org.nuxeo.ecm.core.api.security.ACL.add()方法的使用及代码示例

x33g5p2x  于2022-01-16 转载在 其他  
字(10.5k)|赞(0)|评价(0)|浏览(113)

本文整理了Java中org.nuxeo.ecm.core.api.security.ACL.add()方法的一些代码示例,展示了ACL.add()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。ACL.add()方法的具体详情如下:
包路径:org.nuxeo.ecm.core.api.security.ACL
类名称:ACL
方法名:add

ACL.add介绍

暂无

代码示例

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api

@Override
public boolean addACE(String aclName, ACE ace) {
  if (aclName == null) {
    throw new NullPointerException("'aclName' cannot be null");
  }
  ACL acl = getOrCreateACL(aclName);
  boolean aclChanged = acl.add(ace);
  if (aclChanged) {
    addACL(acl);
  }
  return aclChanged;
}

代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-automation

/**
 * Gets default local ACL, i.e. when inheritance
 * is blocked.
 * 
 * @return default local ACL
 */
public static ACL buildDefaultLocalACL(CoreSession session, DocumentModel document) {
  ACL acl = new ACLImpl();
  String currentUser = session.getPrincipal().getName();
  acl.add(new ACE(currentUser, SecurityConstants.EVERYTHING));
  // acl.addAll(ACEsOperationHelper.getAdminEverythingACEs());
  acl.addAll(getMasterOwnerACEs(session, document));
  return acl;
}

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api

public void addAccessRule(String aclName, ACE ace) {
  ACL acl = getACL(aclName);
  if (acl == null) {
    acl = new ACLImpl(aclName);
    addACL(acl);
  }
  acl.add(ace);
}

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api

@Override
public void setRules(String aclName, UserEntry[] userEntries, boolean overwrite) {
  ACL acl = getACL(aclName);
  if (acl == null) { // create the loca ACL
    acl = new ACLImpl(aclName);
    addACL(acl);
  } else if (overwrite) {
    // :XXX: Should not overwrite entries not given as parameters here.
    acl.clear();
  }
  for (UserEntry entry : userEntries) {
    String username = entry.getUserName();
    for (String permission : entry.getGrantedPermissions()) {
      acl.add(new ACE(username, permission, true));
    }
    for (String permission : entry.getDeniedPermissions()) {
      acl.add(new ACE(username, permission, false));
    }
  }
  cache.clear();
}

代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-automation

/**
 * Add ACEs on ACL.
 * 
 * @param acl
 * @param aces
 * @return modifed ACL
 */
@Override
protected ACL modifyACEs(ACL acl, List<ACE> aces) {
  // Add:
  // If inheritance id blocked, add before block
  ACE blockInhACe = ACEsOperationHelper.getBlockInheritanceACe();
  int blockInhPos = acl.indexOf(blockInhACe);
  for (ACE aceToAdd : aces) {
    if (!acl.contains(aceToAdd)) {
      if (blockInhPos != -1) {
        acl.add(blockInhPos, aceToAdd);
      } else {
        acl.add(aceToAdd);
      }
    }
  }
  return acl;
}

代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-automation

/**
 * Blocks inheritance and set default rule.
 * 
 * @param session
 * @param document
 * @return acl
 */
protected ACL blockLocalACLIfNecessary(CoreSession session, DocumentModel document, ACL localAcl) {
  // Block ACL
  ACE blockInhACe = ACEsOperationHelper.getBlockInheritanceACe();
  if (!localAcl.contains(blockInhACe)) {
    // Add default rule
    ACL defaultLocalACL = ACEsOperationHelper.buildDefaultLocalACL(session, document);
    for(ACE ace : defaultLocalACL){
      if(!localAcl.contains(ace)){
        localAcl.add(ace);
      }
    }
    // Blocks
    localAcl.add(blockInhACe);
  }
  return localAcl;
}

代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-platform-publisher-task

@Override
public void run() {
  ACP acp = session.getACP(ref);
  ACL acl = acp.getOrCreateACL(aclName);
  acl.clear();
  for (String validator : validators) {
    acl.add(new ACE(validator, SecurityConstants.READ));
    acl.add(new ACE(validator, SecurityConstants.WRITE));
  }
  // Give View permission to the user who submitted for publishing.
  acl.add(new ACE(principal.getName(), SecurityConstants.READ));
  // Allow administrators too.
  UserManager userManager = Framework.getService(UserManager.class);
  for (String group : userManager.getAdministratorsGroups()) {
    acl.add(new ACE(group, SecurityConstants.EVERYTHING));
  }
  // Deny everyone else.
  acl.add(ACE.BLOCK);
  session.setACP(ref, acp, true);
  session.save();
}

