inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merging BRANCHES/DEV/CMIS_10 to HEAD:

Browse Source 
17717: This check-in contains changes in Java and .NET TCK tests related to CMIS-43  and CMIS-44 JIRA tasks. Also some bugs were faced out and fixed in 
   17727: CMIS-69: Alfresco to CMIS ACL mapping: Part 1: API
   17732: Merge HEAD to DEV/CMIS10
   17756: MOB-563: SQL Tests - Lexer
   17764: CMIS-69: Alfresco to CMIS ACL mapping: get ACL support
   17802: More for CMIS-69: Alfresco to CMIS ACL mapping. Implementation for applyAcl.
   17830: Fixes for CMIS lexer and parser tests
   17838: Access fix ups for access by the WS/Rest layers
   17869: 1) remote-api:
   17874: SAIL-146: Alfresco to CMIS ACL mapping: Support to group ACEs by principal id
   17883: Adjust version properties for dev/cmis10 branch.
   17885: Update OASIS CMIS TC status.
   17889: Fix issue where objectid is not rendered correctly for CMIS private working copies.
   17890: SAIL-146: Alfresco to CMIS ACL mapping: Fixes for ACL merging when reporting and ordering of ACEs. Report full permissions and not unique short names.
   17902: Fix issue where CMIS queries via GET used incorrect defaults for paging.
   17909: Fix CMIS link relations for folder tree.
   17912: Fix CMIS type descendants atompub link
   17922: Update AtomPub binding to CMIS 1.0 CD05 XSDs.
   17924: SAIL-146: Alfresco to CMIS ACL mapping: Test set using full permissions (as opposed to short unique names)
   17927: Fix content stream create/update status to comply with CMIS 1.0 CD05.
   17934: Resolve encoding issues in CMIS AtomPub binding.
   17973: SAIL-171: CMIS Renditions REST binding
   17975: SAIL-146: Alfresco to CMIS ACL mapping: Completed AllowedAction and Permissions mapping. Added missing canDeleteTree.
   17990: Update CMIS AtomPub to CD06
   17996: Updates for cmis.alfresco.com for CD06 in prep for public review 2.
   18007: WS-Bindings were updated with CMIS 1.0 cd06 changes.
   18016: CMIS web services: Add missing generated files from WSDL
   18018: CMIS index page updates for cmis.alfresco.com
   18041: Merged HEAD to DEV/CMIS_10
   18059: SAIL-227:
   18067: SAIL-157: Strict vs Non-Strict Query Language: Enforce restrictions on the use of SCORE() and CONTAINS()
   18080: Fix for SAIL-213:Bug: Query engine does not check that select list properties are valid for selectors
   18131: SAIL-156: Query Language Compliance: Fix support for LIKE, including escaping of '%' and '_' with '\'.
   18132: SAIL-156: Query Language Compliance: Fix support for LIKE, including escaping of '%' and '_' with '\': Fix underlying lucene impl for prefix and fuzzy queries to match wildcard/like
   18143: SAIL-156: Query Language Compliance: Fix and check qualifiers in IN_TREE and IN_FOLDER. Improved scoring for CONTAINS()
   18173: SAIL-245: Exclude thumbnails from normal query results
   18179: SAIL 214: Query Language Compliance: Check for valid object ids in IN_FOLDER and IN_TREE
   18210: SAIL-156:  Query Language Compliance: Support for simple column aliases in predicates/function arguments/embedded FTS. Check property/selector binding in embedded FTS.
   18211: SAIL-156:  Query Language Compliance: Support for simple column aliases in predicates/function arguments/embedded FTS. Check property/selector binding in embedded FTS.
   18215: SAIL 156: Query Language Compliance: Fix CMIS type info to reflect the underlying settings of the Alfresco type for includeInSuperTypeQuery
   18244: SAIL 156: Query Language Compliance: includeInSuperTypeQuery -> includedInSuperTypeQuery: First cut of cmis query test model. Fixed modelSchema.xml to validate
   18255: SAIL 156: Query Language Compliance: First set of tests for predicates using properties mapped to CMIS Strings.
   18261: CMIS-49 SAIL-163: Alfresco to CMIS Change Log mapping - New CMIS Audit mapping is implemented. ChangeLogDataExtractor was added.
   18263: Build Fix
   18285: SAIL 156: Query Language Compliance: Restrictions on predicates that may be used by single-valued and multi-valued properties
   18287: SAIL-186: Changes to make CMIS Rendition REST bindings pass new TCK tests
   18291: Fix Eclipse classpath problems
   18323: CMIS-44 SAIL-187: Change Log tests (WS) – Java and .NET tests for change log were implemented.
   18325: SAIL 156: Query Language Compliance: Fixes and tests for d:mltext mappings
   18329: Updated Chemistry TCK jar including Dave W's rendition tests.
   18333: Fix compile error - spurious imports.
   18334: Fix issue where absurl web script method failed when deployed to root context.
   18339: Update CMIS index page for start of public review 2.
   18387: SAIL-147: CMIS ACL REST bindings + framework fixes
   18392: Fix typo
   18394: SAIL 156: Query Language Compliance: Fixes and tests for d:<numeric>
   18406: SAIL 156: Query Language Compliance: Remaining type/predicate combinations. Restriction of In/Comparisons for ID/Boolean
   18408: CMIS Query language - remove (pointless) multi-valued column from language definition
   18409: Formatting change for CMIS.g
   18410: Formatting change for FTS.g
   18411: CMIS TCK tests were updated to CMIS 1.0 cd06 schemas.
   18412: SAIL 156: Query Language Compliance: Tests and fixes for aliases for all data types in simple predicates (they behave as the direct column reference)
   18417: Update Chemistry TCK which now incorporates Dave W's ACL tests.
   18419: Update CMIS index page to include public review end date.
   18427: SAIL 156: Query Language Compliance: Expose multi-valued properties in queries. Tests for all accessors. Fix content length to be long.
   18435: SAIL 156: Query Language Compliance: Use queryable correctly and fix up model mappings. Add tests for baseTypeId, contentStreamId and path.
   18472: SAIL 156: Query Language Compliance: Tests and fixes for FTS/Contains expressions. Adhere strictly to the spec - no extensions available by default. Improved FTS error reporting (and stop any recovery).
   18477: SAIL-164: CMIS change log REST bindings
   18495: SAIL 156: Query Language Compliance: Tests and fixes for escaping in string literals, LIKE and FTS expressions.
   18537: SAIL 156: Query Language Compliance: Sorting support. Basic sort test for all orderable/indexed CMIS properties.
   18538: SAIL-164: CMIS change log fixes for TCK compliance
   18547: SAIL 156: Query Language Compliance: Ordering tests for all datatypes, including null values. 
   18582: Incorporate latest Chemistry TCK
   18583: Update list of supported CMIS capabilities in index page.
   18606: SAIL-156, SAIL-157, SAIL-158: Query Language Compliance: Respect all query options including locale. Fixes and tests for MLText cross language support.
   18608: SAIL-159: Java / Javascript API access to CMIS Query Language
   18617: SAIL-158: Query Tests: Check policy and relationship types are not queryable.
   18636: SAIL-184: ACL tests (WS) 
   18663: ACL tests were updated in accordance with last requirements by David Caruana.
   18680: Update to CMIS CD07
   18681: Fix CMIS ContentStreamId property when document has no content.
   18700: CMIS: Head merge problem resolution.

