org.springframework.security.acls.domain.ObjectIdentityImpl Java Examples
The following examples show how to use
org.springframework.security.acls.domain.ObjectIdentityImpl.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: EntityHelperTest.java From molgenis with GNU Lesser General Public License v3.0 | 6 votes |
@Test void testGetLabelledObjectIdentity() { Repository repository = mock(Repository.class); EntityType entityType = mock(EntityType.class); when(entityType.getLabel()).thenReturn("typeLabel"); Attribute idAttr = mock(Attribute.class); when(idAttr.getDataType()).thenReturn(STRING); when(entityType.getIdAttribute()).thenReturn(idAttr); when(repository.getEntityType()).thenReturn(entityType); Entity entity = mock(Entity.class); when(entity.getLabelValue()).thenReturn("label"); when(repository.findOneById("identifier")).thenReturn(entity); when(dataService.getRepository("typeId")).thenReturn(repository); when(dataService.getEntityType("typeId")).thenReturn(entityType); assertEquals( create("entity-typeId", "typeId", "typeLabel", "identifier", "label"), entityHelper.getLabelledObjectIdentity( new ObjectIdentityImpl("entity-typeId", "identifier"))); }
Example #2
Source File: EntityHelperTest.java From molgenis with GNU Lesser General Public License v3.0 | 6 votes |
@Test void testGetLabelledObjectIdentityIntId() { Repository repository = mock(Repository.class); EntityType entityType = mock(EntityType.class); when(entityType.getLabel()).thenReturn("typeLabel"); Attribute idAttr = mock(Attribute.class); when(idAttr.getDataType()).thenReturn(INT); when(entityType.getIdAttribute()).thenReturn(idAttr); when(repository.getEntityType()).thenReturn(entityType); Entity entity = mock(Entity.class); when(entity.getLabelValue()).thenReturn("label"); when(repository.findOneById(1)).thenReturn(entity); when(dataService.getRepository("typeId")).thenReturn(repository); when(dataService.getEntityType("typeId")).thenReturn(entityType); assertEquals( create("entity-typeId", "typeId", "typeLabel", "1", "label"), entityHelper.getLabelledObjectIdentity(new ObjectIdentityImpl("entity-typeId", 1))); }
Example #3
Source File: PermissionServiceDecoratorTest.java From molgenis with GNU Lesser General Public License v3.0 | 6 votes |
@Test void testUpdatePermission() { setUser(); ObjectIdentity objectIdentity = new ObjectIdentityImpl("type", "identifier"); Sid sid = new PrincipalSid("user"); MutableAcl acl = mock(MutableAcl.class); when(acl.getOwner()).thenReturn(sid); when(mutableAclService.readAclById(objectIdentity)).thenReturn(acl); when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("type")); Permission permission = Permission.create(objectIdentity, sid, PermissionSet.WRITE); permissionServiceDecorator.updatePermission(permission); verify(permissionService).updatePermission(permission); resetContext(); }
Example #4
Source File: DefaultCalendarService.java From Spring-Security-Third-Edition with MIT License | 6 votes |
@Transactional @Override public int createEvent(Event event) { int result = eventDao.createEvent(event); event.setId(result); // Add new ACL Entry: MutableAcl acl = aclService.createAcl(new ObjectIdentityImpl(event)); PrincipalSid sid = new PrincipalSid(userContext.getCurrentUser().getEmail()); acl.setOwner(sid); acl.insertAce(0, BasePermission.READ, sid, true); aclService.updateAcl(acl); return result; }
Example #5
Source File: PermissionServiceDecoratorTest.java From molgenis with GNU Lesser General Public License v3.0 | 6 votes |
@Test void testCreatePermissions() { setSu(); ObjectIdentity objectIdentity = new ObjectIdentityImpl("type", "identifier"); Sid sid = new PrincipalSid("user"); MutableAcl acl = mock(MutableAcl.class); when(acl.getOwner()).thenReturn(sid); when(mutableAclService.readAclById(objectIdentity)).thenReturn(acl); when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("type")); Permission permission = Permission.create(objectIdentity, sid, PermissionSet.WRITE); permissionServiceDecorator.createPermissions(Collections.singleton(permission)); verify(permissionService).createPermissions(Collections.singleton(permission)); resetContext(); }
