org.springframework.security.acls.domain.AclImpl Java Examples
The following examples show how to use
org.springframework.security.acls.domain.AclImpl.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: OwnershipDecoratorTest.java From molgenis with GNU Lesser General Public License v3.0 | 6 votes |
|
@Test
void testAdd() {
EntityIdentity entityIdentity = new EntityIdentity("MyQuestionnaire", "id");
when(entity.getString("owner")).thenReturn("username");
when(entity.getIdValue()).thenReturn("id");
when(entity.getEntityType()).thenReturn(entityType);
when(entityType.getId()).thenReturn("MyQuestionnaire");
AclImpl acl = new AclImpl(entityIdentity, 1, authorizationStrategy, auditLogger);
acl.insertAce(0, PermissionSet.WRITE, new PrincipalSid("otheruser"), true);
when(mutableAclService.readAclById(entityIdentity)).thenReturn(acl);
ownershipDecorator.add(entity);
verify(delegate).add(entity);
verify(mutableAclService).updateAcl(acl);
PrincipalSid ownerSid = new PrincipalSid("username");
assertEquals(ownerSid, acl.getOwner());
assertEquals(1, acl.getEntries().size());
AccessControlEntry ace = acl.getEntries().get(0);
assertEquals(ownerSid, ace.getSid());
assertEquals(WRITE, ace.getPermission());
assertTrue(ace.isGranting());
}
Example #2
| Source File: OwnershipDecoratorTest.java From molgenis with GNU Lesser General Public License v3.0 | 6 votes |
|
@Test
void testAddStream() {
EntityIdentity entityIdentity = new EntityIdentity("MyQuestionnaire", "id");
when(entity.getString("owner")).thenReturn("username");
when(entity.getIdValue()).thenReturn("id");
when(entity.getEntityType()).thenReturn(entityType);
when(entityType.getId()).thenReturn("MyQuestionnaire");
AclImpl acl = new AclImpl(entityIdentity, 1, authorizationStrategy, auditLogger);
acl.insertAce(0, PermissionSet.WRITE, new PrincipalSid("otheruser"), true);
when(mutableAclService.readAclById(entityIdentity)).thenReturn(acl);
ownershipDecorator.add(Stream.of(entity));
verify(delegate).add(streamCaptor.capture());
assertEquals(singletonList(entity), streamCaptor.getValue().collect(toList()));
verify(mutableAclService).updateAcl(acl);
PrincipalSid ownerSid = new PrincipalSid("username");
assertEquals(ownerSid, acl.getOwner());
assertEquals(1, acl.getEntries().size());
AccessControlEntry ace = acl.getEntries().get(0);
assertEquals(ownerSid, ace.getSid());
assertEquals(WRITE, ace.getPermission());
assertTrue(ace.isGranting());
}
Example #3
| Source File: JpaMutableAclService.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
/**
* Creates a new row in acl_entry for every ACE defined in the passed MutableAcl object.
*
* @param acl containing the ACEs to insert
*/
protected void createEntries(final MutableAcl acl) {
if(acl.getEntries().isEmpty()) {
return;
}
AclImpl aclImpl = (AclImpl)acl;
ObjectIdentityImpl objIdentity = (ObjectIdentityImpl) aclImpl.getObjectIdentity();
List<AclEntry> entries = new ArrayList<>();
for(int i=0;i<acl.getEntries().size();i++) {
AccessControlEntryImpl entry = (AccessControlEntryImpl) acl.getEntries().get(i);
AclEntry aclEntry = new AclEntry();
aclEntry.setAclObjectIdentity(aclDao.getObjectIdentity(objIdentity.getType(), objIdentity.getIdentifier()));
aclEntry.setAceOrder(i);
PrincipalSid sid = (PrincipalSid) entry.getSid();
AclSid aclSid = aclDao.findAclSid(sid.getPrincipal());
if(aclSid==null) {
aclSid = new AclSid();
aclSid.setSid(sid.getPrincipal());
aclSid.setPrincipal(true);
aclSid = aclDao.createAclSid(aclSid);
}
aclEntry.setSid(aclSid);
aclEntry.setMask(entry.getPermission().getMask());
aclEntry.setGranting(entry.isGranting());
aclEntry.setAuditSuccess(entry.isAuditSuccess());
aclEntry.setAuditFailure(entry.isAuditFailure());
entries.add(aclEntry);
}
aclDao.createEntries(entries);
}
Example #4
| Source File: JpaMutableAclService.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
/**
* Creates a new row in acl_entry for every ACE defined in the passed MutableAcl object.
