List of usage examples for org.springframework.security.acls.model ObjectIdentity toString
public String toString()
From source file:com.sshdemo.common.security.acl.service.EwcmsAclService.java
/** * MutableAcl// w w w.j a v a 2 s . c om * * MutableAcl?, * * @param objectIdentity * @return */ private MutableAcl getMutableAcl(ObjectIdentity objectIdentity) { try { return (MutableAcl) readAclById(objectIdentity); } catch (NotFoundException e) { logger.debug("Not found acl by {}", objectIdentity.toString()); return createAcl(objectIdentity); } }
From source file:com.sshdemo.common.security.acl.service.EwcmsAclService.java
@Override public List<AccessControlEntry> findAces(final ObjectIdentity objectIdentity) { try {// ww w.jav a 2s. co m final Acl acl = readAclById(objectIdentity); return acl.getEntries(); } catch (NotFoundException e) { logger.debug("Not found acl by {}", objectIdentity.toString()); return new ArrayList<AccessControlEntry>(); } }
From source file:com.sshdemo.common.security.acl.service.EwcmsAclService.java
@Override public Set<Permission> getPermissions(final ObjectIdentity objectIdentity) { Assert.notNull(objectIdentity, "objectIdentity is null"); List<Sid> sids = sidRetrievalStrategy.getSids(SecurityContextHolder.getContext().getAuthentication()); Set<Permission> permissions = new HashSet<Permission>(); if (isRoleAdmin(sids)) { permissions.add(EwcmsPermission.ADMIN); }/*from www . j a va2s . c o m*/ try { MutableAcl acl = (MutableAcl) readAclById(objectIdentity); getPermissions(permissions, acl, sids); } catch (NotFoundException e) { logger.debug("Not found acl by {}", objectIdentity.toString()); } return permissions; }
From source file:org.collectionspace.services.authorization.spring.SpringPermissionManager.java
/** * addPermissions adds permissions according to the given grant for given * resource#action for each given principal * @param res/*from w w w. j a v a 2 s . c om*/ * @param action * @param principals * @param grant * @throws PermissionException */ @Override public void addPermissions(CSpaceResource res, CSpaceAction action, String[] principals, boolean grant) throws PermissionException { ObjectIdentity oid = SpringAuthorizationProvider.getObjectIdentity(res); Sid[] sids = SpringAuthorizationProvider.getSids(principals); Permission p = SpringAuthorizationProvider.getPermission(action); TransactionStatus status = provider.beginTransaction("addPermssions"); //add permission for each sid for (Sid sid : sids) { try { addPermission(oid, p, sid, grant); if (log.isDebugEnabled()) { log.debug("addpermissions(res,action,prin[], grant), success for " + " res=" + res.toString() + " action=" + action.toString() + " grant=" + grant + " oid=" + oid.toString() + " perm=" + p.toString() + " sid=" + sid.toString()); } } catch (AlreadyExistsException aex) { if (log.isWarnEnabled()) { log.warn("addpermissions(res,action,prin[], grant) failed," + " oid=" + oid.toString() + " res=" + res.toString() + " grant=" + grant + " action=" + action.toString() + " oid=" + oid.toString() + " perm=" + p.toString(), aex); } //keep going } catch (Exception ex) { String msg = "addpermissions(res,action,prin[], grant) failed," + " oid=" + oid.toString() + " res=" + res.toString() + " action=" + action.toString() + " oid=" + oid.toString() + " perm=" + p.toString() + " grant=" + grant; if (log.isDebugEnabled()) { log.debug(msg, ex); } //don't know what might be wrong...stop provider.rollbackTransaction(status); if (ex instanceof PermissionException) { throw (PermissionException) ex; } throw new PermissionException(msg, ex); } } //rof provider.commitTransaction(status); if (log.isDebugEnabled()) { log.debug("addpermissions(res,action,prin[], grant), success for " + " res=" + res.toString() + " action=" + action.toString() + " grant=" + grant + " oid=" + oid.toString() + " perm=" + p.toString() + " sids=" + sids.toString()); } }
From source file:org.collectionspace.services.authorization.spring.SpringPermissionManager.java
