Class PermissionServiceImpl
- java.lang.Object
-
- org.springframework.extensions.surf.util.AbstractLifecycleBean
-
- org.alfresco.repo.security.permissions.impl.PermissionServiceImpl
-
- All Implemented Interfaces:
EventListener,PermissionServiceSPI,PermissionService,Extensible,org.springframework.beans.factory.Aware,org.springframework.context.ApplicationContextAware,org.springframework.context.ApplicationListener
- Direct Known Subclasses:
AllowPermissionServiceImpl
public class PermissionServiceImpl extends org.springframework.extensions.surf.util.AbstractLifecycleBean implements PermissionServiceSPI, Extensible
The Alfresco implementation of a permissions service against our APIs for the permissions model and permissions persistence.- Author:
- andyh
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description protected classPermissionServiceImpl.AclTestTest a permission in the context of the new ACL implementation.protected static classPermissionServiceImpl.MutableBooleanprotected classPermissionServiceImpl.NodeTestSupport class to test the permission on a node.protected classPermissionServiceImpl.UnconditionalAclTestIgnores type and aspect requirements on the nodeprotected classPermissionServiceImpl.UnconditionalDeniedAclTestIgnores type and aspect requirements on the node
-
Field Summary
Fields Modifier and Type Field Description protected SimpleCache<Serializable,AccessStatus>accessCachea transactionally-safe cache to be injectedprotected AclDAOaclDaoComponentprotected PermissionReferenceallPermissionReferenceprotected booleananyDenyDeniesprotected AuthorityServiceauthorityServiceprotected DictionaryServicedictionaryServiceprotected List<DynamicAuthority>dynamicAuthoritiesprotected FixedAclUpdaterfixedAclUpdaterprotected ModelDAOmodelDAOprotected NodeServicenodeServiceprotected OwnableServiceownableServiceprotected PermissionsDaoComponentpermissionsDaoComponentprotected PolicyComponentpolicyComponentprotected SimpleCache<Serializable,Set<String>>readersCacheprotected SimpleCache<Serializable,Set<String>>readersDeniedCacheprotected TenantServicetenantService-
Fields inherited from interface org.alfresco.service.cmr.security.PermissionService
ADD_CHILDREN, ADMINISTRATOR_AUTHORITY, ALL_AUTHORITIES, ALL_PERMISSIONS, ASPECTS, CANCEL_CHECK_OUT, CHANGE_PERMISSIONS, CHECK_IN, CHECK_OUT, CONSUMER, CONTRIBUTOR, COORDINATOR, CREATE_ASSOCIATIONS, CREATE_CHILDREN, DELETE, DELETE_ASSOCIATIONS, DELETE_CHILDREN, DELETE_NODE, EDITOR, EXECUTE, EXECUTE_CONTENT, FULL_CONTROL, GROUP_PREFIX, GUEST_AUTHORITY, LINK_CHILDREN, LOCK, LOCK_OWNER_AUTHORITY, OWNER_AUTHORITY, PROPERTIES, READ, READ_ASSOCIATIONS, READ_CHILDREN, READ_CONTENT, READ_PERMISSIONS, READ_PROPERTIES, ROLE_PREFIX, SET_OWNER, TAKE_OWNERSHIP, UNLOCK, WRITE, WRITE_CONTENT, WRITE_PROPERTIES
-
-
Constructor Summary
Constructors Constructor Description PermissionServiceImpl()Standard spring construction.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected AccessStatusadminRead()voidbeforeDeleteChildAssociation(ChildAssociationRef childAssocRef)Cache clear on delete of a child association from an authority container.protected AccessStatuscanRead(Long aclId)voidclearPermission(NodeRef nodeRef, String authority)voidclearPermission(StoreRef storeRef, String authority)protected NodeRefconvertVersionNodeRefToVersionedNodeRef(NodeRef versionNodeRef)Converts specified version nodeRef (eg.voiddeletePermission(PermissionEntry permissionEntry)Delete a