List of usage examples for org.springframework.security.acls.model MutableAcl insertAce
void insertAce(int atIndexLocation, Permission permission, Sid sid, boolean granting) throws NotFoundException;
From source file:gov.nih.nci.ncicb.tcga.dcc.common.security.impl.AclSecurityUtilImpl.java
@Override @Transactional/* w w w . ja va 2 s .c o m*/ public void addPermission(final DccAnnotationNote dccAnnotationNote, final Sid recipient, final Permission permission) { // Prepare the information to be put in the access control entry (ACE) final ObjectIdentity objectIdentity = new DccAnnotationNoteRetrievalStrategy() .getObjectIdentity(dccAnnotationNote); // Create or update the relevant ACL MutableAcl acl; try { acl = (MutableAcl) mutableAclService.readAclById(objectIdentity); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(objectIdentity); } final boolean granting = true; try { acl.insertAce(acl.getEntries().size(), permission, recipient, granting); } catch (NotFoundException nfe) { logger.debug("Could not insert ACE [recipient:" + recipient + ", with permission:" + permission + ", granting:" + granting + "] (NotFoundException)"); } mutableAclService.updateAcl(acl); }
From source file:sample.contact.ContactManagerBackend.java
public void addPermission(Contact contact, Sid recipient, Permission permission) { MutableAcl acl; ObjectIdentity oid = new ObjectIdentityImpl(Contact.class, contact.getId()); try {/*from ww w .ja v a2 s .c o m*/ acl = (MutableAcl) mutableAclService.readAclById(oid); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(oid); } acl.insertAce(acl.getEntries().size(), permission, recipient, true); mutableAclService.updateAcl(acl); logger.debug("Added permission " + permission + " for Sid " + recipient + " contact " + contact); }
From source file:org.jtalks.common.service.security.AclManagerImpl.java
/** * Apply every permission from list to every sid from list. * * @param sids list of sids/*from ww w.j av a 2s . co m*/ * @param permissions list of permissions * @param target securable object * @param acl ACL of this object * @param granting grant if true, revoke if false */ private void applyPermissionsToSids(List<Sid> sids, List<Permission> permissions, Entity target, MutableAcl acl, boolean granting) { deletePermissionsFromAcl(acl, sids, permissions); int aclIndex = acl.getEntries().size(); for (Sid recipient : sids) { for (Permission permission : permissions) { // add permission to acl for recipient acl.insertAce(aclIndex++, permission, recipient, granting); logger.debug("Added permission mask {} for Sid {} securedObject {} id {}", new Object[] { permission.getMask(), recipient, target.getClass().getSimpleName(), target.getId() }); } } }
From source file:com.trailmagic.image.security.SpringSecurityImageSecurityService.java
public void effectPermissions(MutableAcl acl, Sid recipient, Set<Permission> newPermissions, boolean additive) { Set<Permission> existingPermissions = findExistingPermissions(acl, recipient); if (!additive) { Set<Permission> permsToRemove = new HashSet<Permission>(); permsToRemove.addAll(existingPermissions); permsToRemove.removeAll(newPermissions); for (Permission perm : permsToRemove) { acl.deleteAce(indexOf(recipient, perm, acl)); if (log.isDebugEnabled()) { log.debug("Removed ACE for permission " + perm + ", recipient " + recipient + ", on object " + acl.getObjectIdentity()); }/* w w w .j av a 2 s . c om*/ } } Set<Permission> permsToAdd = new HashSet<Permission>(); permsToAdd.addAll(newPermissions); permsToAdd.removeAll(existingPermissions); for (Permission perm : permsToAdd) { acl.insertAce(acl.getEntries().size(), perm, recipient, true); if (log.isDebugEnabled()) { log.debug("Added ACE for permission " + perm + ", recipient " + recipient + ", on object " + acl.getObjectIdentity()); } } aclService.updateAcl(acl); }
From source file:es.ucm.fdi.dalgs.acl.service.AclObjectService.java
public void addPermissionToAnObjectCollection_READ(Collection<User> professors, Long id_object, String name_class) { // Create or update the relevant ACL MutableAcl acl = null; // Prepare the information we'd like in our access control entry (ACE) ObjectIdentity oi = new ObjectIdentityImpl(name_class, id_object); Sid sid = null;/*from ww w. j a va 2 s. c om*/ for (User u : professors) { sid = new PrincipalSid(u.getUsername()); Permission p = BasePermission.READ; try { acl = (MutableAcl) mutableAclService.readAclById(oi); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(oi); } // Now grant some permissions via an access control entry (ACE) if (!acl.getEntries().isEmpty()) acl.insertAce(acl.getEntries().size(), p, sid, true); else acl.insertAce(2, p, sid, true); mutableAclService.updateAcl(acl); } }
From source file:es.ucm.fdi.dalgs.acl.service.AclObjectService.java
