List of usage examples for org.springframework.security.acls.domain GrantedAuthoritySid GrantedAuthoritySid
public GrantedAuthoritySid(GrantedAuthority grantedAuthority)
From source file:com.trailmagic.image.security.SpringSecurityImageSecurityService.java
private Sid sidForRole(String recipientRole) { return new GrantedAuthoritySid(recipientRole); }
From source file:com.sshdemo.common.security.acl.service.EwcmsAclService.java
public void setAdminSid(String sid) { adminSid = new GrantedAuthoritySid(sid); }
From source file:de.iew.services.impl.AclEditorServiceImpl.java
public Sid makeAuthoritySid(Object securityIdentity) { if (securityIdentity instanceof GrantedAuthority) { return new GrantedAuthoritySid(((GrantedAuthority) securityIdentity).getAuthority()); } else if (securityIdentity instanceof String) { return new GrantedAuthoritySid((String) securityIdentity); } else {//from w w w.j a v a2 s. c o m throw new IllegalArgumentException("Unsupported authority security identity " + securityIdentity + "."); } }
From source file:net.projectmonkey.spring.acl.hbase.repository.HBaseACLRepositoryTest.java
private SimpleAcl createAcl(final String id) { ObjectIdentityImpl objectIdentity = new ObjectIdentityImpl(HBaseACLRepository.class, id); SimpleAcl acl = (SimpleAcl) underTest.create(objectIdentity); acl.insertAce(UUID.randomUUID(), 0, BasePermission.CREATE, new GrantedAuthoritySid(id + "Authority"), true); underTest.update(acl);// w w w. ja v a 2 s.co m return acl; }
From source file:com.cedac.security.acls.mongo.MongoAclServiceTests.java
@Test public void readAclById_withSid_shouldLoadTheAcl() { Acl acl = fixture.readAclById(new ObjectIdentityImpl("com.cedac.smartresidence.profile.domain.Home", "1"), Arrays.asList(new GrantedAuthoritySid("ROLE_ADMIN"), new PrincipalSid("other@cedac.com"))); assertNotNull(acl);/* w w w .java 2 s .co m*/ assertEquals("com.cedac.smartresidence.profile.domain.Home", acl.getObjectIdentity().getType()); assertEquals("1", acl.getObjectIdentity().getIdentifier()); assertNull(acl.getParentAcl()); assertEquals(new PrincipalSid("admin@cedac.com"), acl.getOwner()); assertEquals(true, acl.isEntriesInheriting()); assertEquals(6, acl.getEntries().size()); assertEquals(true, acl.isSidLoaded( Arrays.asList(new GrantedAuthoritySid("ROLE_ADMIN"), new PrincipalSid("other@cedac.com")))); assertEquals(0, acl.getEntries().get(0).getId()); assertEquals(new GrantedAuthoritySid("ROLE_ADMIN"), acl.getEntries().get(0).getSid()); assertEquals(BasePermission.READ, acl.getEntries().get(0).getPermission()); assertEquals(true, acl.getEntries().get(0).isGranting()); assertSame(acl, acl.getEntries().get(0).getAcl()); assertEquals(false, AuditableAccessControlEntry.class.cast(acl.getEntries().get(0)).isAuditSuccess()); assertEquals(true, AuditableAccessControlEntry.class.cast(acl.getEntries().get(0)).isAuditFailure()); assertEquals(1, acl.getEntries().get(1).getId()); assertEquals(new GrantedAuthoritySid("ROLE_ADMIN"), acl.getEntries().get(1).getSid()); assertEquals(BasePermission.WRITE, acl.getEntries().get(1).getPermission()); assertEquals(true, acl.getEntries().get(1).isGranting()); assertSame(acl, acl.getEntries().get(1).getAcl()); assertEquals(false, AuditableAccessControlEntry.class.cast(acl.getEntries().get(1)).isAuditSuccess()); assertEquals(true, AuditableAccessControlEntry.class.cast(acl.getEntries().get(1)).isAuditFailure()); assertEquals(2, acl.getEntries().get(2).getId()); assertEquals(new