|
1 package org.alfresco.repo.webservice.accesscontrol;
2
3 import java.rmi.RemoteException  ;
4 import java.util.ArrayList ;
5 import java.util.List ;
6 import java.util.Set ;
7
8 import org.alfresco.repo.transaction.TransactionComponent;
9 import org.alfresco.repo.transaction.TransactionUtil;
10 import org.alfresco.repo.transaction.TransactionUtil.TransactionWork;
11 import org.alfresco.repo.webservice.AbstractWebService;
12 import org.alfresco.repo.webservice.Utils;
13 import org.alfresco.repo.webservice.action.ActionFault;
14 import org.alfresco.repo.webservice.types.Predicate;
15 import org.alfresco.service.cmr.repository.NodeRef;
16 import org.alfresco.service.cmr.security.AccessPermission;
17 import org.alfresco.service.cmr.security.AccessStatus;
18 import org.alfresco.service.cmr.security.OwnableService;
19 import org.alfresco.service.cmr.security.PermissionService;
20 import org.alfresco.service.namespace.QName;
21 import org.apache.commons.logging.Log;
22 import org.apache.commons.logging.LogFactory;
23
24 public class AccessControlWebService extends AbstractWebService implements AccessControlServiceSoapPort
25 {
26
27 private static Log logger = LogFactory.getLog(AccessControlWebService.class);
28
29
30 private TransactionComponent transactionService = null;
31
32
33 private PermissionService permissionService = null;
34
35
36 private OwnableService ownableService = null;
37
38
43 public void setTransactionService(TransactionComponent transactionService)
44 {
45 this.transactionService = transactionService;
46 }
47
48
53 public void setPermissionService(PermissionService permissionService)
54 {
55 this.permissionService = permissionService;
56 }
57
58
63 public void setOwnableService(OwnableService ownableService)
64 {
65 this.ownableService = ownableService;
66 }
67
68
71 public ACL[] getACLs(final Predicate predicate, final ACE filter) throws RemoteException , AccessControlFault
72 {
73 try
74 {
75 return TransactionUtil.executeInUserTransaction(this.transactionService, new TransactionWork<ACL[]>()
76 {
77 public ACL[] doWork() throws Exception
78 {
79 return getACLsImpl(predicate, filter);
80 }
81 });
82 }
83 catch (Throwable exception)
84 {
85 if (logger.isDebugEnabled())
86 {
87 logger.error("Unexpected error occurred", exception);
88 }
89
90 throw new ActionFault(0, exception.getMessage());
91 }
92 }
93
94
101 private ACL[] getACLsImpl(Predicate predicate, ACE filter)
102 {
103 List <NodeRef> nodes = Utils.resolvePredicate(predicate, this.nodeService, this.searchService, this.namespaceService);
105 ACL[] acls = new ACL[nodes.size()];
106
107 int index = 0;
108 for (NodeRef node : nodes)
109 {
110 ACL acl = getACLFromNodeRef(node, filter);
112
113 acls[index] = acl;
115 index++;
116 }
117
118 return acls;
119 }
120
121
127 private ACL getACLFromNodeRef(NodeRef node, ACE filter)
128 {
129 ACL acl = new ACL();
131 acl.setReference(Utils.convertToReference(node));
132
133 boolean inheritPermission = this.permissionService.getInheritParentPermissions(node);
135 acl.setInheritPermissions(inheritPermission);
136
137 Set <AccessPermission> accessPermissions = this.permissionService.getAllSetPermissions(node);
139 ACE[] aces = new ACE[accessPermissions.size()];
140
141 int count = 0;
143 for (AccessPermission permission : accessPermissions)
144 {
145
147 org.alfresco.repo.webservice.accesscontrol.AccessStatus accessStatus = org.alfresco.repo.webservice.accesscontrol.AccessStatus.declined;
149 if (AccessStatus.ALLOWED.equals(permission.getAccessStatus()) == true)
150 {
