inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

MOB-820: IMAP as configurable subsystem + MOB-817: NFS RPC user mappings + MOB-816: File server domain and global ACL mappings

Browse Source 
- JLAN changes: revert previous changes and make AccessControl constructors public

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14353 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Dave Ward
2009-05-18 15:42:47 +00:00
parent b58bd8a5ea
commit 4634d889c8
29 changed files with 1235 additions and 595 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
source/java/org/alfresco/filesys/auth/nfs/UserMapping.java
View File

@@ -24,12 +24,13 @@
*/
package org.alfresco.filesys.auth.nfs;
import org.springframework.beans.factory.BeanNameAware;
/**
* Represents a user mapping for the {@link AlfrescoRpcAuthenticator}.
*/
public class UserMapping
public class UserMapping implements BeanNameAware
{
/** The name. */
private String name;
@@ -71,16 +72,14 @@ public class UserMapping
*/
public String getName()
{
return name;
return this.name;
}
/**
* Sets the name.
*
* @param name
* the new name
/*
* (non-Javadoc)
* @see org.springframework.beans.factory.BeanNameAware#setBeanName(java.lang.String)
*/
public void setName(String name)
public void setBeanName(String name)
{
this.name = name;
}
@@ -92,7 +91,7 @@ public class UserMapping
*/
public int getUid()
{
return uid;
return this.uid;
}
/**
@@ -113,7 +112,7 @@ public class UserMapping
*/
public int getGid()
{
return gid;
return this.gid;
}
/**

13
source/java/org/alfresco/filesys/config/DomainMappingConfigBean.java
View File

@@ -24,13 +24,15 @@
*/
package org.alfresco.filesys.config;
import org.springframework.beans.factory.BeanNameAware;
// TODO: Auto-generated Javadoc
/**
* The Class DomainMappingConfigBean.
*
* @author dward
*/
public class DomainMappingConfigBean
public class DomainMappingConfigBean implements BeanNameAware
{
/** The name. */
@@ -58,13 +60,10 @@ public class DomainMappingConfigBean
return name;
}
/**
* Sets the name.
*
* @param name
* the new name
/* (non-Javadoc)
* @see org.springframework.beans.factory.BeanNameAware#setBeanName(java.lang.String)
*/
public void setName(String name)
public void setBeanName(String name)
{
this.name = name;
}

33
source/java/org/alfresco/filesys/config/SecurityConfigBean.java
View File

@@ -26,7 +26,7 @@ package org.alfresco.filesys.config;
import java.util.List;
import org.alfresco.jlan.server.auth.acl.AccessControl;
import org.alfresco.filesys.config.acl.AccessControlListBean;
import org.alfresco.jlan.server.core.ShareMapper;
// TODO: Auto-generated Javadoc
@@ -37,12 +37,8 @@ import org.alfresco.jlan.server.core.ShareMapper;
*/
public class SecurityConfigBean
{
/** The global default access level. */
private String globalDefaultAccessLevel;
/** The global access control. */
private List<AccessControl> globalAccessControl;
private AccessControlListBean globalAccessControl;
/** The jce provider. */
private String jceProvider;
@@ -53,33 +49,12 @@ public class SecurityConfigBean
/** The domain mappings. */
private List<DomainMappingConfigBean> domainMappings;
/**
* Gets the global default access level.
*
* @return the global default access level
*/
public String getGlobalDefaultAccessLevel()
{
return globalDefaultAccessLevel;
}
/**
* Sets the global default access level.
*
* @param globalDefaultAccessLevel
* the new global default access level
*/
public void setGlobalDefaultAccessLevel(String globalDefaultAccessLevel)
{
this.globalDefaultAccessLevel = globalDefaultAccessLevel;
}
/**
* Gets the global access control.
*
* @return the global access control
*/
public List<AccessControl> getGlobalAccessControl()
public AccessControlListBean getGlobalAccessControl()
{
return globalAccessControl;
}
@@ -90,7 +65,7 @@ public class SecurityConfigBean
* @param globalAccessControl
* the new global access control
*/
public void setGlobalAccessControl(List<AccessControl> globalAccessControl)
public void setGlobalAccessControl(AccessControlListBean globalAccessControl)
{
this.globalAccessControl = globalAccessControl;
}

107
source/java/org/alfresco/filesys/config/ServerConfigurationBean.java
View File

