List of usage examples for org.springframework.security.acls.model MutableAcl getEntries
List<AccessControlEntry> getEntries();
From source file:de.iew.services.impl.AclEditorServiceImpl.java
public void grantAuthorityPermission(MutableAcl acl, Permission permission, Object securityIdentity) { grantAuthorityPermissionAt(acl, acl.getEntries().size(), permission, securityIdentity); }
From source file:de.iew.services.impl.AclEditorServiceImpl.java
public void grantPrincipalPermission(MutableAcl acl, Permission permission, Object securityIdentity) { grantPrincipalPermissionAt(acl, acl.getEntries().size(), permission, securityIdentity); }
From source file:com.trailmagic.image.security.SpringSecurityImageSecurityService.java
private int indexOf(Sid recipient, Permission permission, MutableAcl acl) { final List<AccessControlEntry> entries = acl.getEntries(); for (int i = 0; i < entries.size(); i++) { final AccessControlEntry entry = entries.get(i); if (entry.getSid().equals(recipient) && permission.equals(entry.getPermission())) { return i; }/*from ww w . ja v a2 s . co m*/ } return -1; }
From source file:org.bremersee.common.acl.test.AclServiceTests.java
@Test public void testAcl() { LOG.info("Testing ..."); RunAsUtil.runAs("tester", getRunAsRoles(), () -> { MutableAcl acl = aclService.createAcl(new ObjectIdentityImpl("TestObject", "100")); acl.setOwner(new PrincipalSid("tester")); acl.setEntriesInheriting(false); acl.setParent(null);/*from w w w.j ava 2 s . com*/ acl.insertAce(acl.getEntries().size(), BasePermission.READ, new PrincipalSid("friend"), true); acl = aclService.updateAcl(acl); return acl; }); MutableAcl acl = (MutableAcl) aclService.readAclById(new ObjectIdentityImpl("TestObject", "100")); LOG.info("Acl: " + acl); boolean friendCanRead = permissionEvaluator.hasPermission( new RunAsAuthentication("friend", new String[] { "ROLE_USER" }), "100", "TestObject", "READ"); LOG.info("Successful? " + friendCanRead); TestCase.assertEquals(true, friendCanRead); }
From source file:org.jtalks.common.service.security.AclManagerImplTest.java
@Test public void testRevoke() { ObjectIdentity objectIdentity = new ObjectIdentityImpl(target.getClass(), ID); MutableAcl objectAcl = new AclImpl(objectIdentity, 2L, mock(AclAuthorizationStrategy.class), mock(AuditLogger.class)); objectAcl.insertAce(objectAcl.getEntries().size(), BasePermission.READ, new PrincipalSid(USERNAME), true); objectAcl.insertAce(objectAcl.getEntries().size(), BasePermission.READ, new GrantedAuthoritySid(ROLE), true);/*from w w w . j a v a 2 s . c o m*/ when(aclService.readAclById(objectIdentity)).thenReturn(objectAcl); manager.revoke(sids, permissions, target); assertNotGranted(objectAcl, new PrincipalSid(USERNAME), BasePermission.READ, "Permission to user granted"); assertNotGranted(objectAcl, new GrantedAuthoritySid(ROLE), BasePermission.READ, "Permission to ROLE_USER granted"); verify(aclService).readAclById(objectIdentity); verify(aclService).updateAcl(objectAcl); }
From source file:org.createnet.raptor.auth.service.services.AclManagerService.java
@Override public <T> void removePermission(Class<T> clazz, Serializable identifier, Sid sid, Permission permission) { ObjectIdentity identity = new ObjectIdentityImpl(clazz.getCanonicalName(), identifier); MutableAcl acl = (MutableAcl) aclService.readAclById(identity); AccessControlEntry[] entries = acl.getEntries().toArray(new AccessControlEntry[acl.getEntries().size()]); for (int i = 0; i < acl.getEntries().size(); i++) { if (entries[i].getSid().equals(sid) && entries[i].getPermission().equals(permission)) { acl.deleteAce(i);// w w w . j a va 2s . c o m } } aclService.updateAcl(acl); }