single permission entryvoiddeletePermission(NodeRef nodeRef, String authority, String perm)protected voiddeletePermission(NodeRef nodeRef, String authority, PermissionReference perm)voiddeletePermission(StoreRef storeRef, String authority, String perm)protected voiddeletePermission(StoreRef storeRef, String authority, PermissionReference perm)voiddeletePermissions(String recipient)Delete permissions for the given recipient.voiddeletePermissions(NodePermissionEntry nodePermissionEntry)Delete the permissions defined by the nodePermissionEntryvoiddeletePermissions(NodeRef nodeRef)voiddeletePermissions(StoreRef storeRef)NodePermissionEntryexplainPermission(NodeRef nodeRef, PermissionReference perm)Where is the permission set that controls the behaviour for the given permission for the given authentication to access the specified name.StringgetAllAuthorities()StringgetAllPermission()PermissionReferencegetAllPermissionReference()Get the All Permissionprotected Set<AccessPermission>getAllPermissionsImpl(NodeRef nodeRef, boolean includeTrue, boolean includeFalse)Set<AccessPermission>getAllSetPermissions(NodeRef nodeRef)Set<AccessPermission>getAllSetPermissions(StoreRef storeRef)booleangetAnyDenyDenies()Set<String>getAuthorisations()protected Set<String>getAuthorisations(net.sf.acegisecurity.Authentication auth, NodeRef nodeRef, PermissionReference required)Get the authorisations for the currently authenticated userprotected Set<String>getAuthorisations(net.sf.acegisecurity.Authentication auth, PermissionContext context)protected Set<String>getCoreAuthorisations(net.sf.acegisecurity.Authentication auth)Get the core authorisations for thisauth.protected Set<String>getDynamicAuthorities(net.sf.acegisecurity.Authentication auth, NodeRef nodeRef, PermissionReference required)protected Set<String>getDynamicAuthorities(net.sf.acegisecurity.Authentication auth, PermissionContext context, Set<String> auths)booleangetInheritParentPermissions(NodeRef nodeRef)StringgetOwnerAuthority()StringgetPermission(PermissionReference permissionReference)Get the string that can be used to identify the given permission reference.PermissionReferencegetPermissionReference(String permissionName)Get the permission reference by permission name.PermissionReferencegetPermissionReference(QName qname, String permissionName)Get the permission reference for the given data type and permission name.Set<AccessPermission>getPermissions(NodeRef nodeRef)Set<String>getReaders(Long aclId)Set<String>getReadersDenied(Long aclId)NodePermissionEntrygetSetPermissions(NodeRef nodeRef)Get the permissions that have been set on the given node (it knows nothing of the parent permissions)NodePermissionEntrygetSetPermissions(StoreRef storeRef)Get the permissions set for the storeSet<PermissionReference>getSettablePermissionReferences(NodeRef nodeRef)Get the permissions that can be set for a given typeSet<PermissionReference>getSettablePermissionReferences(QName type)Get the permissions that can be set for a given typeSet<String>getSettablePermissions(NodeRef nodeRef)Set<String>getSettablePermissions(QName type)<M extends Trait>
