermissions(7, "scott", BasePermission.ADMINISTRATION); grantPermissions(8, "dianne", BasePermission.ADMINISTRATION); grantPermissions(8, "dianne", BasePermission.READ); grantPermissions(8, "scott", BasePermission.READ); grantPermissions(9, "scott", BasePermission.ADMINISTRATION); grantPermissions(9, "scott", BasePermission.READ); grantPermissions(9, "scott", BasePermission.WRITE); grantPermissions(9, "scott", BasePermission.DELETE); // Now expressly change the owner of the first ten contacts // We have to do this last, because "rod" owns all of them (doing it sooner would // prevent ACL updates) // Note that ownership has no impact on permissions - they're separate (ownership // only allows ACl editing) changeOwner(5, "dianne"); changeOwner(6, "dianne"); changeOwner(7, "scott"); changeOwner(8, "dianne"); changeOwner(9, "scott"); String[] users = { "bill", "bob", "jane" }; // don't want to mess around with // consistent sample data Permission[] permissions = { BasePermission.ADMINISTRATION, BasePermission.READ, BasePermission.DELETE }; for (int i = 10; i < createEntities; i++) { String user = users[rnd.nextInt(users.length)]; Permission permission = permissions[rnd.nextInt(permissions.length)]; grantPermissions(i, user, permission); String user2 = users[rnd.nextInt(users.length)]; Permission permission2 = permissions[rnd.nextInt(permissions.length)]; grantPermissions(i, user2, permission2); } SecurityContextHolder.clearContext(); }