diff --git a/source/java/org/alfresco/cmis/acl/CMISAccessControlEntryImpl.java b/source/java/org/alfresco/cmis/acl/CMISAccessControlEntryImpl.java index c354950902..d3c18c18ed 100644 --- a/source/java/org/alfresco/cmis/acl/CMISAccessControlEntryImpl.java +++ b/source/java/org/alfresco/cmis/acl/CMISAccessControlEntryImpl.java @@ -32,11 +32,19 @@ public class CMISAccessControlEntryImpl implements CMISAccessControlEntry private int position; - /*package*/ CMISAccessControlEntryImpl(String principalId, String permission, int position) + private boolean direct; + + /*package*/ CMISAccessControlEntryImpl(String principalId, String permission, int position, boolean direct) { this.principalId = principalId; this.permission = permission; this.position = position; + this.direct = direct; + } + + /*package*/ CMISAccessControlEntryImpl(String principalId, String permission, int position) + { + this(principalId, permission, position, position == 0); } /** @@ -56,7 +64,7 @@ public class CMISAccessControlEntryImpl implements CMISAccessControlEntry */ public boolean getDirect() { - return position == 0; + return direct; } /* (non-Javadoc) @@ -83,23 +91,18 @@ public class CMISAccessControlEntryImpl implements CMISAccessControlEntry return position; } - /* (non-Javadoc) - * @see java.lang.Object#hashCode() - */ @Override public int hashCode() { final int prime = 31; int result = 1; + result = prime * result + (direct ? 1231 : 1237); result = prime * result + ((permission == null) ? 0 : permission.hashCode()); result = prime * result + position; result = prime * result + ((principalId == null) ? 0 : principalId.hashCode()); return result; } - /* (non-Javadoc) - * @see java.lang.Object#equals(java.lang.Object) - */ @Override public boolean equals(Object obj) { @@ -109,7 +112,9 @@ public class CMISAccessControlEntryImpl implements CMISAccessControlEntry return false; if (getClass() != obj.getClass()) return false; - final CMISAccessControlEntryImpl other = (CMISAccessControlEntryImpl) obj; + CMISAccessControlEntryImpl other = (CMISAccessControlEntryImpl) obj; + if (direct != other.direct) + return false; if (permission == null) { if (other.permission != null) diff --git a/source/java/org/alfresco/cmis/acl/CMISAccessControlServiceImpl.java b/source/java/org/alfresco/cmis/acl/CMISAccessControlServiceImpl.java index f95c01b8c3..ad04816ab7 100644 --- a/source/java/org/alfresco/cmis/acl/CMISAccessControlServiceImpl.java +++ b/source/java/org/alfresco/cmis/acl/CMISAccessControlServiceImpl.java @@ -22,6 +22,7 @@ import java.util.ArrayList; import java.util.Collections; import java.util.Comparator; import java.util.EnumSet; +import java.util.HashSet; import java.util.LinkedHashSet; import java.util.List; import java.util.Map; @@ -51,6 +52,7 @@ import org.alfresco.service.cmr.security.AccessPermission; import org.alfresco.service.cmr.security.AccessStatus; import org.alfresco.service.cmr.security.PermissionService; import org.alfresco.service.namespace.QName; +import org.alfresco.util.Pair; /** * @author andyh @@ -228,7 +230,7 @@ public class CMISAccessControlServiceImpl implements CMISAccessControlService */ public CMISAccessControlReport getAcl(NodeRef nodeRef, CMISAccessControlFormatEnum format) { - CMISAccessControlReportImpl answer = new CMISAccessControlReportImpl(); + CMISAccessControlReportImpl merge = new CMISAccessControlReportImpl(); // Need to compact deny to mask correctly Set permissions = permissionService.getAllSetPermissions(nodeRef); ArrayList ordered = new ArrayList(); @@ -246,21 +248,40 @@ public class CMISAccessControlServiceImpl implements CMISAccessControlService { if (entry.getAccessStatus() == AccessStatus.ALLOWED) { - answer.addEntry(new CMISAccessControlEntryImpl(entry.getAuthority(), expandPermission(cmisMapping.getReportedPermission(getPermission(entry.getPermission()), - format)), entry.getPosition())); + //answer.addEntry(new CMISAccessControlEntryImpl(entry.getAuthority(), expandPermission(cmisMapping.getReportedPermission(getPermission(entry.getPermission()), + // format)), entry.getPosition())); + merge.addEntry(new