ExtendedTrait<M>getTrait(Class<? extends M> traitAPI)AccessStatushasPermission(Long aclID, PermissionContext context, String permission)protected AccessStatushasPermission(Long aclId, PermissionContext context, PermissionReference permission)AccessStatushasPermission(NodeRef nodeRef, String perm)AccessStatushasPermission(NodeRef passedNodeRef, PermissionReference permIn)Check that the given authentication has a particular permission for the given node.AccessStatushasReadPermission(NodeRef nodeRef)Optimised read permission evaluation caveats: doesn't take into account dynamic authorities/groups doesn't take into account node types/aspects for permissionsvoidinit()protected booleanisVersionNodeRef(NodeRef nodeRef)This methods checks whether the specified nodeRef instance is a version nodeRef (ie.protected voidonBootstrap(org.springframework.context.ApplicationEvent event)voidonCreateChildAssociation(ChildAssociationRef childAssocRef)Cache clear on create of a child association from an authority container.voidonMoveNode(ChildAssociationRef oldChildAssocRef, ChildAssociationRef newChildAssocRef)Cache clear on move nodeprotected voidonShutdown(org.springframework.context.ApplicationEvent event)No-opprotected AccessStatusownerRead(String username, NodeRef nodeRef)voidsetAccessCache(SimpleCache<Serializable,AccessStatus> accessCache)Set the permissions access cache.voidsetAclDAO(AclDAO aclDaoComponent)Set the ACL DAO component.voidsetAnyDenyDenies(boolean anyDenyDenies)voidsetAuthorityService(AuthorityService authorityService)Set the authority service.voidsetDictionaryService(DictionaryService dictionaryService)Set the dictionary servicevoidsetDynamicAuthorities(List<DynamicAuthority> dynamicAuthorities)Set the dynamic authoritiesvoidsetFixedAclUpdater(FixedAclUpdater fixedAclUpdater)voidsetInheritParentPermissions(NodeRef nodeRef, boolean inheritParentPermissions)voidsetInheritParentPermissions(NodeRef nodeRef, boolean inheritParentPermissions, boolean asyncCall)voidsetModelDAO(ModelDAO modelDAO)Set the permissions model daovoidsetNodeService(NodeService nodeService)Set the node service.voidsetOwnableService(OwnableService ownableService)Set the ownable service.voidsetPermission(NodePermissionEntry nodePermissionEntry)Set the permissions on a node.voidsetPermission(PermissionEntry permissionEntry)Add or set a permission entry on a node.voidsetPermission(NodeRef nodeRef, String authority, String perm, boolean allow)protected voidsetPermission(NodeRef nodeRef, String authority, PermissionReference perm, boolean allow)voidsetPermission(StoreRef storeRef, String authority, String perm, boolean allow)protected voidsetPermission(StoreRef storeRef, String authority, PermissionReference permission, boolean allow)voidsetPermissionsDaoComponent(PermissionsDaoComponent permissionsDaoComponent)Set the permissions dao componentvoidsetPolicyComponent(PolicyComponent policyComponent)Set the policy componentvoidsetPolicyIgnoreUtil(PolicyIgnoreUtil policyIgnoreUtil)voidsetReadersCache(SimpleCache<Serializable,Set<String>> readersCache)voidsetReadersDeniedCache(SimpleCache<Serializable,Set<String>> readersDeniedCache)voidsetTenantService(TenantService tenantService)Set the tenant service.
-
-
-
Field Detail
-
accessCache
protected SimpleCache<Serializable,AccessStatus> accessCache
a transactionally-safe cache to be injected
-
readersCache
protected SimpleCache<Serializable,Set<String>> readersCache
-
readersDeniedCache
protected SimpleCache<Serializable,Set<String>> readersDeniedCache
-
modelDAO
protected ModelDAO modelDAO
-
permissionsDaoComponent
protected PermissionsDaoComponent permissionsDaoComponent
-
nodeService
protected NodeService nodeService
-
tenantService
protected TenantService tenantService
-
dictionaryService
protected DictionaryService dictionaryService
