Example usage for org.springframework.security.acls.model MutableAcl getOwner

List of usage examples for org.springframework.security.acls.model MutableAcl getOwner

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.acls.model.*
  5. MutableAcl
  6. getOwner

Introduction

In this page you can find the example usage for org.springframework.security.acls.model MutableAcl getOwner.

Prototype

Sid getOwner();

Source Link

Document

Determines the owner of the Acl.

Usage

From source file:com.cedac.security.acls.mongo.MongoMutableAclServiceTests.java

@Test
@ShouldMatchDataSet//from w w w . j a v a  2  s.com
public void creatingAcl_withNoAcl() {
    MutableAcl acl = fixture
            .createAcl(new ObjectIdentityImpl("com.cedac.smartresidence.profile.domain.Home", "2"));

    assertNotNull(acl);
    assertEquals("com.cedac.smartresidence.profile.domain.Home", acl.getObjectIdentity().getType());
    assertEquals("2", acl.getObjectIdentity().getIdentifier());
    assertEquals(new PrincipalSid("admin@cedac.com"), acl.getOwner());
    assertEquals(true, acl.isEntriesInheriting());
    assertEquals(0, acl.getEntries().size());
}

From source file:net.projectmonkey.spring.acl.hbase.repository.HBaseACLRepository.java

/**
 * Updates an existing acl. This deletes the existing acl and completely
 * replaces the row with the new acl./*from w  w w . j av a 2s.c o  m*/
 * 
 * @param acl which must not be null.
 * @throws AuthorizationServiceException if some mandatory aspect of
 *         the supplied acl is null or if an unexpected exception
 *         occurred
 */
@Override
public void update(final MutableAcl acl) {
    Assert.notNull(acl, "acl must not be null");
    HTableInterface table = getTable();
    try {
        ObjectIdentity identity = acl.getObjectIdentity();
        AclRecord aclRecord = new AclRecord(identity, acl.getOwner(), resolveConverter(identity));
        deleteInternal(aclRecord, table);
        save(acl, table, aclRecord);
    } catch (IOException e) {
        throw new AuthorizationServiceException("An unexpected exception occurred", e);
    } finally {
        close(table);
    }
}

From source file:com.cedac.security.acls.mongo.MongoMutableAclService.java

@Override
public MutableAcl updateAcl(MutableAcl acl) throws NotFoundException {
    Assert.notNull(acl.getId(), "Object Identity doesn't provide an identifier");

    DBObject persistedAcl = getAclCollection().findOne(queryByObjectIdentity(acl.getObjectIdentity()));

    if (persistedAcl == null) {
        LOG.trace(ACL, "No ACL found for object identity {}", acl.getObjectIdentity());

        throw new NotFoundException("No acl found for object identity " + acl.getObjectIdentity());
    }/*ww  w  .  j a v  a  2  s.c om*/

    LOG.debug(ACL, "Updating persisted ACL object");

    if (acl.getParentAcl() != null) {
        ObjectIdentity parentOid = acl.getParentAcl().getObjectIdentity();
        persistedAcl.put(parentObjectFieldName, toDBObject(parentOid));
    }

    persistedAcl.put(ownerFieldName, toDBObject(acl.getOwner()));
    persistedAcl.put(entriesInheritingFieldName, acl.isEntriesInheriting());

    BasicDBList list = new BasicDBList();
    for (AccessControlEntry entry : acl.getEntries()) {
        list.add(toDBObject(entry));
    }
    persistedAcl.put(entriesFieldName, list);

    getAclCollection().save(persistedAcl, writeConcern);

    LOG.trace(ACL, "Clearing cache including children for object identity {}", acl.getObjectIdentity());

    clearCacheIncludingChildren(acl.getObjectIdentity());

    LOG.trace(ACL, "Retrieve ACL via superclass.");

    return (MutableAcl) super.readAclById(acl.getObjectIdentity());
}

From source file:org.apache.kylin.rest.service.AccessService.java

/**
 * Protect admin permission granted to acl owner.
 *
 * @param acl/*from   w ww. jav a 2s . c  om*/
 * @param indexOfAce
 */
private void secureOwner(MutableAcl acl, int indexOfAce) {
    Message msg = MsgPicker.getMsg();

    // Can't revoke admin permission from domain object owner
    if (acl.getOwner().equals(acl.getEntries().get(indexOfAce).getSid())
            && BasePermission.ADMINISTRATION.equals(acl.getEntries().get(indexOfAce).getPermission())) {
        throw new ForbiddenException(msg.getREVOKE_ADMIN_PERMISSION());
    }
}

From source file:ubic.gemma.security.SecurityServiceImpl.java

@Override
@Secured("GROUP_ADMIN")
public void makeOwnedByUser(Securable s, String userName) {
    MutableAcl acl = getAcl(s);

    Sid owner = acl.getOwner();
    if (owner != null && owner instanceof PrincipalSid
            && ((PrincipalSid) owner).getPrincipal().equals(userName)) {
        /*/*from  ww  w  . j  av a 2 s . c  o  m*/
         * Already owned by the given user -- note we don't check if the user exists here.
         */
        return;
    }

    // make sure user exists and is enabled.
    UserDetails user = this.userManager.loadUserByUsername(userName);
    if (!user.isEnabled() || !user.isAccountNonExpired() || !user.isAccountNonLocked()) {
        throw new IllegalArgumentException("User  " + userName + " has a disabled account");
    }

    acl.setOwner(new PrincipalSid(userName));
    aclService.updateAcl(acl);

    /*
     * FIXME: I don't know if these are necessary if you are the owner.
     */
    addPrincipalAuthority(s, BasePermission.WRITE, userName);
    addPrincipalAuthority(s, BasePermission.READ, userName);
}