Phase 1: Merge up to and including revision 18700, as this the point where both AtomPub and Web Services TCK tests succeed completely on dev branch.

Note: includes CMIS rendition support ready for integration and testing with DM renditions.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18790 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
David Caruana
2010-02-23 17:23:42 +00:00
parent 8cbdacb18b
commit 575c970565
155 changed files with 33014 additions and 17420 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
source/java/org/alfresco/cmis/acl/CMISAccessControlEntriesGroupedByPrincipalIdImpl.java Normal file
View File

@@ -0,0 +1,93 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.cmis.acl;
import java.util.ArrayList;
import java.util.List;
import org.alfresco.cmis.CMISAccessControlEntriesGroupedByPrincipalId;
import org.alfresco.cmis.CMISAccessControlEntry;
import org.alfresco.cmis.CMISConstraintException;
/**
* @author andyh
*
*/
public class CMISAccessControlEntriesGroupedByPrincipalIdImpl implements CMISAccessControlEntriesGroupedByPrincipalId
{
private String principalId;
private List<String> directPermissions = new ArrayList<String>();
private List<String> indirectPermissions = new ArrayList<String>();
/*package */ CMISAccessControlEntriesGroupedByPrincipalIdImpl(String principalId)
{
this.principalId = principalId;
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlEntriesGroupedByPrincipalId#getDirectPermissions()
*/
public List<String> getDirectPermissions()
{
return directPermissions;
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlEntriesGroupedByPrincipalId#getInirectPermissions()
*/
public List<String> getIndirectPermissions()
{
return indirectPermissions;
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlEntriesGroupedByPrincipalId#getPrincipalId()
*/
public String getPrincipalId()
{
return principalId;
}
/* package */ void addEntry(CMISAccessControlEntry entry)
{
if(!principalId.equals(entry.getPrincipalId()))
{
throw new CMISConstraintException("Grouping error in principal id");
}
if(entry.getDirect())
{
directPermissions.add(entry.getPermission());
}
else
{
indirectPermissions.add(entry.getPermission());
}
}
}

156
source/java/org/alfresco/cmis/acl/CMISAccessControlEntryImpl.java Normal file
View File

@@ -0,0 +1,156 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.cmis.acl;
import org.alfresco.cmis.CMISAccessControlEntry;
/**
* @author andyh
*
*/
public class CMISAccessControlEntryImpl implements CMISAccessControlEntry
{
private String principalId;
private String permission;
private int position;
/*package*/ CMISAccessControlEntryImpl(String principalId, String permission, int position)
{
this.principalId = principalId;
this.permission = permission;
this.position = position;
}
/**
* Can be used for external calls to add or delete aces.
* (All must be at position 0 === directly set on the object)
*
* @param principalId
* @param permission
*/
public CMISAccessControlEntryImpl(String principalId, String permission)
{
this(principalId, permission, 0);
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlEntry#getDirect()
*/
public boolean getDirect()
{
return position == 0;
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlEntry#getPermission()
*/
public String getPermission()
{
return permission;
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlEntry#getPrincipalId()
*/
public String getPrincipalId()
{
return principalId;
}
/**
* @return the position
*/
public int getPosition()
{
return position;
}
/* (non-Javadoc)
* @see java.lang.Object#hashCode()
*/
@Override
public int hashCode()
{
final int prime = 31;
int result = 1;
result = prime * result + ((permission == null) ? 0 : permission.hashCode());
result = prime * result + position;
result = prime * result + ((principalId == null) ? 0 : principalId.hashCode());
return result;
}
/* (non-Javadoc)
* @see java.lang.Object#equals(java.lang.Object)
*/
@Override
public boolean equals(Object obj)
{
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
final CMISAccessControlEntryImpl other = (CMISAccessControlEntryImpl) obj;
if (permission == null)
{
if (other.permission != null)
return false;
}
else if (!permission.equals(other.permission))
return false;
if (position != other.position)
return false;
if (principalId == null)
{
if (other.principalId != null)
return false;
}
else if (!principalId.equals(other.principalId))
return false;
return true;
}
/* (non-Javadoc)
* @see java.lang.Object#toString()
*/
@Override
public String toString()
{
StringBuilder builder = new StringBuilder();
builder.append("[");
builder.append(getPrincipalId()).append(", ");
builder.append(getPermission()).append(", ");
builder.append(getPosition()).append(", ");
builder.append(getDirect()).append("]");
return builder.toString();
}
}

113
source/java/org/alfresco/cmis/acl/CMISAccessControlReportImpl.java Normal file
View File

@@ -0,0 +1,113 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.cmis.acl;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import org.alfresco.cmis.CMISAccessControlEntriesGroupedByPrincipalId;
import org.alfresco.cmis.CMISAccessControlEntry;
import org.alfresco.cmis.CMISAccessControlReport;
/**
* A simple CMIS access control report
*
* @author andyh
*
*/
public class CMISAccessControlReportImpl implements CMISAccessControlReport
{
private ArrayList<CMISAccessControlEntry> entries = new ArrayList<CMISAccessControlEntry>();
private boolean extract = false;
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlReport#getAccessControlEntries()
*/
public List<CMISAccessControlEntry> getAccessControlEntries()
{
return entries;
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlReport#isExtract()
*/
public boolean isExtract()
{
return extract;
}
/**
* Set extract.
* @param extract
*/
public void setExtract(boolean extract)
{
this.extract = extract;
}
/*package*/ void addEntry(CMISAccessControlEntry entry)
{
removeEntry(entry);
entries.add(entry);
}
/*package*/ void removeEntry(CMISAccessControlEntry entry)
{
for(int i = 0; i < entries.size(); i++)
{
CMISAccessControlEntry current = entries.get(i);
if(current.getPrincipalId().equals(entry.getPrincipalId()) && current.getPermission().equals(entry.getPermission()))
{
entries.remove(i);
i--;
}
}
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlReport#getAccessControlEntriesGroupedByPrincipalId()
*/
public List<? extends CMISAccessControlEntriesGroupedByPrincipalId> getAccessControlEntriesGroupedByPrincipalId()
{
HashMap<String, CMISAccessControlEntriesGroupedByPrincipalIdImpl> grouped = new HashMap<String, CMISAccessControlEntriesGroupedByPrincipalIdImpl>();
for(CMISAccessControlEntry entry : getAccessControlEntries())
{
CMISAccessControlEntriesGroupedByPrincipalIdImpl value = grouped.get(entry.getPrincipalId());
if(value == null)
{
value = new CMISAccessControlEntriesGroupedByPrincipalIdImpl(entry.getPrincipalId());
grouped.put(entry.getPrincipalId(), value);
}
value.addEntry(entry);
}
ArrayList<CMISAccessControlEntriesGroupedByPrincipalIdImpl> answer = new ArrayList<CMISAccessControlEntriesGroupedByPrincipalIdImpl>(grouped.values());
return answer;
}
}

492
source/java/org/alfresco/cmis/acl/CMISAccessControlServiceImpl.java Normal file
View File