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-test

@Override
public void populate(CoreSession session) {
  super.populate(session);
  DocumentModel test = session.getDocument(new PathRef(ROOT));
  ACP acp = new ACPImpl();
  ACL acl = new ACLImpl();
  acl.add(new ACE("Administrator", "Everything", true));
  acl.add(new ACE(USERNAME, "WriteProperties", true));
  acl.add(new ACE(USERNAME, "Read", true));
  acp.addACL(acl);
  test.setACP(acp, false);
  createChildren(session, test, SIZE);
}

代码示例来源:origin: org.nuxeo.ecm.routing/nuxeo-routing-core

@Override
  public void run() {
    DocumentModel doc = session.getDocument(ref);
    ACP acp = new ACPImpl();
    // add new ACL to set READ permission to everyone
    ACL routingACL = acp.getOrCreateACL(DocumentRoutingConstants.DOCUMENT_ROUTING_ACL);
    routingACL.add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.READ, true));
    // block rights inheritance
    ACL localACL = acp.getOrCreateACL(ACL.LOCAL_ACL);
    localACL.add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false));
    doc.setACP(acp, true);
    session.saveDocument(doc);
  }
}

代码示例来源:origin: org.nuxeo.ecm.routing/nuxeo-routing-core

protected void setPermissionOnDocument(CoreSession session, String userOrGroup, String permission) {
  ACP acp = document.getACP();
  ACL routingACL = acp.getOrCreateACL(DocumentRoutingConstants.DOCUMENT_ROUTING_ACL);
  routingACL.add(new ACE(userOrGroup, permission, true));
  document.setACP(acp, true);
  session.saveDocument(document);
}

代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-core

if (filter == null || filter.accept(ace)) {
  res.add(ace);

代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-apidoc-core

@Override
public void run() {
  DocumentModel root = session.createDocumentModel(Root_PATH, Root_NAME, "Folder");
  root.setProperty("dublincore", "title", Root_NAME);
  root = session.createDocument(root);
  ACL acl = new ACLImpl();
  acl.add(new ACE(Write_Grp, "Write", true));
  acl.add(new ACE(Read_Grp, "Read", true));
  ACP acp = root.getACP();
  acp.addACL(acl);
  session.setACP(root.getRef(), acp, true);
  rootRef = root.getRef();
  // flush caches
  session.save();
}

代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-apidoc-core

@Override
public void run() {
  DocumentModel root = session.createDocumentModel(parentPath, name, "Workspace");
  root.setProperty("dublincore", "title", name);
  root = session.createDocument(root);
  if (setAcl) {
    ACL acl = new ACLImpl();
    acl.add(new ACE(Write_Grp, "Write", true));
    acl.add(new ACE(Read_Grp, "Read", true));
    ACP acp = root.getACP();
    acp.addACL(acl);
    session.setACP(root.getRef(), acp, true);
  }
  rootRef = root.getRef();
  // flush caches
  session.save();
}

代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-platform-content-template-manager

protected void setAcl(List<ACEDescriptor> aces, DocumentRef ref) {
  if (aces != null && !aces.isEmpty()) {
    ACP acp = session.getACP(ref);
    ACL existingACL = acp.getOrCreateACL();
    // clean any existing ACL (should a merge strategy be adopted
    // instead?)
    existingACL.clear();
    // add the the ACL defined in the descriptor
    for (ACEDescriptor ace : aces) {
      existingACL.add(new ACE(ace.getPrincipal(), ace.getPermission(), ace.getGranted()));
    }
    // read the acl to invalidate the ACPImpl cache
    acp.addACL(existingACL);
    session.setACP(ref, acp, true);
  }
}

代码示例来源:origin: org.nuxeo.ecm.routing/nuxeo-routing-core

@Override
public void run() {
  for (DocumentModel doc : docs) {
    ACP acp = doc.getACP();
    acp.removeACL(aclName);
    ACL acl = new ACLImpl(aclName);
    for (String actorId : actorIds) {
      acl.add(ACE.builder(actorId, permission).creator(ACTOR_ACE_CREATOR).build());
    }
    acp.addACL(0, acl); // add first to get before blocks
    doc.setACP(acp, true);
    session.saveDocument(doc);
  }
}