CMISAccessControlEntryImpl(entry.getAuthority(), entry.getPermission(), entry.getPosition())); } else if (entry.getAccessStatus() == AccessStatus.DENIED) { - answer.removeEntry(new CMISAccessControlEntryImpl(entry.getAuthority(), expandPermission(cmisMapping.getReportedPermission(getPermission(entry.getPermission()), - format)), entry.getPosition())); + //answer.removeEntry(new CMISAccessControlEntryImpl(entry.getAuthority(), expandPermission(cmisMapping.getReportedPermission(getPermission(entry.getPermission()), + // format)), entry.getPosition())); + merge.removeEntry(new CMISAccessControlEntryImpl(entry.getAuthority(), entry.getPermission(), entry.getPosition())); } } + + CMISAccessControlReportImpl answer = new CMISAccessControlReportImpl(); + for(CMISAccessControlEntry entry : merge.getAccessControlEntries()) + { + CMISAccessControlEntryImpl impl = (CMISAccessControlEntryImpl)entry; + PermissionReference permissionReference = permissionModelDao.getPermissionReference(null, impl.getPermission()); + Set longForms = permissionModelDao.getGranteePermissions(permissionReference); + HashSet shortForms = new HashSet(); + for(PermissionReference longForm : longForms) + { + shortForms.add(getPermission(longForm)); + } + for(Pair toAdd : cmisMapping.getReportedPermissions(impl.getPermission(), shortForms, permissionModelDao.hasFull(permissionReference), impl.getDirect(), format)) + { + answer.addEntry(new CMISAccessControlEntryImpl(impl.getPrincipalId(), expandPermission(toAdd.getFirst()), impl.getPosition(), toAdd.getSecond())); + } + + } return answer; } - private String getPermission(String string) + private String getPermission(PermissionReference permissionReference) { - PermissionReference permissionReference = permissionModelDao.getPermissionReference(null, string); if (permissionModelDao.isUnique(permissionReference)) { return permissionReference.getName(); diff --git a/source/java/org/alfresco/cmis/acl/CMISAccessControlServiceTest.java b/source/java/org/alfresco/cmis/acl/CMISAccessControlServiceTest.java index 9607d060e7..e241b9ae4a 100644 --- a/source/java/org/alfresco/cmis/acl/CMISAccessControlServiceTest.java +++ b/source/java/org/alfresco/cmis/acl/CMISAccessControlServiceTest.java @@ -81,43 +81,48 @@ public class CMISAccessControlServiceTest extends BaseCMISTest CMISAccessControlReport grandParentReport = cmisAccessControlService.getAcl(grandParent, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS); assertFalse(grandParentReport.isExact()); - assertEquals(7, grandParentReport.getAccessControlEntries().size()); - assertTrue(checkCounts(grandParentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 1, 0)); + assertEquals(10, grandParentReport.getAccessControlEntries().size()); + assertTrue(checkCounts(grandParentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 1, 2)); assertTrue(checkCounts(grandParentReport, PermissionService.ALL_AUTHORITIES, 1, 0)); assertTrue(checkCounts(grandParentReport, "ToMask", 1, 0)); - assertTrue(checkCounts(grandParentReport, "Full", 1, 0)); + assertTrue(checkCounts(grandParentReport, "Full", 0, 3)); assertTrue(checkCounts(grandParentReport, "Reader", 1, 0)); assertTrue(checkCounts(grandParentReport, "Writer", 1, 0)); - assertTrue(checkCounts(grandParentReport, "Multi", 1, 0)); + assertTrue(checkAbsent(grandParentReport, "SplitRead")); + assertTrue(checkAbsent(grandParentReport, "SplitWrite")); + assertTrue(checkAbsent(grandParentReport, "DuplicateRead")); + assertTrue(checkAbsent(grandParentReport, "Writer2")); + assertTrue(checkAbsent(grandParentReport, "Multi")); CMISAccessControlReport parentReport = cmisAccessControlService.getAcl(parent, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS); assertFalse(parentReport.isExact()); - assertEquals(9, parentReport.getAccessControlEntries().size()); - assertTrue(checkCounts(parentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 1)); + assertEquals(10, parentReport.getAccessControlEntries().size()); + assertTrue(checkCounts(parentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 3)); assertTrue(checkCounts(parentReport, PermissionService.ALL_AUTHORITIES, 