@@ -0,0 +1,492 @@
/*
* Copyright (C) 2005-2010 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have received a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.cmis.acl;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.EnumSet;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.alfresco.cmis.CMISAccessControlEntry;
import org.alfresco.cmis.CMISAccessControlFormatEnum;
import org.alfresco.cmis.CMISAccessControlReport;
import org.alfresco.cmis.CMISAccessControlService;
import org.alfresco.cmis.CMISAclCapabilityEnum;
import org.alfresco.cmis.CMISAclPropagationEnum;
import org.alfresco.cmis.CMISAclSupportedPermissionEnum;
import org.alfresco.cmis.CMISAllowedActionEnum;
import org.alfresco.cmis.CMISConstraintException;
import org.alfresco.cmis.CMISDictionaryService;
import org.alfresco.cmis.CMISPermissionDefinition;
import org.alfresco.cmis.CMISPermissionMapping;
import org.alfresco.cmis.CMISTypeDefinition;
import org.alfresco.cmis.mapping.CMISMapping;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.repo.security.permissions.impl.AccessPermissionImpl;
import org.alfresco.repo.security.permissions.impl.ModelDAO;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AccessPermission;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.namespace.QName;
/**
* @author andyh
*/
public class CMISAccessControlServiceImpl implements CMISAccessControlService
{
private CMISAclCapabilityEnum aclCapabilityEnum;
private CMISAclSupportedPermissionEnum aclSupportedPermissionEnum;
private CMISAclPropagationEnum aclPropagationEnum;
private ModelDAO permissionModelDao;
private PermissionService permissionService;
private CMISMapping cmisMapping;
private NodeService nodeService;
private CMISDictionaryService cmisDictionaryService;
/**
* @param aclCapabilityEnum
* the aclCapabilityEnum to set
*/
public void setAclCapabilityEnum(CMISAclCapabilityEnum aclCapabilityEnum)
{
this.aclCapabilityEnum = aclCapabilityEnum;
}
/**
* Sets the acl supported permission enum.
*
* @param aclSupportedPermissionEnum
* the aclSupportedPermissionEnum to set
*/
public void setAclSupportedPermissionEnum(CMISAclSupportedPermissionEnum aclSupportedPermissionEnum)
{
this.aclSupportedPermissionEnum = aclSupportedPermissionEnum;
}
/**
* @param aclPropagationEnum
* the aclPropagationEnum to set
*/
public void setAclPropagationEnum(CMISAclPropagationEnum aclPropagationEnum)
{
this.aclPropagationEnum = aclPropagationEnum;
}
/**
* @param permissionModelDao
* the permissionModelDao to set
*/
public void setPermissionModelDao(ModelDAO permissionModelDao)
{
this.permissionModelDao = permissionModelDao;
}
/**
* @param permissionService
* the permissionService to set
*/
public void setPermissionService(PermissionService permissionService)
{
this.permissionService = permissionService;
}
/**
* Sets the cmis mapping.
*
* @param cmisMapping
* the cmis mapping
*/
public void setCMISMapping(CMISMapping cmisMapping)
{
this.cmisMapping = cmisMapping;
}
/**
* @param nodeService
* the nodeService to set
*/
public void setNodeService(NodeService nodeService)
{
this.nodeService = nodeService;
}
/**
* @param cmisDictionaryService
* the cmisDictionaryService to set
*/
public void setCMISDictionaryService(CMISDictionaryService cmisDictionaryService)
{
this.cmisDictionaryService = cmisDictionaryService;
}
/*
* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlService#applyAcl(org.alfresco.service.cmr.repository.NodeRef,
* java.util.List)
*/
public CMISAccessControlReport applyAcl(NodeRef nodeRef, List<CMISAccessControlEntry> acesToApply)
{
Set<CMISAccessControlEntry> acesToAdd = new LinkedHashSet<CMISAccessControlEntry>(acesToApply);
List<? extends CMISAccessControlEntry> acesExisting = getAcl(nodeRef,
CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS).getAccessControlEntries();
List<CMISAccessControlEntry> acesToRemove = new ArrayList<CMISAccessControlEntry>(acesExisting.size());
for (CMISAccessControlEntry accessControlEntry : acesExisting)
{
// Only pay attention to existing direct entries
if (accessControlEntry.getDirect() && !acesToAdd.remove(accessControlEntry))
{
acesToRemove.add(accessControlEntry);
}
}
return applyAcl(nodeRef, acesToRemove, new ArrayList<CMISAccessControlEntry>(acesToAdd),
CMISAclPropagationEnum.PROPAGATE,
CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
}
/*
* (non-Javadoc)
*
* @see org.alfresco.cmis.CMISAccessControlService#applyAcl(org.alfresco.service.cmr.repository.NodeRef,
* java.util.List, java.util.List, org.alfresco.cmis.CMISAclPropagationEnum)
*/
public CMISAccessControlReport applyAcl(NodeRef nodeRef, List<CMISAccessControlEntry> acesToRemove, List<CMISAccessControlEntry> acesToAdd, CMISAclPropagationEnum propagation,
CMISAccessControlFormatEnum format)
{
if (propagation != CMISAclPropagationEnum.PROPAGATE)
{
throw new CMISConstraintException("Unsupported ACL propagation mode: " + propagation);
}
// Check controllable ACL
QName type = nodeService.getType(nodeRef);
CMISTypeDefinition cmisType = cmisDictionaryService.findTypeForClass(type);
if (false == cmisType.isControllableACL())
{
throw new CMISConstraintException("ACLs are not supported for type: " + cmisType.getDisplayName());
}
// TODO: Check valid permissions. We do not check this internally. Ignore for now ...
if (acesToRemove != null)
{
Set<AccessPermission> permissions = permissionService.getAllSetPermissions(nodeRef);
for (CMISAccessControlEntry entry : acesToRemove)
{
String alfrescoPermission = cmisMapping.getSetPermission(compressPermission(entry.getPermission()));
AccessPermission toCheck = new AccessPermissionImpl(alfrescoPermission, AccessStatus.ALLOWED, entry.getPrincipalId(), 0);
if (false == permissions.contains(toCheck))
{
throw new CMISConstraintException("No matching ACE found to delete");
}
permissionService.deletePermission(nodeRef, entry.getPrincipalId(), alfrescoPermission);
}
}
if (acesToAdd != null)
{
for (CMISAccessControlEntry entry : acesToAdd)
{
String alfrescoPermission = cmisMapping.getSetPermission(compressPermission(entry.getPermission()));
permissionService.setPermission(nodeRef, entry.getPrincipalId(), alfrescoPermission, true);
}
}
return getAcl(nodeRef, format);
}
/*
* (non-Javadoc)
*
* @see org.alfresco.cmis.CMISAccessControlService#getAcl(org.alfresco.service.cmr.repository.NodeRef,
* org.alfresco.cmis.CMISAccessControlFormatEnum)
*/
public CMISAccessControlReport getAcl(NodeRef nodeRef, CMISAccessControlFormatEnum format)
{
CMISAccessControlReportImpl answer = new CMISAccessControlReportImpl();
// Need to compact deny to mask correctly
Set<AccessPermission> permissions = permissionService.getAllSetPermissions(nodeRef);
ArrayList<AccessPermission> ordered = new ArrayList<AccessPermission>();
AccessPermissionComparator comparator = new AccessPermissionComparator();
for (AccessPermission current : permissions)
{
int index = Collections.binarySearch(ordered, current, comparator);
if (index < 0)
{
ordered.add(-index - 1, current);
}
}
for (AccessPermission entry : ordered)
{
if (entry.getAccessStatus() == AccessStatus.ALLOWED)
{
answer.addEntry(new CMISAccessControlEntryImpl(entry.getAuthority(), expandPermission(cmisMapping.getReportedPermission(getPermission(entry.getPermission()),
format)), entry.getPosition()));
}
else if (entry.getAccessStatus() == AccessStatus.DENIED)
{
answer.removeEntry(new CMISAccessControlEntryImpl(entry.getAuthority(), expandPermission(cmisMapping.getReportedPermission(getPermission(entry.getPermission()),
format)), entry.getPosition()));
}
}
return answer;
}
private String getPermission(String string)
{
PermissionReference permissionReference = permissionModelDao.getPermissionReference(null, string);
if (permissionModelDao.isUnique(permissionReference))
{
return permissionReference.getName();
}
else
{
return permissionReference.toString();
}
}
private String expandPermission(String permission)
{
if (permission.equals(CMIS_ALL_PERMISSION))
{
return permission;
}
else if (permission.equals(CMIS_READ_PERMISSION))
{
return permission;
}
else if (permission.equals(CMIS_WRITE_PERMISSION))
{
return permission;
}
else if (permission.startsWith("{"))
{
return permission;
}
else
{
PermissionReference permissionReference = permissionModelDao.getPermissionReference(null, permission);
return permissionReference.toString();
}
}
private String compressPermission(String permission) {
int sepIndex;
if (permission.equals(CMIS_ALL_PERMISSION) || permission.equals(CMIS_READ_PERMISSION)
|| permission.equals(CMIS_WRITE_PERMISSION) || !permission.startsWith("{")
|| (sepIndex = permission.lastIndexOf('.')) == -1) {
return permission;
}
return permission.substring(sepIndex + 1);
}
/*
* (non-Javadoc)
*
* @see org.alfresco.cmis.CMISAccessControlService#getAclCapability()
*/
public CMISAclCapabilityEnum getAclCapability()
{
return aclCapabilityEnum;
}
/**
* Set the acl capability enum.
*
* @param aclCapabilityEnum
*/
public void setAclCapability(CMISAclCapabilityEnum aclCapabilityEnum)
{
this.aclCapabilityEnum = aclCapabilityEnum;
}
/*
* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlService#getSupportedPermissions()
*/
public CMISAclSupportedPermissionEnum getSupportedPermissions()
{
return this.aclSupportedPermissionEnum;
}
/**
* Sets the supported permissions.
*
* @param aclSupportedPermissionEnum
* the supported permissions
*/
public void setSupportedPermissions(CMISAclSupportedPermissionEnum aclSupportedPermissionEnum)
{
this.aclSupportedPermissionEnum = aclSupportedPermissionEnum;
}
/*
* (non-Javadoc)
*
* @see org.alfresco.cmis.CMISAccessControlService#getAclPropagation()
*/
public CMISAclPropagationEnum getAclPropagation()
{
return aclPropagationEnum;
}
/**
* Set the acl propagation enum.
*
* @param aclPropagationEnum
*/
public void setAclPropagation(CMISAclPropagationEnum aclPropagationEnum)
{
this.aclPropagationEnum = aclPropagationEnum;
}
/*
* (non-Javadoc)
*
* @see org.alfresco.cmis.CMISAccessControlService#getPermissionMappings()
*/
public List<? extends CMISPermissionMapping> getPermissionMappings()
{
ArrayList<CMISPermissionMappingImpl> mappings = new ArrayList<CMISPermissionMappingImpl>();
for(CMISAllowedActionEnum e : EnumSet.allOf(CMISAllowedActionEnum.class))
{
Map<String, List<String>> enumMappings = e.getPermissionMapping();
for(String key : enumMappings.keySet())
{
List<String> list = enumMappings.get(key);
CMISPermissionMappingImpl mapping = new CMISPermissionMappingImpl(key, list);
mappings.add(mapping);
}
}
return mappings;
}
/*
* (non-Javadoc)
*
* @see org.alfresco.cmis.CMISAccessControlService#getRepositoryPermissions()
*/
public List<CMISPermissionDefinition> getRepositoryPermissions()
{
ArrayList<CMISPermissionDefinition> answer = new ArrayList<CMISPermissionDefinition>();
PermissionReference allPermission = permissionModelDao.getPermissionReference(null, PermissionService.ALL_PERMISSIONS);
Set<PermissionReference> all = permissionModelDao.getAllExposedPermissions();
for (PermissionReference pr : all)
{
addPermissionDefinition(answer, pr);
}
// Add All
addPermissionDefinition(answer, allPermission);
// Add CMIS permissions
answer.add(new CMISPermissionDefinitionImpl(CMIS_ALL_PERMISSION));
answer.add(new CMISPermissionDefinitionImpl(CMIS_READ_PERMISSION));
answer.add(new CMISPermissionDefinitionImpl(CMIS_WRITE_PERMISSION));
return answer;
}
/*
* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlService#getPrincipalAnonymous()
*/
public String getPrincipalAnonymous()
{
return AuthenticationUtil.getGuestUserName();
}
/*
* (non-Javadoc)
* @see org.alfresco.cmis.CMISAccessControlService#getPrincipalAnyone()
*/
public String getPrincipalAnyone()
{
return PermissionService.ALL_AUTHORITIES;
}
private void addPermissionDefinition(ArrayList<CMISPermissionDefinition> list, PermissionReference pr)
{
CMISPermissionDefinitionImpl def = new CMISPermissionDefinitionImpl(getPermissionString(pr));
list.add(def);
}
private String getPermissionString(PermissionReference pr)
{
StringBuilder builder = new StringBuilder();
builder.append(pr.getQName().toString());
builder.append(".");
builder.append(pr.getName());
return builder.toString();
}
public static class AccessPermissionComparator implements Comparator<AccessPermission>
{
/*
* (non-Javadoc)
*
* @see java.util.Comparator#compare(java.lang.Object, java.lang.Object)
*/
public int compare(AccessPermission left, AccessPermission right)
{
if (left.getPosition() != right.getPosition())
{
return right.getPosition() - left.getPosition();
}
else
{
if (left.getAccessStatus() != right.getAccessStatus())
{
return (left.getAccessStatus() == AccessStatus.DENIED) ? -1 : 1;
}
else
{
int compare = left.getAuthority().compareTo(right.getAuthority());
if (compare != 0)
{
return compare;
}
else
{
return (left.getPermission().compareTo(right.getPermission()));
}
}
}
}
}
}