-
ownableService
protected OwnableService ownableService
-
authorityService
protected AuthorityService authorityService
-
dynamicAuthorities
protected List<DynamicAuthority> dynamicAuthorities
-
policyComponent
protected PolicyComponent policyComponent
-
aclDaoComponent
protected AclDAO aclDaoComponent
-
allPermissionReference
protected PermissionReference allPermissionReference
-
fixedAclUpdater
protected FixedAclUpdater fixedAclUpdater
-
anyDenyDenies
protected boolean anyDenyDenies
-
-
Method Detail
-
setDictionaryService
public void setDictionaryService(DictionaryService dictionaryService)
Set the dictionary service- Parameters:
dictionaryService- DictionaryService
-
setAnyDenyDenies
public void setAnyDenyDenies(boolean anyDenyDenies)
- Parameters:
anyDenyDenies- the anyDenyDenies to set
-
getAnyDenyDenies
public boolean getAnyDenyDenies()
-
setModelDAO
public void setModelDAO(ModelDAO modelDAO)
Set the permissions model dao- Parameters:
modelDAO- ModelDAO
-
setNodeService
public void setNodeService(NodeService nodeService)
Set the node service.- Parameters:
nodeService- NodeService
-
setOwnableService
public void setOwnableService(OwnableService ownableService)
Set the ownable service.- Parameters:
ownableService- OwnableService
-
setTenantService
public void setTenantService(TenantService tenantService)
Set the tenant service.- Parameters:
tenantService- TenantService
-
setPermissionsDaoComponent
public void setPermissionsDaoComponent(PermissionsDaoComponent permissionsDaoComponent)
Set the permissions dao component- Parameters:
permissionsDaoComponent- PermissionsDaoComponent
-
setAuthorityService
public void setAuthorityService(AuthorityService authorityService)
Set the authority service.- Parameters:
authorityService- AuthorityService
-
setDynamicAuthorities
public void setDynamicAuthorities(List<DynamicAuthority> dynamicAuthorities)
Set the dynamic authorities
-
setAclDAO
public void setAclDAO(AclDAO aclDaoComponent)
Set the ACL DAO component.- Parameters:
aclDaoComponent- AclDAO
-
setFixedAclUpdater
public void setFixedAclUpdater(FixedAclUpdater fixedAclUpdater)
-
setAccessCache
public void setAccessCache(SimpleCache<Serializable,AccessStatus> accessCache)
Set the permissions access cache.- Parameters:
accessCache- a transactionally safe cache
-
setReadersCache
public void setReadersCache(SimpleCache<Serializable,Set<String>> readersCache)
- Parameters:
readersCache- the readersCache to set
-
setReadersDeniedCache
public void setReadersDeniedCache(SimpleCache<Serializable,Set<String>> readersDeniedCache)
- Parameters:
readersDeniedCache- the readersDeniedCache to set
-
setPolicyComponent
public void setPolicyComponent(PolicyComponent policyComponent)
Set the policy component- Parameters:
policyComponent- PolicyComponent
-
setPolicyIgnoreUtil
public void setPolicyIgnoreUtil(PolicyIgnoreUtil policyIgnoreUtil)
-
onMoveNode
public void onMoveNode(ChildAssociationRef oldChildAssocRef, ChildAssociationRef newChildAssocRef)
Cache clear on move node- Parameters:
oldChildAssocRef- ChildAssociationRefnewChildAssocRef- ChildAssociationRef
-
onCreateChildAssociation
public void onCreateChildAssociation(ChildAssociationRef childAssocRef)
Cache clear on create of a child association from an authority container.- Parameters:
childAssocRef- ChildAssociationRef
-
beforeDeleteChildAssociation
public void beforeDeleteChildAssociation(ChildAssociationRef childAssocRef)