0, 1)); assertTrue(checkAbsent(parentReport, "ToMask")); - assertTrue(checkCounts(parentReport, "Full", 0, 1)); + assertTrue(checkCounts(parentReport, "Full", 0, 3)); assertTrue(checkCounts(parentReport, "Reader", 0, 1)); assertTrue(checkCounts(parentReport, "Writer", 0, 1)); - assertTrue(checkCounts(parentReport, "SplitRead", 1, 0)); - assertTrue(checkCounts(parentReport, "SplitWrite", 1, 0)); + assertTrue(checkAbsent(parentReport, "SplitRead")); + assertTrue(checkAbsent(parentReport, "SplitWrite")); assertTrue(checkCounts(parentReport, "DuplicateRead", 1, 0)); - assertTrue(checkCounts(parentReport, "Multi", 1, 0)); + assertTrue(checkAbsent(parentReport, "Writer2")); + assertTrue(checkAbsent(parentReport, "Multi")); CMISAccessControlReport childReport = cmisAccessControlService.getAcl(child, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS); assertFalse(childReport.isExact()); - assertEquals(12, childReport.getAccessControlEntries().size()); - assertTrue(checkCounts(childReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 1)); + assertEquals(13, childReport.getAccessControlEntries().size()); + assertTrue(checkCounts(childReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 3)); assertTrue(checkCounts(childReport, PermissionService.ALL_AUTHORITIES, 0, 1)); assertTrue(checkAbsent(childReport, "ToMask")); - assertTrue(checkCounts(childReport, "Full", 0, 1)); + assertTrue(checkCounts(childReport, "Full", 0, 3)); assertTrue(checkCounts(childReport, "Reader", 0, 1)); assertTrue(checkCounts(childReport, "Writer", 0, 1)); - assertTrue(checkCounts(childReport, "SplitRead", 1, 0)); - assertTrue(checkCounts(childReport, "SplitWrite", 1, 0)); + assertTrue(checkAbsent(childReport, "SplitRead")); + assertTrue(checkAbsent(childReport, "SplitWrite")); assertTrue(checkCounts(childReport, "DuplicateRead", 1, 0)); assertTrue(checkCounts(childReport, "Writer2", 1, 0)); - assertTrue(checkCounts(childReport, "Multi", 3, 0)); + assertTrue(checkCounts(childReport, "Multi", 2, 0)); } private Set getAllPermissions() @@ -190,43 +195,49 @@ public class CMISAccessControlServiceTest extends BaseCMISTest CMISAccessControlReport grandParentReport = cmisAccessControlService.getAcl(grandParent, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(grandParentReport.isExact()); - assertEquals(7, grandParentReport.getAccessControlEntries().size()); - assertTrue(checkCounts(grandParentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 1, 0)); - assertTrue(checkCounts(grandParentReport, PermissionService.ALL_AUTHORITIES, 1, 0)); - assertTrue(checkCounts(grandParentReport, "ToMask", 1, 0)); - assertTrue(checkCounts(grandParentReport, "Full", 1, 0)); - assertTrue(checkCounts(grandParentReport, "Reader", 1, 0)); - assertTrue(checkCounts(grandParentReport, "Writer", 1, 0)); + assertEquals(17, grandParentReport.getAccessControlEntries().size()); + assertTrue(checkCounts(grandParentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 1, 3)); + assertTrue(checkCounts(grandParentReport, PermissionService.ALL_AUTHORITIES, 1, 1)); + assertTrue(checkCounts(grandParentReport, "ToMask", 1, 1)); + assertTrue(checkCounts(grandParentReport, "Full", 1, 3)); + assertTrue(checkCounts(grandParentReport, "Reader", 1, 1)); + assertTrue(checkCounts(grandParentReport, "Writer", 1, 1)); + assertTrue(checkAbsent(grandParentReport, "SplitRead")); + assertTrue(checkAbsent(grandParentReport, "SplitWrite")); + assertTrue(checkAbsent(grandParentReport, "DuplicateRead")); + assertTrue(checkAbsent(grandParentReport, "Writer2")); assertTrue(checkCounts(grandParentReport, "Multi", 1, 0)); CMISAccessControlReport parentReport = cmisAccessControlService.getAcl(parent, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(parentReport.isExact()); - assertEquals(10, parentReport.getAccessControlEntries().size()); - assertTrue(checkCounts(parentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 1)); - assertTrue(checkCounts(parentReport, PermissionService.ALL_AUTHORITIES, 0, 1)); + assertEquals(20, parentReport.getAccessControlEntries().size()); + assertTrue(checkCounts(parentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 