581
source/java/org/alfresco/cmis/acl/CMISAccessControlServiceTest.java Normal file
View File

@@ -0,0 +1,581 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.cmis.acl;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.alfresco.cmis.CMISAccessControlEntriesGroupedByPrincipalId;
import org.alfresco.cmis.CMISAccessControlEntry;
import org.alfresco.cmis.CMISAccessControlFormatEnum;
import org.alfresco.cmis.CMISAccessControlReport;
import org.alfresco.cmis.CMISAccessControlService;
import org.alfresco.cmis.CMISAclCapabilityEnum;
import org.alfresco.cmis.CMISAclPropagationEnum;
import org.alfresco.cmis.CMISConstraintException;
import org.alfresco.cmis.CMISPermissionDefinition;
import org.alfresco.cmis.CMISPermissionMapping;
import org.alfresco.cmis.acl.CMISAccessControlServiceImpl.AccessPermissionComparator;
import org.alfresco.cmis.mapping.BaseCMISTest;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AccessPermission;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.namespace.QName;
/**
* @author andyh
*/
public class CMISAccessControlServiceTest extends BaseCMISTest
{
private NodeRef parent;
private NodeRef child;
private NodeRef grandParent;
public void testAclPropagationMode()
{
assertEquals(CMISAclPropagationEnum.PROPAGATE, cmisAccessControlService.getAclPropagation());
}
public void testAclCapability()
{
assertEquals(CMISAclCapabilityEnum.MANAGE, cmisAccessControlService.getAclCapability());
}
public void testPermissions()
{
List<CMISPermissionDefinition> allPermissions = cmisAccessControlService.getRepositoryPermissions();
assertEquals(69, allPermissions.size());
HashSet<CMISPermissionDefinition> permissionSet = new HashSet<CMISPermissionDefinition>();
permissionSet.addAll(allPermissions);
assertEquals(69, permissionSet.size());
}
public void testAclReportingCmisPermissionsOnly()
{
createTestAcls();
CMISAccessControlReport grandParentReport = cmisAccessControlService.getAcl(grandParent, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS);
assertFalse(grandParentReport.isExtract());
assertEquals(7, grandParentReport.getAccessControlEntries().size());
assertTrue(checkCounts(grandParentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 1, 0));
assertTrue(checkCounts(grandParentReport, PermissionService.ALL_AUTHORITIES, 1, 0));
assertTrue(checkCounts(grandParentReport, "ToMask", 1, 0));
assertTrue(checkCounts(grandParentReport, "Full", 1, 0));
assertTrue(checkCounts(grandParentReport, "Reader", 1, 0));
assertTrue(checkCounts(grandParentReport, "Writer", 1, 0));
assertTrue(checkCounts(grandParentReport, "Multi", 1, 0));
CMISAccessControlReport parentReport = cmisAccessControlService.getAcl(parent, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS);
assertFalse(parentReport.isExtract());
assertEquals(9, parentReport.getAccessControlEntries().size());
assertTrue(checkCounts(parentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 1));
assertTrue(checkCounts(parentReport, PermissionService.ALL_AUTHORITIES, 0, 1));
assertTrue(checkAbsent(parentReport, "ToMask"));
assertTrue(checkCounts(parentReport, "Full", 0, 1));
assertTrue(checkCounts(parentReport, "Reader", 0, 1));
assertTrue(checkCounts(parentReport, "Writer", 0, 1));
assertTrue(checkCounts(parentReport, "SplitRead", 1, 0));
assertTrue(checkCounts(parentReport, "SplitWrite", 1, 0));
assertTrue(checkCounts(parentReport, "DuplicateRead", 1, 0));
assertTrue(checkCounts(parentReport, "Multi", 1, 0));
CMISAccessControlReport childReport = cmisAccessControlService.getAcl(child, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS);
assertFalse(childReport.isExtract());
assertEquals(12, childReport.getAccessControlEntries().size());
assertTrue(checkCounts(childReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 1));
assertTrue(checkCounts(childReport, PermissionService.ALL_AUTHORITIES, 0, 1));
assertTrue(checkAbsent(childReport, "ToMask"));
assertTrue(checkCounts(childReport, "Full", 0, 1));
assertTrue(checkCounts(childReport, "Reader", 0, 1));
assertTrue(checkCounts(childReport, "Writer", 0, 1));
assertTrue(checkCounts(childReport, "SplitRead", 1, 0));
assertTrue(checkCounts(childReport, "SplitWrite", 1, 0));
assertTrue(checkCounts(childReport, "DuplicateRead", 1, 0));
assertTrue(checkCounts(childReport, "Writer2", 1, 0));
assertTrue(checkCounts(childReport, "Multi", 3, 0));
}
private Set<String> getAllPermissions()
{
HashSet<String> answer = new HashSet<String>();
PermissionReference allPermission = permissionModelDao.getPermissionReference(null, PermissionService.ALL_PERMISSIONS);
Set<PermissionReference> all = permissionModelDao.getAllPermissions();
for (PermissionReference pr : all)
{
answer.add(pr.toString());
}
// Add All
answer.add(allPermission.toString());
// Add CMIS permissions
answer.add(CMISAccessControlService.CMIS_ALL_PERMISSION);
answer.add(CMISAccessControlService.CMIS_READ_PERMISSION);
answer.add(CMISAccessControlService.CMIS_WRITE_PERMISSION);
return answer;
}
private boolean checkCounts(CMISAccessControlReport report, String key, int direct, int indirect)
{
// check all permissions are valid
Set<String> permissionNames = getAllPermissions();
for (CMISAccessControlEntry entry : report.getAccessControlEntries())
{
if (!permissionNames.contains(entry.getPermission()))
{
return false;
}
}
// check counts
for (CMISAccessControlEntriesGroupedByPrincipalId group : report.getAccessControlEntriesGroupedByPrincipalId())
{
if (group.getPrincipalId().equals(key))
{
if (group.getDirectPermissions().size() != direct)
{
return false;
}
if (group.getIndirectPermissions().size() != indirect)
{
return false;
}
return true;
}
}
return false;
}
private boolean checkAbsent(CMISAccessControlReport report, String key)
{
for (CMISAccessControlEntriesGroupedByPrincipalId group : report.getAccessControlEntriesGroupedByPrincipalId())
{
if (group.getPrincipalId().equals(key))
{
return false;
}
}
return true;
}
public void testAclReportingAllPermissions()
{
createTestAcls();
CMISAccessControlReport grandParentReport = cmisAccessControlService.getAcl(grandParent, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(grandParentReport.isExtract());
assertEquals(7, grandParentReport.getAccessControlEntries().size());
assertTrue(checkCounts(grandParentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 1, 0));
assertTrue(checkCounts(grandParentReport, PermissionService.ALL_AUTHORITIES, 1, 0));
assertTrue(checkCounts(grandParentReport, "ToMask", 1, 0));
assertTrue(checkCounts(grandParentReport, "Full", 1, 0));
assertTrue(checkCounts(grandParentReport, "Reader", 1, 0));
assertTrue(checkCounts(grandParentReport, "Writer", 1, 0));
assertTrue(checkCounts(grandParentReport, "Multi", 1, 0));
CMISAccessControlReport parentReport = cmisAccessControlService.getAcl(parent, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(parentReport.isExtract());
assertEquals(10, parentReport.getAccessControlEntries().size());
assertTrue(checkCounts(parentReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 1));
assertTrue(checkCounts(parentReport, PermissionService.ALL_AUTHORITIES, 0, 1));
assertTrue(checkAbsent(parentReport, "ToMask"));
assertTrue(checkCounts(parentReport, "Full", 0, 1));
assertTrue(checkCounts(parentReport, "Reader", 0, 1));
assertTrue(checkCounts(parentReport, "Writer", 0, 1));
assertTrue(checkCounts(parentReport, "SplitRead", 1, 0));
assertTrue(checkCounts(parentReport, "SplitWrite", 1, 0));
assertTrue(checkCounts(parentReport, "DuplicateRead", 1, 0));
assertTrue(checkCounts(parentReport, "Multi", 1, 1));
CMISAccessControlReport childReport = cmisAccessControlService.getAcl(child, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(childReport.isExtract());
assertEquals(16, childReport.getAccessControlEntries().size());
assertTrue(checkCounts(childReport, PermissionService.ADMINISTRATOR_AUTHORITY, 0, 1));
assertTrue(checkCounts(childReport, PermissionService.ALL_AUTHORITIES, 0, 1));
assertTrue(checkAbsent(childReport, "ToMask"));
assertTrue(checkCounts(childReport, "Full", 0, 1));
assertTrue(checkCounts(childReport, "Reader", 0, 1));
assertTrue(checkCounts(childReport, "Writer", 0, 1));
assertTrue(checkCounts(childReport, "SplitRead", 1, 1));
assertTrue(checkCounts(childReport, "SplitWrite", 1, 1));
assertTrue(checkCounts(childReport, "DuplicateRead", 1, 0));
assertTrue(checkCounts(childReport, "Multi", 3, 2));
assertTrue(checkCounts(childReport, "Writer2", 1, 0));
}
private void createTestAcls()
{
grandParent = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, QName.createQName("cm", "Parent", namespaceService), ContentModel.TYPE_FOLDER).getChildRef();
nodeService.setProperty(grandParent, ContentModel.PROP_NAME, "GrandParent");