Cache clear on delete of a child association from an authority container.- Parameters:
childAssocRef- ChildAssociationRef
-
onBootstrap
protected void onBootstrap(org.springframework.context.ApplicationEvent event)
- Specified by:
onBootstrapin classorg.springframework.extensions.surf.util.AbstractLifecycleBean
-
onShutdown
protected void onShutdown(org.springframework.context.ApplicationEvent event)
No-op- Specified by:
onShutdownin classorg.springframework.extensions.surf.util.AbstractLifecycleBean
-
init
public void init()
-
getOwnerAuthority
public String getOwnerAuthority()
- Specified by:
getOwnerAuthorityin interfacePermissionService
-
getAllAuthorities
public String getAllAuthorities()
- Specified by:
getAllAuthoritiesin interfacePermissionService
-
getAllPermission
public String getAllPermission()
- Specified by:
getAllPermissionin interfacePermissionService
-
getPermissions
public Set<AccessPermission> getPermissions(NodeRef nodeRef)
- Specified by:
getPermissionsin interfacePermissionService
-
getAllSetPermissions
public Set<AccessPermission> getAllSetPermissions(NodeRef nodeRef)
- Specified by:
getAllSetPermissionsin interfacePermissionService
-
getAllSetPermissions
public Set<AccessPermission> getAllSetPermissions(StoreRef storeRef)
- Specified by:
getAllSetPermissionsin interfacePermissionService
-
getAllPermissionsImpl
protected Set<AccessPermission> getAllPermissionsImpl(NodeRef nodeRef, boolean includeTrue, boolean includeFalse)
-
getSettablePermissions
public Set<String> getSettablePermissions(NodeRef nodeRef)
- Specified by:
getSettablePermissionsin interfacePermissionService
-
getSettablePermissions
public Set<String> getSettablePermissions(QName type)
- Specified by:
getSettablePermissionsin interfacePermissionService
-
getSetPermissions
public NodePermissionEntry getSetPermissions(NodeRef nodeRef)
Description copied from interface:PermissionServiceSPIGet the permissions that have been set on the given node (it knows nothing of the parent permissions)- Specified by:
getSetPermissionsin interfacePermissionServiceSPI- Parameters:
nodeRef- NodeRef- Returns:
- the node permission entry
-
getSetPermissions
public NodePermissionEntry getSetPermissions(StoreRef storeRef)
Description copied from interface:PermissionServiceSPIGet the permissions set for the store- Specified by:
getSetPermissionsin interfacePermissionServiceSPI- Parameters:
storeRef- StoreRef- Returns:
- - the node permission entry
-
hasPermission
public AccessStatus hasPermission(NodeRef passedNodeRef, PermissionReference permIn)
Description copied from interface:PermissionServiceSPICheck that the given authentication has a particular permission for the given node. (The default behaviour is to inherit permissions)- Specified by:
hasPermissionin interfacePermissionServiceSPI- Parameters:
passedNodeRef- NodeRefpermIn- PermissionReference- Returns:
- the access status
-
hasPermission
public AccessStatus hasPermission(Long aclID, PermissionContext context, String permission)
- Specified by:
hasPermissionin interfacePermissionService
-
hasPermission
protected AccessStatus hasPermission(Long aclId, PermissionContext context, PermissionReference permission)
-
getCoreAuthorisations
protected Set<String> getCoreAuthorisations(net.sf.acegisecurity.Authentication auth)
Get the core authorisations for thisauth. Ifnullthis will be an empty set. Otherwise it will be a Lazy loaded Set of authorities from the authority node structure PLUS any granted authorities.
