本文整理了Java中org.nuxeo.ecm.core.api.security.ACL.add()
方法的一些代码示例,展示了ACL.add()
的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。ACL.add()
方法的具体详情如下:
包路径:org.nuxeo.ecm.core.api.security.ACL
类名称:ACL
方法名:add
暂无
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api
@Override
public boolean addACE(String aclName, ACE ace) {
if (aclName == null) {
throw new NullPointerException("'aclName' cannot be null");
}
ACL acl = getOrCreateACL(aclName);
boolean aclChanged = acl.add(ace);
if (aclChanged) {
addACL(acl);
}
return aclChanged;
}
代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-automation
/**
* Gets default local ACL, i.e. when inheritance
* is blocked.
*
* @return default local ACL
*/
public static ACL buildDefaultLocalACL(CoreSession session, DocumentModel document) {
ACL acl = new ACLImpl();
String currentUser = session.getPrincipal().getName();
acl.add(new ACE(currentUser, SecurityConstants.EVERYTHING));
// acl.addAll(ACEsOperationHelper.getAdminEverythingACEs());
acl.addAll(getMasterOwnerACEs(session, document));
return acl;
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api
public void addAccessRule(String aclName, ACE ace) {
ACL acl = getACL(aclName);
if (acl == null) {
acl = new ACLImpl(aclName);
addACL(acl);
}
acl.add(ace);
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-api
@Override
public void setRules(String aclName, UserEntry[] userEntries, boolean overwrite) {
ACL acl = getACL(aclName);
if (acl == null) { // create the loca ACL
acl = new ACLImpl(aclName);
addACL(acl);
} else if (overwrite) {
// :XXX: Should not overwrite entries not given as parameters here.
acl.clear();
}
for (UserEntry entry : userEntries) {
String username = entry.getUserName();
for (String permission : entry.getGrantedPermissions()) {
acl.add(new ACE(username, permission, true));
}
for (String permission : entry.getDeniedPermissions()) {
acl.add(new ACE(username, permission, false));
}
}
cache.clear();
}
代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-automation
/**
* Add ACEs on ACL.
*
* @param acl
* @param aces
* @return modifed ACL
*/
@Override
protected ACL modifyACEs(ACL acl, List<ACE> aces) {
// Add:
// If inheritance id blocked, add before block
ACE blockInhACe = ACEsOperationHelper.getBlockInheritanceACe();
int blockInhPos = acl.indexOf(blockInhACe);
for (ACE aceToAdd : aces) {
if (!acl.contains(aceToAdd)) {
if (blockInhPos != -1) {
acl.add(blockInhPos, aceToAdd);
} else {
acl.add(aceToAdd);
}
}
}
return acl;
}
代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-automation
/**
* Blocks inheritance and set default rule.
*
* @param session
* @param document
* @return acl
*/
protected ACL blockLocalACLIfNecessary(CoreSession session, DocumentModel document, ACL localAcl) {
// Block ACL
ACE blockInhACe = ACEsOperationHelper.getBlockInheritanceACe();
if (!localAcl.contains(blockInhACe)) {
// Add default rule
ACL defaultLocalACL = ACEsOperationHelper.buildDefaultLocalACL(session, document);
for(ACE ace : defaultLocalACL){
if(!localAcl.contains(ace)){
localAcl.add(ace);
}
}
// Blocks
localAcl.add(blockInhACe);
}
return localAcl;
}
代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-platform-publisher-task
@Override
public void run() {
ACP acp = session.getACP(ref);
ACL acl = acp.getOrCreateACL(aclName);
acl.clear();
for (String validator : validators) {
acl.add(new ACE(validator, SecurityConstants.READ));
acl.add(new ACE(validator, SecurityConstants.WRITE));
}
// Give View permission to the user who submitted for publishing.
acl.add(new ACE(principal.getName(), SecurityConstants.READ));
// Allow administrators too.