Example #6
Source File: PermissionServiceDecoratorTest.java From molgenis with GNU Lesser General Public License v3.0 | 6 votes |
@Test void testCreatePermission() { setSu(); ObjectIdentity objectIdentity = new ObjectIdentityImpl("type", "identifier"); Sid sid = new PrincipalSid("user"); MutableAcl acl = mock(MutableAcl.class); when(acl.getOwner()).thenReturn(sid); when(mutableAclService.readAclById(objectIdentity)).thenReturn(acl); Permission permission = Permission.create(objectIdentity, sid, PermissionSet.WRITE); when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("type")); permissionServiceDecorator.createPermission(permission); verify(permissionService).createPermission(permission); resetContext(); }
Example #7
Source File: PermissionsControllerTest.java From molgenis with GNU Lesser General Public License v3.0 | 6 votes |
@BeforeEach private void beforeMethod() { RSQLParser rsqlParser = new RSQLParser(); PermissionsController controller = new PermissionsController( permissionsService, rsqlParser, objectIdentityService, userRoleTools, entityHelper); mockMvc = MockMvcBuilders.standaloneSetup(controller) .setMessageConverters(new FormHttpMessageConverter(), gsonHttpMessageConverter) .build(); user1 = new PrincipalSid("user1"); user2 = new PrincipalSid("user2"); role1 = new GrantedAuthoritySid("ROLE_role1"); role2 = new GrantedAuthoritySid("ROLE_role2"); objectIdentity = new ObjectIdentityImpl("typeId", "identifier"); }
Example #8
Source File: PermissionServiceImplTest.java From molgenis with GNU Lesser General Public License v3.0 | 6 votes |
@Test void testGetAcls() { resetMocks(); when(objectIdentityService.getObjectIdentities("entity-type", 10, 0)) .thenReturn( Arrays.asList( new ObjectIdentityImpl("classId", "test1"), new ObjectIdentityImpl("classId", "test2"))); doReturn("label1").when(entityHelper).getLabel("classId", "test1"); doReturn("label2").when(entityHelper).getLabel("classId", "test2"); assertEquals( new HashSet<>( asList( LabelledObject.create("test2", "label2"), LabelledObject.create("test1", "label1"))), permissionsApiService.getObjects("entity-type", 1, 10)); }
Example #9
Source File: PermissionServiceImplTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testDeletePermission() { Sid sid = mock(Sid.class); MutableAcl acl = mock(MutableAcl.class); AccessControlEntry ace = mock(AccessControlEntry.class); when(acl.getEntries()).thenReturn(singletonList(ace)); ObjectIdentity objectIdentity = new ObjectIdentityImpl("entity-typeId", "identifier"); doReturn(acl).when(mutableAclService).readAclById(objectIdentity, singletonList(sid)); when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("entity-typeId")); when(acl.getObjectIdentity()).thenReturn(objectIdentity); AccessControlEntry ace1 = mock(AccessControlEntry.class); when(ace1.getSid()).thenReturn(sid); when(ace1.getPermission()).thenReturn(COUNT); when(acl.getEntries()).thenReturn(singletonList(ace1)); when(acl.getObjectIdentity()).thenReturn(objectIdentity); doReturn(acl).when(mutableAclService).readAclById(objectIdentity); LinkedHashSet<Sid> sids = new LinkedHashSet<>(); sids.add(sid); when(userRoleTools.sortSids(sids)).thenReturn(new LinkedList<>(sids)); permissionsApiService.deletePermission(sid, objectIdentity); verify(acl).deleteAce(0); verify(mutableAclService).updateAcl(acl); }
Example #10
Source File: EntityHelperTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testCheckEntityExistsFail() { when(dataService.hasEntityType("typeId")).thenReturn(true); when(dataService.getRepository("typeId")).thenReturn(repository); when(repository.findOneById("identifier")).thenReturn(null); assertThrows( UnknownEntityException.class, () -> entityHelper.checkEntityExists(new ObjectIdentityImpl("entity-typeId", "identifier"))); }
Example #11
