List of usage examples for org.springframework.security.acls.model MutableAcl setOwner
void setOwner(Sid newOwner);
From source file:org.bremersee.common.acl.test.AclServiceTests.java
@Test public void testAcl() { LOG.info("Testing ..."); RunAsUtil.runAs("tester", getRunAsRoles(), () -> { MutableAcl acl = aclService.createAcl(new ObjectIdentityImpl("TestObject", "100")); acl.setOwner(new PrincipalSid("tester")); acl.setEntriesInheriting(false); acl.setParent(null);//from www . ja va 2s . com acl.insertAce(acl.getEntries().size(), BasePermission.READ, new PrincipalSid("friend"), true); acl = aclService.updateAcl(acl); return acl; }); MutableAcl acl = (MutableAcl) aclService.readAclById(new ObjectIdentityImpl("TestObject", "100")); LOG.info("Acl: " + acl); boolean friendCanRead = permissionEvaluator.hasPermission( new RunAsAuthentication("friend", new String[] { "ROLE_USER" }), "100", "TestObject", "READ"); LOG.info("Successful? " + friendCanRead); TestCase.assertEquals(true, friendCanRead); }
From source file:com.cedac.security.acls.mongo.MongoMutableAclServiceTests.java
@Test @ShouldMatchDataSet/*from ww w . j a v a2s .com*/ public void updateAcl_changeOwner() { MutableAcl acl = (MutableAcl) fixture .readAclById(new ObjectIdentityImpl("com.cedac.smartresidence.profile.domain.Home", "1")); acl.setOwner(new PrincipalSid("other@cedac.com")); fixture.updateAcl(acl); }
From source file:com.trailmagic.image.security.SpringSecurityImageSecurityService.java
private void addOwnerAclInternal(Owned ownedObj, Object parent) { final User owner = ownedObj.getOwner(); final ObjectIdentity identity = identityRetrievalStrategy.getObjectIdentity(ownedObj); final MutableAcl acl = aclService.createAcl(identity); final Sid ownerSid = sidForUser(owner); acl.setOwner(ownerSid); aclService.updateAcl(acl);/*from w w w . j a va 2s . c o m*/ if (parent != null) { final ObjectIdentity parentIdentity = identityRetrievalStrategy.getObjectIdentity(parent); if (parentIdentity != null) { try { final Acl parentAcl = aclService.readAclById(parentIdentity, Arrays.asList(ownerSid)); acl.setParent(parentAcl); } catch (NotFoundException e) { // don't care } } } effectPermissions(acl, ownerSid, OWNER_PERMISSIONS, false); }
From source file:ubic.gemma.security.SecurityServiceImpl.java
@Override @Secured("GROUP_ADMIN") public void makeOwnedByUser(Securable s, String userName) { MutableAcl acl = getAcl(s); Sid owner = acl.getOwner();//from www . j a va 2 s . c o m if (owner != null && owner instanceof PrincipalSid && ((PrincipalSid) owner).getPrincipal().equals(userName)) { /* * Already owned by the given user -- note we don't check if the user exists here. */ return; } // make sure user exists and is enabled. UserDetails user = this.userManager.loadUserByUsername(userName); if (!user.isEnabled() || !user.isAccountNonExpired() || !user.isAccountNonLocked()) { throw new IllegalArgumentException("User " + userName + " has a disabled account"); } acl.setOwner(new PrincipalSid(userName)); aclService.updateAcl(acl); /* * FIXME: I don't know if these are necessary if you are the owner. */ addPrincipalAuthority(s, BasePermission.WRITE, userName); addPrincipalAuthority(s, BasePermission.READ, userName); }
From source file:ubic.gemma.security.SecurityServiceImpl.java
@Override @Secured("GROUP_ADMIN") public void setOwner(Securable s, String userName) { // make sure user exists and is enabled. UserDetails user = this.userManager.loadUserByUsername(userName); if (!user.isEnabled() || !user.isAccountNonExpired() || !user.isAccountNonLocked()) { throw new IllegalArgumentException("User " + userName + " has a disabled account"); }/*w ww .j a v a 2 s . co m*/ ObjectIdentity oi = this.objectIdentityRetrievalStrategy.getObjectIdentity(s); MutableAcl a = (MutableAcl) this.aclService.readAclById(oi); a.setOwner(new PrincipalSid(userName)); this.aclService.updateAcl(a); }