GrantedAuthoritySid("ROLE_ADMIN"), acl.getEntries().get(2).getSid()); assertEquals(BasePermission.ADMINISTRATION, acl.getEntries().get(2).getPermission()); assertEquals(true, acl.getEntries().get(2).isGranting()); assertSame(acl, acl.getEntries().get(2).getAcl()); assertEquals(false, AuditableAccessControlEntry.class.cast(acl.getEntries().get(2)).isAuditSuccess()); assertEquals(true, AuditableAccessControlEntry.class.cast(acl.getEntries().get(2)).isAuditFailure()); assertEquals(3, acl.getEntries().get(3).getId()); assertEquals(new PrincipalSid("mauro.franceschini@cedac.com"), acl.getEntries().get(3).getSid()); assertEquals(BasePermission.READ, acl.getEntries().get(3).getPermission()); assertEquals(true, acl.getEntries().get(3).isGranting()); assertSame(acl, acl.getEntries().get(3).getAcl()); assertEquals(false, AuditableAccessControlEntry.class.cast(acl.getEntries().get(3)).isAuditSuccess()); assertEquals(true, AuditableAccessControlEntry.class.cast(acl.getEntries().get(3)).isAuditFailure()); assertEquals(4, acl.getEntries().get(4).getId()); assertEquals(new PrincipalSid("mauro.franceschini@cedac.com"), acl.getEntries().get(4).getSid()); assertEquals(BasePermission.WRITE, acl.getEntries().get(4).getPermission()); assertEquals(true, acl.getEntries().get(4).isGranting()); assertSame(acl, acl.getEntries().get(4).getAcl()); assertEquals(false, AuditableAccessControlEntry.class.cast(acl.getEntries().get(4)).isAuditSuccess()); assertEquals(true, AuditableAccessControlEntry.class.cast(acl.getEntries().get(4)).isAuditFailure()); assertEquals(5, acl.getEntries().get(5).getId()); assertEquals(new PrincipalSid("other@cedac.com"), acl.getEntries().get(5).getSid()); assertEquals(BasePermission.READ, acl.getEntries().get(5).getPermission()); assertEquals(true, acl.getEntries().get(5).isGranting()); assertSame(acl, acl.getEntries().get(5).getAcl()); assertEquals(false, AuditableAccessControlEntry.class.cast(acl.getEntries().get(5)).isAuditSuccess()); assertEquals(true, AuditableAccessControlEntry.class.cast(acl.getEntries().get(5)).isAuditFailure()); }
From source file:com.kylinolap.rest.service.AclService.java
@Override public Map<ObjectIdentity, Acl> readAclsById(List<ObjectIdentity> oids, List<Sid> sids) throws NotFoundException { Map<ObjectIdentity, Acl> aclMaps = new HashMap<ObjectIdentity, Acl>(); HTableInterface htable = null;//from www. jav a 2s. c o m Result result = null; try { htable = HBaseConnection.get(hbaseUrl).getTable(aclTableName); for (ObjectIdentity oid : oids) { result = htable.get(new Get(Bytes.toBytes(String.valueOf(oid.getIdentifier())))); if (null != result && !result.isEmpty()) { SidInfo owner = sidSerializer.deserialize(result.getValue(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_OWNER_COLUMN))); Sid ownerSid = (null == owner) ? null : (owner.isPrincipal() ? new PrincipalSid(owner.getSid()) : new GrantedAuthoritySid(owner.getSid())); boolean entriesInheriting = Bytes.toBoolean(result.getValue(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_ENTRY_INHERIT_COLUMN))); Acl parentAcl = null; DomainObjectInfo parentInfo = domainObjSerializer.deserialize(result.getValue( Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_PARENT_COLUMN))); if (null != parentInfo) { ObjectIdentity parentObj = new ObjectIdentityImpl(parentInfo.getType(), parentInfo.getId()); parentAcl = readAclById(parentObj, null); } AclImpl acl = new AclImpl(oid, oid.getIdentifier(), aclAuthorizationStrategy, permissionGrantingStrategy, parentAcl, null, entriesInheriting, ownerSid); genAces(sids, result, acl); aclMaps.put(oid, acl); } else { throw new NotFoundException("Unable to find ACL information for object identity '" + oid + "'"); } } } catch (IOException e) { logger.error(e.getLocalizedMessage(), e); } finally { IOUtils.closeQuietly(htable); } return aclMaps; }
From source file:com.cedac.security.acls.mongo.MongoAclService.java
protected final Sid toSid(DBObject dbo) { final boolean principal = (Boolean) dbo.get(principalFieldName); final String sid = (String) dbo.get(sidFieldName); if (principal) { return new PrincipalSid(sid); } else {//from www .ja v a 2 s .c om return new GrantedAuthoritySid(sid); } }
From source file:com.kylinolap.rest.service.AclService.java
private void genAces(List<Sid> sids, Result result, AclImpl acl) { List<AceInfo> aceInfos = new ArrayList<AceInfo>(); if (null != sids) { // Just return aces in sids for (Sid sid : sids) { String sidName = null; if (sid instanceof PrincipalSid) { sidName = ((PrincipalSid) sid).getPrincipal(); } else if (sid instanceof GrantedAuthoritySid) { sidName = ((GrantedAuthoritySid) sid).getGrantedAuthority(); }/*from w ww .j ava 2 s .c om*/ AceInfo aceInfo = aceSerializer .deserialize(result.getValue(Bytes.toBytes(ACL_ACES_FAMILY), Bytes.toBytes(sidName))); if (null != aceInfo) { aceInfos.add(aceInfo); } } } else { NavigableMap<byte[], byte[]> familyMap = result.getFamilyMap(Bytes.toBytes(ACL_ACES_FAMILY)); for (byte[] qualifier : familyMap.keySet()) { AceInfo aceInfo = aceSerializer.deserialize(familyMap.get(qualifier)); if (null != aceInfo) { aceInfos.add(aceInfo); } } } List<AccessControlEntry> newAces = new ArrayList<AccessControlEntry>(); for (int i = 0; i < aceInfos.size(); i++) { AceInfo aceInfo = aceInfos.get(i); if (null != aceInfo) { Sid sid = aceInfo.getSidInfo().isPrincipal() ? new PrincipalSid(aceInfo.getSidInfo().getSid()) : new GrantedAuthoritySid(aceInfo.getSidInfo().getSid()); AccessControlEntry ace = new AccessControlEntryImpl(Long.valueOf(i), acl, sid, aclPermissionFactory.buildFromMask(aceInfo.getPermissionMask()), true, false, false); newAces.add(ace); } } this.setAces(acl, newAces); }
From source file:org.bremersee.common.security.acls.jdbc.BasicLookupStrategy.java
/** * Creates a particular implementation of {@link Sid} depending on the arguments. * * @param sid the name of the sid representing its unique identifier. In typical ACL * database schema it's located in table {@code acl_sid} table, {@code sid} column. * @param isPrincipal whether it's a user or granted authority like role * @return the instance of Sid with the {@code sidName} as an identifier *//*from w w w . j av a2 s.c o m*/ protected Sid createSid(boolean isPrincipal, String sid) { if (isPrincipal) { return new PrincipalSid(sid); } else { return new GrantedAuthoritySid(sid); } }
From source file:org.apache.kylin.rest.service.AccessService.java
public Sid getSid(String sid, boolean isPrincepal) { if (isPrincepal) { return new PrincipalSid(sid); } else {/*from w w w . j av a2s . c om*/ return new GrantedAuthoritySid(sid); } }