Source File: EntityHelperTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testCheckEntityExists() { when(dataService.hasEntityType("typeId")).thenReturn(true); when(dataService.getRepository("typeId")).thenReturn(repository); when(repository.findOneById("identifier")).thenReturn(mock(Entity.class)); entityHelper.checkEntityExists(new ObjectIdentityImpl("entity-typeId", "identifier")); }
Example #12
Source File: PermissionServiceImplTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testCreatePermission() { MutableAcl acl = mock(MutableAcl.class); when(mutableAclService.readAclById(new ObjectIdentityImpl("entity-typeId", "identifier"))) .thenReturn(acl); when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("entity-typeId")); Sid role = new GrantedAuthoritySid("ROLE_role"); permissionsApiService.createPermission( Permission.create(new ObjectIdentityImpl("entity-typeId", "identifier"), role, WRITE)); verify(acl).insertAce(0, WRITE, role, true); verify(mutableAclService).updateAcl(acl); }
Example #13
Source File: PermissionServiceImplTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testCreatePermissions() { MutableAcl acl = mock(MutableAcl.class); MutableAcl acl2 = mock(MutableAcl.class); doReturn(acl) .when(mutableAclService) .readAclById(new ObjectIdentityImpl("entity-typeId", "identifier")); doReturn(acl2) .when(mutableAclService) .readAclById(new ObjectIdentityImpl("entity-typeId", "identifier2")); Permission permission1 = Permission.create( new ObjectIdentityImpl("entity-typeId", "identifier"), new GrantedAuthoritySid("ROLE_role"), WRITE); Permission permission2 = Permission.create( new ObjectIdentityImpl("entity-typeId", "identifier2"), new PrincipalSid("user1"), READ); Sid expectedSid = new GrantedAuthoritySid("ROLE_role"); Sid expectedSid2 = new PrincipalSid("user1"); when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("entity-typeId")); permissionsApiService.createPermissions(Sets.newHashSet(permission1, permission2)); verify(acl).insertAce(0, WRITE, expectedSid, true); verify(acl2).insertAce(0, READ, expectedSid2, true); verify(mutableAclService).updateAcl(acl); }
Example #14
Source File: PermissionServiceImplTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testSetPermission() { Sid role = new GrantedAuthoritySid("ROLE_role"); MutableAcl acl = mock(MutableAcl.class); ObjectIdentity objectIdentity = mock(ObjectIdentity.class); when(acl.getObjectIdentity()).thenReturn(objectIdentity); doReturn(acl) .when(mutableAclService) .readAclById(new ObjectIdentityImpl("entity-typeId", "identifier")); when(acl.getObjectIdentity()).thenReturn(objectIdentity); AccessControlEntry ace1 = mock(AccessControlEntry.class); when(ace1.getSid()).thenReturn(role); when(ace1.getPermission()).thenReturn(COUNT); when(acl.getEntries()).thenReturn(singletonList(ace1)); when(entityHelper.getLabelledObjectIdentity(acl.getObjectIdentity())) .thenReturn( LabelledObjectIdentity.create( "entity-typeId", "typeId", "typeLabel", "identifier", "identifierLabel")); when(userRoleTools.sortSids(singleton(role))).thenReturn(new LinkedList(singletonList(role))); when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("entity-typeId")); permissionsApiService.updatePermission( Permission.create(new ObjectIdentityImpl("entity-typeId", "identifier"), role, WRITE)); verify(acl).deleteAce(0); verify(acl).insertAce(1, WRITE, role, true); verify(mutableAclService, times(2)).updateAcl(acl); }
Example #15
Source File: PermissionServiceImplTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testCreateDuplicatePermission() { Sid role = new GrantedAuthoritySid("ROLE_role"); MutableAcl acl = mock(MutableAcl.class); ObjectIdentity objectIdentity = mock(ObjectIdentity.class); when(acl.getObjectIdentity()).thenReturn(objectIdentity); doReturn(acl) .when(mutableAclService) .readAclById(new ObjectIdentityImpl("entity-typeId", "identifier")); when(acl.getObjectIdentity()).thenReturn(objectIdentity); AccessControlEntry ace1 = mock(AccessControlEntry.class); when(ace1.getSid()).thenReturn(role); when(ace1.getPermission()).thenReturn(COUNT); when(acl.getEntries()).thenReturn(singletonList(ace1)); when(entityHelper.getLabelledObjectIdentity(acl.getObjectIdentity())) .thenReturn( LabelledObjectIdentity.create( "entity-typeId", "typeId", "typeLabel", "identifier", "identifierLabel")); when(userRoleTools.sortSids(singleton(role))).thenReturn(new LinkedList(singletonList(role))); when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("entity-typeId")); assertThrows( DuplicatePermissionException.class, () -> permissionsApiService.createPermission( Permission.create( new ObjectIdentityImpl("entity-typeId", "identifier"), role, WRITE))); }