parent = nodeService.createNode(grandParent, ContentModel.ASSOC_CHILDREN, QName.createQName("cm", "Child", namespaceService), ContentModel.TYPE_FOLDER).getChildRef();
nodeService.setProperty(parent, ContentModel.PROP_NAME, "Parent");
child = nodeService.createNode(parent, ContentModel.ASSOC_CHILDREN, QName.createQName("cm", "Child", namespaceService), ContentModel.TYPE_FOLDER).getChildRef();
nodeService.setProperty(child, ContentModel.PROP_NAME, "Child");
permissionService.setPermission(grandParent, PermissionService.ADMINISTRATOR_AUTHORITY, PermissionService.ALL_PERMISSIONS, true);
permissionService.setPermission(grandParent, PermissionService.ALL_AUTHORITIES, PermissionService.READ, true);
permissionService.setPermission(grandParent, "ToMask", PermissionService.READ, true);
permissionService.setPermission(grandParent, "Full", PermissionService.FULL_CONTROL, true);
permissionService.setPermission(grandParent, "Writer", PermissionService.WRITE, true);
permissionService.setPermission(grandParent, "Reader", PermissionService.READ, true);
permissionService.setPermission(grandParent, "Multi", PermissionService.DELETE, true);
permissionService.setPermission(parent, "ToMask", PermissionService.READ, false);
permissionService.setPermission(parent, "SplitRead", PermissionService.READ_PROPERTIES, true);
permissionService.setPermission(parent, "SplitWrite", PermissionService.WRITE_CONTENT, true);
permissionService.setPermission(parent, "DuplicateRead", PermissionService.READ, true);
permissionService.setPermission(parent, "Multi", PermissionService.CREATE_CHILDREN, true);
permissionService.setPermission(child, "SplitRead", PermissionService.READ_CONTENT, true);
permissionService.setPermission(child, "Writer2", PermissionService.WRITE, true);
permissionService.setPermission(child, "SplitWrite", PermissionService.WRITE_PROPERTIES, true);
permissionService.setPermission(child, "DuplicateRead", PermissionService.READ, true);
permissionService.setPermission(child, "Multi", PermissionService.READ, true);
permissionService.setPermission(child, "Multi", PermissionService.WRITE, true);
permissionService.setPermission(child, "Multi", PermissionService.SET_OWNER, true);
}
public void testAccessEntryOrdering()
{
createTestAcls();
Set<CMISPermissionDefinition> permDefs = new HashSet<CMISPermissionDefinition>();
permDefs.addAll(cmisAccessControlService.getRepositoryPermissions());
Set<AccessPermission> permissions = permissionService.getAllSetPermissions(child);
ArrayList<AccessPermission> ordered = new ArrayList<AccessPermission>();
AccessPermissionComparator comparator = new AccessPermissionComparator();
for (AccessPermission current : permissions)
{
int index = Collections.binarySearch(ordered, current, comparator);
if (index < 0)
{
ordered.add(-index - 1, current);
}
}
int i = 0;
assertEquals(4, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("Full", ordered.get(i).getAuthority());
i++;
assertEquals(4, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals(PermissionService.ALL_AUTHORITIES, ordered.get(i).getAuthority());
i++;
assertEquals(4, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("Multi", ordered.get(i).getAuthority());
i++;
assertEquals(4, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals(PermissionService.ADMINISTRATOR_AUTHORITY, ordered.get(i).getAuthority());
i++;
assertEquals(4, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("Reader", ordered.get(i).getAuthority());
i++;
assertEquals(4, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("ToMask", ordered.get(i).getAuthority());
i++;
assertEquals(4, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("Writer", ordered.get(i).getAuthority());
i++;
assertEquals(2, ordered.get(i).getPosition());
assertEquals(AccessStatus.DENIED, ordered.get(i).getAccessStatus());
assertEquals("ToMask", ordered.get(i).getAuthority());
i++;
assertEquals(2, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("DuplicateRead", ordered.get(i).getAuthority());
i++;
assertEquals(2, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("Multi", ordered.get(i).getAuthority());
i++;
assertEquals(2, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("SplitRead", ordered.get(i).getAuthority());
i++;
assertEquals(2, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("SplitWrite", ordered.get(i).getAuthority());
i++;
assertEquals(0, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("DuplicateRead", ordered.get(i).getAuthority());
i++;
assertEquals(0, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("Multi", ordered.get(i).getAuthority());
i++;
assertEquals(0, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("Multi", ordered.get(i).getAuthority());
i++;
assertEquals(0, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("Multi", ordered.get(i).getAuthority());
i++;
assertEquals(0, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("SplitRead", ordered.get(i).getAuthority());
i++;
assertEquals(0, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("SplitWrite", ordered.get(i).getAuthority());
i++;
assertEquals(0, ordered.get(i).getPosition());
assertEquals(AccessStatus.ALLOWED, ordered.get(i).getAccessStatus());
assertEquals("Writer2", ordered.get(i).getAuthority());
}
public void testApplyAcl()
{
grandParent = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, QName.createQName("cm", "Parent", namespaceService), ContentModel.TYPE_FOLDER).getChildRef();
nodeService.setProperty(grandParent, ContentModel.PROP_NAME, "GrandParent");
parent = nodeService.createNode(grandParent, ContentModel.ASSOC_CHILDREN, QName.createQName("cm", "Child", namespaceService), ContentModel.TYPE_FOLDER).getChildRef();
nodeService.setProperty(parent, ContentModel.PROP_NAME, "Parent");
child = nodeService.createNode(parent, ContentModel.ASSOC_CHILDREN, QName.createQName("cm", "Child", namespaceService), ContentModel.TYPE_CONTENT).getChildRef();
nodeService.setProperty(child, ContentModel.PROP_NAME, "Child");
List<CMISAccessControlEntry> acesToAdd = new ArrayList<CMISAccessControlEntry>();
acesToAdd.add(new CMISAccessControlEntryImpl(PermissionService.ADMINISTRATOR_AUTHORITY, PermissionService.ALL_PERMISSIONS));
acesToAdd.add(new CMISAccessControlEntryImpl(PermissionService.ALL_AUTHORITIES, PermissionService.READ));
acesToAdd.add(new CMISAccessControlEntryImpl("ToMask", PermissionService.READ));
acesToAdd.add(new CMISAccessControlEntryImpl("Full", PermissionService.FULL_CONTROL));
acesToAdd.add(new CMISAccessControlEntryImpl("Writer", PermissionService.WRITE));
acesToAdd.add(new CMISAccessControlEntryImpl("Reader", PermissionService.READ));
CMISAccessControlReport grandParentReport = cmisAccessControlService.applyAcl(grandParent, null, acesToAdd, CMISAclPropagationEnum.PROPAGATE,
CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(grandParentReport.isExtract());
assertEquals(6, grandParentReport.getAccessControlEntries().size());
List<CMISAccessControlEntry> acesToRemove = new ArrayList<CMISAccessControlEntry>();
acesToRemove.add(new CMISAccessControlEntryImpl("ToMask", PermissionService.READ));
grandParentReport = cmisAccessControlService.applyAcl(grandParent, acesToRemove, null, CMISAclPropagationEnum.PROPAGATE,
CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(grandParentReport.isExtract());
assertEquals(5, grandParentReport.getAccessControlEntries().size());
try
{
grandParentReport = cmisAccessControlService.applyAcl(grandParent, acesToRemove, null, CMISAclPropagationEnum.PROPAGATE,
CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
fail("A non existent ACE should not be removable");
}
catch (CMISConstraintException e)
{
}
acesToAdd = new ArrayList<CMISAccessControlEntry>();
acesToAdd.add(new CMISAccessControlEntryImpl("SplitRead", permissionModelDao.getPermissionReference(null, PermissionService.READ_PROPERTIES).toString()));
acesToAdd.add(new CMISAccessControlEntryImpl("SplitWrite", permissionModelDao.getPermissionReference(null, PermissionService.WRITE_CONTENT).toString()));
acesToAdd.add(new CMISAccessControlEntryImpl("DuplicateRead", permissionModelDao.getPermissionReference(null, PermissionService.READ).toString()));
CMISAccessControlReport parentReport = cmisAccessControlService.applyAcl(parent, null, acesToAdd, CMISAclPropagationEnum.PROPAGATE,
CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(parentReport.isExtract());
assertEquals(8, parentReport.getAccessControlEntries().size());
acesToAdd = new ArrayList<CMISAccessControlEntry>();
acesToAdd.add(new CMISAccessControlEntryImpl("SplitRead", PermissionService.READ_CONTENT));
acesToAdd.add(new CMISAccessControlEntryImpl("Writer2", PermissionService.WRITE));
acesToAdd.add(new CMISAccessControlEntryImpl("SplitWrite", PermissionService.WRITE_PROPERTIES));