/** * deletePermissions removes permisions for given resource#action for each given principal * @param res//w w w . j ava 2 s. c o m * @param action * @param principals * @throws PermissionNotFoundException * @throws PermissionException */ @Override public void deletePermissions(CSpaceResource res, CSpaceAction action, String[] principals) throws PermissionNotFoundException, PermissionException { ObjectIdentity oid = SpringAuthorizationProvider.getObjectIdentity(res); Sid[] sids = SpringAuthorizationProvider.getSids(principals); Permission p = SpringAuthorizationProvider.getPermission(action); TransactionStatus status = provider.beginTransaction("deletePermssions"); //delete permission for each sid for (Sid sid : sids) { try { deletePermissions(oid, p, sid); if (log.isDebugEnabled()) { log.debug("deletedpermissions(res,action,prin[]), success for " + " res=" + res.toString() + " action=" + action.toString() + " oid=" + oid.toString() + " perm=" + p.toString() + " sid=" + sid.toString()); } } catch (AclDataAccessException aex) { if (log.isWarnEnabled()) { log.debug("deletepermissions(res,action,prin[]) failed, " + " oid=" + oid.toString() + " res=" + res.toString() + " action=" + action.toString() + " oid=" + oid.toString() + " perm=" + p.toString(), aex); } //keep going } catch (Exception ex) { String msg = "deletepermissions(res,action,prin[]) failed," + " oid=" + oid.toString() + " res=" + res.toString() + " action=" + action.toString() + " oid=" + oid.toString() + " perm=" + p.toString(); if (log.isDebugEnabled()) { log.debug(msg, ex); } //don't know what might be wrong...stop provider.rollbackTransaction(status); if (ex instanceof PermissionException) { throw (PermissionException) ex; } throw new PermissionException(msg, ex); } } provider.commitTransaction(status); if (log.isDebugEnabled()) { log.debug("deletedpermissions(res,action,prin[]), success for " + " res=" + res.toString() + " action=" + action.toString() + " oid=" + oid.toString() + " perm=" + p.toString() + " sids=" + sids.toString()); } }
From source file:org.collectionspace.services.authorization.spring.SpringPermissionManager.java
/** * deletePermissions//from ww w . j a v a2 s . c o m * @param res * @param action * @throws PermissionNotFoundException * @throws PermissionException */ //non-javadoc NOTE: this is a very destructive operation. it would remove all permissions //to access given resource#action for ANY role including administrators @Override public void deletePermissions(CSpaceResource res, CSpaceAction action) throws PermissionNotFoundException, PermissionException { ObjectIdentity oid = SpringAuthorizationProvider.getObjectIdentity(res); Permission p = SpringAuthorizationProvider.getPermission(action); TransactionStatus status = provider.beginTransaction("deletePermssions"); try { deletePermissions(oid, p, null); provider.commitTransaction(status); if (log.isDebugEnabled()) { log.debug("deletepermissions(res,action) success, " + " res=" + res.toString() + " action=" + action.toString() + " oid=" + oid.toString() + " perm=" + p.toString()); } } catch (AclDataAccessException aex) { provider.rollbackTransaction(status); log.debug( "deletepermissions(res,action) failed," + " oid=" + oid.toString() + " res=" + res.toString() + " action=" + action.toString() + " oid=" + oid.toString() + " perm=" + p.toString(), aex); throw new PermissionException(aex); } catch (Exception ex) { provider.rollbackTransaction(status); String msg = "deletepermissions(res,action,prin[]) failed," + " oid=" + oid.toString() + " res=" + res.toString() + " action=" + action.toString() + " oid=" + oid.toString() + " perm=" + p.toString(); if (log.isDebugEnabled()) { log.debug(msg, ex); } if (ex instanceof PermissionException) { throw (PermissionException) ex; } throw new PermissionException(msg, ex); } }
From source file:org.collectionspace.services.authorization.spring.SpringPermissionManager.java