@@ -45,6 +45,7 @@ import org.alfresco.filesys.AbstractServerConfigurationBean;
import org.alfresco.filesys.alfresco.ExtendedDiskInterface;
import org.alfresco.filesys.avm.AVMContext;
import org.alfresco.filesys.avm.AVMDiskDriver;
import org.alfresco.filesys.config.acl.AccessControlListBean;
import org.alfresco.filesys.repo.ContentContext;
import org.alfresco.jlan.ftp.FTPAuthenticator;
import org.alfresco.jlan.ftp.FTPConfigSection;
@@ -56,11 +57,7 @@ import org.alfresco.jlan.netbios.win32.Win32NetBIOS;
import org.alfresco.jlan.oncrpc.RpcAuthenticator;
import org.alfresco.jlan.oncrpc.nfs.NFSConfigSection;
import org.alfresco.jlan.server.auth.ICifsAuthenticator;
import org.alfresco.jlan.server.auth.acl.ACLParseException;
import org.alfresco.jlan.server.auth.acl.AccessControl;
import org.alfresco.jlan.server.auth.acl.AccessControlList;
import org.alfresco.jlan.server.auth.acl.AccessControlParser;
import org.alfresco.jlan.server.auth.acl.InvalidACLTypeException;
import org.alfresco.jlan.server.auth.passthru.DomainMapping;
import org.alfresco.jlan.server.auth.passthru.RangeDomainMapping;
import org.alfresco.jlan.server.auth.passthru.SubnetDomainMapping;
@@ -1537,21 +1534,16 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean
// Check if an access control list has been specified
AccessControlList acls = null;
String defaultAccessLevel = filesysContext.getDefaultAccessLevel();
List<AccessControl> accessControls = filesysContext.getAccessControl();
if ((defaultAccessLevel != null && defaultAccessLevel.length() > 0) ||
(accessControls != null && !accessControls.isEmpty()))
AccessControlListBean accessControls = filesysContext.getAccessControlList();
if (accessControls != null)
{
// Parse the access control list
acls = processAccessControlList(secConfig, defaultAccessLevel, accessControls);
acls = accessControls.toAccessControlList(secConfig);
}
else if (secConfig.hasGlobalAccessControls())
{
// Use the global access control list for this disk share
acls = secConfig.getGlobalAccessControls();
}
@@ -1576,6 +1568,10 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean
{
throw new AlfrescoRuntimeException("Error creating filesystem " + filesystem.getDeviceName(), ex);
}
catch (InvalidConfigurationException ex)
{
throw new AlfrescoRuntimeException(ex.getMessage(), ex);
}
}
}
else
@@ -1642,22 +1638,19 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean
{
// Check if global access controls have been specified
String defaultAccessLevel = securityConfigBean.getGlobalDefaultAccessLevel();
List<AccessControl> accessControls = securityConfigBean.getGlobalAccessControl();
if ((defaultAccessLevel != null && defaultAccessLevel.length() > 0) ||
(accessControls != null && !accessControls.isEmpty()))
AccessControlListBean accessControls = securityConfigBean.getGlobalAccessControl();
if (accessControls != null)
{
// Parse the access control list
AccessControlList acls = processAccessControlList(secConfig, defaultAccessLevel, accessControls);
AccessControlList acls = accessControls.toAccessControlList(secConfig);
if (acls != null)
secConfig.setGlobalAccessControls(acls);
}
// Check if a JCE provider class has been specified
String jceProvider = securityConfigBean.getJCEProvider();
if (jceProvider != null && jceProvider.length() > 0)
{
@@ -1949,78 +1942,4 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean
coreConfig.setMemoryPool(DefaultMemoryPoolBufSizes, DefaultMemoryPoolInitAlloc, DefaultMemoryPoolMaxAlloc);
}
}
/**
* Process an access control sub-section and return the access control list
*
* @param secConfig
* SecurityConfigSection
* @param aclsElem
* ConfigElement
*/
protected AccessControlList processAccessControlList(SecurityConfigSection secConfig, String defaultAccessLevel,
List<AccessControl> accessControls)
{
// Check if there is an access control manager configured
if (secConfig.getAccessControlManager() == null)
throw new AlfrescoRuntimeException("No access control manager configured");
// Create the access control list
AccessControlList acls = new AccessControlList();
// Check if there is a default access level for the ACL group
if (defaultAccessLevel != null && defaultAccessLevel.length() > 0)
{
// Get the access level and validate
try
{
// Parse the access level name
int access = AccessControlParser.parseAccessTypeString(defaultAccessLevel);
// Set the default access level for the access control list
acls.setDefaultAccessLevel(access);
}
catch (InvalidACLTypeException ex)
{
throw new AlfrescoRuntimeException("Default access level error", ex);
}
catch (ACLParseException ex)
{
throw new AlfrescoRuntimeException("Default access level error", ex);
}
}
// Parse each access control element
if (accessControls != null && accessControls.size() > 0)
{
// Create the access controls
for (AccessControl accessControl : accessControls)
{
acls.addControl(accessControl);
}
}
// Check if there are no access control rules but the default access level is set to 'None',
// this is not allowed as the share would not be accessible or visible.
if (acls.getDefaultAccessLevel() == AccessControl.NoAccess && acls.numberOfControls() == 0)
throw new AlfrescoRuntimeException("Empty access control list and default access 'None' not allowed");
// Return the access control list
return acls;
}
}