151 accessStatus = org.alfresco.repo.webservice.accesscontrol.AccessStatus.acepted;
152 }
153 ACE ace = new ACE(permission.getAuthority(),permission.getPermission(), accessStatus);
154
155 aces[count] = ace;
157 count ++;
158 }
159 acl.setAces(aces);
160 return acl;
161 }
162
163
166 public ACL[] addACEs(final Predicate predicate, final ACE[] aces) throws RemoteException , AccessControlFault
167 {
168 try
169 {
170 return TransactionUtil.executeInUserTransaction(this.transactionService, new TransactionWork<ACL[]>()
171 {
172 public ACL[] doWork() throws Exception
173 {
174 return addACEsImpl(predicate, aces);
175 }
176 });
177 }
178 catch (Throwable exception)
179 {
180 if (logger.isDebugEnabled())
181 {
182 logger.error("Unexpected error occurred", exception);
183 }
184
185 throw new ActionFault(0, exception.getMessage());
186 }
187 }
188
189
196 private ACL[] addACEsImpl(Predicate predicate, ACE[] aces)
197 {
198 List <NodeRef> nodes = Utils.resolvePredicate(predicate, this.nodeService, this.searchService, this.namespaceService);
200 ACL[] acls = new ACL[nodes.size()];
201
202 int count = 0;
203 for (NodeRef node : nodes)
204 {
205 for (ACE ace : aces)
207 {
208 boolean allow = false;
210 if (ace.getAccessStatus().equals(org.alfresco.repo.webservice.accesscontrol.AccessStatus.acepted) == true)
211 {
212 allow = true;
213 }
214 this.permissionService.setPermission(node, ace.getAuthority(), ace.getPermission(), allow);
215 }
216
217 acls[count] = getACLFromNodeRef(node, null);
219 count++;
220 }
221
222 return acls;
223 }
224
225
228 public ACL[] removeACEs(final Predicate predicate, final ACE[] aces) throws RemoteException , AccessControlFault
229 {
230 try
231 {
232 return TransactionUtil.executeInUserTransaction(this.transactionService, new TransactionWork<ACL[]>()
233 {
234 public ACL[] doWork() throws Exception
235 {
236 return removeACEsImpl(predicate, aces);
237 }
238 });
239 }
240 catch (Throwable exception)
241 {
242 if (logger.isDebugEnabled())
243 {
244 logger.error("Unexpected error occurred", exception);
245 }
246
247 throw new ActionFault(0, exception.getMessage());
248 }
249 }
250
251
258 private ACL[] removeACEsImpl(Predicate predicate, ACE[] aces)
259 {
260 List <NodeRef> nodes = Utils.resolvePredicate(predicate, this.nodeService, this.searchService, this.namespaceService);
262 ACL[] acls = new ACL[nodes.size()];
263
264 int count = 0;
265 for (NodeRef node : nodes)
266 {
267 if (aces == null)
268 {
269 this.permissionService.deletePermissions(node);
271 }
272 else
273 {
274 for (ACE ace : aces)
276 {
277 boolean allow = false;
278 if (ace.getAccessStatus().equals(org.alfresco.repo.webservice.accesscontrol.AccessStatus.acepted) == true)
279 {
280 allow = true;
281 }
282 this.permissionService.deletePermission(node, ace.getAuthority(), ace.getPermission(), allow);
283 }
284 }
285
286 acls[count] = getACLFromNodeRef(node, null);
288 count++;
289 }
290
291 return acls;
292 }
293
294
297 public GetPermissionsResult[] getPermissions(final Predicate predicate) throws RemoteException , AccessControlFault
298 {
299 try
300 {
301 return TransactionUtil.executeInUserTransaction(this.transactionService, new TransactionWork<GetPermissionsResult[]>()
302 {
303 public GetPermissionsResult[] doWork() throws Exception
304 {
305 return getPermissionsImpl(predicate);
306 }
307 });
308 }
309 catch (Throwable exception)
310 {
311 if (logger.isDebugEnabled())
312 {
313 logger.error("Unexpected error occurred", exception);
314 }
315
316 throw new ActionFault(0, exception.getMessage());
317 }
318 }