Example #16
Source File: PermissionServiceImplTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testSetPermissions() { Sid sid = new GrantedAuthoritySid("ROLE_role"); MutableAcl acl = mock(MutableAcl.class); ObjectIdentity objectIdentity = new ObjectIdentityImpl("entity-typeId", "identifier"); when(acl.getObjectIdentity()).thenReturn(objectIdentity); doReturn(acl).when(mutableAclService).readAclById(objectIdentity); AccessControlEntry ace1 = mock(AccessControlEntry.class); when(ace1.getSid()).thenReturn(sid); when(ace1.getPermission()).thenReturn(COUNT); when(acl.getEntries()).thenReturn(singletonList(ace1)); when(entityHelper.getLabelledObjectIdentity(acl.getObjectIdentity())) .thenReturn( LabelledObjectIdentity.create( "entity-typeId", "typeId", "typeLabel", "identifier", "identifierLabel")); when(userRoleTools.sortSids(singleton(sid))).thenReturn(new LinkedList(singletonList(sid))); when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("entity-typeId")); permissionsApiService.updatePermissions( singleton(Permission.create(objectIdentity, sid, WRITE))); verify(acl).deleteAce(0); verify(acl).insertAce(1, WRITE, sid, true); verify(mutableAclService, times(2)).updateAcl(acl); }
Example #17
Source File: JpaMutableAclService.java From Spring-Security-Third-Edition with MIT License | 5 votes |
/** * Updates an existing acl_object_identity row, with new information presented in the passed MutableAcl * object. Also will create an acl_sid entry if needed for the Sid that owns the MutableAcl. * * @param acl to modify (a row must already exist in acl_object_identity) * * @throws NotFoundException if the ACL could not be found to update. */ protected void updateObjectIdentity(MutableAcl acl) { AclObjectIdentity parentId = null; if (acl.getParentAcl() != null) { Assert.isInstanceOf(ObjectIdentityImpl.class, acl.getParentAcl().getObjectIdentity(), "Implementation only supports ObjectIdentityImpl"); AclObjectIdentity oii = (AclObjectIdentity) acl.getParentAcl().getObjectIdentity(); parentId = retrieveObjectIdentityPrimaryKey(oii); } Assert.notNull(acl.getOwner(), "Owner is required in this implementation"); AclSid ownerSid = createOrRetrieveSidPrimaryKey(acl.getOwner(), true); //TODO: Fixme: // aclObject.setParentObject(parentId); // aclObject.setOwner(ownerSid); // aclObject.setEntriesInheriting(Boolean.valueOf(acl.isEntriesInheriting())); // // FIXME: This has to occur: // boolean update = aclDao.updateObjectIdentity(aclObject); // if (!update) { // throw new NotFoundException("Unable to locate ACL to update"); // } }
Example #18
Source File: PermissionServiceDecoratorTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testGetPermissionsForObject() { setUser(); ObjectIdentity objectIdentity = new ObjectIdentityImpl("type", "identifier"); Sid sid = new PrincipalSid("user"); permissionServiceDecorator.getPermissionsForObject( objectIdentity, Collections.singleton(sid), true); verify(permissionService) .getPermissionsForObject(objectIdentity, Collections.singleton(sid), true); resetContext(); }
Example #19
Source File: PermissionServiceDecoratorTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testCreateAcl() { setSu(); ObjectIdentity objectIdentity = new ObjectIdentityImpl("type", "identifier"); permissionServiceDecorator.createAcl(objectIdentity); verify(permissionService).createAcl(objectIdentity); resetContext(); }
Example #20
Source File: PermissionServiceDecoratorTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testUpdatePermissions() { setUser(); ObjectIdentity objectIdentity = new ObjectIdentityImpl("type", "identifier"); Sid sid = new PrincipalSid("user"); MutableAcl acl = mock(MutableAcl.class); when(acl.getOwner()).thenReturn(sid); when(mutableAclService.readAclById(objectIdentity)).thenReturn(acl); when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("type")); Permission permission = Permission.create(objectIdentity, sid, PermissionSet.WRITE); permissionServiceDecorator.updatePermissions(Collections.singleton(permission)); verify(permissionService).updatePermissions(Collections.singleton(permission)); resetContext(); }
Example #21
Source File: PermissionServiceDecoratorTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testDeletePermission() { setSu(); ObjectIdentity objectIdentity = new ObjectIdentityImpl("type", "identifier"); Sid sid = new PrincipalSid("user"); MutableAcl acl = mock(MutableAcl.class); when(acl.getOwner()).thenReturn(sid); when(mutableAclService.readAclById(objectIdentity)).thenReturn(acl); when(mutableAclClassService.getAclClassTypes()).thenReturn(singletonList("type")); permissionServiceDecorator.deletePermission(sid, objectIdentity); verify(permissionService).deletePermission(sid, objectIdentity); resetContext(); }
Example #22
Source File: PermissionServiceDecoratorTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testExists() { setUser(); ObjectIdentity objectIdentity = new ObjectIdentityImpl("type", "identifier"); Sid sid = new PrincipalSid("user"); permissionServiceDecorator.exists(objectIdentity, sid); verify(permissionService).exists(objectIdentity, sid); resetContext(); }
Example #23
Source File: PermissionPopulatorTest.java From molgenis with GNU Lesser General Public License v3.0 | 5 votes |
@Test void testPopulate() { ApplicationContext applicationContext = mock(ApplicationContext.class); ObjectIdentity objectIdentity0 = new ObjectIdentityImpl("type", "id0"); PermissionRegistry permissionRegistry0 = mock(PermissionRegistry.class); Multimap<ObjectIdentity, Pair<PermissionSet, Sid>> registry0Permissions = ArrayListMultimap.create(); Sid sid0 = mock(Sid.class); registry0Permissions.put(objectIdentity0, new Pair<>(PermissionSet.COUNT, sid0)); when(permissionRegistry0.getPermissions()).thenReturn(registry0Permissions); ObjectIdentity objectIdentity1 = new ObjectIdentityImpl("type", "id1"); Multimap<ObjectIdentity, Pair<PermissionSet, Sid>> registry1Permissions = ArrayListMultimap.create(); Sid sid1 = mock(Sid.class); registry1Permissions.put(objectIdentity1, new Pair<>(PermissionSet.READ, sid1)); PermissionRegistry permissionRegistry1 = mock(PermissionRegistry.class); when(permissionRegistry1.getPermissions()).thenReturn(registry1Permissions); Map<String, PermissionRegistry> registryMap = new LinkedHashMap<>(); registryMap.put("registry0", permissionRegistry0); registryMap.put("registry1", permissionRegistry1); when(applicationContext.getBeansOfType(PermissionRegistry.class)).thenReturn(registryMap); permissionPopulator.populate(applicationContext); verify(permissionService) .createPermission(Permission.create(objectIdentity0, sid0, PermissionSet.COUNT)); verify(permissionService) .createPermission(Permission.create(objectIdentity1, sid1, PermissionSet.READ)); }
Example #24
Source File: JpaMutableAclService.java From Spring-Security-Third-Edition with MIT License | 5 votes |
/** * Updates an existing acl_object_identity row, with new information presented in the passed MutableAcl * object. Also will create an acl_sid entry if needed for the Sid that owns the MutableAcl. * * @param acl to modify (a row must already exist in acl_object_identity) * * @throws NotFoundException if the ACL could not be found to update. */ protected void updateObjectIdentity(MutableAcl acl) { AclObjectIdentity parentId = null; if (acl.getParentAcl() != null) { Assert.isInstanceOf(ObjectIdentityImpl.class, acl.getParentAcl().getObjectIdentity(), "Implementation only supports