public void addPermissionToAnObject_WRITE(User coordinator, Long id_object, String name_class) { if (coordinator != null) { // Create or update the relevant ACL MutableAcl acl = null; // Prepare the information we'd like in our access control entry // (ACE)// w ww.ja va2 s . c o m ObjectIdentity oi = new ObjectIdentityImpl(name_class, id_object); Sid sid = null; sid = new PrincipalSid(coordinator.getUsername()); Permission p = BasePermission.WRITE; try { acl = (MutableAcl) mutableAclService.readAclById(oi); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(oi); } // Now grant some permissions via an access control entry (ACE) if (!acl.getEntries().isEmpty()) acl.insertAce(acl.getEntries().size(), p, sid, true); else acl.insertAce(2, p, sid, true); mutableAclService.updateAcl(acl); } }
From source file:es.ucm.fdi.dalgs.acl.service.AclObjectService.java
public void addPermissionToAnObjectCollection_ADMINISTRATION(Collection<User> professors, Long id_object, String name_class) { // Create or update the relevant ACL MutableAcl acl = null; // Prepare the information we'd like in our access control entry (ACE) ObjectIdentity oi = new ObjectIdentityImpl(name_class, id_object); Sid sid = null;//from w ww . j a v a2 s . c om for (User u : professors) { sid = new PrincipalSid(u.getUsername()); Permission p = BasePermission.ADMINISTRATION; try { acl = (MutableAcl) mutableAclService.readAclById(oi); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(oi); } // Now grant some permissions via an access control entry (ACE) if (!acl.getEntries().isEmpty()) acl.insertAce(acl.getEntries().size(), p, sid, true); else acl.insertAce(2, p, sid, true); mutableAclService.updateAcl(acl); } }
From source file:es.ucm.fdi.dalgs.acl.service.AclObjectService.java
public void addPermissionToAnObject_ADMINISTRATION(User coordinator, Long id_object, String name_class) { if (coordinator != null) { // Create or update the relevant ACL MutableAcl acl = null; // Prepare the information we'd like in our access control entry // (ACE)//from w w w. j a v a2 s .c o m ObjectIdentity oi = new ObjectIdentityImpl(name_class, id_object); Sid sid = null; sid = new PrincipalSid(coordinator.getUsername()); Permission p = BasePermission.ADMINISTRATION; try { acl = (MutableAcl) mutableAclService.readAclById(oi); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(oi); } // Now grant some permissions via an access control entry (ACE) if (!acl.getEntries().isEmpty()) acl.insertAce(acl.getEntries().size(), p, sid, true); else acl.insertAce(2, p, sid, true); mutableAclService.updateAcl(acl); } }
From source file:es.ucm.fdi.dalgs.acl.service.AclObjectService.java
public boolean addACLToObject(Long id_object, String name_class) { Authentication authentication = null; ObjectIdentity objectIdentity = new ObjectIdentityImpl(name_class, id_object); // Create or update the relevant ACL MutableAcl acl = null; try {// ww w . ja v a 2 s . co m acl = (MutableAcl) mutableAclService.readAclById(objectIdentity); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(objectIdentity); } try { authentication = SecurityContextHolder.getContext().getAuthentication(); List<Sid> sids = sidRetrievalStrategy.getSids(authentication); acl = (MutableAcl) this.mutableAclService.readAclById(objectIdentity, sids); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(objectIdentity); return false; } if (authentication.getPrincipal() != "anonymousUser") { User user = (User) authentication.getPrincipal(); acl.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(user.getUsername()), true); acl.insertAce(1, BasePermission.DELETE, new GrantedAuthoritySid("ROLE_ADMIN"), true); } acl.insertAce(0, BasePermission.ADMINISTRATION, new GrantedAuthoritySid("ROLE_ADMIN"), true); acl.insertAce(1, BasePermission.DELETE, new GrantedAuthoritySid("ROLE_ADMIN"), true); /* * // READ access for users with ROLE_USER acl.insertAce(2, * BasePermission.READ, new GrantedAuthoritySid( "ROLE_USER"), true); */ return true; }
From source file:es.ucm.fdi.dalgs.acl.service.AclObjectService.java
public void addPermissionToAnObject_READ(User user, Long id_object, String name_class) { if (user != null) { // Create or update the relevant ACL MutableAcl acl = null; // Prepare the information we'd like in our access control entry // (ACE)/* ww w.j a v a 2s .co m*/ ObjectIdentity oi = new ObjectIdentityImpl(name_class, id_object); User admin = userService.findByUsername("admin").getSingleElement(); Sid admin_sid = new PrincipalSid(admin.getUsername()); List<Sid> sids = new ArrayList<Sid>(); sids.add(admin_sid); Sid sid = null; sid = new PrincipalSid(user.getUsername()); Permission p = BasePermission.READ; try { acl = (MutableAcl) mutableAclService.readAclById(oi, sids); } catch (NotFoundException nfe) { acl = mutableAclService.createAcl(oi); } if (!acl.getEntries().isEmpty()) acl.insertAce(acl.getEntries().size(), p, sid, true); else acl.insertAce(2, p, sid, true); mutableAclService.updateAcl(acl); } }