UserManager userManager = Framework.getService(UserManager.class);
for (String group : userManager.getAdministratorsGroups()) {
acl.add(new ACE(group, SecurityConstants.EVERYTHING));
}
// Deny everyone else.
acl.add(ACE.BLOCK);
session.setACP(ref, acp, true);
session.save();
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-test
@Override
public void populate(CoreSession session) {
super.populate(session);
DocumentModel test = session.getDocument(new PathRef(ROOT));
ACP acp = new ACPImpl();
ACL acl = new ACLImpl();
acl.add(new ACE("Administrator", "Everything", true));
acl.add(new ACE(USERNAME, "WriteProperties", true));
acl.add(new ACE(USERNAME, "Read", true));
acp.addACL(acl);
test.setACP(acp, false);
createChildren(session, test, SIZE);
}
代码示例来源:origin: org.nuxeo.ecm.routing/nuxeo-routing-core
@Override
public void run() {
DocumentModel doc = session.getDocument(ref);
ACP acp = new ACPImpl();
// add new ACL to set READ permission to everyone
ACL routingACL = acp.getOrCreateACL(DocumentRoutingConstants.DOCUMENT_ROUTING_ACL);
routingACL.add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.READ, true));
// block rights inheritance
ACL localACL = acp.getOrCreateACL(ACL.LOCAL_ACL);
localACL.add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false));
doc.setACP(acp, true);
session.saveDocument(doc);
}
}
代码示例来源:origin: org.nuxeo.ecm.routing/nuxeo-routing-core
protected void setPermissionOnDocument(CoreSession session, String userOrGroup, String permission) {
ACP acp = document.getACP();
ACL routingACL = acp.getOrCreateACL(DocumentRoutingConstants.DOCUMENT_ROUTING_ACL);
routingACL.add(new ACE(userOrGroup, permission, true));
document.setACP(acp, true);
session.saveDocument(document);
}
代码示例来源:origin: opentoutatice-ecm.platform/opentoutatice-ecm-platform-core
if (filter == null || filter.accept(ace)) {
res.add(ace);
代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-apidoc-core
@Override
public void run() {
DocumentModel root = session.createDocumentModel(Root_PATH, Root_NAME, "Folder");
root.setProperty("dublincore", "title", Root_NAME);
root = session.createDocument(root);
ACL acl = new ACLImpl();
acl.add(new ACE(Write_Grp, "Write", true));
acl.add(new ACE(Read_Grp, "Read", true));
ACP acp = root.getACP();
acp.addACL(acl);
session.setACP(root.getRef(), acp, true);
rootRef = root.getRef();
// flush caches
session.save();
}
代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-apidoc-core
@Override
public void run() {
DocumentModel root = session.createDocumentModel(parentPath, name, "Workspace");
root.setProperty("dublincore", "title", name);
root = session.createDocument(root);
if (setAcl) {
ACL acl = new ACLImpl();
acl.add(new ACE(Write_Grp, "Write", true));
acl.add(new ACE(Read_Grp, "Read", true));
ACP acp = root.getACP();
acp.addACL(acl);
session.setACP(root.getRef(), acp, true);
}
rootRef = root.getRef();
// flush caches
session.save();
}
代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-platform-content-template-manager
protected void setAcl(List<ACEDescriptor> aces, DocumentRef ref) {
if (aces != null && !aces.isEmpty()) {
ACP acp = session.getACP(ref);
ACL existingACL = acp.getOrCreateACL();
// clean any existing ACL (should a merge strategy be adopted
// instead?)