ObjectIdentityImpl"); AclObjectIdentity oii = (AclObjectIdentity) acl.getParentAcl().getObjectIdentity(); parentId = retrieveObjectIdentityPrimaryKey(oii); } Assert.notNull(acl.getOwner(), "Owner is required in this implementation"); AclSid ownerSid = createOrRetrieveSidPrimaryKey(acl.getOwner(), true); //TODO: Fixme: // aclObject.setParentObject(parentId); // aclObject.setOwner(ownerSid); // aclObject.setEntriesInheriting(Boolean.valueOf(acl.isEntriesInheriting())); // // FIXME: This has to occur: // boolean update = aclDao.updateObjectIdentity(aclObject); // if (!update) { // throw new NotFoundException("Unable to locate ACL to update"); // } }
Example #25
Source File: JpaMutableAclService.java From Spring-Security-Third-Edition with MIT License | 5 votes |
/** * Creates a new row in acl_entry for every ACE defined in the passed MutableAcl object. * * @param acl containing the ACEs to insert */ protected void createEntries(final MutableAcl acl) { if(acl.getEntries().isEmpty()) { return; } AclImpl aclImpl = (AclImpl)acl; ObjectIdentityImpl objIdentity = (ObjectIdentityImpl) aclImpl.getObjectIdentity(); List<AclEntry> entries = new ArrayList<>(); for(int i=0;i<acl.getEntries().size();i++) { AccessControlEntryImpl entry = (AccessControlEntryImpl) acl.getEntries().get(i); AclEntry aclEntry = new AclEntry(); aclEntry.setAclObjectIdentity(aclDao.getObjectIdentity(objIdentity.getType(), objIdentity.getIdentifier())); aclEntry.setAceOrder(i); PrincipalSid sid = (PrincipalSid) entry.getSid(); AclSid aclSid = aclDao.findAclSid(sid.getPrincipal()); if(aclSid==null) { aclSid = new AclSid(); aclSid.setSid(sid.getPrincipal()); aclSid.setPrincipal(true); aclSid = aclDao.createAclSid(aclSid); } aclEntry.setSid(aclSid); aclEntry.setMask(entry.getPermission().getMask()); aclEntry.setGranting(entry.isGranting()); aclEntry.setAuditSuccess(entry.isAuditSuccess()); aclEntry.setAuditFailure(entry.isAuditFailure()); entries.add(aclEntry); } aclDao.createEntries(entries); }
Example #26
Source File: JpaMutableAclService.java From Spring-Security-Third-Edition with MIT License | 5 votes |
/** * Updates an existing acl_object_identity row, with new information presented in the passed MutableAcl * object. Also will create an acl_sid entry if needed for the Sid that owns the MutableAcl. * * @param acl to modify (a row must already exist in acl_object_identity) * * @throws NotFoundException if the ACL could not be found to update. */ protected void updateObjectIdentity(MutableAcl acl) { AclObjectIdentity parentId = null; if (acl.getParentAcl() != null) { Assert.isInstanceOf(ObjectIdentityImpl.class, acl.getParentAcl().getObjectIdentity(), "Implementation only supports ObjectIdentityImpl"); AclObjectIdentity oii = (AclObjectIdentity) acl.getParentAcl().getObjectIdentity(); parentId = retrieveObjectIdentityPrimaryKey(oii); } Assert.notNull(acl.getOwner(), "Owner is required in this implementation"); AclSid ownerSid = createOrRetrieveSidPrimaryKey(acl.getOwner(), true); //TODO: Fixme: // aclObject.setParentObject(parentId); // aclObject.setOwner(ownerSid); // aclObject.setEntriesInheriting(Boolean.valueOf(acl.isEntriesInheriting())); // // FIXME: This has to occur: // boolean update = aclDao.updateObjectIdentity(aclObject); // if (!update) { // throw new NotFoundException("Unable to locate ACL to update"); // } }
Example #27
Source File: AclService.java From Kylin with Apache License 2.0 | 5 votes |
@Override public List<ObjectIdentity> findChildren(ObjectIdentity parentIdentity) { List<ObjectIdentity> oids = new ArrayList<ObjectIdentity>(); HTableInterface htable = null; try { htable = HBaseConnection.get(hbaseUrl).getTable(aclTableName); Scan scan = new Scan(); SingleColumnValueFilter parentFilter = new SingleColumnValueFilter(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_PARENT_COLUMN), CompareOp.EQUAL, domainObjSerializer.serialize(new DomainObjectInfo(parentIdentity))); parentFilter.setFilterIfMissing(true); scan.setFilter(parentFilter); ResultScanner scanner = htable.getScanner(scan); for (Result result = scanner.next(); result != null; result = scanner.next()) { String id = Bytes.toString(result.getRow()); String type = Bytes.toString(result.getValue(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_TYPE_COLUMN))); oids.add(new ObjectIdentityImpl(type, id)); } } catch (IOException e) { throw new RuntimeException(e.getMessage(), e); } finally { IOUtils.closeQuietly(htable); } return oids; }
