Changeset 29901
- Timestamp:
- 02/05/08 18:01:22 (10 months ago)
- Files:
-
- org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/event/CoreEventConstants.java (modified) (2 diffs)
- org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/security/ACE.java (modified) (2 diffs)
- org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/security/ACL.java (modified) (2 diffs)
- org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/security/ACP.java (modified) (7 diffs)
- org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/security/impl/ACLImpl.java (modified) (1 diff)
- org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/security/impl/ACPImpl.java (modified) (2 diffs)
- org.nuxeo.ecm.core/branches/1.4/nuxeo-core/src/main/java/org/nuxeo/ecm/core/api/AbstractSession.java (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/event/CoreEventConstants.java
r29680 r29901 38 38 public static final String DOCUMENT = "document"; 39 39 40 public static final String ACP = "acp";41 42 40 /** 43 41 * Path the of the container of the empty document model that is being … … 52 50 public static final String SESSION_ID = "sessionId"; 53 51 52 public static final String OLD_ACP = "oldACP"; 53 54 public static final String NEW_ACP = "newACP"; 55 54 56 // Constant utility class 55 57 private CoreEventConstants() { org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/security/ACE.java
r28460 r29901 26 26 * 27 27 */ 28 public final class ACE implements Serializable {28 public final class ACE implements Serializable, Cloneable { 29 29 30 30 private static final long serialVersionUID = -2466595648453932006L; … … 99 99 } 100 100 101 @Override 102 public Object clone() { 103 return new ACE(username, permission, isGranted); 104 } 105 101 106 } org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/security/ACL.java
r19492 r29901 45 45 * @author <a href="mailto:bs@nuxeo.com">Bogdan Stefanescu</a> 46 46 */ 47 public interface ACL extends List<ACE>, Serializable {47 public interface ACL extends List<ACE>, Serializable, Cloneable { 48 48 49 49 String LOCAL_ACL = "local"; … … 72 72 void setACEs(ACE[] aces); 73 73 74 /** 75 * Return a recursive copy of the ACL sharing no mutable substructure with 76 * the original 77 * 78 * @return a copy 79 */ 80 public Object clone(); 81 74 82 } org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/security/ACP.java
r28147 r29901 45 45 * 46 46 */ 47 public interface ACP extends Serializable {47 public interface ACP extends Serializable, Cloneable { 48 48 49 49 /** … … 54 54 * checked. 55 55 * 56 * @param principal 57 * the pricipal to check 58 * @param permission 59 * the permission to check 56 * @param principal the pricipal to check 57 * @param permission the permission to check 60 58 * @return Access.GRANT if granted, Access.DENY if denied or Access.UNKNOWN 61 59 * if no rule for that permission exists. Never returns null. … … 66 64 67 65 /** 68 * Check the access on the ACLs for each set of the given permissions and principals. 69 * This differs for an iterative check using getAccess(String principal, String pemission) 70 * in the order of checks - so that in this case each ACE is fully checked against the given users and permissions 66 * Check the access on the ACLs for each set of the given permissions and 67 * principals. This differs for an iterative check using getAccess(String 68 * principal, String pemission) in the order of checks - so that in this 69 * case each ACE is fully checked against the given users and permissions 71 70 * before passing to the next ACE. 72 71 * … … 102 101 /** 103 102 * Replaces the modifiable user entries (associated with the 104 * currentDocument) related to the ACP. Considers that all the 105 * passed entries are modifiable and attempts to set them as entries106 * related to thecurrent document.103 * currentDocument) related to the ACP. Considers that all the passed 104 * entries are modifiable and attempts to set them as entries related to the 105 * current document. 107 106 * 108 107 * @param aclName … … 113 112 /** 114 113 * Replaces the modifiable user entries (associated with the 115 * currentDocument) related to the ACP. Considers that all the 116 * passed entries are modifiable and attempts to set them as entries117 * related to thecurrent document.114 * currentDocument) related to the ACP. Considers that all the passed 115 * entries are modifiable and attempts to set them as entries related to the 116 * current document. 118 117 * 119 118 * @param aclName … … 121 120 * @param overwrite overwrite the whole ACL 122 121 */ 123 void setRules(String aclName, UserEntry[] userEntries, 124 boolean overwrite); 122 void setRules(String aclName, UserEntry[] userEntries, boolean overwrite); 125 123 126 124 String[] getOwners(); … … 168 166 */ 169 167 String[] listUsernamesForAnyPermission(Set<String> perms); 168 169 /** 170 * Return a recursive copy of the ACP sharing no mutable substructure with 171 * the original 172 * 173 * @return a copy 174 */ 175 public Object clone(); 170 176 } org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/security/impl/ACLImpl.java
r28329 r29901 71 71 } 72 72 73 @Override 74 public Object clone() { 75 ACLImpl copy = new ACLImpl(name, isReadOnly); 76 ACE[] aces = new ACE[size()]; 77 for (int i=0; i<size(); i++) { 78 aces[i] = (ACE) get(i).clone(); 79 } 80 copy.setACEs(aces); 81 return copy; 82 } 83 73 84 } org.nuxeo.ecm.core/branches/1.4/nuxeo-core-api/src/main/java/org/nuxeo/ecm/core/api/security/impl/ACPImpl.java
r29106 r29901 46 46 private static final long serialVersionUID = -2640696060701197284L; 47 47 48 private final List<String> owners;48 private final ArrayList<String> owners; 49 49 50 50 private final List<ACL> acls; … … 363 363 } 364 364 365 @SuppressWarnings("unchecked") 366 @Override 367 public Object clone() { 368 ACPImpl copy = new ACPImpl(); 369 for (ACL acl: acls) { 370 copy.acls.add((ACL) acl.clone()); 371 } 372 copy.owners.addAll((ArrayList<String>) owners.clone()); 373 return copy; 374 } 375 365 376 } org.nuxeo.ecm.core/branches/1.4/nuxeo-core/src/main/java/org/nuxeo/ecm/core/api/AbstractSession.java
r29683 r29901 521 521 } 522 522 523 public void setACP(DocumentRef docRef, ACP acp, boolean overwrite)523 public void setACP(DocumentRef docRef, ACP newAcp, boolean overwrite) 524 524 throws ClientException { 525 525 try { 526 526 Document doc = resolveReference(docRef); 527 527 checkPermission(doc, WRITE_SECURITY); 528 // TODO feed some options in events529 528 DocumentModel docModel = readModel(doc, null); 529 530 530 Map<String, Object> options = new HashMap<String, Object>(); 531 531 options.put(CoreEventConstants.DOCUMENT, doc); 532 options.put(CoreEventConstants.ACP, docModel.getACP()); 532 options.put(CoreEventConstants.OLD_ACP, docModel.getACP().clone()); 533 options.put(CoreEventConstants.NEW_ACP, newAcp.clone()); 534 533 535 notifyEvent(DocumentEventTypes.BEFORE_DOC_SECU_UPDATE, docModel, 534 536 options, null, null, true); 535 getSession().getSecurityManager().setACP(doc, acp, overwrite);537 getSession().getSecurityManager().setACP(doc, newAcp, overwrite); 536 538 docModel = readModel(doc, null); 537 options.put(CoreEventConstants.ACP, acp);538 539 notifyEvent(DocumentEventTypes.DOCUMENT_SECURITY_UPDATED, docModel, 539 540 options, null, null, true);