319
320
326 private GetPermissionsResult[] getPermissionsImpl(Predicate predicate)
327 {
328 List <NodeRef> nodes = Utils.resolvePredicate(predicate, this.nodeService, this.searchService, this.namespaceService);
330 GetPermissionsResult[] results = new GetPermissionsResult[nodes.size()];
331
332 int count = 0;
333 for (NodeRef node : nodes)
334 {
335 Set <String > permissions = this.permissionService.getSettablePermissions(node);
337
338 GetPermissionsResult result = new GetPermissionsResult();
340 result.setReference(Utils.convertToReference(node));
341 result.setPermissions((String [])permissions.toArray(new String [permissions.size()]));
342
343 results[count] = result;
345 count ++;
346 }
347
348 return results;
349 }
350
351
354 public GetClassPermissionsResult[] getClassPermissions(final String [] classNames) throws RemoteException , AccessControlFault
355 {
356 try
357 {
358 return TransactionUtil.executeInUserTransaction(this.transactionService, new TransactionWork<GetClassPermissionsResult[]>()
359 {
360 public GetClassPermissionsResult[] doWork() throws Exception
361 {
362 return getClassPermissionsImpl(classNames);
363 }
364 });
365 }
366 catch (Throwable exception)
367 {
368 if (logger.isDebugEnabled())
369 {
370 logger.error("Unexpected error occurred", exception);
371 }
372
373 throw new ActionFault(0, exception.getMessage());
374 }
375 }
376
377
383 private GetClassPermissionsResult[] getClassPermissionsImpl(String [] classNames)
384 {
385 GetClassPermissionsResult[] results = new GetClassPermissionsResult[classNames.length];
387
388 int count = 0;
389 for (String className : classNames)
390 {
391 Set <String > permissions = this.permissionService.getSettablePermissions(QName.createQName(className));
393
394 GetClassPermissionsResult result = new GetClassPermissionsResult();
396 result.setClassName(className);
397 result.setPermissions((String [])permissions.toArray(new String [permissions.size()]));
398
399 results[count] = result;
401 count ++;
402 }
403
404 return results;
405 }
406
407
410 public HasPermissionsResult[] hasPermissions(final Predicate predicate, final String [] permissions) throws RemoteException , AccessControlFault
411 {
412 try
413 {
414 return TransactionUtil.executeInUserTransaction(this.transactionService, new TransactionWork<HasPermissionsResult[]>()
415 {
416 public HasPermissionsResult[] doWork() throws Exception
417 {
418 return hasPermissionsImpl(predicate, permissions);
419 }
420 });
421 }
422 catch (Throwable exception)
423 {
424 if (logger.isDebugEnabled())
425 {
426 logger.error("Unexpected error occurred", exception);
427 }
428
429 throw new ActionFault(0, exception.getMessage());
430 }
431 }
432
433
440 private HasPermissionsResult[] hasPermissionsImpl(Predicate predicate, String [] permissions)
441 {
442 List <NodeRef> nodes = Utils.resolvePredicate(predicate, this.nodeService, this.searchService, this.namespaceService);
444 List <HasPermissionsResult> results = new ArrayList <HasPermissionsResult>(20);
445
446 for (NodeRef node : nodes)
447 {
448 for (String permission : permissions)
449 {
450 AccessStatus accessStatus = this.permissionService.hasPermission(node, permission);
452 org.alfresco.repo.webservice.accesscontrol.AccessStatus accessState = org.alfresco.repo.webservice.accesscontrol.AccessStatus.declined;
453 if (AccessStatus.ALLOWED.equals(accessStatus) == true)
454 {
455 accessState = org.alfresco.repo.webservice.accesscontrol.AccessStatus.acepted;
456 }
457
458 results.add(new HasPermissionsResult(Utils.convertToReference(node), permission, accessState));