102
source/java/org/alfresco/filesys/config/acl/AccessControlBean.java Normal file
View File

@@ -0,0 +1,102 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have received a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.filesys.config.acl;
import org.alfresco.jlan.server.auth.acl.ACLParseException;
import org.alfresco.jlan.server.auth.acl.AccessControl;
import org.alfresco.jlan.server.auth.acl.AccessControlParser;
import org.springframework.beans.factory.BeanNameAware;
/**
* Simple description of a JLAN Access control that can be configured via JMX or a Spring bean definition.
*/
public abstract class AccessControlBean implements BeanNameAware
{
/** The name. */
private String name;
/** The access type. */
private int accessType = AccessControl.ReadWrite;
/*
* (non-Javadoc)
* @see org.springframework.beans.factory.BeanNameAware#setBeanName(java.lang.String)
*/
public void setBeanName(String name)
{
this.name = name;
}
/**
* Return the access control name.
*
* @return the access control name
*/
public final String getName()
{
return this.name;
}
/**
* Return the access control check type.
*
* @return the access control check type
*/
public final String getAccessType()
{
return AccessControl.asAccessString(this.accessType);
}
/**
* Set the the access control check type.
*
* @param accessType
* the access type
* @throws ACLParseException
*/
public void setAccessType(String accessType) throws ACLParseException
{
this.accessType = AccessControlParser.parseAccessTypeString(accessType);
}
/**
* Converts this object to a JLAN access control
*
* @return the access control
*/
public abstract AccessControl toAccessControl();
/**
* Gets the access level as an integer.
*
* @return the access level as an integer
*/
protected int getAccessLevel()
{
return this.accessType;
}
}

309
source/java/org/alfresco/filesys/config/acl/AccessControlListBean.java Normal file
View File