4)); + assertTrue(checkCounts(parentReport, PermissionService.ALL_AUTHORITIES, 0, 2)); assertTrue(checkAbsent(parentReport, "ToMask")); - assertTrue(checkCounts(parentReport, "Full", 0, 1)); - assertTrue(checkCounts(parentReport, "Reader", 0, 1)); - assertTrue(checkCounts(parentReport, "Writer", 0, 1)); + assertTrue(checkCounts(parentReport, "Full", 0, 4)); + assertTrue(checkCounts(parentReport, "Reader", 0, 2)); + assertTrue(checkCounts(parentReport, "Writer", 0, 2)); assertTrue(checkCounts(parentReport, "SplitRead", 1, 0)); assertTrue(checkCounts(parentReport, "SplitWrite", 1, 0)); - assertTrue(checkCounts(parentReport, "DuplicateRead", 1, 0)); + assertTrue(checkCounts(parentReport, "DuplicateRead", 1, 1)); + assertTrue(checkAbsent(grandParentReport, "Writer2")); assertTrue(checkCounts(parentReport, "Multi", 1, 1)); CMISAccessControlReport childReport = cmisAccessControlService.getAcl(child, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(childReport.isExact()); - assertEquals(16, childReport.getAccessControlEntries().size()); - assertTrue(checkCounts(childReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 1)); - assertTrue(checkCounts(childReport, PermissionService.ALL_AUTHORITIES, 0, 1)); + assertEquals(29, childReport.getAccessControlEntries().size()); + assertTrue(checkCounts(childReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 4)); + assertTrue(checkCounts(childReport, PermissionService.ALL_AUTHORITIES, 0, 2)); assertTrue(checkAbsent(childReport, "ToMask")); - assertTrue(checkCounts(childReport, "Full", 0, 1)); - assertTrue(checkCounts(childReport, "Reader", 0, 1)); - assertTrue(checkCounts(childReport, "Writer", 0, 1)); + assertTrue(checkCounts(childReport, "Full", 0, 4)); + assertTrue(checkCounts(childReport, "Reader", 0, 2)); + assertTrue(checkCounts(childReport, "Writer", 0, 2)); assertTrue(checkCounts(childReport, "SplitRead", 1, 1)); assertTrue(checkCounts(childReport, "SplitWrite", 1, 1)); - assertTrue(checkCounts(childReport, "DuplicateRead", 1, 0)); - assertTrue(checkCounts(childReport, "Multi", 3, 2)); - assertTrue(checkCounts(childReport, "Writer2", 1, 0)); + assertTrue(checkCounts(childReport, "DuplicateRead", 1, 1)); + assertTrue(checkCounts(childReport, "Writer2", 1, 1)); + assertTrue(checkCounts(childReport, "Multi", 3, 4)); + } private void createTestAcls() @@ -395,7 +406,7 @@ public class CMISAccessControlServiceTest extends BaseCMISTest CMISAccessControlReport grandParentReport = cmisAccessControlService.applyAcl(grandParent, null, acesToAdd, CMISAclPropagationEnum.PROPAGATE, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(grandParentReport.isExact()); - assertEquals(6, grandParentReport.getAccessControlEntries().size()); + assertEquals(16, grandParentReport.getAccessControlEntries().size()); List acesToRemove = new ArrayList(); acesToRemove.add(new CMISAccessControlEntryImpl("ToMask", PermissionService.READ)); @@ -403,7 +414,7 @@ public class CMISAccessControlServiceTest extends BaseCMISTest grandParentReport = cmisAccessControlService.applyAcl(grandParent, acesToRemove, null, CMISAclPropagationEnum.PROPAGATE, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(grandParentReport.isExact()); - assertEquals(5, grandParentReport.getAccessControlEntries().size()); + assertEquals(14, grandParentReport.getAccessControlEntries().size()); try { @@ -423,7 +434,7 @@ public class CMISAccessControlServiceTest extends BaseCMISTest CMISAccessControlReport parentReport = cmisAccessControlService.applyAcl(parent, null, acesToAdd, CMISAclPropagationEnum.PROPAGATE, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(parentReport.isExact()); - assertEquals(8, parentReport.getAccessControlEntries().size()); + assertEquals(18, parentReport.getAccessControlEntries().size()); acesToAdd = new ArrayList(); acesToAdd.add(new CMISAccessControlEntryImpl("SplitRead", PermissionService.READ_CONTENT)); @@ -434,31 +445,31 @@ public class CMISAccessControlServiceTest extends BaseCMISTest CMISAccessControlReport childReport = cmisAccessControlService.applyAcl(child, null, acesToAdd, CMISAclPropagationEnum.PROPAGATE, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(childReport.isExact()); - assertEquals(11, childReport.getAccessControlEntries().size()); + assertEquals(22, childReport.getAccessControlEntries().size()); grandParentReport = cmisAccessControlService.getAcl(grandParent, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS); assertFalse(grandParentReport.isExact()); - assertEquals(5, grandParentReport.getAccessControlEntries().size()); + assertEquals(9, grandParentReport.getAccessControlEntries().size()); parentReport = cmisAccessControlService.getAcl(parent, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS); assertFalse(parentReport.isExact()); - assertEquals(8, parentReport.getAccessControlEntries().size()); + assertEquals(10, parentReport.getAccessControlEntries().size()); childReport = cmisAccessControlService.getAcl(child, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS); assertFalse(childReport.isExact()); - assertEquals(9, childReport.getAccessControlEntries().size()); + assertEquals(11, childReport.getAccessControlEntries().size()); grandParentReport = cmisAccessControlService.getAcl(grandParent, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(grandParentReport.isExact()); - assertEquals(5, grandParentReport.getAccessControlEntries().size()); + assertEquals(14, grandParentReport.getAccessControlEntries().size()); parentReport = cmisAccessControlService.getAcl(parent, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(parentReport.isExact()); - assertEquals(8, parentReport.getAccessControlEntries().size()); + assertEquals(18, parentReport.getAccessControlEntries().size()); childReport = cmisAccessControlService.getAcl(child, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(childReport.isExact()); - assertEquals(11, childReport.getAccessControlEntries().size()); + assertEquals(22, childReport.getAccessControlEntries().size()); acesToAdd = new ArrayList(); acesToAdd.add(new CMISAccessControlEntryImpl("CMISReader", CMISAccessControlService.CMIS_READ_PERMISSION)); @@ -467,15 +478,15 @@ public class CMISAccessControlServiceTest extends BaseCMISTest childReport = cmisAccessControlService.applyAcl(child, null, acesToAdd, CMISAclPropagationEnum.PROPAGATE, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(childReport.isExact()); - assertEquals(14, childReport.getAccessControlEntries().size()); + assertEquals(30, childReport.getAccessControlEntries().size()); childReport = cmisAccessControlService.applyAcl(child, acesToAdd, acesToAdd, CMISAclPropagationEnum.PROPAGATE, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(childReport.isExact()); - assertEquals(14, childReport.getAccessControlEntries().size()); + assertEquals(30, childReport.getAccessControlEntries().size()); childReport = cmisAccessControlService.applyAcl(child, acesToAdd, null, CMISAclPropagationEnum.PROPAGATE, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS); assertFalse(childReport.isExact()); - assertEquals(11, childReport.getAccessControlEntries().size()); + assertEquals(22, childReport.getAccessControlEntries().size()); try { diff --git a/source/java/org/alfresco/cmis/mapping/CMISMapping.java b/source/java/org/alfresco/cmis/mapping/CMISMapping.java index cd69fd3aff..64bceee234 100644 --- a/source/java/org/alfresco/cmis/mapping/CMISMapping.java +++ b/source/java/org/alfresco/cmis/mapping/CMISMapping.java @@ -19,6 +19,8 @@ package org.alfresco.cmis.mapping; import java.io.Serializable; +import java.util.ArrayList; +import java.util.Collection; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; @@ -47,6 +49,7 @@ import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.security.PermissionService; import org.alfresco.service.namespace.NamespaceService; import org.alfresco.service.namespace.QName; +import org.alfresco.util.Pair; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.beans.factory.InitializingBean; @@ -109,10 +112,6 @@ public class CMISMapping implements InitializingBean private Map>> actionEvaluators = new HashMap>>(); - private Set cmisRead = new HashSet(); - private Set cmisWrite = new