-
getAuthorisations
protected Set<String> getAuthorisations(net.sf.acegisecurity.Authentication auth, NodeRef nodeRef, PermissionReference required)
Get the authorisations for the currently authenticated user- Parameters:
auth- AuthenticationnodeRef- NodeRefrequired- PermissionReference- Returns:
- the set of authorisations
-
getDynamicAuthorities
protected Set<String> getDynamicAuthorities(net.sf.acegisecurity.Authentication auth, NodeRef nodeRef, PermissionReference required)
-
getAuthorisations
protected Set<String> getAuthorisations(net.sf.acegisecurity.Authentication auth, PermissionContext context)
-
getDynamicAuthorities
protected Set<String> getDynamicAuthorities(net.sf.acegisecurity.Authentication auth, PermissionContext context, Set<String> auths)
-
explainPermission
public NodePermissionEntry explainPermission(NodeRef nodeRef, PermissionReference perm)
Description copied from interface:PermissionServiceSPIWhere is the permission set that controls the behaviour for the given permission for the given authentication to access the specified name.- Specified by:
explainPermissionin interfacePermissionServiceSPI- Parameters:
nodeRef- NodeRefperm- PermissionReference- Returns:
- the node permission entry
-
clearPermission
public void clearPermission(StoreRef storeRef, String authority)
- Specified by:
clearPermissionin interfacePermissionService
-
deletePermission
public void deletePermission(StoreRef storeRef, String authority, String perm)
- Specified by:
deletePermissionin interfacePermissionService
-
deletePermission
protected void deletePermission(StoreRef storeRef, String authority, PermissionReference perm)
-
deletePermissions
public void deletePermissions(StoreRef storeRef)
- Specified by:
deletePermissionsin interfacePermissionService
-
setPermission
public void setPermission(StoreRef storeRef, String authority, String perm, boolean allow)
- Specified by:
setPermissionin interfacePermissionService
-
setPermission
protected void setPermission(StoreRef storeRef, String authority, PermissionReference permission, boolean allow)
-
deletePermissions
public void deletePermissions(NodeRef nodeRef)
- Specified by:
deletePermissionsin interfacePermissionService
-
deletePermissions
public void deletePermissions(NodePermissionEntry nodePermissionEntry)
Description copied from interface:PermissionServiceSPIDelete the permissions defined by the nodePermissionEntry- Specified by:
deletePermissionsin interfacePermissionServiceSPI- Parameters:
nodePermissionEntry- NodePermissionEntry
-
deletePermission
public void deletePermission(PermissionEntry permissionEntry)
Description copied from interface:PermissionServiceSPIDelete a single permission entry- Specified by:
deletePermissionin interfacePermissionServiceSPI- Parameters:
permissionEntry- PermissionEntry- See Also:
deletePermission(NodeRef, String, PermissionReference)
-
deletePermission
protected void deletePermission(NodeRef nodeRef, String authority, PermissionReference perm)
-
clearPermission
public void clearPermission(NodeRef nodeRef, String authority)
- Specified by:
clearPermissionin interfacePermissionService
-
setPermission
protected void setPermission(NodeRef nodeRef, String authority, PermissionReference perm, boolean allow)
-
setPermission
public void setPermission(PermissionEntry permissionEntry)
Description copied from interface:PermissionServiceSPIAdd or set a permission entry on a node.- Specified by:
setPermissionin interfacePermissionServiceSPI- Parameters:
permissionEntry- PermissionEntry
-
setPermission
public void setPermission(NodePermissionEntry nodePermissionEntry)
Description copied from interface:PermissionServiceSPISet the permissions on a node.- Specified by:
setPermissionin interfacePermissionServiceSPI- Parameters:
nodePermissionEntry- NodePermissionEntry
-
setInheritParentPermissions
public void setInheritParentPermissions(NodeRef nodeRef, boolean inheritParentPermissions)
- Specified by:
setInheritParentPermissionsin interfacePermissionService
-
setInheritParentPermissions
public void setInheritParentPermissions(NodeRef nodeRef, boolean inheritParentPermissions, boolean asyncCall)
- Specified by:
setInheritParentPermissionsin interfacePermissionService
-
getInheritParentPermissions
public boolean getInheritParentPermissions(NodeRef nodeRef)
- Specified by:
getInheritParentPermissionsin interfacePermissionService- See Also:
PermissionService.getInheritParentPermissions(org.alfresco.service.cmr.repository.NodeRef)
-
getPermissionReference