/** * deletePermissions//from w w w .j a v a 2s .c om * @param res * @throws PermissionNotFoundException * @throws PermissionException */ //non-javadoc NOTE: this is a very very destructive operation. it would remove all permissions //to access given resource for ANY action for ANY role including administrators @Override public void deletePermissions(CSpaceResource res) throws PermissionNotFoundException, PermissionException { ObjectIdentity oid = SpringAuthorizationProvider.getObjectIdentity(res); TransactionStatus status = provider.beginTransaction("deletePermssion"); try { provider.getProviderAclService().deleteAcl(oid, true); provider.commitTransaction(status); if (log.isDebugEnabled()) { log.debug("deletepermissions(res) success, " + " res=" + res.toString() + " oid=" + oid.toString()); } } catch (AclDataAccessException aex) { provider.rollbackTransaction(status); log.debug("deletepermissions(res) failed," + " oid=" + oid.toString() + " res=" + res.toString() + " oid=" + oid.toString(), aex); throw new PermissionException(aex); } catch (Exception ex) { provider.rollbackTransaction(status); String msg = "deletepermissions(res) failed," + " oid=" + oid.toString() + " res=" + res.toString() + " oid=" + oid.toString(); if (log.isDebugEnabled()) { log.debug(msg, ex); } if (ex instanceof PermissionException) { throw (PermissionException) ex; } throw new PermissionException(msg, ex); } }
From source file:org.collectionspace.services.authorization.spring.SpringPermissionManager.java
/** * addPermission adds permission grant for given object identity for given permission * for given sid// w w w.j a v a2s .co m * @param oid * @param permission * @param sid * @param grant * @throws PermissionException */ private void addPermission(ObjectIdentity oid, Permission permission, Sid sid, boolean grant) throws PermissionException { MutableAcl acl; try { acl = getAcl(oid); } catch (NotFoundException nfe) { if (log.isDebugEnabled()) { log.debug("addPermission: acl not found for oid=" + oid.toString() + " perm=" + permission.toString() + " sid=" + sid.toString() + " grant=" + grant + " adding..."); } acl = provider.getProviderAclService().createAcl(oid); } acl.insertAce(acl.getEntries().size(), permission, sid, grant); provider.getProviderAclService().updateAcl(acl); if (log.isDebugEnabled()) { log.debug("addPermission: added acl for oid=" + oid.toString() + " perm=" + permission.toString() + " sid=" + sid.toString() + " grant=" + grant); } }
From source file:org.collectionspace.services.authorization.spring.SpringPermissionManager.java
/** * deletePermissions deletes given permission on given object id for given sid * @param oid/*from w ww .ja va 2s.c om*/ * @param permission * @param sid */ //non-javadoc NOTE: if sid is null it would remove ACEs for all sid(s) private void deletePermissions(ObjectIdentity oid, Permission permission, Sid sid) /** throws AclDataAccessException */ { int i = 0; MutableAcl acl = getAcl(oid); List<AccessControlEntry> acel = acl.getEntries(); int aces = acel.size(); if (log.isDebugEnabled()) { log.debug("deletePermissions: for acl oid=" + oid.toString() + " found " + aces + " aces"); } ArrayList<Integer> foundAces = new ArrayList<Integer>(); Iterator iter = acel.listIterator(); //not possible to delete while iterating while (iter.hasNext()) { AccessControlEntry ace = (AccessControlEntry) iter.next(); if (sid != null) { if (ace.getSid().equals(sid) && ace.getPermission().equals(permission)) { foundAces.add(i); } } else { if (ace.getPermission().equals(permission)) { foundAces.add(i); } } i++; } for (int j = foundAces.size() - 1; j >= 0; j--) { //the following operation does not work while iterating in the while loop acl.deleteAce(foundAces.get(j)); //autobox } provider.getProviderAclService().updateAcl(acl); if (log.isDebugEnabled()) { log.debug("deletePermissions: for acl oid=" + oid.toString() + " deleted " + i + " aces"); } }
From source file:org.collectionspace.services.authorization.spring.SpringPermissionManager.java
private MutableAcl getAcl(ObjectIdentity oid) throws NotFoundException { MutableAcl acl = null;// w ww . jav a 2 s.c om acl = (MutableAcl) provider.getProviderAclService().readAclById(oid); if (log.isDebugEnabled()) { log.debug("found acl for oid=" + oid.toString()); } return acl; }