HashSet(); - - /* * (non-Javadoc) * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet() @@ -277,14 +276,6 @@ public class CMISMapping implements InitializingBean registerEvaluator(CMISScope.POLICY, new FixedValueActionEvaluator(serviceRegistry, CMISAllowedActionEnum.CAN_GET_ACL, false)); registerEvaluator(CMISScope.POLICY, new FixedValueActionEvaluator(serviceRegistry, CMISAllowedActionEnum.CAN_APPLY_ACL, false)); - cmisRead.add(PermissionService.READ_PROPERTIES); - cmisRead.add(PermissionService.READ_CONTENT); - cmisRead.add(PermissionService.READ); - - cmisWrite.add(PermissionService.WRITE_PROPERTIES); - cmisWrite.add(PermissionService.WRITE_CONTENT); - cmisWrite.add(PermissionService.WRITE); - } @@ -796,35 +787,97 @@ public class CMISMapping implements InitializingBean logger.debug("Registered Action Evaluator: scope=" + scope + ", evaluator=" + evaluator); } - - /** - * @param permission - * @param format - * @return - */ - public String getReportedPermission(String permission, CMISAccessControlFormatEnum format) + public Collection> getReportedPermissions(String permission, Set permissions, boolean hasFull, boolean isDirect, CMISAccessControlFormatEnum format) { + ArrayList> answer = new ArrayList>(20); + // indirect + + if(hasFull) + { + answer.add(new Pair(CMISAccessControlService.CMIS_READ_PERMISSION, false)); + answer.add(new Pair(CMISAccessControlService.CMIS_WRITE_PERMISSION, false)); + answer.add(new Pair(CMISAccessControlService.CMIS_ALL_PERMISSION, false)); + } + + for(String perm : permissions) + { + if(PermissionService.READ.equals(perm)) + { + answer.add(new Pair(CMISAccessControlService.CMIS_READ_PERMISSION, false)); + } + else if(PermissionService.WRITE.equals(perm)) + { + answer.add(new Pair(CMISAccessControlService.CMIS_WRITE_PERMISSION, false)); + } + else if(PermissionService.ALL_PERMISSIONS.equals(perm)) + { + answer.add(new Pair(CMISAccessControlService.CMIS_READ_PERMISSION, false)); + answer.add(new Pair(CMISAccessControlService.CMIS_WRITE_PERMISSION, false)); + answer.add(new Pair(CMISAccessControlService.CMIS_ALL_PERMISSION, false)); + } + + if(hasFull) + { + answer.add(new Pair(CMISAccessControlService.CMIS_READ_PERMISSION, false)); + answer.add(new Pair(CMISAccessControlService.CMIS_WRITE_PERMISSION, false)); + answer.add(new Pair(CMISAccessControlService.CMIS_ALL_PERMISSION, false)); + } + } + + // permission + if(format == CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS) { - return permission; - } - else - { - if(cmisRead.contains(permission)) + if(PermissionService.READ.equals(permission)) { - return CMISAccessControlService.CMIS_READ_PERMISSION; + answer.add(new Pair(CMISAccessControlService.CMIS_READ_PERMISSION, false)); + answer.add(new Pair(permission, isDirect)); } - else if(cmisWrite.contains(permission)) + else if(PermissionService.WRITE.equals(permission)) { - return CMISAccessControlService.CMIS_WRITE_PERMISSION; + answer.add(new Pair(CMISAccessControlService.CMIS_WRITE_PERMISSION, false)); + answer.add(new Pair(permission, isDirect)); + } + else if(PermissionService.ALL_PERMISSIONS.equals(permission)) + { + answer.add(new Pair(CMISAccessControlService.CMIS_ALL_PERMISSION, false)); + answer.add(new Pair(permission, isDirect)); } else { - return CMISAccessControlService.CMIS_ALL_PERMISSION; + answer.add(new Pair(permission, isDirect)); } } + else if(format == CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS) + { + if(PermissionService.READ.equals(permission)) + { + answer.add(new Pair(CMISAccessControlService.CMIS_READ_PERMISSION, isDirect)); + } + else if(PermissionService.WRITE.equals(permission)) + { + answer.add(new Pair(CMISAccessControlService.CMIS_WRITE_PERMISSION, isDirect)); + } + else if(PermissionService.ALL_PERMISSIONS.equals(permission)) + { + answer.add(new Pair(CMISAccessControlService.CMIS_ALL_PERMISSION, isDirect)); + } + else + { + // else nothing + } + } + + + + return answer; } + + /** + * @param permission + * @return permission to set + */ public String getSetPermission(String permission) { if(permission.equals(CMISAccessControlService.CMIS_READ_PERMISSION))