Example #28
Source File: AclService.java From Kylin with Apache License 2.0 | 5 votes |
@Override public Map<ObjectIdentity, Acl> readAclsById(List<ObjectIdentity> oids, List<Sid> sids) throws NotFoundException { Map<ObjectIdentity, Acl> aclMaps = new HashMap<ObjectIdentity, Acl>(); HTableInterface htable = null; Result result = null; try { htable = HBaseConnection.get(hbaseUrl).getTable(aclTableName); for (ObjectIdentity oid : oids) { result = htable.get(new Get(Bytes.toBytes(String.valueOf(oid.getIdentifier())))); if (null != result && !result.isEmpty()) { SidInfo owner = sidSerializer.deserialize(result.getValue(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_OWNER_COLUMN))); Sid ownerSid = (null == owner) ? null : (owner.isPrincipal() ? new PrincipalSid(owner.getSid()) : new GrantedAuthoritySid(owner.getSid())); boolean entriesInheriting = Bytes.toBoolean(result.getValue(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_ENTRY_INHERIT_COLUMN))); Acl parentAcl = null; DomainObjectInfo parentInfo = domainObjSerializer.deserialize(result.getValue(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_PARENT_COLUMN))); if (null != parentInfo) { ObjectIdentity parentObj = new ObjectIdentityImpl(parentInfo.getType(), parentInfo.getId()); parentAcl = readAclById(parentObj, null); } AclImpl acl = new AclImpl(oid, oid.getIdentifier(), aclAuthorizationStrategy, permissionGrantingStrategy, parentAcl, null, entriesInheriting, ownerSid); genAces(sids, result, acl); aclMaps.put(oid, acl); } else { throw new NotFoundException("Unable to find ACL information for object identity '" + oid + "'"); } } } catch (IOException e) { throw new RuntimeException(e.getMessage(), e); } finally { IOUtils.closeQuietly(htable); } return aclMaps; }
Example #29
Source File: AccessService.java From Kylin with Apache License 2.0 | 5 votes |
@Transactional @PreAuthorize(Constant.ACCESS_HAS_ROLE_ADMIN + " or hasPermission(#ae, 'ADMINISTRATION')") public Acl update(AclEntity ae, Long accessEntryId, Permission newPermission) { Assert.notNull(ae, "Acl domain object required"); Assert.notNull(accessEntryId, "Ace id required"); Assert.notNull(newPermission, "Acl permission required"); ObjectIdentity objectIdentity = new ObjectIdentityImpl(ae.getClass(), ae.getId()); MutableAcl acl = (MutableAcl) aclService.readAclById(objectIdentity); int indexOfAce = -1; for (int i = 0; i < acl.getEntries().size(); i++) { AccessControlEntry ace = acl.getEntries().get(i); if (ace.getId().equals(accessEntryId)) { indexOfAce = i; break; } } if (indexOfAce != -1) { secureOwner(acl, indexOfAce); try { acl.updateAce(indexOfAce, newPermission); acl = aclService.updateAcl(acl); } catch (NotFoundException e) { } } return acl; }
Example #30
Source File: AccessService.java From Kylin with Apache License 2.0 | 5 votes |
@Transactional @PreAuthorize(Constant.ACCESS_HAS_ROLE_ADMIN + " or hasPermission(#ae, 'ADMINISTRATION')") public Acl revoke(AclEntity ae, Long accessEntryId) { Assert.notNull(ae, "Acl domain object required"); Assert.notNull(accessEntryId, "Ace id required"); ObjectIdentity objectIdentity = new ObjectIdentityImpl(ae.getClass(), ae.getId()); MutableAcl acl = (MutableAcl) aclService.readAclById(objectIdentity); int indexOfAce = -1; for (int i = 0; i < acl.getEntries().size(); i++) { AccessControlEntry ace = acl.getEntries().get(i); if (((Long) ace.getId()).equals(accessEntryId)) { indexOfAce = i; break; } } if (indexOfAce != -1) { secureOwner(acl, indexOfAce); try { acl.deleteAce(indexOfAce); acl = aclService.updateAcl(acl); } catch (NotFoundException e) { } } return acl; }