public PermissionReference getPermissionReference(QName qname, String permissionName)
Description copied from interface:PermissionServiceSPIGet the permission reference for the given data type and permission name.- Specified by:
getPermissionReferencein interfacePermissionServiceSPI- Parameters:
qname- - may be null if the permission name is uniquepermissionName- String- Returns:
- the permission reference
-
getAllPermissionReference
public PermissionReference getAllPermissionReference()
Description copied from interface:PermissionServiceSPIGet the All Permission- Specified by:
getAllPermissionReferencein interfacePermissionServiceSPI- Returns:
- the All permission
-
getPermission
public String getPermission(PermissionReference permissionReference)
Description copied from interface:PermissionServiceSPIGet the string that can be used to identify the given permission reference.- Specified by:
getPermissionin interfacePermissionServiceSPI- Parameters:
permissionReference- PermissionReference- Returns:
- the permission short name
-
getPermissionReference
public PermissionReference getPermissionReference(String permissionName)
Description copied from interface:PermissionServiceSPIGet the permission reference by permission name.- Specified by:
getPermissionReferencein interfacePermissionServiceSPI- Parameters:
permissionName- String- Returns:
- the permission reference
-
getSettablePermissionReferences
public Set<PermissionReference> getSettablePermissionReferences(QName type)
Description copied from interface:PermissionServiceSPIGet the permissions that can be set for a given type- Specified by:
getSettablePermissionReferencesin interfacePermissionServiceSPI- Parameters:
type- QName- Returns:
- the set of permissions
-
getSettablePermissionReferences
public Set<PermissionReference> getSettablePermissionReferences(NodeRef nodeRef)
Description copied from interface:PermissionServiceSPIGet the permissions that can be set for a given type- Specified by:
getSettablePermissionReferencesin interfacePermissionServiceSPI- Parameters:
nodeRef- NodeRef- Returns:
- the set of permissions
-
deletePermission
public void deletePermission(NodeRef nodeRef, String authority, String perm)
- Specified by:
deletePermissionin interfacePermissionService
-
hasPermission
public AccessStatus hasPermission(NodeRef nodeRef, String perm)
- Specified by:
hasPermissionin interfacePermissionService
-
setPermission
public void setPermission(NodeRef nodeRef, String authority, String perm, boolean allow)
- Specified by:
setPermissionin interfacePermissionService
-
deletePermissions
public void deletePermissions(String recipient)
Description copied from interface:PermissionServiceSPIDelete permissions for the given recipient.- Specified by:
deletePermissionsin interfacePermissionServiceSPI- Parameters:
recipient- String
-
hasReadPermission
public AccessStatus hasReadPermission(NodeRef nodeRef)
Optimised read permission evaluation caveats: doesn't take into account dynamic authorities/groups doesn't take into account node types/aspects for permissions- Specified by:
hasReadPermissionin interfacePermissionService
-
adminRead
protected AccessStatus adminRead()
-
ownerRead
protected AccessStatus ownerRead(String username, NodeRef nodeRef)
-
getReaders
public Set<String> getReaders(Long aclId)
- Specified by:
getReadersin interfacePermissionService
-
getReadersDenied
public Set<String> getReadersDenied(Long aclId)
- Specified by:
getReadersDeniedin interfacePermissionService- Parameters:
aclId- Long- Returns:
- set of authorities denied permission on the ACL
-
canRead
protected AccessStatus canRead(Long aclId)
-
isVersionNodeRef
protected boolean isVersionNodeRef(NodeRef nodeRef)
This methods checks whether the specified nodeRef instance is a version nodeRef (ie. in the 'version' store)- Parameters:
nodeRef- - version nodeRef- Returns:
- true if version nodeRef false otherwise
-
convertVersionNodeRefToVersionedNodeRef
protected NodeRef convertVersionNodeRefToVersionedNodeRef(NodeRef versionNodeRef)
Converts specified version nodeRef (eg. versionStore://...) to versioned nodeRef (eg. workspace://SpacesStore/...)- Parameters:
versionNodeRef- - always version nodeRef (ie. in the 'version' store)- Returns:
- versioned nodeRef (ie.in the 'live' store)
-
getAuthorisations
public Set<String> getAuthorisations()
- Specified by:
getAuthorisationsin interfacePermissionService
-
getTrait
public <M extends Trait> ExtendedTrait<M> getTrait(Class<? extends M> traitAPI)
- Specified by:
getTraitin interfaceExtensible
-
-