acesToAdd.add(new CMISAccessControlEntryImpl("DuplicateRead", PermissionService.READ));
CMISAccessControlReport childReport = cmisAccessControlService.applyAcl(child, null, acesToAdd, CMISAclPropagationEnum.PROPAGATE,
CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(childReport.isExtract());
assertEquals(11, childReport.getAccessControlEntries().size());
grandParentReport = cmisAccessControlService.getAcl(grandParent, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS);
assertFalse(grandParentReport.isExtract());
assertEquals(5, grandParentReport.getAccessControlEntries().size());
parentReport = cmisAccessControlService.getAcl(parent, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS);
assertFalse(parentReport.isExtract());
assertEquals(8, parentReport.getAccessControlEntries().size());
childReport = cmisAccessControlService.getAcl(child, CMISAccessControlFormatEnum.CMIS_BASIC_PERMISSIONS);
assertFalse(childReport.isExtract());
assertEquals(9, childReport.getAccessControlEntries().size());
grandParentReport = cmisAccessControlService.getAcl(grandParent, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(grandParentReport.isExtract());
assertEquals(5, grandParentReport.getAccessControlEntries().size());
parentReport = cmisAccessControlService.getAcl(parent, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(parentReport.isExtract());
assertEquals(8, parentReport.getAccessControlEntries().size());
childReport = cmisAccessControlService.getAcl(child, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(childReport.isExtract());
assertEquals(11, childReport.getAccessControlEntries().size());
acesToAdd = new ArrayList<CMISAccessControlEntry>();
acesToAdd.add(new CMISAccessControlEntryImpl("CMISReader", CMISAccessControlService.CMIS_READ_PERMISSION));
acesToAdd.add(new CMISAccessControlEntryImpl("CMISWriter", CMISAccessControlService.CMIS_WRITE_PERMISSION));
acesToAdd.add(new CMISAccessControlEntryImpl("CMISAll", CMISAccessControlService.CMIS_ALL_PERMISSION));
childReport = cmisAccessControlService.applyAcl(child, null, acesToAdd, CMISAclPropagationEnum.PROPAGATE, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(childReport.isExtract());
assertEquals(14, childReport.getAccessControlEntries().size());
childReport = cmisAccessControlService.applyAcl(child, acesToAdd, acesToAdd, CMISAclPropagationEnum.PROPAGATE, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(childReport.isExtract());
assertEquals(14, childReport.getAccessControlEntries().size());
childReport = cmisAccessControlService.applyAcl(child, acesToAdd, null, CMISAclPropagationEnum.PROPAGATE, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
assertFalse(childReport.isExtract());
assertEquals(11, childReport.getAccessControlEntries().size());
try
{
childReport = cmisAccessControlService.applyAcl(child, acesToAdd, null, CMISAclPropagationEnum.PROPAGATE, CMISAccessControlFormatEnum.REPOSITORY_SPECIFIC_PERMISSIONS);
fail("A non existent ACE should not be removable");
}
catch (CMISConstraintException e)
{
}
}
public void testAllowableActionsAndPermissionMapping()
{
List<? extends CMISPermissionMapping> mappings = cmisAccessControlService.getPermissionMappings();
assertEquals(29, mappings.size());
assertTrue(contains(mappings, "canGetDescendants.Folder", CMISAccessControlService.CMIS_READ_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ReadChildren"));
assertTrue(contains(mappings, "canGetFolderTree.Folder", CMISAccessControlService.CMIS_READ_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ReadChildren"));
assertTrue(contains(mappings, "canGetChildren.Folder", CMISAccessControlService.CMIS_READ_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ReadChildren"));
assertTrue(contains(mappings, "canGetFolderParent.Folder", CMISAccessControlService.CMIS_READ_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ReadProperties"));
assertTrue(contains(mappings, "canGetObjectParents.Object", CMISAccessControlService.CMIS_READ_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ReadProperties"));
assertTrue(contains(mappings, "canCreateDocument.Folder", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.CreateChildren"));
assertTrue(contains(mappings, "canCreateFolder.Folder", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.CreateChildren"));
// "canCreateRelationship.Source"
// "canCreateRelationship.Target"
assertTrue(contains(mappings, "canGetProperties.Object", CMISAccessControlService.CMIS_READ_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ReadProperties"));
assertTrue(contains(mappings, "canGetRenditions.Object", CMISAccessControlService.CMIS_READ_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ReadProperties"));
assertTrue(contains(mappings, "canGetContentStream.Object", CMISAccessControlService.CMIS_READ_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ReadContent"));
assertTrue(contains(mappings, "canUpdateProperties.Object", CMISAccessControlService.CMIS_WRITE_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.WriteProperties"));
assertTrue(contains(mappings, "canMoveObject.Object", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.DeleteNode"));
assertTrue(contains(mappings, "canMoveObject.Target", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.CreateChildren"));
// "canMoveObject.Source"
assertTrue(contains(mappings, "canDelete.Object", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.DeleteNode"));
// "canDelete.Folder"
// === SPEC BUG - should really be those below ...
// "canDeleteObject.Object"
// "canDeleteObject.Folder"
assertTrue(contains(mappings, "canSetContentStream.Document", CMISAccessControlService.CMIS_WRITE_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.WriteContent"));
assertTrue(contains(mappings, "canDeleteContentStream.Document", CMISAccessControlService.CMIS_WRITE_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.WriteContent"));
assertTrue(contains(mappings, "canDeleteTree.Folder", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.DeleteNode"));
assertTrue(contains(mappings, "canAddObjectToFolder.Object", CMISAccessControlService.CMIS_READ_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ReadProperties"));
assertTrue(contains(mappings, "canAddObjectToFolder.Folder", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.CreateChildren"));
assertTrue(contains(mappings, "canRemoveObjectFromFolder.Object", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.DeleteNode"));
// "canRemoveObjectFromFolder.Folder"
assertTrue(contains(mappings, "canCheckOut.Document", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/content/1.0}lockable.CheckOut"));
assertTrue(contains(mappings, "canCancelCheckOut.Document", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/content/1.0}lockable.CancelCheckOut"));
assertTrue(contains(mappings, "canCheckIn.Document", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/content/1.0}lockable.CheckIn"));
assertTrue(contains(mappings, "canGetAllVersions.Document", CMISAccessControlService.CMIS_READ_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.Read"));
// "canGetObjectRelationships.Object"
assertTrue(contains(mappings, "canApplyPolicy.Object", CMISAccessControlService.CMIS_WRITE_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.Write"));
assertTrue(contains(mappings, "canApplyPolicy.Policy", CMISAccessControlService.CMIS_READ_PERMISSION));
assertTrue(contains(mappings, "canRemovePolicy.Object", CMISAccessControlService.CMIS_WRITE_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.Write"));
assertTrue(contains(mappings, "canRemovePolicy.Policy", CMISAccessControlService.CMIS_READ_PERMISSION));
assertTrue(contains(mappings, "canGetAppliedPolicies.Object", CMISAccessControlService.CMIS_READ_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ReadProperties"));
assertTrue(contains(mappings, "canGetACL.Object", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ReadPermissions"));
assertTrue(contains(mappings, "canApplyACL.Object", CMISAccessControlService.CMIS_ALL_PERMISSION, "{http://www.alfresco.org/model/system/1.0}base.ChangePermissions"));
}
private boolean contains(List<? extends CMISPermissionMapping> mappings, String key, String... entries)
{
for (CMISPermissionMapping mapping : mappings)
{
if (mapping.getKey().equals(key))
{
// check entries are all valid
Set<String> permissionNames = getAllPermissions();
for (String permission : mapping.getPermissions())
{
if (!permissionNames.contains(permission))
{
return false;
}
}
if (entries.length > 0)
{
if (mapping.getPermissions().size() == entries.length)
{
for (String entry : entries)
{
if (!mapping.getPermissions().contains(entry))
{
return false;
}
}
return true;
}
}
else
{
return true;
}
}
}
return false;
}
}