代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-storage-sql

protected static ACP aclRowsToACP(ACLRow[] acls) {
  ACP acp = new ACPImpl();
  ACL acl = null;
  String name = null;
  for (ACLRow aclrow : acls) {
    if (!aclrow.name.equals(name)) {
      if (acl != null) {
        acp.addACL(acl);
      }
      name = aclrow.name;
      acl = new ACLImpl(name);
    }
    // XXX should prefix user/group
    String user = aclrow.user;
    if (user == null) {
      user = aclrow.group;
    }
    acl.add(ACE.builder(user, aclrow.permission)
          .isGranted(aclrow.grant)
          .creator(aclrow.creator)
          .begin(aclrow.begin)
          .end(aclrow.end)
          .build());
  }
  if (acl != null) {
    acp.addACL(acl);
  }
  return acp;
}

代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-user-profile

@Override
public void run() {
  String query = "select * from " + USER_PROFILE_DOCTYPE + " where ecm:parentId='" + userWorkspace.getId()
      + "' " + " AND ecm:isProxy = 0 "
      + " AND ecm:isVersion = 0 AND ecm:isTrashed = 0";
  DocumentModelList children = session.query(query);
  if (!children.isEmpty()) {
    userProfileDocRef = children.get(0).getRef();
  } else {
    DocumentModel userProfileDoc = session.createDocumentModel(userWorkspace.getPathAsString(),
        String.valueOf(System.currentTimeMillis()), USER_PROFILE_DOCTYPE);
    userProfileDoc = session.createDocument(userProfileDoc);
    userProfileDocRef = userProfileDoc.getRef();
    ACP acp = session.getACP(userProfileDocRef);
    ACL acl = acp.getOrCreateACL();
    acl.add(new ACE(EVERYONE, READ, true));
    acp.addACL(acl);
    session.setACP(userProfileDocRef, acp, true);
    session.save();
  }
}

代码示例来源:origin: org.nuxeo.ecm.routing/nuxeo-routing-core

/**
 * Create the rootModels under to root document. Grant READ to everyone on the root models ; workflow availability
 * is specified on each route
 *
 * @param routeStructureDocType
 * @param id
 * @param session
 * @return
 */
protected DocumentModel createModelsRoutesStructure(String routeStructureDocType, String id, CoreSession session)
    {
  DocumentModel rootModels = session.createDocumentModel("/", id, routeStructureDocType);
  rootModels.setPropertyValue(DC_TITLE, routeStructureDocType);
  rootModels = session.createDocument(rootModels);
  ACP acp = session.getACP(rootModels.getRef());
  ACL acl = acp.getOrCreateACL(ACL.LOCAL_ACL);
  acl.add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.READ, true));
  session.setACP(rootModels.getRef(), acp, true);
  return rootModels;
}

代码示例来源:origin: org.nuxeo.ecm.routing/nuxeo-routing-core

@Override
public void handleEvent(Event event) {
  DocumentEventContext docCtx = (DocumentEventContext) event.getContext();
  DocumentRoute route = (DocumentRoute) docCtx.getProperty(DocumentRoutingConstants.DOCUMENT_ELEMENT_EVENT_CONTEXT_KEY);
  String initiator = (String) docCtx.getProperty(DocumentRoutingConstants.INITIATOR_EVENT_CONTEXT_KEY);
  CoreSession session = docCtx.getCoreSession();
  // initiator is a step validator
  route.setCanValidateStep(session, initiator);
  // initiator can see the route
  ACP acp = route.getDocument().getACP();
  ACL acl = acp.getOrCreateACL(DocumentRoutingConstants.DOCUMENT_ROUTING_ACL);
  acl.add(new ACE(initiator, SecurityConstants.READ, true));
  session.setACP(route.getDocument().getRef(), acp, true);
}

代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-platform-task-core

@Override
public void run() {
  DocumentRef pathRef = new PathRef(parentPath);
  if (session.exists(pathRef)) {
    taskRootDoc = session.getDocument(pathRef);
  } else {
    Path path = new Path(parentPath);
    taskRootDoc = session.createDocumentModel(path.removeLastSegments(1).toString(), path.lastSegment(),
        TaskConstants.TASK_ROOT_TYPE_NAME);
    taskRootDoc = session.createDocument(taskRootDoc);
    ACP acp = taskRootDoc.getACP();
    ACL acl = acp.getOrCreateACL(ACL.LOCAL_ACL);
    acl.add(new ACE("Everyone", "Everything", false));
    taskRootDoc.setACP(acp, true);
    taskRootDoc = session.saveDocument(taskRootDoc);
  }
}

相关文章