From source file:org.jtalks.common.service.security.AclManagerImplTest.java
@Test public void testDelete() throws Exception { ObjectIdentity objectIdentity = new ObjectIdentityImpl(target.getClass(), ID); MutableAcl objectAcl = new AclImpl(objectIdentity, 2L, mock(AclAuthorizationStrategy.class), mock(AuditLogger.class)); objectAcl.insertAce(objectAcl.getEntries().size(), BasePermission.READ, new PrincipalSid(USERNAME), true); objectAcl.insertAce(objectAcl.getEntries().size(), BasePermission.READ, new GrantedAuthoritySid(ROLE), true);//from w w w . j a v a 2 s. co m objectAcl.insertAce(objectAcl.getEntries().size(), BasePermission.DELETE, new GrantedAuthoritySid(ROLE), true); when(aclService.readAclById(objectIdentity)).thenReturn(objectAcl); manager.delete(sids, permissions, target); assertNotGranted(objectAcl, new PrincipalSid(USERNAME), BasePermission.READ, "Permission to user granted"); assertNotGranted(objectAcl, new GrantedAuthoritySid(ROLE), BasePermission.READ, "Permission to ROLE_USER granted"); assertGranted(objectAcl, new GrantedAuthoritySid(ROLE), BasePermission.DELETE, "Permission to ROLE_USER not granted"); verify(aclService).readAclById(objectIdentity); verify(aclService).updateAcl(objectAcl); }
From source file:sample.contact.service.impl.ContactServiceImpl.java
public void deletePermission(Contact contact, Sid recipient, Permission permission) { ObjectIdentity oid = new ObjectIdentityImpl(Contact.class, contact.getId()); MutableAcl acl = (MutableAcl) mutableAclService.readAclById(oid); // Remove all permissions associated with this particular recipient (string // equality to KISS) List<AccessControlEntry> entries = acl.getEntries(); for (int i = 0; i < entries.size(); i++) { if (entries.get(i).getSid().equals(recipient) && entries.get(i).getPermission().equals(permission)) { acl.deleteAce(i);/*from w w w . ja v a 2 s.c o m*/ } } mutableAclService.updateAcl(acl); if (logger.isDebugEnabled()) { logger.debug("Deleted contact " + contact + " ACL permissions for recipient " + recipient); } }
From source file:sample.contact.service.impl.MenuServiceImpl.java
public void deletePermission(Menu menu, Sid recipient, Permission permission) { ObjectIdentity oid = new ObjectIdentityImpl(Menu.class, menu.getId()); MutableAcl acl = (MutableAcl) mutableAclService.readAclById(oid); // Remove all permissions associated with this particular recipient (string // equality to KISS) List<AccessControlEntry> entries = acl.getEntries(); for (int i = 0; i < entries.size(); i++) { if (entries.get(i).getSid().equals(recipient) && entries.get(i).getPermission().equals(permission)) { acl.deleteAce(i);/* ww w . jav a 2s.com*/ } } mutableAclService.updateAcl(acl); if (logger.isDebugEnabled()) { logger.debug("Deleted menu " + menu + " ACL permissions for recipient " + recipient); } }
From source file:sample.contact.ContactManagerBackend.java
public void deletePermission(Contact contact, Sid recipient, Permission permission) { ObjectIdentity oid = new ObjectIdentityImpl(Contact.class, contact.getId()); MutableAcl acl = (MutableAcl) mutableAclService.readAclById(oid); // Remove all permissions associated with this particular recipient (string equality to KISS) List<AccessControlEntry> entries = acl.getEntries(); for (int i = 0; i < entries.size(); i++) { if (entries.get(i).getSid().equals(recipient) && entries.get(i).getPermission().equals(permission)) { acl.deleteAce(i);/* w ww . j a v a2s. c om*/ } } mutableAclService.updateAcl(acl); if (logger.isDebugEnabled()) { logger.debug("Deleted contact " + contact + " ACL permissions for recipient " + recipient); } }