@@ -0,0 +1,309 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have received a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.filesys.config.acl;
import java.util.Collections;
import java.util.List;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.jlan.server.auth.acl.ACLParseException;
import org.alfresco.jlan.server.auth.acl.AccessControl;
import org.alfresco.jlan.server.auth.acl.AccessControlList;
import org.alfresco.jlan.server.auth.acl.AccessControlParser;
import org.alfresco.jlan.server.auth.acl.DefaultAccessControlManager;
import org.alfresco.jlan.server.auth.acl.InvalidACLTypeException;
import org.alfresco.jlan.server.config.InvalidConfigurationException;
import org.alfresco.jlan.server.config.SecurityConfigSection;
/**
* Simple description of a JLAN Access Control List that can be configured via JMX or a Spring bean definition. The
* lists are partitioned by type to aid in the UI mapping.
*/
public class AccessControlListBean
{
/** The default access level. */
private int defaultAccessLevel = AccessControl.Default;
/** The domain access controls. */
private List<DomainAccessControlBean> domainAccessControls = Collections.emptyList();
/** The gid access controls. */
private List<GidAccessControlBean> gidAccessControls = Collections.emptyList();
/** The ip address access controls. */
private List<IpAddressAccessControlBean> ipAddressAccessControls = Collections.emptyList();
/** The protocol access controls. */
private List<ProtocolAccessControlBean> protocolAccessControls = Collections.emptyList();
/** The uid access controls. */
private List<UidAccessControlBean> uidAccessControls = Collections.emptyList();
/** The user access controls. */
private List<UserAccessControlBean> userAccessControls = Collections.emptyList();
/**
* Gets the default access level.
*
* @return the default access level
*/
public String getDefaultAccessLevel()
{
return AccessControl.asAccessString(defaultAccessLevel);
}
/**
* Sets the default access level.
*
* @param defaultAccessLevel
* the new default access level
* @throws ACLParseException
*/
public void setDefaultAccessLevel(String defaultAccessLevel) throws ACLParseException
{
if (defaultAccessLevel != null && defaultAccessLevel.length() > 0)
{
this.defaultAccessLevel = AccessControlParser.parseAccessTypeString(defaultAccessLevel);
}
}
/**
* Gets the domain access controls.
*
* @return the domain access controls
*/
public List<DomainAccessControlBean> getDomainAccessControls()
{
return this.domainAccessControls;
}
/**
* Sets the domain access controls.
*
* @param domainAccessControls
* the new domain access controls
*/
public void setDomainAccessControls(List<DomainAccessControlBean> domainAccessControls)
{
this.domainAccessControls = domainAccessControls;
}
/**
* Gets the gid access controls.
*
* @return the gid access controls
*/
public List<GidAccessControlBean> getGidAccessControls()
{
return this.gidAccessControls;
}
/**
* Sets the gid access controls.
*
* @param gidAccessControls
* the new gid access controls
*/
public void setGidAccessControls(List<GidAccessControlBean> gidAccessControls)
{
this.gidAccessControls = gidAccessControls;
}
/**
* Gets the ip address access controls.
*
* @return the ip address access controls
*/
public List<IpAddressAccessControlBean> getIpAddressAccessControls()
{
return this.ipAddressAccessControls;
}
/**
* Sets the ip address access controls.
*
* @param ipAddressAccessControls
* the new ip address access controls
*/
public void setIpAddressAccessControls(List<IpAddressAccessControlBean> ipAddressAccessControls)
{
this.ipAddressAccessControls = ipAddressAccessControls;
}
/**
* Gets the protocol access controls.
*
* @return the protocol access controls
*/
public List<ProtocolAccessControlBean> getProtocolAccessControls()
{
return this.protocolAccessControls;
}
/**
* Sets the protocol access controls.
*
* @param protocolAccessControls
* the new protocol access controls
*/
public void setProtocolAccessControls(List<ProtocolAccessControlBean> protocolAccessControls)
{
this.protocolAccessControls = protocolAccessControls;
}
/**
* Gets the uid access controls.
*
* @return the uid access controls
*/
public List<UidAccessControlBean> getUidAccessControls()
{
return this.uidAccessControls;
}
/**
* Sets the uid access controls.
*
* @param uidAccessControls
* the new uid access controls
*/
public void setUidAccessControls(List<UidAccessControlBean> uidAccessControls)
{
this.uidAccessControls = uidAccessControls;
}
/**
* Gets the user access controls.
*
* @return the user access controls
*/
public List<UserAccessControlBean> getUserAccessControls()
{
return this.userAccessControls;
}
/**
* Sets the user access controls.
*
* @param userAccessControls
* the new user access controls
*/
public void setUserAccessControls(List<UserAccessControlBean> userAccessControls)
{
this.userAccessControls = userAccessControls;
}
/**
* Converts the description to a JLAN ACL
*
* @param secConfig
* the security config
* @return the access control list
* @throws InvalidConfigurationException
*/
public AccessControlList toAccessControlList(SecurityConfigSection secConfig) throws InvalidConfigurationException
{
// Create the access control list
AccessControlList acls = new AccessControlList();
// Check if there is a default access level for the ACL group
if (defaultAccessLevel != AccessControl.Default)
{
try
{
// Set the default access level for the access control list
acls.setDefaultAccessLevel(defaultAccessLevel);
}
catch (InvalidACLTypeException ex)
{
throw new AlfrescoRuntimeException("Default access level error", ex);
}
}
// Create the access controls
for (AccessControlBean accessControlBean : getDomainAccessControls())
{
acls.addControl(accessControlBean.toAccessControl());
}
// Create the access controls
for (AccessControlBean accessControlBean : getGidAccessControls())
{
acls.addControl(accessControlBean.toAccessControl());
}
// Create the access controls
for (AccessControlBean accessControlBean : getIpAddressAccessControls())
{
acls.addControl(accessControlBean.toAccessControl());
}
// Create the access controls
for (AccessControlBean accessControlBean : getProtocolAccessControls())
{
acls.addControl(accessControlBean.toAccessControl());
}
// Create the access controls
for (AccessControlBean accessControlBean : getUidAccessControls())
{
acls.addControl(accessControlBean.toAccessControl());
}
// Create the access controls
for (AccessControlBean accessControlBean : getUserAccessControls())
{
acls.addControl(accessControlBean.toAccessControl());
}
// Check if there are no access control rules but the default access level is set to 'None',
// this is not allowed as the share would not be accessible or visible.
if (acls.numberOfControls() == 0)
{
if (defaultAccessLevel == AccessControl.Default)
{
// No access level or controls set. No need to enforce ACLs
return null;
}
else if (acls.getDefaultAccessLevel() == AccessControl.NoAccess)
{
throw new AlfrescoRuntimeException("Empty access control list and default access 'None' not allowed");
}
}
// Check if there is an access control manager configured
if (secConfig.getAccessControlManager() == null)
{
secConfig.setAccessControlManager(new DefaultAccessControlManager());
}
// Return the access control list
return acls;
}
}