*
* @param acl containing the ACEs to insert
*/
protected void createEntries(final MutableAcl acl) {
if(acl.getEntries().isEmpty()) {
return;
}
AclImpl aclImpl = (AclImpl)acl;
ObjectIdentityImpl objIdentity = (ObjectIdentityImpl) aclImpl.getObjectIdentity();
List<AclEntry> entries = new ArrayList<>();
for(int i=0;i<acl.getEntries().size();i++) {
AccessControlEntryImpl entry = (AccessControlEntryImpl) acl.getEntries().get(i);
AclEntry aclEntry = new AclEntry();
aclEntry.setAclObjectIdentity(aclDao.getObjectIdentity(objIdentity.getType(), objIdentity.getIdentifier()));
aclEntry.setAceOrder(i);
PrincipalSid sid = (PrincipalSid) entry.getSid();
AclSid aclSid = aclDao.findAclSid(sid.getPrincipal());
if(aclSid==null) {
aclSid = new AclSid();
aclSid.setSid(sid.getPrincipal());
aclSid.setPrincipal(true);
aclSid = aclDao.createAclSid(aclSid);
}
aclEntry.setSid(aclSid);
aclEntry.setMask(entry.getPermission().getMask());
aclEntry.setGranting(entry.isGranting());
aclEntry.setAuditSuccess(entry.isAuditSuccess());
aclEntry.setAuditFailure(entry.isAuditFailure());
entries.add(aclEntry);
}
aclDao.createEntries(entries);
}
Example #5
| Source File: JpaMutableAclService.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
/**
* Creates a new row in acl_entry for every ACE defined in the passed MutableAcl object.
*
* @param acl containing the ACEs to insert
*/
protected void createEntries(final MutableAcl acl) {
if(acl.getEntries().isEmpty()) {
return;
}
AclImpl aclImpl = (AclImpl)acl;
ObjectIdentityImpl objIdentity = (ObjectIdentityImpl) aclImpl.getObjectIdentity();
List<AclEntry> entries = new ArrayList<>();
for(int i=0;i<acl.getEntries().size();i++) {
AccessControlEntryImpl entry = (AccessControlEntryImpl) acl.getEntries().get(i);
AclEntry aclEntry = new AclEntry();
aclEntry.setAclObjectIdentity(aclDao.getObjectIdentity(objIdentity.getType(), objIdentity.getIdentifier()));
aclEntry.setAceOrder(i);
PrincipalSid sid = (PrincipalSid) entry.getSid();
AclSid aclSid = aclDao.findAclSid(sid.getPrincipal());
if(aclSid==null) {
aclSid = new AclSid();
aclSid.setSid(sid.getPrincipal());
aclSid.setPrincipal(true);
aclSid = aclDao.createAclSid(aclSid);
}
aclEntry.setSid(aclSid);
aclEntry.setMask(entry.getPermission().getMask());
aclEntry.setGranting(entry.isGranting());
aclEntry.setAuditSuccess(entry.isAuditSuccess());
aclEntry.setAuditFailure(entry.isAuditFailure());
entries.add(aclEntry);
}
aclDao.createEntries(entries);
}
Example #6
| Source File: JpaMutableAclService.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
/**
* Creates a new row in acl_entry for every ACE defined in the passed MutableAcl object.
*
* @param acl containing the ACEs to insert
*/
protected void createEntries(final MutableAcl acl) {
if(acl.getEntries().isEmpty()) {
return;
}
AclImpl aclImpl = (AclImpl)acl;
ObjectIdentityImpl objIdentity = (ObjectIdentityImpl) aclImpl.getObjectIdentity();
List<AclEntry> entries = new ArrayList<>();
for(int i=0;i<acl.getEntries().size();i++) {
AccessControlEntryImpl entry = (AccessControlEntryImpl) acl.getEntries().get(i);
AclEntry aclEntry = new AclEntry();
aclEntry.setAclObjectIdentity(aclDao.getObjectIdentity(objIdentity.getType(), objIdentity.getIdentifier()));
aclEntry.setAceOrder(i);
PrincipalSid sid = (PrincipalSid) entry.getSid();
AclSid aclSid = aclDao.findAclSid(sid.getPrincipal());
if(aclSid==null) {
aclSid = new AclSid();
aclSid.setSid(sid.getPrincipal());
aclSid.setPrincipal(true);
aclSid = aclDao.createAclSid(aclSid);
}
aclEntry.setSid(aclSid);
aclEntry.setMask(entry.getPermission().getMask());
aclEntry.setGranting(entry.isGranting());
aclEntry.setAuditSuccess(entry.isAuditSuccess());
aclEntry.setAuditFailure(entry.isAuditFailure());
entries.add(aclEntry);
}
aclDao.createEntries(entries);
}
Example #7
| Source File: JpaMutableAclService.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
/**
* Creates a new row in acl_entry for every ACE defined in the passed MutableAcl object.