existingACL.clear();
// add the the ACL defined in the descriptor
for (ACEDescriptor ace : aces) {
existingACL.add(new ACE(ace.getPrincipal(), ace.getPermission(), ace.getGranted()));
}
// read the acl to invalidate the ACPImpl cache
acp.addACL(existingACL);
session.setACP(ref, acp, true);
}
}
代码示例来源:origin: org.nuxeo.ecm.routing/nuxeo-routing-core
@Override
public void run() {
for (DocumentModel doc : docs) {
ACP acp = doc.getACP();
acp.removeACL(aclName);
ACL acl = new ACLImpl(aclName);
for (String actorId : actorIds) {
acl.add(ACE.builder(actorId, permission).creator(ACTOR_ACE_CREATOR).build());
}
acp.addACL(0, acl); // add first to get before blocks
doc.setACP(acp, true);
session.saveDocument(doc);
}
}
代码示例来源:origin: org.nuxeo.ecm.core/nuxeo-core-storage-sql
protected static ACP aclRowsToACP(ACLRow[] acls) {
ACP acp = new ACPImpl();
ACL acl = null;
String name = null;
for (ACLRow aclrow : acls) {
if (!aclrow.name.equals(name)) {
if (acl != null) {
acp.addACL(acl);
}
name = aclrow.name;
acl = new ACLImpl(name);
}
// XXX should prefix user/group
String user = aclrow.user;
if (user == null) {
user = aclrow.group;
}
acl.add(ACE.builder(user, aclrow.permission)
.isGranted(aclrow.grant)
.creator(aclrow.creator)
.begin(aclrow.begin)
.end(aclrow.end)
.build());
}
if (acl != null) {
acp.addACL(acl);
}
return acp;
}
代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-user-profile
@Override
public void run() {
String query = "select * from " + USER_PROFILE_DOCTYPE + " where ecm:parentId='" + userWorkspace.getId()
+ "' " + " AND ecm:isProxy = 0 "
+ " AND ecm:isVersion = 0 AND ecm:isTrashed = 0";
DocumentModelList children = session.query(query);
if (!children.isEmpty()) {
userProfileDocRef = children.get(0).getRef();
} else {
DocumentModel userProfileDoc = session.createDocumentModel(userWorkspace.getPathAsString(),
String.valueOf(System.currentTimeMillis()), USER_PROFILE_DOCTYPE);
userProfileDoc = session.createDocument(userProfileDoc);
userProfileDocRef = userProfileDoc.getRef();
ACP acp = session.getACP(userProfileDocRef);
ACL acl = acp.getOrCreateACL();
acl.add(new ACE(EVERYONE, READ, true));
acp.addACL(acl);
session.setACP(userProfileDocRef, acp, true);
session.save();
}
}
代码示例来源:origin: org.nuxeo.ecm.routing/nuxeo-routing-core
/**
* Create the rootModels under to root document. Grant READ to everyone on the root models ; workflow availability
* is specified on each route
*
* @param routeStructureDocType
* @param id
* @param session
* @return
*/
protected DocumentModel createModelsRoutesStructure(String routeStructureDocType, String id, CoreSession session)
{
DocumentModel rootModels = session.createDocumentModel("/", id, routeStructureDocType);
rootModels.setPropertyValue(DC_TITLE, routeStructureDocType);
rootModels = session.createDocument(rootModels);
ACP acp = session.getACP(rootModels.getRef());
ACL acl = acp.getOrCreateACL(ACL.LOCAL_ACL);
acl.add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.READ, true));
session.setACP(rootModels.getRef(), acp, true);
return rootModels;
}
代码示例来源:origin: org.nuxeo.ecm.routing/nuxeo-routing-core
@Override
public void handleEvent(Event event) {
DocumentEventContext docCtx = (DocumentEventContext) event.getContext();
DocumentRoute route = (DocumentRoute) docCtx.getProperty(DocumentRoutingConstants.DOCUMENT_ELEMENT_EVENT_CONTEXT_KEY);
String initiator = (String) docCtx.getProperty(DocumentRoutingConstants.INITIATOR_EVENT_CONTEXT_KEY);
CoreSession session = docCtx.getCoreSession();
// initiator is a step validator
route.setCanValidateStep(session, initiator);
// initiator can see the route
ACP acp = route.getDocument().getACP();
ACL acl = acp.getOrCreateACL(DocumentRoutingConstants.DOCUMENT_ROUTING_ACL);
acl.add(new ACE(initiator, SecurityConstants.READ, true));
session.setACP(route.getDocument().getRef(), acp, true);
}
代码示例来源:origin: org.nuxeo.ecm.platform/nuxeo-platform-task-core
@Override
public void run() {
DocumentRef pathRef = new PathRef(parentPath);
if (session.exists(pathRef)) {
taskRootDoc = session.getDocument(pathRef);
} else {
Path path = new Path(parentPath);
taskRootDoc = session.createDocumentModel(path.removeLastSegments(1).toString(), path.lastSegment(),
TaskConstants.TASK_ROOT_TYPE_NAME);
taskRootDoc = session.createDocument(taskRootDoc);
ACP acp = taskRootDoc.getACP();
ACL acl = acp.getOrCreateACL(ACL.LOCAL_ACL);
acl.add(new ACE("Everyone", "Everything", false));
taskRootDoc.setACP(acp, true);
taskRootDoc = session.saveDocument(taskRootDoc);
}
}
内容来源于网络,如有侵权,请联系作者删除!