45
source/java/org/alfresco/filesys/config/acl/DomainAccessControlBean.java Normal file
View File

@@ -0,0 +1,45 @@
/*
* Copyright (C) 2006-2008 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.filesys.config.acl;
import org.alfresco.jlan.server.auth.acl.AccessControl;
import org.alfresco.jlan.server.auth.acl.DomainAccessControl;
/**
* Simple description of a JLAN Domain Access control that can be configured via JMX or a Spring bean definition.
*/
public class DomainAccessControlBean extends AccessControlBean
{
/*
* (non-Javadoc)
* @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
*/
@Override
public AccessControl toAccessControl()
{
return new DomainAccessControl(getName(), "domain", getAccessLevel());
}
}

69
source/java/org/alfresco/filesys/config/acl/GidAccessControlBean.java Normal file
View File

@@ -0,0 +1,69 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have received a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.filesys.config.acl;
import org.alfresco.jlan.server.auth.acl.AccessControl;
import org.alfresco.jlan.server.auth.acl.GidAccessControl;
/**
* Simple description of a JLAN Group ID Access control that can be configured via JMX or a Spring bean definition.
*/
public class GidAccessControlBean extends AccessControlBean
{
/** The group id to check for. */
private int gid;
/**
* Sets the group id to check for
*
* @param gid
* the group id to check for
*/
public final void setGid(int gid)
{
this.gid = gid;
}
/**
* Gets the group id to check for.
*
* @return the group id to check for
*/
public final int getGid()
{
return this.gid;
}
/*
* (non-Javadoc)
* @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
*/
@Override
public AccessControl toAccessControl()
{
return new GidAccessControl(getName(), getGid(), "gid", getAccessLevel());
}
}

94
source/java/org/alfresco/filesys/config/acl/IpAddressAccessControlBean.java Normal file
View File

@@ -0,0 +1,94 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have received a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.filesys.config.acl;
import org.alfresco.jlan.server.auth.acl.AccessControl;
import org.alfresco.jlan.server.auth.acl.IpAddressAccessControl;
/**
* Simple description of a JLAN IP Address Access control that can be configured via JMX or a Spring bean definition.
*/
public class IpAddressAccessControlBean extends AccessControlBean
{
/** The subnet. */
private String subnet;
/** The network mask. */
private String netMask;
/**
* Sets the subnet.
*
* @param subnet
* the subnet
*/
public void setSubnet(String subnet)
{
this.subnet = subnet;
}
/**
* Sets the network mask.
*
* @param mask
* the network mask
*/
public void setNetMask(String mask)
{
this.netMask = mask;
}
/**
* Gets the subnet.
*
* @return the subnet
*/
public String getSubnet()
{
return this.subnet;
}
/**
* Gets the network mask.
*
* @return the network mask
*/
public String getNetMask()
{
return this.netMask;
}
/*
* (non-Javadoc)
* @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
*/
@Override
public AccessControl toAccessControl()
{
return new IpAddressAccessControl(getSubnet(), getNetMask(), "address", getAccessLevel());
}
}

69
source/java/org/alfresco/filesys/config/acl/ProtocolAccessControlBean.java Normal file
View File

