List of usage examples for org.springframework.security.acls.domain PrincipalSid PrincipalSid
public PrincipalSid(Authentication authentication)
From source file:com.cedac.security.acls.mongo.MongoAclService.java
protected final Sid toSid(DBObject dbo) { final boolean principal = (Boolean) dbo.get(principalFieldName); final String sid = (String) dbo.get(sidFieldName); if (principal) { return new PrincipalSid(sid); } else {// w w w . ja v a2 s . com return new GrantedAuthoritySid(sid); } }
From source file:es.ucm.fdi.dalgs.acl.service.AclObjectService.java
public void removePermissionToAnObject_READ(User user, Long id_object, String name_class) { if (user != null) { // Create or update the relevant ACL MutableAcl acl = null;//from w ww . jav a 2s . co m // Prepare the information we'd like in our access control entry // (ACE) ObjectIdentity oi = new ObjectIdentityImpl(name_class, id_object); Sid sid = null; sid = new PrincipalSid(user.getUsername()); Permission p = BasePermission.READ; try { acl = (MutableAcl) mutableAclService.readAclById(oi); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(oi); } Integer aceIndex = 0; for (AccessControlEntry ace : acl.getEntries()) { if ((ace.getSid().equals(sid)) && (ace.getPermission().equals(p))) { acl.deleteAce(aceIndex); break; } else aceIndex++; } // Now grant some permissions via an access control entry (ACE) if (acl != null) mutableAclService.updateAcl(acl); } }
From source file:org.tibetjungle.demo.service.DataSourcePopulator.java
private void changeOwner(int contactNumber, String newOwnerUsername) { AclImpl acl = (AclImpl) mutableAclService .readAclById(new ObjectIdentityImpl(Contact.class, new Long(contactNumber))); acl.setOwner(new PrincipalSid(newOwnerUsername)); updateAclInTransaction(acl);/* w w w.j a va 2s. c om*/ }
From source file:org.tibetjungle.demo.service.DataSourcePopulator.java
private void grantPermissions(int contactNumber, String recipientUsername, Permission permission) { AclImpl acl = (AclImpl) mutableAclService .readAclById(new ObjectIdentityImpl(Contact.class, new Long(contactNumber))); acl.insertAce(acl.getEntries().size(), permission, new PrincipalSid(recipientUsername), true); updateAclInTransaction(acl);/*from www . ja va 2s .c o m*/ }
From source file:com.cedac.security.acls.mongo.MongoAclServiceTests.java
@Test public void readAclById_withDoubleParentAcl_shouldLoadTheAcls() { Acl acl = fixture// ww w. ja v a2 s .c om .readAclById(new ObjectIdentityImpl("com.cedac.smartresidence.profile.domain.Device", "1.1.1")); assertNotNull(acl); assertEquals("com.cedac.smartresidence.profile.domain.Device", acl.getObjectIdentity().getType()); assertEquals("1.1.1", acl.getObjectIdentity().getIdentifier()); assertNotNull(acl.getParentAcl()); assertEquals(new PrincipalSid("admin@cedac.com"), acl.getOwner()); assertEquals(true, acl.isEntriesInheriting()); assertEquals(0, acl.getEntries().size()); assertEquals("com.cedac.smartresidence.profile.domain.Room", acl.getParentAcl().getObjectIdentity().getType()); assertEquals("1.1", acl.getParentAcl().getObjectIdentity().getIdentifier()); assertNotNull(acl.getParentAcl().getParentAcl()); assertEquals(new PrincipalSid("admin@cedac.com"), acl.getParentAcl().getOwner()); assertEquals(true, acl.getParentAcl().isEntriesInheriting()); assertEquals(0, acl.getParentAcl().getEntries().size()); assertEquals("com.cedac.smartresidence.profile.domain.Home", acl.getParentAcl().getParentAcl().getObjectIdentity().getType()); assertEquals("1", acl.getParentAcl().getParentAcl().getObjectIdentity().getIdentifier()); assertNull(acl.getParentAcl().getParentAcl().getParentAcl()); assertEquals(new PrincipalSid("admin@cedac.com"), acl.getParentAcl().getParentAcl().getOwner()); assertEquals(true, acl.getParentAcl().getParentAcl().isEntriesInheriting()); assertEquals(6, acl.getParentAcl().getParentAcl().getEntries().size()); }
From source file:es.ucm.fdi.dalgs.acl.service.AclObjectService.java
