List of usage examples for org.springframework.security.acls.model MutableAcl setEntriesInheriting
void setEntriesInheriting(boolean entriesInheriting);
From source file:org.bremersee.common.acl.test.AclServiceTests.java
@Test public void testAcl() { LOG.info("Testing ..."); RunAsUtil.runAs("tester", getRunAsRoles(), () -> { MutableAcl acl = aclService.createAcl(new ObjectIdentityImpl("TestObject", "100")); acl.setOwner(new PrincipalSid("tester")); acl.setEntriesInheriting(false); acl.setParent(null);//from www .ja v a2 s . c o m acl.insertAce(acl.getEntries().size(), BasePermission.READ, new PrincipalSid("friend"), true); acl = aclService.updateAcl(acl); return acl; }); MutableAcl acl = (MutableAcl) aclService.readAclById(new ObjectIdentityImpl("TestObject", "100")); LOG.info("Acl: " + acl); boolean friendCanRead = permissionEvaluator.hasPermission( new RunAsAuthentication("friend", new String[] { "ROLE_USER" }), "100", "TestObject", "READ"); LOG.info("Successful? " + friendCanRead); TestCase.assertEquals(true, friendCanRead); }
From source file:de.iew.services.impl.AclEditorServiceImpl.java
public void inheritAclPermissionsFrom(MutableAcl childAcl, MutableAcl parentAcl) { childAcl.setEntriesInheriting(true); childAcl.setParent(parentAcl);//ww w. j a va 2 s.c o m this.aclService.updateAcl(childAcl); }
From source file:com.sshdemo.common.security.acl.service.EwcmsAclService.java
@Override public void updateInheriting(Object object, Object parent) { ObjectIdentity objectIdentity = new ObjectIdentityImpl(object); ObjectIdentity parentIdentity = (parent == null ? null : new ObjectIdentityImpl(parent)); MutableAcl acl = getMutableAcl(objectIdentity); if (parentIdentity == null) { acl.setEntriesInheriting(Boolean.FALSE); updateAcl(acl);//from ww w . j ava 2s .com } Acl parentAcl = getMutableAcl(parentIdentity); acl.setParent(parentAcl); acl.setEntriesInheriting(Boolean.TRUE); updateAcl(acl); }
From source file:com.ewcms.security.acls.service.EwcmsAclService.java
@Override public void updateInheriting(Object object, Object parent) { ObjectIdentity objectIdentity = new ObjectIdentityImpl(object); ObjectIdentity parentIdentity = (parent == null ? null : new ObjectIdentityImpl(parent)); MutableAcl acl = getMutableAcl(objectIdentity); if (parentIdentity == null) { acl.setEntriesInheriting(Boolean.FALSE); acl.setParent(null);/*w w w . j av a 2 s . co m*/ } else { Acl parentAcl = getMutableAcl(parentIdentity); acl.setParent(parentAcl); acl.setEntriesInheriting(Boolean.TRUE); } updateAcl(acl); }
From source file:com.cedac.security.acls.mongo.MongoMutableAclServiceTests.java
@Test @ShouldMatchDataSet/*w ww . ja v a2 s . c o m*/ public void updateAcl_changeEntriesInheriting() { MutableAcl acl = (MutableAcl) fixture .readAclById(new ObjectIdentityImpl("com.cedac.smartresidence.profile.domain.Home", "1")); acl.setEntriesInheriting(false); fixture.updateAcl(acl); }
From source file:org.createnet.raptor.auth.service.services.AclManagerService.java
@Retryable(maxAttempts = 3, value = AclManagerException.class, backoff = @Backoff(delay = 500, multiplier = 2)) public void setParent(Class<?> clazz, Long childId, Long parentId) { try {/*from w ww .j a v a 2s . c om*/ MutableAcl childAcl = getACL(clazz, childId); if (parentId != null) { MutableAcl parentAcl = getACL(clazz, parentId); childAcl.setEntriesInheriting(true); childAcl.setParent(parentAcl); } aclService.updateAcl(childAcl); } catch (Exception e) { log.error("Failed to set parent pid:{} -> cid:{}", parentId, childId); throw new AclManagerException(e); } }
From source file:org.createnet.raptor.auth.service.services.AclManagerService.java