91
source/java/org/alfresco/cmis/acl/CMISAllowedActionKeyTypeEnum.java Normal file
View File

@@ -0,0 +1,91 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.cmis.acl;
import org.alfresco.cmis.EnumFactory;
import org.alfresco.cmis.EnumLabel;
/**
* Part two of the allowable action key for the permission mappings
* @author andyh
*
*/
public enum CMISAllowedActionKeyTypeEnum implements EnumLabel
{
/**
* Folder
*/
FOLDER("Folder"),
/**
* Object
*/
OBJECT("Object"),
/**
* Source
*/
SOURCE("Source"),
/**
* Target
*/
TARGET("Target"),
/**
* Document
*/
DOCUMENT("Document"),
/**
* Policy
*/
POLICY("Policy");
private String label;
/**
* Construct
*
* @param label
*/
CMISAllowedActionKeyTypeEnum(String label)
{
this.label = label;
}
/*
* (non-Javadoc)
*
* @see org.alfresco.cmis.EnumLabel#label()
*/
public String getLabel()
{
return label;
}
/**
* Factory for CMISAclCapabilityEnum
*/
public static EnumFactory<CMISAllowedActionKeyTypeEnum> FACTORY = new EnumFactory<CMISAllowedActionKeyTypeEnum>(CMISAllowedActionKeyTypeEnum.class, null, true);
}

