List of usage examples for org.springframework.security.acls.model MutableAcl setParent
void setParent(Acl newParent);
From source file:org.bremersee.common.acl.test.AclServiceTests.java
@Test public void testAcl() { LOG.info("Testing ..."); RunAsUtil.runAs("tester", getRunAsRoles(), () -> { MutableAcl acl = aclService.createAcl(new ObjectIdentityImpl("TestObject", "100")); acl.setOwner(new PrincipalSid("tester")); acl.setEntriesInheriting(false); acl.setParent(null); acl.insertAce(acl.getEntries().size(), BasePermission.READ, new PrincipalSid("friend"), true); acl = aclService.updateAcl(acl); return acl; });// www .j a va 2 s . c o m MutableAcl acl = (MutableAcl) aclService.readAclById(new ObjectIdentityImpl("TestObject", "100")); LOG.info("Acl: " + acl); boolean friendCanRead = permissionEvaluator.hasPermission( new RunAsAuthentication("friend", new String[] { "ROLE_USER" }), "100", "TestObject", "READ"); LOG.info("Successful? " + friendCanRead); TestCase.assertEquals(true, friendCanRead); }
From source file:de.iew.services.impl.AclEditorServiceImpl.java
public void inheritAclPermissionsFrom(MutableAcl childAcl, MutableAcl parentAcl) { childAcl.setEntriesInheriting(true); childAcl.setParent(parentAcl); this.aclService.updateAcl(childAcl); }
From source file:com.cedac.security.acls.mongo.MongoMutableAclServiceTests.java
@Test @ShouldMatchDataSet//from w ww . ja v a 2 s .c o m public void updateAcl_changeParent() { MutableAcl acl = (MutableAcl) fixture .readAclById(new ObjectIdentityImpl("com.cedac.smartresidence.profile.domain.Device", "1.1.2")); acl.setParent(fixture .readAclById(new ObjectIdentityImpl("com.cedac.smartresidence.profile.domain.Device", "1.1.1"))); fixture.updateAcl(acl); }
From source file:com.ewcms.security.acls.service.EwcmsAclService.java
@Override public void updateInheriting(Object object, Object parent) { ObjectIdentity objectIdentity = new ObjectIdentityImpl(object); ObjectIdentity parentIdentity = (parent == null ? null : new ObjectIdentityImpl(parent)); MutableAcl acl = getMutableAcl(objectIdentity); if (parentIdentity == null) { acl.setEntriesInheriting(Boolean.FALSE); acl.setParent(null); } else {//from w w w . j a v a 2 s .co m Acl parentAcl = getMutableAcl(parentIdentity); acl.setParent(parentAcl); acl.setEntriesInheriting(Boolean.TRUE); } updateAcl(acl); }
From source file:com.sshdemo.common.security.acl.service.EwcmsAclService.java
@Override public void updateInheriting(Object object, Object parent) { ObjectIdentity objectIdentity = new ObjectIdentityImpl(object); ObjectIdentity parentIdentity = (parent == null ? null : new ObjectIdentityImpl(parent)); MutableAcl acl = getMutableAcl(objectIdentity); if (parentIdentity == null) { acl.setEntriesInheriting(Boolean.FALSE); updateAcl(acl);/*w w w . j av a 2s . c om*/ } Acl parentAcl = getMutableAcl(parentIdentity); acl.setParent(parentAcl); acl.setEntriesInheriting(Boolean.TRUE); updateAcl(acl); }
From source file:org.createnet.raptor.auth.service.services.AclManagerService.java
@Retryable(maxAttempts = 3, value = AclManagerException.class, backoff = @Backoff(delay = 500, multiplier = 2)) public void setParent(Class<?> clazz, Long childId, Long parentId) { try {//from w w w .ja v a2 s.c om MutableAcl childAcl = getACL(clazz, childId); if (parentId != null) { MutableAcl parentAcl = getACL(clazz, parentId); childAcl.setEntriesInheriting(true); childAcl.setParent(parentAcl); } aclService.updateAcl(childAcl); } catch (Exception e) { log.error("Failed to set parent pid:{} -> cid:{}", parentId, childId); throw new AclManagerException(e); } }
From source file:org.createnet.raptor.auth.service.services.AclManagerService.java