public void removePermissionToAnObject_WRITE(User user, Long id_object, String name_class) { if (user != null) { // Create or update the relevant ACL MutableAcl acl = null;//from w w w. ja v a 2 s . c om // Prepare the information we'd like in our access control entry // (ACE) ObjectIdentity oi = new ObjectIdentityImpl(name_class, id_object); Sid sid = null; sid = new PrincipalSid(user.getUsername()); Permission p = BasePermission.WRITE; try { acl = (MutableAcl) mutableAclService.readAclById(oi); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(oi); } Integer aceIndex = 0; for (AccessControlEntry ace : acl.getEntries()) { if ((ace.getSid().equals(sid)) && (ace.getPermission().equals(p))) { acl.deleteAce(aceIndex); break; } else aceIndex++; } // Now grant some permissions via an access control entry (ACE) if (acl != null) mutableAclService.updateAcl(acl); } }
From source file:com.kylinolap.rest.service.AclService.java
private void genAces(List<Sid> sids, Result result, AclImpl acl) { List<AceInfo> aceInfos = new ArrayList<AceInfo>(); if (null != sids) { // Just return aces in sids for (Sid sid : sids) { String sidName = null; if (sid instanceof PrincipalSid) { sidName = ((PrincipalSid) sid).getPrincipal(); } else if (sid instanceof GrantedAuthoritySid) { sidName = ((GrantedAuthoritySid) sid).getGrantedAuthority(); }// w w w . j a v a 2 s . c o m AceInfo aceInfo = aceSerializer .deserialize(result.getValue(Bytes.toBytes(ACL_ACES_FAMILY), Bytes.toBytes(sidName))); if (null != aceInfo) { aceInfos.add(aceInfo); } } } else { NavigableMap<byte[], byte[]> familyMap = result.getFamilyMap(Bytes.toBytes(ACL_ACES_FAMILY)); for (byte[] qualifier : familyMap.keySet()) { AceInfo aceInfo = aceSerializer.deserialize(familyMap.get(qualifier)); if (null != aceInfo) { aceInfos.add(aceInfo); } } } List<AccessControlEntry> newAces = new ArrayList<AccessControlEntry>(); for (int i = 0; i < aceInfos.size(); i++) { AceInfo aceInfo = aceInfos.get(i); if (null != aceInfo) { Sid sid = aceInfo.getSidInfo().isPrincipal() ? new PrincipalSid(aceInfo.getSidInfo().getSid()) : new GrantedAuthoritySid(aceInfo.getSidInfo().getSid()); AccessControlEntry ace = new AccessControlEntryImpl(Long.valueOf(i), acl, sid, aclPermissionFactory.buildFromMask(aceInfo.getPermissionMask()), true, false, false); newAces.add(ace); } } this.setAces(acl, newAces); }
From source file:es.ucm.fdi.dalgs.acl.service.AclObjectService.java
public void removePermissionToAnObjectCollection_READ(Collection<User> users, Long id_object, String name_class) { // Create or update the relevant ACL MutableAcl acl = null;// w ww . j ava2 s . c o m // Prepare the information we'd like in our access control entry (ACE) ObjectIdentity oi = new ObjectIdentityImpl(name_class, id_object); Sid sid = null; for (User u : users) { sid = new PrincipalSid(u.getUsername()); Permission p = BasePermission.READ; try { acl = (MutableAcl) mutableAclService.readAclById(oi); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(oi); } int aceIndex = 0; for (AccessControlEntry ace : acl.getEntries()) { if ((ace.getSid().equals(sid)) && (ace.getPermission().equals(p))) { acl.deleteAce(aceIndex); break; } else aceIndex++; } } // Now grant some permissions via an access control entry (ACE) if (acl != null) mutableAclService.updateAcl(acl); }
From source file:org.bremersee.common.security.acls.jdbc.BasicLookupStrategy.java
/** * Creates a particular implementation of {@link Sid} depending on the arguments. * * @param sid the name of the sid representing its unique identifier. In typical ACL * database schema it's located in table {@code acl_sid} table, {@code sid} column. * @param isPrincipal whether it's a user or granted authority like role * @return the instance of Sid with the {@code sidName} as an identifier *///from www .java 2 s .c om protected Sid createSid(boolean isPrincipal, String sid) { if (isPrincipal) { return new PrincipalSid(sid); } else { return new GrantedAuthoritySid(sid); } }
From source file:org.apache.kylin.rest.service.AccessService.java
@Transactional public Acl init(AclEntity ae, Permission initPermission) { Acl acl = null;/*www. jav a2s.c om*/ ObjectIdentity objectIdentity = new ObjectIdentityImpl(ae.getClass(), ae.getId()); try { // Create acl record for secured domain object. acl = aclService.createAcl(objectIdentity); } catch (AlreadyExistsException e) { acl = (MutableAcl) aclService.readAclById(objectIdentity); } if (null != initPermission) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); PrincipalSid sid = new PrincipalSid(auth); acl = grant(ae, initPermission, sid); } return acl; }