460 }
461 }
462
463 return (HasPermissionsResult[])results.toArray(new HasPermissionsResult[results.size()]);
464 }
465
466
469 public ACL[] setInheritPermission(final Predicate predicate, final boolean inheritPermission) throws RemoteException , AccessControlFault
470 {
471 try
472 {
473 return TransactionUtil.executeInUserTransaction(this.transactionService, new TransactionWork<ACL[]>()
474 {
475 public ACL[] doWork() throws Exception
476 {
477 return setInheritPermissionImpl(predicate, inheritPermission);
478 }
479 });
480 }
481 catch (Throwable exception)
482 {
483 if (logger.isDebugEnabled())
484 {
485 logger.error("Unexpected error occurred", exception);
486 }
487
488 throw new ActionFault(0, exception.getMessage());
489 }
490 }
491
492
499 private ACL[] setInheritPermissionImpl(Predicate predicate, boolean inheritPermission)
500 {
501 List <NodeRef> nodes = Utils.resolvePredicate(predicate, this.nodeService, this.searchService, this.namespaceService);
503 ACL[] acls = new ACL[nodes.size()];
504
505 int count = 0;
506 for (NodeRef node : nodes)
507 {
508 this.permissionService.setInheritParentPermissions(node, inheritPermission);
510
511 acls[count] = getACLFromNodeRef(node, null);
513 count ++;
514 }
515
516 return acls;
517 }
518
519
522 public OwnerResult[] getOwners(final Predicate predicate) throws RemoteException , AccessControlFault
523 {
524 try
525 {
526 return TransactionUtil.executeInUserTransaction(this.transactionService, new TransactionWork<OwnerResult[]>()
527 {
528 public OwnerResult[] doWork() throws Exception
529 {
530 return getOwnersImpl(predicate);
531 }
532 });
533 }
534 catch (Throwable exception)
535 {
536 if (logger.isDebugEnabled())
537 {
538 logger.error("Unexpected error occurred", exception);
539 }
540
541 throw new ActionFault(0, exception.getMessage());
542 }
543 }
544
545
551 private OwnerResult[] getOwnersImpl(Predicate predicate)
552 {
553 List <NodeRef> nodes = Utils.resolvePredicate(predicate, this.nodeService, this.searchService, this.namespaceService);
555 OwnerResult[] result = new OwnerResult[nodes.size()];
556
557 int count = 0;
558 for (NodeRef node : nodes)
559 {
560 String owner = this.ownableService.getOwner(node);
562
563 result[count] = new OwnerResult(Utils.convertToReference(node), owner);
565 count ++;
566 }
567
568 return result;
569 }
570
571
574 public OwnerResult[] setOwners(final Predicate predicate, final String owner) throws RemoteException , AccessControlFault
575 {
576 try
577 {
578 return TransactionUtil.executeInUserTransaction(this.transactionService, new TransactionWork<OwnerResult[]>()
579 {
580 public OwnerResult[] doWork() throws Exception
581 {
582 return setOwnersImpl(predicate, owner);
583 }
584 });
585 }
586 catch (Throwable exception)
587 {
588 if (logger.isDebugEnabled())
589 {
590 logger.error("Unexpected error occurred", exception);
591 }
592
593 throw new ActionFault(0, exception.getMessage());
594 }
595 }
596
597
604 private OwnerResult[] setOwnersImpl(Predicate predicate, String owner)
605 {
606 List <NodeRef> nodes = Utils.resolvePredicate(predicate, this.nodeService, this.searchService, this.namespaceService);
608 OwnerResult[] result = new OwnerResult[nodes.size()];
609
610 int count = 0;
611 for (NodeRef node : nodes)
612 {
613 this.ownableService.setOwner(node, owner);
615
616 result[count] = new OwnerResult(Utils.convertToReference(node), owner);
618 count ++;
619 }
620
621 return result;
622 }
623 }
624 |
Popular Tags |
Java API By Example, From Geeks To Geeks.