@@ -0,0 +1,69 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have received a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.filesys.config.acl;
import org.alfresco.jlan.server.auth.acl.AccessControl;
import org.alfresco.jlan.server.auth.acl.ProtocolAccessControl;
/**
* Simple description of a JLAN Protocol Access control that can be configured via JMX or a Spring bean definition.
*/
public class ProtocolAccessControlBean extends AccessControlBean
{
/** The list of protocol types. */
private String checkList;
/**
* Sets the list of protocol types.
*
* @param protList
* the list of protocol types
*/
public void setCheckList(String protList)
{
this.checkList = protList;
}
/**
* Gets the list of protocol types
*
* @return the list of protocol types
*/
public String getCheckList()
{
return this.checkList;
}
/*
* (non-Javadoc)
* @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
*/
@Override
public AccessControl toAccessControl()
{
return new ProtocolAccessControl(getCheckList(), "protocol", getAccessLevel());
}
}

70
source/java/org/alfresco/filesys/config/acl/UidAccessControlBean.java Normal file
View File

@@ -0,0 +1,70 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have received a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.filesys.config.acl;
import org.alfresco.jlan.server.auth.acl.AccessControl;
import org.alfresco.jlan.server.auth.acl.UidAccessControl;
/**
* Simple description of a JLAN User ID Access control that can be configured via JMX or a Spring bean definition.
*/
public class UidAccessControlBean extends AccessControlBean
{
/** The user id. */
private int uid;
/**
* Sets the user id.
*
* @param uid
* the user id
*/
public void setUid(int uid)
{
this.uid = uid;
}
/**
* Gets the user id.
*
* @return the user id
*/
public int getUid()
{
return this.uid;
}
/*
* (non-Javadoc)
* @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
*/
@Override
public AccessControl toAccessControl()
{
return new UidAccessControl(getName(), getUid(), "uid", getAccessLevel());
}
}

45
source/java/org/alfresco/filesys/config/acl/UserAccessControlBean.java Normal file
View File

@@ -0,0 +1,45 @@
/*
* Copyright (C) 2006-2008 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.filesys.config.acl;
import org.alfresco.jlan.server.auth.acl.AccessControl;
import org.alfresco.jlan.server.auth.acl.UserAccessControl;
/**
* Simple description of a JLAN User Access control that can be configured via JMX or a Spring bean definition.
*/
public class UserAccessControlBean extends AccessControlBean
{
/*
* (non-Javadoc)
* @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
*/
@Override
public AccessControl toAccessControl()
{
return new UserAccessControl(getName(), "user", getAccessLevel());
}
}

36
source/java/org/alfresco/filesys/repo/ContentContext.java
View File

@@ -24,13 +24,11 @@
*/
package org.alfresco.filesys.repo;
import java.util.List;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.filesys.alfresco.AlfrescoContext;
import org.alfresco.filesys.alfresco.AlfrescoDiskDriver;
import org.alfresco.filesys.alfresco.IOControlHandler;
import org.alfresco.jlan.server.auth.acl.AccessControl;
import org.alfresco.filesys.config.acl.AccessControlListBean;
import org.alfresco.jlan.server.core.DeviceContextException;
import org.alfresco.jlan.server.filesys.DiskInterface;
import org.alfresco.jlan.server.filesys.DiskSharedDevice;
@@ -61,10 +59,9 @@ public class ContentContext extends AlfrescoContext
private boolean m_offlineFiles;
private boolean m_disableNodeMonitor;
private AccessControlListBean m_accessControlList;
private String m_defaultAccessLevel;
private List<AccessControl> m_accessControl;
// Node monitor
@@ -129,14 +126,9 @@ public class ContentContext extends AlfrescoContext
m_disableNodeMonitor = disableNodeMonitor;
}
public void setDefaultAccessLevel(String defaultAccessLevel)
public void setAccessControlList(AccessControlListBean accessControlList)
{
m_defaultAccessLevel = defaultAccessLevel;
}
public void setAccessControl(List<AccessControl> accessControl)
{
m_accessControl = accessControl;
m_accessControlList = accessControlList;
}
public void setRootNodeRef(NodeRef nodeRef)
@@ -224,23 +216,13 @@ public class ContentContext extends AlfrescoContext
}
/**
* Return the default access level
* Gets the access control list.
*
* @return String
* @return the access control list
*/
public String getDefaultAccessLevel()
public AccessControlListBean getAccessControlList()
{
return m_defaultAccessLevel;
}
/**
* Return the access control list
*
* @return List<AccessControl>
*/
public List<AccessControl> getAccessControl()
{
return m_accessControl;
return m_accessControlList;
}
/**