@Retryable(maxAttempts = 3, value = AclManagerException.class, backoff = @Backoff(delay = 500, multiplier = 2)) public <T> void addPermissions(Class<T> clazz, Serializable identifier, Sid sid, List<Permission> permissions, Long parentId) {//from w w w .j a v a 2s . c o m try { log.debug("Storing ACL {} {} {}:{}", sid, String.join(",", RaptorPermission.toLabel(permissions)), clazz, identifier); MutableAcl acl = getACL(clazz, identifier); permissions.stream().forEach((Permission p) -> { isPermissionGranted(p, sid, acl); }); if (parentId != null) { log.debug("Setting parent ACL to {}", parentId); MutableAcl parentAcl = getACL(clazz, parentId); acl.setEntriesInheriting(true); acl.setParent(parentAcl); } aclService.updateAcl(acl); } catch (NotFoundException ex) { log.debug("Storing ACL FAILED for {} {} {}:{}", sid, String.join(",", RaptorPermission.toLabel(permissions)), clazz, identifier); throw new AclManagerException(ex); } }
From source file:org.apache.kylin.rest.service.AccessService.java
@Transactional public void inherit(AclEntity ae, AclEntity parentAe) { Message msg = MsgPicker.getMsg();/* w ww. jav a2 s.co m*/ if (ae == null) { throw new BadRequestException(msg.getACL_DOMAIN_NOT_FOUND()); } if (parentAe == null) { throw new BadRequestException(msg.getPARENT_ACL_NOT_FOUND()); } ObjectIdentity objectIdentity = new ObjectIdentityImpl(ae.getClass(), ae.getId()); MutableAcl acl = null; try { acl = (MutableAcl) aclService.readAclById(objectIdentity); } catch (NotFoundException e) { acl = (MutableAcl) init(ae, null); } ObjectIdentity parentObjectIdentity = new ObjectIdentityImpl(parentAe.getClass(), parentAe.getId()); MutableAcl parentAcl = null; try { parentAcl = (MutableAcl) aclService.readAclById(parentObjectIdentity); } catch (NotFoundException e) { parentAcl = (MutableAcl) init(parentAe, null); } if (null == acl || null == parentAcl) { return; } acl.setEntriesInheriting(true); acl.setParent(parentAcl); aclService.updateAcl(acl); }
From source file:ubic.gemma.core.security.authorization.acl.AclAdvice.java
@Override protected void createOrUpdateAclSpecialCases(MutableAcl acl, Acl parentAcl, Sid sid, Securable object) { // Treating Analyses as special case. It'll inherit ACL from ExpressionExperiment // If aclParent is passed to this method we overwrite it. if (SingleExperimentAnalysis.class.isAssignableFrom(object.getClass())) { SingleExperimentAnalysis experimentAnalysis = (SingleExperimentAnalysis) object; BioAssaySet bioAssaySet = experimentAnalysis.getExperimentAnalyzed(); ObjectIdentity oi_temp = this.makeObjectIdentity(bioAssaySet); parentAcl = this.getAclService().readAclById(oi_temp); if (parentAcl == null) { // This is possible if making an EESubSet is part of the transaction. parentAcl = this.getAclService().createAcl(oi_temp); }/*from w w w . j a v a 2 s .c o m*/ acl.setEntriesInheriting(true); acl.setParent(parentAcl); //noinspection UnusedAssignment //Owner of the experiment owns analyses even if administrator ran them. sid = parentAcl.getOwner(); } }
From source file:ubic.gemma.security.authorization.acl.AclAdvice.java
/** * This is used when rechecking objects that are detached from a parent. Typically these are {@link SecuredChild}ren * like BioAssays./*from ww w. j a va 2s . co m*/ * <p> * Be careful with the argument order! * * @param object * @param acl - the potential child * @param parentAcl - the potential parent * @return the parentAcl (can be null) */ private Acl maybeSetParentACL(final Securable object, MutableAcl childAcl, final Acl parentAcl) { if (parentAcl != null && !SecuredNotChild.class.isAssignableFrom(object.getClass())) { Acl currentParentAcl = childAcl.getParentAcl(); if (currentParentAcl != null && !currentParentAcl.equals(parentAcl)) { throw new IllegalStateException("Cannot change parentAcl once it has ben set: Current parent: " + currentParentAcl + " != Proposed parent:" + parentAcl); } boolean changedParentAcl = false; if (currentParentAcl == null) { childAcl.setParent(parentAcl); childAcl.setEntriesInheriting(true); changedParentAcl = true; } boolean clearedACEs = maybeClearACEsOnChild(object, childAcl, parentAcl); if (changedParentAcl || clearedACEs) { aclService.updateAcl(childAcl); } } return childAcl.getParentAcl(); }