111
source/java/org/alfresco/cmis/acl/CMISPermissionDefinitionImpl.java Normal file
View File

@@ -0,0 +1,111 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.cmis.acl;
import org.alfresco.cmis.CMISPermissionDefinition;
/**
* Implementation class for a simple CMIS permission definition.
*
* @author andyh
*
*/
public class CMISPermissionDefinitionImpl implements CMISPermissionDefinition
{
private String permission;
private String description;
/*package*/ CMISPermissionDefinitionImpl(String permission)
{
this.permission = permission;
}
/*package*/ CMISPermissionDefinitionImpl(String permission, String description)
{
this(permission);
this.description = description;
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISPermissionDefinition#getDescription()
*/
public String getDescription()
{
if(description != null)
{
return description;
}
else
{
return permission;
}
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISPermissionDefinition#getPermission()
*/
public String getPermission()
{
return permission;
}
/* (non-Javadoc)
* @see java.lang.Object#hashCode()
*/
@Override
public int hashCode()
{
final int prime = 31;
int result = 1;
result = prime * result + ((permission == null) ? 0 : permission.hashCode());
return result;
}
/* (non-Javadoc)
* @see java.lang.Object#equals(java.lang.Object)
*/
@Override
public boolean equals(Object obj)
{
if (this == obj)
return true;
if (obj == null)
return false;
if (getClass() != obj.getClass())
return false;
final CMISPermissionDefinitionImpl other = (CMISPermissionDefinitionImpl) obj;
if (permission == null)
{
if (other.permission != null)
return false;
}
else if (!permission.equals(other.permission))
return false;
return true;
}
}

63
source/java/org/alfresco/cmis/acl/CMISPermissionMappingImpl.java Normal file
View File

@@ -0,0 +1,63 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.cmis.acl;
import java.util.List;
import org.alfresco.cmis.CMISPermissionMapping;
/**
* @author andyh
*
*/
public class CMISPermissionMappingImpl implements CMISPermissionMapping
{
String key;
List<String> permissions;
CMISPermissionMappingImpl(String key, List<String> permissions)
{
this.key = key;
this.permissions = permissions;
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISPermissionMapping#getKey()
*/
public String getKey()
{
return key;
}
/* (non-Javadoc)
* @see org.alfresco.cmis.CMISPermissionMapping#getPermissions()
*/
public List<String> getPermissions()
{
return permissions;
}
}

46
source/java/org/alfresco/cmis/acl/CMISPermissionMappingKey.java Normal file
View File

@@ -0,0 +1,46 @@
/*
* Copyright (C) 2005-2009 Alfresco Software Limited.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* As a special exception to the terms and conditions of version 2.0 of
* the GPL, you may redistribute this Program in connection with Free/Libre
* and Open Source Software ("FLOSS") applications as described in Alfresco's
* FLOSS exception. You should have recieved a copy of the text describing
* the FLOSS exception, and it is also available here:
* http://www.alfresco.com/legal/licensing"
*/
package org.alfresco.cmis.acl;
import org.alfresco.cmis.CMISAllowedActionEnum;
/**
* @author andyh
*
*/
public interface CMISPermissionMappingKey
{
/**
* Get the allowed action enum.
* @return the allowed action enum.
*/
public CMISAllowedActionEnum getAllowedActionEnum();
/**
* Get the allowed action key type enum.
* @return the allowed action key type enum.
*/
public CMISAllowedActionKeyTypeEnum getAllowedActionKeyTypeEnum();
}