*
* @param acl containing the ACEs to insert
*/
protected void createEntries(final MutableAcl acl) {
if(acl.getEntries().isEmpty()) {
return;
}
AclImpl aclImpl = (AclImpl)acl;
ObjectIdentityImpl objIdentity = (ObjectIdentityImpl) aclImpl.getObjectIdentity();
List<AclEntry> entries = new ArrayList<>();
for(int i=0;i<acl.getEntries().size();i++) {
AccessControlEntryImpl entry = (AccessControlEntryImpl) acl.getEntries().get(i);
AclEntry aclEntry = new AclEntry();
aclEntry.setAclObjectIdentity(aclDao.getObjectIdentity(objIdentity.getType(), objIdentity.getIdentifier()));
aclEntry.setAceOrder(i);
PrincipalSid sid = (PrincipalSid) entry.getSid();
AclSid aclSid = aclDao.findAclSid(sid.getPrincipal());
if(aclSid==null) {
aclSid = new AclSid();
aclSid.setSid(sid.getPrincipal());
aclSid.setPrincipal(true);
aclSid = aclDao.createAclSid(aclSid);
}
aclEntry.setSid(aclSid);
aclEntry.setMask(entry.getPermission().getMask());
aclEntry.setGranting(entry.isGranting());
aclEntry.setAuditSuccess(entry.isAuditSuccess());
aclEntry.setAuditFailure(entry.isAuditFailure());
entries.add(aclEntry);
}
aclDao.createEntries(entries);
}
Example #8
| Source File: AclService.java From Kylin with Apache License 2.0 | 5 votes |
|
@Override
public Map<ObjectIdentity, Acl> readAclsById(List<ObjectIdentity> oids, List<Sid> sids) throws NotFoundException {
Map<ObjectIdentity, Acl> aclMaps = new HashMap<ObjectIdentity, Acl>();
HTableInterface htable = null;
Result result = null;
try {
htable = HBaseConnection.get(hbaseUrl).getTable(aclTableName);
for (ObjectIdentity oid : oids) {
result = htable.get(new Get(Bytes.toBytes(String.valueOf(oid.getIdentifier()))));
if (null != result && !result.isEmpty()) {
SidInfo owner = sidSerializer.deserialize(result.getValue(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_OWNER_COLUMN)));
Sid ownerSid = (null == owner) ? null : (owner.isPrincipal() ? new PrincipalSid(owner.getSid()) : new GrantedAuthoritySid(owner.getSid()));
boolean entriesInheriting = Bytes.toBoolean(result.getValue(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_ENTRY_INHERIT_COLUMN)));
Acl parentAcl = null;
DomainObjectInfo parentInfo = domainObjSerializer.deserialize(result.getValue(Bytes.toBytes(ACL_INFO_FAMILY), Bytes.toBytes(ACL_INFO_FAMILY_PARENT_COLUMN)));
if (null != parentInfo) {
ObjectIdentity parentObj = new ObjectIdentityImpl(parentInfo.getType(), parentInfo.getId());
parentAcl = readAclById(parentObj, null);
}
AclImpl acl = new AclImpl(oid, oid.getIdentifier(), aclAuthorizationStrategy, permissionGrantingStrategy, parentAcl, null, entriesInheriting, ownerSid);
genAces(sids, result, acl);
aclMaps.put(oid, acl);
} else {
throw new NotFoundException("Unable to find ACL information for object identity '" + oid + "'");
}
}
} catch (IOException e) {
throw new RuntimeException(e.getMessage(), e);
} finally {
IOUtils.closeQuietly(htable);
}
return aclMaps;
}
Example #9
| Source File: AclService.java From Kylin with Apache License 2.0 | 5 votes |
|
private void setAces(AclImpl acl, List<AccessControlEntry> aces) {
try {
fieldAces.set(acl, aces);
} catch (IllegalAccessException e) {
throw new IllegalStateException("Could not set AclImpl entries", e);
}
}