@Retryable(maxAttempts = 3, value = AclManagerException.class, backoff = @Backoff(delay = 500, multiplier = 2)) public <T> void addPermissions(Class<T> clazz, Serializable identifier, Sid sid, List<Permission> permissions, Long parentId) {//from ww w .jav a 2 s .c o m try { log.debug("Storing ACL {} {} {}:{}", sid, String.join(",", RaptorPermission.toLabel(permissions)), clazz, identifier); MutableAcl acl = getACL(clazz, identifier); permissions.stream().forEach((Permission p) -> { isPermissionGranted(p, sid, acl); }); if (parentId != null) { log.debug("Setting parent ACL to {}", parentId); MutableAcl parentAcl = getACL(clazz, parentId); acl.setEntriesInheriting(true); acl.setParent(parentAcl); } aclService.updateAcl(acl); } catch (NotFoundException ex) { log.debug("Storing ACL FAILED for {} {} {}:{}", sid, String.join(",", RaptorPermission.toLabel(permissions)), clazz, identifier); throw new AclManagerException(ex); } }
From source file:com.trailmagic.image.security.SpringSecurityImageSecurityService.java
private void addOwnerAclInternal(Owned ownedObj, Object parent) { final User owner = ownedObj.getOwner(); final ObjectIdentity identity = identityRetrievalStrategy.getObjectIdentity(ownedObj); final MutableAcl acl = aclService.createAcl(identity); final Sid ownerSid = sidForUser(owner); acl.setOwner(ownerSid);//from w ww .j a v a 2 s . c o m aclService.updateAcl(acl); if (parent != null) { final ObjectIdentity parentIdentity = identityRetrievalStrategy.getObjectIdentity(parent); if (parentIdentity != null) { try { final Acl parentAcl = aclService.readAclById(parentIdentity, Arrays.asList(ownerSid)); acl.setParent(parentAcl); } catch (NotFoundException e) { // don't care } } } effectPermissions(acl, ownerSid, OWNER_PERMISSIONS, false); }
From source file:org.apache.kylin.rest.service.AccessService.java
@Transactional public void inherit(AclEntity ae, AclEntity parentAe) { Message msg = MsgPicker.getMsg();//from w ww . j av a 2s . co m if (ae == null) { throw new BadRequestException(msg.getACL_DOMAIN_NOT_FOUND()); } if (parentAe == null) { throw new BadRequestException(msg.getPARENT_ACL_NOT_FOUND()); } ObjectIdentity objectIdentity = new ObjectIdentityImpl(ae.getClass(), ae.getId()); MutableAcl acl = null; try { acl = (MutableAcl) aclService.readAclById(objectIdentity); } catch (NotFoundException e) { acl = (MutableAcl) init(ae, null); } ObjectIdentity parentObjectIdentity = new ObjectIdentityImpl(parentAe.getClass(), parentAe.getId()); MutableAcl parentAcl = null; try { parentAcl = (MutableAcl) aclService.readAclById(parentObjectIdentity); } catch (NotFoundException e) { parentAcl = (MutableAcl) init(parentAe, null); } if (null == acl || null == parentAcl) { return; } acl.setEntriesInheriting(true); acl.setParent(parentAcl); aclService.updateAcl(acl); }
From source file:ubic.gemma.core.security.authorization.acl.AclAdvice.java
@Override protected void createOrUpdateAclSpecialCases(MutableAcl acl, Acl parentAcl, Sid sid, Securable object) { // Treating Analyses as special case. It'll inherit ACL from ExpressionExperiment // If aclParent is passed to this method we overwrite it. if (SingleExperimentAnalysis.class.isAssignableFrom(object.getClass())) { SingleExperimentAnalysis experimentAnalysis = (SingleExperimentAnalysis) object; BioAssaySet bioAssaySet = experimentAnalysis.getExperimentAnalyzed(); ObjectIdentity oi_temp = this.makeObjectIdentity(bioAssaySet); parentAcl = this.getAclService().readAclById(oi_temp); if (parentAcl == null) { // This is possible if making an EESubSet is part of the transaction. parentAcl = this.getAclService().createAcl(oi_temp); }// w ww . jav a2 s . co m acl.setEntriesInheriting(true); acl.setParent(parentAcl); //noinspection UnusedAssignment //Owner of the experiment owns analyses even if administrator ran them. sid = parentAcl.getOwner(); } }